Monthly Archives: May 2017

FAA’s drone registration program suffers major setback.

U.S. consumers who buy a drone for fun will no longer have to register it with the FAA.

A Washington, D.C. court ruled Friday that the FAA drone registration rule violates the FAA Modernization and Reform Act, which Congress passed in 2012. Hobbyist John Taylor argued successfully that he should not have to register because the act states that the FAA “may not promulgate any rule or regulation regarding a model aircraft.”

Since December 2015, hobbyists with drones weighing between 0.55 pounds and 55 pounds have had to register their drones with the FAA. More than 550,000 operators have registered since then. The process can be completed online, and there is a $5 application fee.

The FAA said in a statement that it launched registration to ensure drones are operated safely and don’t pose security or privacy threats. The FAA also said it is considering its options and response.

The FAA now has two potential paths forward. The FAA can appeal to all of the judges on the U.S. Court of Appeals for the DC Circuit, which is called an en banc review. (The decision was made by a three-judge panel.)

The other path is appealing to Congress. The FAA is currently going through its regular reauthorization process this year. Congress could insert provisions that support or authorize registration for recreational drones.

The court’s decision was cheered by the Academy of Model Aeronautics, which has long objected to its members having to register their small aircrafts.

“Federal registration shouldn’t apply at such a low threshold that it includes toys,” Academy of Model Aeronautics president Rich Hanson said in a statement. “It also shouldn’t burden those who have operated harmoniously within our communities for decades, and who already comply with AMA’s registration system.”

Others in the industry think drone registration is a good policy because it promotes accountability and provides an opportunity for the FAA to educate pilots on the guidelines for safe operation. The ruling is not yet enforceable as the court gave the FAA 7 days to consider its legal options. At this point in time all we can do is wait for the final word.

The court’s decision does not impact registration for commercial drones.

 

What is WannaCrypt ransomware and how to stay safe

WannaCrypt Ransomware, also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems. Discovered on 12th May 2017, WannaCrypt was used in a large Cyber-attack and has since infected more than 230,000 Windows PCs in 190 countries now.

wannacry

WannaCrypt initial hits include UK’s National Health Service, the Spanish telecommunications firm Telefónica, and the logistics firm FedEx. Such was the scale of the ransomware campaign that it caused chaos across hospitals in the United Kingdom. Many of them had to be shut down triggering operations closure on short notice, while the staff were forced to use pen and paper for their work with systems being locked by Ransomware.

How does WannaCrypt ransomware get into your computer

As evident from its worldwide attacks, WannaCrypt first gains access to the computer system via an email attachment and thereafter can spread rapidly through LAN. The ransomware can encrypt your systems hard disk and attempts to exploit the SMB vulnerability to spread to random computers on the Internet via TCP port and between computers on the same network.

Who created WannaCrypt

There are no confirmed reports on who has created WannaCrypt although WanaCrypt0r 2.0 looks to be the 2nd attempt made by its authors. Its predecessor, Ransomware WeCry, was discovered back in February this year and demanded 0.1 Bitcoin for unlocking.

Currently, the attackers are reportedly using Microsoft Windows exploit Eternal Blue which was allegedly created by the NSA. These tools have been reportedly stolen and leaked by a group called Shadow Brokers.

How does WannaCrypt spread

This Ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as EternalBlue which was reportedly stolen and misused by a group called Shadow Brokers.

Interestingly, EternalBlue is a hacking weapon developed by NSA to gain access and command the computers running Microsoft Windows. It was specifically designed for the America’s military intelligence unit to get an access to the computers used by the terrorists.

WannaCrypt creates an entry vector in machines still unpatched even after the fix had become available. WannaCrypt targets all Windows versions that were not patched for MS-17-010, which Microsoft released in March 2017 for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10 and Windows Server 2016.

The common infection pattern includes:

  • Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit. Reports say that the malware is being delivered in an infected Microsoft Word file that is sent in an email, disguised as a job offer, an invoice, or another relevant document.
  • Infection through SMB exploit when an unpatched computer can be addressed in other infected machinesThe worm functionality in WannaCrypt allows it to infect unpatched Windows machines in the local network. At the same time, it also executes massive scanning on Internet IP addresses to find and infect other vulnerable PCs. This activity results in large SMB traffic data coming from the infected host, and can be easily tracked by SecOps personnel.How to protect against Wannacrypt
  • Once WannaCrypt successfully infects a vulnerable machine, it uses it to hop to infect other PCs. The cycle further continues, as the scanning routing discovers unpatched computers.
  • WannaCrypt has rapid spreading capability
  1. Microsoft recommends upgrading to Windows 10 as it equipped with latest features and proactive mitigations.
  2. Install the security update MS17-010 released by Microsoft. The company has also released security patches for unsupported Windows versions like Windows XP, Windows Server 2003, etc.
  3. Windows users are advised to be extremely wary of Phishing email and be very careful while opening the email attachments or clicking on web-links.
  4. Make backups and  keep them securely
  5. Windows Defender Antivirus detects this threat as Ransom:Win32/WannaCrypt so enable and update and run Windows Defender Antivirus to detect this ransomware.
  6. Disable SMBv1 with the steps documented at KB2696547.
  7. Consider adding a rule on your router or firewall to block incoming SMB traffic on port 445
  8. Enterprise users may use Device Guard to lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run.

To know more on this topic read the Technet blog.

The initial WannaCrypt attack may have been stopped, but we should expect a newer variant to strike more furiously moving forward, so stay safe and secure.

Our Immediate Recommendations are to AVOID clicking on any attachments sent to you via Email. EVEN IF THEY APPEAR TO BE LEGITIMATE!

Although the first wave of this Ransomware was stopped we are already seeing new variations if it hitting computers around the world. Finally – If you see the message as shown in this email blast, it’s already too late for you – IMMEDIATEL SHUT DOWN YOUR COMPUTER and call support.

Additional Information United States Computer Emergency Readiness (US – Cert Alert (TA17-132A)

Special thanks to The Windows Club for this information: http://www.thewindowsclub.com/what-is-wannacrypt-ransomware

Security Alert – WannaCry Ransomware

WannaCrypt Ransomware, also known by the names WannaCry, WanaCrypt0r or Wcrypt is a ransomware which targets Windows operating systems. Discovered on 12th May 2017, WannaCrypt was used in a large Cyber-attack and has since infected more than 230,000 Windows PCs in 190 countries.

wannacry

How does WannaCrypt ransomware get into your computer?

As evident from its worldwide attacks, WannaCrypt first gains access to the computer system via an email attachment and thereafter can spread rapidly through LAN. The ransomware can encrypt your systems hard disk and attempts to exploit the SMB vulnerability to spread to random computers on the Internet via TCP port and between computers on the same network.

Our Immediate Recommendations are to AVOID clicking on any attachments sent to you via Email. EVEN IF THEY APPEAR TO BE LEGITIMATE!

Although the first wave of this Ransomware was stopped we are already seeing new variations if it hitting computers around the world. Finally – If you see the message as shown in this email blast, it’s already too late for you – IMMEDIATEL SHUT DOWN YOUR COMPUTER and call support.

ACTSmart Support Team

Is A Video Phone On Your Tech Wish List?

The new Amazon Echo, now with a 7-inch touchscreen, could be officially announced as early as this morning (Tuesday May 9th, 2017) according to The Wall Street Journal. The device will support video calling as its new premier feature in addition to Alexa’s current plethora of “skills” and compatibility with smart home gadgets and popular services. It will also be able to place phone calls in a manner similar to Microsoft’s Skype.

The Wall Street Journal believes that Amazon will price its latest Echo at more than $200. The regular Echo speaker, first introduced in late 2014, currently sells for $149, with the Echo Tap and Echo Dot devices beneath it at lower price points. Amazon’s employees have been testing the new product for several months, and it’s expected to ship sometime in June. Images of the device first surfaced on Friday.

Calling features in the new Echo could be rolled out “in stages,” the report notes. Amazon is said to be experimenting with intercom capabilities between the various Echo products in a consumer’s home, for example. That would partially mimic the functionality of some third-party products like the Nucleus, which also supports Amazon’s Alexa platform. Recode previously reported on Amazon’s plans to turn the Echo into a phone.

Amazon’s flagship Echo is also likely to support “at least some” of the features offered by the Echo Look, a camera that can help users make fashion and outfit choices with the assistance of artificial intelligence. That product is currently available on an invite-only basis, whereas this new Echo will undoubtedly see a huge marketing push by Amazon. You can put an Echo speaker in every room of your house, but this is going to be the experience’s centerpiece. As Amazon’s tech rivals including Google and Apple try to play catchup at building a voice-controlled speaker “assistant,” the company is already moving on to the next piece of its Alexa strategy.

It’s been rumored for a while now that Amazon is working on a touchscreen version of the Echo speaker, and today we’re finally getting some evidence and a sense of what it might look like.

 

Another Possible Facebook Identity Theft Scam

Be careful posting about the 10 concerts you’ve attended. Before you join in with the social media crowd and let everyone know about the first concert you attended, you might want to think twice — hackers would love to have this information.

This past week, one of the most popular Facebook posts had people asking friends to figure out which of 10 concerts they didn’t really attend — and their answers have often been accompanied by a comment noting the first concert they ever attended. This is a common security question — along with the name of the street you grew up on or your first job — and it’s the sort of information that hackers can use to break into your online ID.

The best advice in this type of scenario is to ignore the game and not to answer those questions, just delete the concert posts or set them to private. Don’t make those kinds of answers about your life public. It’s just not worth it.

This particular Facebook game probably started as good-natured fun but as it grew in popularity, it signaled hackers that good, readily available online information was there for the plucking.

This type of exposure calls into question the still popular use of security questions, which are most often used by banks and other financial institutions to guarantee your identity.

A common bank security question asks your mother’s maiden name. As an alternative, use a password application to generate secure passwords comprised of numbers, letters and symbols that would make no sense to anyone, and store them within your chosen password manager. These types of passwords will never be guessed by anyone so it better protects your online identity.

Another Facebook user says he deals with security questions by answering them with lies. “First kiss: Farrah Fawcett”, “Favorite Color: polka dot”, Street You Grew Up On: banana”, “Mother’s maiden name: thermostat.”

The only challenge with this solution is remembering all your “little lies” if the time comes and you need to have your password sent to you.

Take our advice and just say no. Don’t get caught up in the ever changing Facebook game of the week.

ActSmartDentalThe Most Dental IT Experience
on the South Shore!

David’s Blog Archives
Our Clients Say:
Everybody @ ActSmart is WONDERFUL! We are very relieved to have you on our team & know that we are in great hands. ~Leslie, Glivinski & Associates
Proud To Be:
Attention Dental Practices:

We Offer:
Follow Us: