By: Robert Carter | Published on 8/26/19
Microsoft is ending support for Windows 7 on 1/1/20. This EOL (End of Life) has been long coming, and now we have a firm date when this will happen. But more importantly for you the user and our customers; what does this mean?
The primary implication of Windows 7 being EOL is that their will no longer be ANY security, bug, or feature updates after the EOL date. Also, since Microsoft has been planning on ending support for Windows 7, they have been slow in releasing critical patches for Windows 7 vulnerabilities. As of today, there are many serious security flaws that will NEVER be patched for Windows 7 and create an unsafe working environment for ANY Windows 7 user.
At this point, the only course of action is to migrate to Windows 10 before the cutoff date. Most computers that can run Windows 7 will be able to support Windows 10, but many peripherals like, printers, scanners, webcams, etc will no longer work with your computer.
As much as we do not like Windows 10, it is imperative not only for your security and safety and the safety of the broader internet that you need to migrate to Windows 10 before the EOL date.
Image Courtesy of Microsoft
By: Robert Carter | Published on 5/10/14
We have been getting many calls about Heartbleed, and what people and business can do about it. The simple answer is Not much. If you are using another persons website then you are there mercy to update there OpenSSH install and revoke and issue new SSL certificates with new private keys. If you are a business you need to check if your site was vulnerable then follow those instructions.
The danger of Heratbleed is that it has provided a method to have a Target like breach of security keys and in turn access to your data. Once an attacker has the private keys to a site they can use man in the middle attacks and send you to there site without you even knowing. This could be your bank or just a retail store you shop at on line but the consequences are the same your credit card numbers could be stolen and even your identity. That is why as a community we need to fix this issue asap and work together to stop it form happening again.
For those interested in learning more we have linked some great resources below.
Bruce Schneier's Explanation
Brian Krebs Explanation
Jupiter Broadcasting's Explanation
Steve Gibson's Explanation
Image Courtesy of HeartBleed.com
By: Robert Carter | Published on 4/15/14
Have you checked your bank statement lately? We sure have! Target and a few other large retail outlets had there credit card databases stolen in one of the largest leeks of all time. Everyone should be watching very closely for any unknown charges on there credit cards and debit cards. The breach seems to have started sometime in early November of 2013 with a group probing the Target network. This went on for almost 3 months before the FBI informed Target that it had been breached.
During the attack most if not all Credit card and debit card data including pin numbers was syphoned off. But why didn't Target know about the attack? From all reports it seems that Target was simply negligent in responding to internal monitors that were telling them of suspicious activity on their network. But two other big blunders should not be over looked. First they had there POS system accessible form the Internet and not properly segregated off from the rest of the internal network. Second is they were using Windows XP Embedded which is not and never has been a good choice for these kinds of computers. Simply put if you application is Java based there is no reason to be running on Windows. Its just a good way to open yourself up for attacks.
For those interested in learning more we have linked some great resources below:
Bloomberg Business Week Breakdown
Bruce Schneier's Breakdown
Brian Krebs' Breakdown
The Guardian's Breakdown
Jupiter Broadcasting Breakdown
Jupiter Broadcasting Breakdown
Image Courtesy of The Guardian