Dell have discovered some vulnerabilities that are affecting some computers.

July 7, 2021 by Robert Eyler

There are 129 dell computers that has a vulnerability with the BIOS (Basic Input Output System).

The quick summary: Need to update your Dell BIOS manually. If you do not feel or do not want to do it you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com

BIOS is essentially embedded software on the system and the first things that runs on the computer after power on and it is behind the computer logo.

What the problem is that it’s still just software. Dell has this product called BIOSConnect that allows a computer in BIOS to call – phone home to Dell for support purposes. So, it can update the firmware on the system. if you’ve lost your operating system and you can’t get it to boot or something’s missing, you can actually still get this thing to connect to the Dell servers in BIOS because that’s always going to be there.

But what’s happened here is the first vulnerability that they found, that Elysium found, is a problem with TLS certificates. And TLS is Transport Layer Security. It’s how the internet works. But this software is written in C code. Which at a very low level, so getting that TLS handshake correct is important, and Dell didn’t do that here. In fact, this system – if you have a privileged network attacker on the network, and they can intercept, like, a DNS call out to the Google DNS server of 8-8-8-8.

They can intercept the communication. Then impersonate Dell and hand back any readily available, freely available TLS certificate, and the software in the BIOS will accept that and say, OK, you’re Dell, right? and any certificate at all, this software says, we’re good here. Just about, as long as it’s not self-signed. It has to be from a certificate authority that’s in the – but those are not easy – not hard to come by. So, if you’re on the network, if the malicious actor is on the network, they can intercept the traffic, they can feedback the – some bogus certificate, and the service will then – the service on that computer will then trust the attacker, and then the attacker can exploit one of three buffer overflow vulnerabilities that were also found in the software. And that allows arbitrary code execution. There’s even one that allows arbitrary code execution in BIOS, so they could completely replace the BIOS of your machine

The end result could be replacing the mother board.

Dell dose have a fix to this problem. However, you should be this done ASPS by August when all of the details will be out in the wild. DO NOT DO IT VIA THE UPDATE TOOL due to you can not trust the tool. When you or someone dose the update. Do it manually.

You can go to dell.com then download the patches.

If you like you can give me a text or call me at (864)494-6089 or email me robert@roberts-computer.com

Look out for Smishing Scams.

March 4, 2021 by Robert Eyler

Look out for Smishing Scams

How this works

You get a text message that appears to be from a government or company that you know. With a message that say “Please reply to this message with your Social Security Number because we have found some funny stuff going on with you SSN” or Click on this link to get a list of Covid-19 vaccines shots for you area. Or the same scams that you would get a call for. DO NOT CLICK OR REPLY to this message this are 100% scam just delete them.

if you would like more information you can go to AARP (https://www.aarp.org/money/scams-fraud/sms-text-alerts.html?CMP=SMS-DSO-SMSTEXT-MONEY-FRAUD-FWN_ALERT-03032021

I hope that this information will help keep you safe and sound with your money.

Share with anyone you like.

Thank you

Robert Robert’s Computer Service LLC

(864)494-6089

Just do us a favor and don’t fall for these stimulus check scams, OK?

January 15, 2021 by Robert Eyler

With this round of Stimulus Check here are some things to look out for.

1) The IRS will not be call or email or text you to get any information for you.

2) If some one calls or sends you an email say that if you pay $$$ we can get for you faster. That can not happens and it will be a SCAM.

3) The IRS doesn’t call it a ‘ Stimulus Check’ they call it by its official name “economic impact payment,” Be wary.

4) If you get a check in the mail with $***.50 and tells you to call or verify information online in order to cash it. Shredding it up if it has cent on it.

IF you would like more or detail information you can go to CNET or IRS CNET https://www.cnet.com/personal-finance/just-do-us-a-favor-and-dont-fall-for-these-stimulus-check-scams-ok/ or IRS https://www.irs.gov/newsroom/irs-issues-warning-about-coronavirus-related-scams-watch-out-for-schemes-tied-to-economic-impact-payments I hope that this information helps you keep your economic impact payments in your pockets.

Cyber Security Today

November 30, 2020 by Robert Eyler

Today is Cyber Monday, when the Internet will be filled with supposed bargains and quick clearance sales. Some of those bargains will come from crooks. Be careful. Know the prices of the things you want to buy. If a deal is too good to be true, it’s probably fake — especially if it’s from a site or seller you’ve never heard of. Another scam is to offer a deep discount, but it comes with high shipping and handling fees.

Remember criminals are sending fake emails that look like they came from Amazon. Some offer deals. Others pretend there’s a problem with your Amazon account and ask you to click on a link to verify your information. The goal there is to steal your login password. And scammers still use phone recordings as traps. There are recorded calls going out now pretending to be from Amazon saying they’re about to charge you for being an Amazon Prime member. This, too, is a trick to get you to give away your password.

Many people are ordering products online at this time of year, so they’re expecting parcels. That’s why scammers are also now sending out emails with package delivery scams — like ‘Our courier couldn’t deliver your parcel today. Click here to see the delivery notice.’ Check if the email really is from a courier you are expecting.

Finally, make sure the device you use for buying — computer, smartphone or tablet — has the latest security updates. That’s just in case you make a mistake. You don’t want to get infected.

That’s it for Cyber Security Today. Links to details about these stories are in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals.

Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

This is from Cyber Security Today at https://www.itworldcanada.com/article/cyber-security-todoay-executives-email-passwords-for-sale-a-ransomware-attack-on-industrial-systems-manufacturer-and-online-shopping-tips/438936

U.S. Postal Service warns of scam

February 1, 2020 by Robert Eyler

The U.S. Postal Service is warning of a scan of fake email that you might receive.

It could say something like you have a deliver of a package. The email will have you click on link to enter in your information to confirm it. Then they have you download a file and open it. However when do that there is a virus that you activate it. Then this will scan for you user name , password , and financial account information. Then before you know it you accounts are empty.

If you think about it this way if they are having a problem with getting a package to you then how would they get your email address. This also apply to all shipping (FedEx , UPS and others)

If you get this type of email DO NOT click on any thing or link on the email.

Then next step you can do it

1. Forward the email to spam@uspis.gov

2. Then, delete the email immediately.

DO NOT click on any links in/respond to the email.

The Postal Service officials would never reach out directly to consumers

A few tips for spotting bogus emails are from anywhere:

1. Poor grammar and/or spelling errors;

2. The email states “immediate action”; and

3. The email request personal information under the guise of confirming information.

This information is from

GRAND ISLAND, Neb. (KSNB) https://www.msn.com/en-us/news/us/u-s-postal-service-warns-of-scam/ar-BBZwVuZ

and also

This is from USPS Junk E-mail Scams – Avoiding & Preventing Spam | USPIS

Windows Defender gets the job done — so why even gamble with third-party antivirus?

January 30, 2020 by Robert Eyler

What I use is Windows Defender and Malware Bytes Pro.

In a world where Windows Defender is more than good enough to get the job done, why even risk using a third-party antivirus?

Dan Thorp-Lancaster

28 Jan 2020

Windows Defender family options Source: Windows Central

News broke this week that Avast has apparently been selling the browsing data of its users to major companies, including Microsoft, Google, Pepsi and Home Depot. The data, which was obtained as part of a report by Motherboard and PCMag, included things like Google searches, what LinkedIn pages and YouTube videos people looked at, and even the porn sites people viewed.

Avast claims the data it collects is anonymized, and its users have to opt in to allow Avast to use their data. However, it’s unlikely that every owner included in the around 100 million devices that opted into the program knows exactly how their data is being used and what’s being collected. Despite all of the caveats, the fact remains that an antivirus company is harvesting browsing and search data from its users, dumping it off to a subsidiary, and selling it for marketing purposes.

Our favorite VPN service is more affordable now than ever before

Why even gamble with the idea of yet another company treating your online habits like a sack of money to be pillaged when Windows Defender, which is build into Windows 10, is good enough?

Defender isn’t perfect but it’s more than good enough

Windows Defender Security Center Source: Windows Central

Microsoft has received some backlash in recent years over the telemetry data it collects with Windows 10, but that’s a far cry from pulling your entire browsing history and selling it, even if it’s anonymized. Otherwise, Windows Defender has a lot going for it: it’s fast, and it doesn’t hit system resources as hard as heavy third-party antivirus software does. Even better, it’s just as good as all of the other antivirus options on the market.

By opting to stick with Windows Defender, you also avoid all of the annoying parts of third-party antivirus software. It’s free, there are no annoying pop-ups to renew your subscription, and you aren’t opening yourself up to other potential attack vectors opened up by the way other antivirus software has to integrate itself into your system. Did I mention, it’s free for Windows users?

Windows Defender is no cure-all for every problem out there. You’ll still want to practice some common sense when poking around the internet, and you might even want to pair it with a malware scanner of some sort to double up on protection. Still, there’s no reason to go out of your way with third-party antivirus software when Windows Defender is just fine in its current state.

I don’t say all of this as some sort of privacy warrior. I’m well aware that every Google search I make, every trip I map out with my phone’s GPS, and every Amazon purchase I make are all going into some marketing black box that is uniquely designed to make me buy more stuff I probably don’t need. But when everyone online is looking to make a buck on our data, it only makes sense to cut down where you can.

This is information is from https://www.windowscentral.com/windows-defender-great-so-why-even-gamble-third-party-antivirus

New Google Android Threat: Malicious App

November 3, 2019 by Robert Eyler

This information came from Forbes at https://www.forbes.com/sites/kateoflahertyuk/2019/10/30/new-google-android-threat-malicious-app-installed-by-40-million-play-store-users/amp/

Google Android users have been put at risk again, after it emerged a keyboard app called ai.type previously available on the Play Store has been making millions of unauthorized purchases of premium digital content. The Android app has been downloaded more than 40 million times, according to researchers at Upstream.

Hiding in plain sight by masking its activity to spoof apps such as Soundcloud, the rogue Google Android app delivers millions of invisible ads and fake clicks, passing on user data about real views, clicks and purchases to ad networks.

Ai.type is a customizable on-screen keyboard app developed by Israeli firm ai.type LTD, which describes the app as a “free emoji keyboard.”

But in the background, without your knowledge, the Android app turns your device into “one of the many bots of the network controlled by fraudsters to commit ad fraud,” says Guy Krief, CEO of Upstream.

The app was deleted from the Google Play Store in June, but it remains on millions of Android devices and is still available from other third-party marketplaces. There was a spike in its suspicious activity once removed, the Upstream researchers say.

Specifically, Upstream says its Secure-D platform has detected and blocked more than 14 million suspicious transaction requests from 110,000 unique devices that downloaded the ai.type keyboard.

There is currently a free version of ai.type in the Google Play Store, which was added in October. Upstream’s researchers say they have not detected any suspicious activity coming from the newer app. The premium app is not affected.

It’s one of many rogue Android apps reported in recent weeks. Only last week, researchers at ESET discovered a year-long campaign that saw 8 million installs of adware delivered through 42 apps.

It came after ESET researcher Lukas Stefanko published his report detailing the 300 million malicious Android app reports during the month of September.

Other recent rogue apps plaguing Android users include spyware and adware.

The Google Android app threat: What to do

I contacted Google, who confirmed that the app had been removed from Google Play. However, Upstream advises anyone who has downloaded ai.type to check their phones for unusual behavior. This can include issues such as the battery depleting faster than usual, your device overheating, your data plan depleting or charges for premium digital services that you haven’t purchased. If you spot any of these indicators, it’s likely you have become a victim.

If you have already downloaded the app, you should delete it now, says Krief.

In general, Android users need to be more proactive about their security than those who use Apple’s iPhone. In order to be as safe as possible, Krief advises to only download apps from Google’s Play Store.

Meanwhile, read users’ reviews of apps–and not only the most recent ones. “Do a quick online search about the app and its developer,” he says.

You should also have active and updated anti-virus running on your device.

It seems that malicious Android apps are popping up more than ever. Recently, a lot of experts have been commenting that the Google Play Store is getting out of hand. “It is hard to keep statistics, but we are seeing an increasing number of apps available in the Play store being exposed for fraudulent activity,” Krief says.

He warns: “We are also seeing developers re-publishing apps that were caught for fraudulent behaviour, under the same name, or under a different app name.”

So it goes without saying, if you use Android, you need to take steps to secure your device–and be careful about what you download as well as the permissions you allow your apps.

Update November 1 at 07:36 ET

Updated to clarify that there is still a version of the ai.type app in the Google Play Store, but this is not affected by the same issues as the one removed by Google in June.

How Cybercrooks Can Hack Your Online Bank Accounts.

September 28, 2019 by Robert Eyler

This is the webpage that I got this information from

https://www.aarp.org/money/scams-fraud/info-2019/online-bank-account-security.html?cmp=EMC-DSO-NLC-WBLTR-FRD–CTRL-092719-F1-4055394&ET_CID=4055394&ET_RID=19555827&encparam=ykOEQ%2fOe%2bgiIjGMPxF3V%2bnAnNdan0aQpJu5v6HPf5oE%3d

If you think your checkbook and paper statements keep you safe, with again

You log into your banking site and immediately notice something’s wrong, horribly wrong.

Somehow, your account has been compromised and money is missing. At the risk of fearmongering, this isn’t as uncommon as you might think.

Like many Americans, you might have become a victim of bank fraud. And it’s usually tied to a password that has been stolen, guessed or tricked into sharing with cybercriminals.

“Unfortunately, most people use the same credentials for their online bank accounts as they do for social media and online shopping sites,” says Georgia Weidman, author of the book Penetration Testing: A Hands-On Introduction to Hacking. “If one of those vendors is compromised and attackers gain access to the stored credentials, they may be able to reuse them on the online banking site.”

Skepticism is your friend

“Another common attack is phishing, or basically asking the user to attack themselves,” says Weidman, who also founded Bulb Security.

The cybersecurity company is devoted to device vulnerability assessment, training and penetration testing — essentially ethical hackers for hire.

“An attacker might send you an email or text message pretending to be your bank and asking that you validate a recent purchase,” she says. “When you click on the link in the text message, it takes you to what looks exactly like your online bank account, except it is actually a clone controlled by the attacker.”

You might think you’re at capitalone.com, for example, but if you look closely, it’s captial0ne.com.

Some scammers will even call you — yes, by telephone — and pretend they’re from Microsoft, the IRS, your bank, and so on to try to persuade you to give out your personal information to (ironically) protect you.

Don’t fall for it.

“Besides, your bank or other financial institution won’t ask you to confirm these credentials in an email or by an unsolicited phone call,” says global security evangelist Tony Anscombe at ESET, also a technology security company. “When in doubt, contact your bank to see if it was really them. Chances are it wasn’t.”

Don’t bank online? You’re still at risk

And here’s a discomforting fact: Even if you don’t opt for online banking through a website or app, identity theft could lead to a crook opening an online account in your name.

What to do?

Reduce the odds of becoming a victim of bank fraud with these five tips.

1. Use strong and unique passwords

Never use the same password for all of your online activity. As Weidman cautions, if a service is hacked and your password is exposed — if your bank suffers a data breach, for instance — cybercriminals may try it on another account.

“Even if the password is similar between online accounts, hackers use software tools to try to guess the stolen credentials,” Anscombe says.

A recent study revealed the most common password was 123456, followed by 123456789 and QWERTY.

Also, don’t use your kids’ or pets’ names, phone number, date of birth, or mother’s maiden name. All of this info could be easily attainable, especially in this era of social media.

Not only should you use different passwords for all accounts — and password manager apps are a handy way to remember them all — you also can use a passphrase instead of a password, a sequence of words and other characters including numbers and symbols.

Anscombe says a passphrase can be super easy to create, such as the phrase “my red Ford Mustang is No. 1” becoming the passphrase “myr3dFoMu#1!”

2. Enable two-factor authentication

Make it harder for the bad guys to access your data by adding a second layer of defense.

Cristian Dina / Alamy Stock Photo

Two-factor authentication for Apple iCloud from a desktop and mobile device

Two-factor authentication means you not only need a password, passcode or biometrics logon such as a fingerprint or facial scan to confirm only you can access your accounts, but you also receive a one-time code to your mobile phone to type in.

In other words, two-factor authentication combines something you know, your password, with something you have, your smartphone.

“Like password managers, two-factor authentication isn’t 100 percent perfect, but it puts you many steps ahead of other users who have weak or the same passwords on all their accounts,” Weidman says.

3. Install good antimalware

Just as you wouldn’t leave the front door to your home unlocked, you shouldn’t let your tech be vulnerable to attacks, whether it’s a virus or other malicious software, called malware, that sneaks onto your device or happens because you were tricked into giving out sensitive information.

Reputable antimalware that’s updated often can identify, quarantine, delete and report any suspicious activity coming into your computer or flag sensitive information going out.

“Most people don’t think of protecting their smartphone, too, which is a big problem,” Anscombe says. “Make sure you have good cybersecurity protection. And don’t fall for phony texts.”

4. Opt for fraud detection; review your statements

Some, but not all, credit-card companies and banks can push notifications to your mobile device if something looks suspicious during a purchase — such as a large amount charged or a location in a different state than your usual address.

You may be asked to confirm it was really you who made a purchase with a simple Y or N.

On a related note, be sure to review your bank statements every so often to see if anything looks odd. If so, contact your bank or credit-card company immediately.

5. Watch out for Wi-Fi hotspots

Do not conduct any financial transactions such as online banking, trading or shopping when you’re using a public computer in an airport lounge, hotel or library or when you’re using a public Wi-Fi network, say, at your favorite coffee shop.

You never know if your information is being tracked and logged — so wait until you’re on a secured internet connection at home. Or use your smartphone as a personal hotspot, which is safer than free Wi-Fi.

“And make sure no one is looking over your shoulder at a coffee shop or on an airline,” Anscombe says.

A few more suggestions to mitigate the risk of bank fraud:

Update your software. Cybercrooks look for vulnerabilities in operating systems or programs/apps. Set your software to automatically update, so you don’t have to remember to do so.
Back up regularly. It doesn’t really matter how you want to do it — a free cloud service, external hard drive or USB thumb drive. As long as you’re proactive about backing up your important files regularly, you’ll minimize any damage if attacked.
Lock your devices. Be sure your laptop, tablet and smartphone require a PIN or password to unlock. Otherwise you’re exposing your files to strangers if your device becomes lost or stolen. Use your fingerprint or face to authenticate you, called biometrics identification, because it’s fast, convenient and secure.

You don’t need a degree in computer engineering to protect yourself from bank fraud.

Use these tips, remain alert and rely on some smart software. You can greatly reduce the odds of becoming a victim.

Marc Saltzman has been a freelance technology journalist for 25 years. His podcast, “Tech It Out,” aims to break down geek speak into street speak.

AARP’s Fraud Watch Network can help you spot and avoid scams. Sign up for free “watchdog alerts,” review our scam-tracking map, or call our toll-free fraud helpline at 877-908-3360 if you or a loved one suspect you’ve been a victim.

Scammers impersonating Social Security Administration (SCAM)

August 12, 2019 by Robert Eyler

Officials said the callers fraudulently identify themselves as Social Security Administration representatives and threaten taxpayers with deactivating their Social Security number or account due to “suspicious activity.”

Posted: Aug 9, 2019 12:58 PM

Posted By: Chelsea Hunt

Share to Twitter Share to Email Share to Print

EUGENE, Ore. — The Oregon Department of Revenue is warning the public after a spike in scam calls.

As part of the scam, the caller may ask for personal information and bank account information.

Officials warn that a person’s caller ID may even show the real Social Security Administration number — 1-800-772-1213 — but the scammers are faking the number.

“We encourage the public to protect themselves by verifying they’re speaking with authorized representatives of the Social Security Administration if they have any questions about the legitimacy of the call,” said Department of Revenue Director Nia Ray.

If you suspect the call is a scam, hang up and call the Social Security Administration number and speak to a real representative. Officials said you should never give any part of your Social Security number, bank account information or credit card number to anyone who contacts you.

Officials said if you get one of the calls, notify the Federal Trade Commission. You can also report scams to the Office of Inspector General by calling 1-800-269-0271 or online by clicking here.

Microsoft Issues ‘Update Now’ Warning To Windows Users

June 6, 2019 by Robert Eyler

This is from https://www.forbes.com/sites/daveywinder/2019/06/01/microsoft-begs-windows-users-to-update-now-citing-wannacry-2-security-threat/#290f5c1c60ca

ASSOCIATED PRESS

Microsoft really does not have the greatest track record when it comes to those security and system fixes that are usually referred to as Patch Tuesday updates. Readers of Forbes will not need reminding how these updates have recently caused Windows to freeze or simply decided to install themselves and cause unexpected restarts. Indeed, I have had more messages from readers who are fed up with Windows updates than in relation to anything else I have covered on Forbes. Yet it is precisely these people that Microsoft is now urging to apply one particular set of updates released May 14, warning that unless they do at least a million computers might be exploited by a security threat that could be as damaging and costly as WannaCry was two years ago.

The warning, which reads almost as if Microsoft wrote it on bended knee, was posted on the Microsoft Security Response Center blog. Referring to the critical Remote Code Execution vulnerability, CVE-2019-0708, that has become better known as BlueKeep, Simon Pope, director of incident response at Microsoft, states that “Microsoft is confident that an exploit exists for this vulnerability.” What’s more, Pope says that such an exploit could “propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.” An internet-scale port scanner has already determined that there are at least 923,671 internet-facing machines which are vulnerable to BlueKeep on port 3389 which is used by the Microsoft Remote Desktop feature.

It is worth reading between the lines here, especially concerning that apparent confidence that a BlueKeep exploit exists. While it is not clear if Microsoft has intelligence that suggests active malware has been weaponized in this way, what we do know is that there is proof of concept (PoC) code available already. One BlueKeep demo on GitHub will crash a system that is vulnerable but does not execute the wormable threat that Microsoft is obviously so worried about. We also know, through the information security community on Twitter, that there are denial of service (DoS) exploits available, and that security researchers have been successful in developing wormable exploit code.

While Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are. Despite all of those vulnerable systems being unsupported for some years, Microsoft made the patch available to users which shows just how concerned it is by the “WannaCry 2” threat. Windows 7 and Windows Server 2008 are also vulnerable.

Although I am as fed up with ongoing Windows update problems as anyone, I’m more worried about a WannaCry 2 attack taking down a myriad of business systems and all the fallout that entails. Which is why I am echoing the advice of Microsoft’s Simon Pope: “We strongly advise that all affected systems should be updated as soon as possible.”