Our Blog

Chrome 68 for Windows, macOS and Linux takes another step toward differentiating between secure and non-secure websites.

Google this week released Chrome 68 for Windows, macOS and Linux, patching 42 security flaws, adding new APIs for developers and marking sites relying on HTTP as “Not Secure.”

Chrome updates in the background, so users can usually just relaunch the browser to install the latest version. To manually update, select “About Google Chrome” from the Help menu under the vertical ellipsis at the upper right; the resulting tab either shows the browser has been updated or displays the download-and-upgrade process before presenting a “Relaunch” button. New-to-Chrome users can download it from this Google site.

The Mountain View, Calif. company updates Chrome every six or seven weeks. It last upgraded the browser on May 27.

Turns on ‘Not Secure’ warning

The biggest change to Chrome with the debut of version 68 was the new warning labels set into the address bar. While sites whose traffic is encrypted – marked by the HTTPS at the beginning of the URL – will be marked as “Secure,” those transmitting data via the unencrypted HTTP will be tagged as “Not Secure.”

This campaign of Google’s to call out HTTP websites as unsafe began four years ago, with incremental steps toward that goal since. In January 2017, for example, Chrome 56 shamed pages that didn’t encrypt password or credit card form fields with the “Not secure” label.

This latest move will not be the last, Google has promised. In early September, with Chrome 69, the browser will remove the “Secure” tag from sites using HTTPS so that encrypted traffic is considered the default. Google’s 180-degree turn from browsers’ decades-long signage – marking secure HTTPS sites, usually with a padlock icon, to indicate encryption and a digital certificate – to labeling only those pages that are insecure, will wrap up this year. In October, with the launch of Chrome 70, the browser will tag HTTP pages with a red “Not Secure” marker when users enter any kind of data.

As usual, Google adds APIs and plugs security holes

Chrome 68 sports some behind-the-scenes newness as well, which is standard for the browser’s updates.

Google highlighted several new APIs (application programming interfaces) in notes to developers, including the Page Lifecycle API and the Payment Handler API.

Kong.

The former API, Page Lifecycle, offers site and web app developers a way to restore a tab that, for performance reasons, had previously been “frozen” by the browser to conserve resources, including memory and processor load. When the user then returns to the tab, it can be resumed as if nothing had happened.

Payment Handler, on the other hand, lets web-based payment app makers tie into the already-available online checkout infrastructure built into Chrome.

Google also patched 42 security vulnerabilities in version 68, including five marked as “High,” the second-most serious ranking in the company’s four-step system. Google shelled out $21,500 to researchers for reporting 19 of the bugs, with several bounties still to be decided.

Chrome’s next upgrade, version 69, will start reaching users the week of Sept. 2-8.

Source: Computerworld.com

What is a social engineering attack?

In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.

What is a phishing attack?

Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.

Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as

• natural disasters (e.g., Hurricane Katrina, Indonesian tsunami)
• epidemics and health scares (e.g., H1N1)
• economic concerns (e.g., IRS scams)
• major political elections
• holidays

How do you avoid being a victim?

• Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
• Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
• Don’t send sensitive information over the Internet before checking a website’s security. (See Protecting Your Privacy for more information.)
• Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
• If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group.
• Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic. (See Understanding Firewalls, Understanding Anti-Virus Software, and Reducing Spam for more information.)
• Take advantage of any anti-phishing features offered by your email client and web browser.

What do you do if you think you are a victim?

• If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
• If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
• Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
• Watch for other signs of identity theft. (See Preventing and Responding to Identity Theft for more information.)
• Consider reporting the attack to the police, and file a report with the Federal Trade Commission.

Author

US-CERT Publications

Source: us-cert.gov

Microsoft and Walmart are teaming up for a strategic partnership that will take on rival Amazon in both technology and retail. Walmart is announcing today, at Microsoft’s Inspire partner conference, that it’s partnering with Microsoft to use the company’s cloud services. The five-year agreement will see Walmart use Azure and Microsoft 365 across the company, alongside new projects focused on machine learning, artificial intelligence, and data platforms.

Walmart is Amazon’s biggest retail competitor, and Microsoft is Amazon’s largest cloud services rival. That rivalry isn’t lost on Microsoft CEO Satya Nadella, who hinted in an interview with The Wall Street Journal that it’s “absolutely core to this” new partnership. “How do we get more leverage as two organizations that have depth and breadth and investment to be able to outrun our respective competition,” says Nadella.

While the tech partnership will obviously benefit both companies, it also comes just weeks after reports suggested Microsoft is working on rival Amazon Go technology for cashier-free stores. Microsoft is reportedly in talks with Walmart for this technology, and the software maker has hired a computer vision specialist from Amazon. Amazon’s Go store in Seattle uses multiple camera and sensors that use computer vision algorithms to detect what items you’re taking out of the store so you’re automatically charged. Microsoft is reportedly experimenting with attaching cameras to shopping carts to track items.

Both Walmart and Microsoft don’t reference too many of the future-facing parts of this strategic deal, and it’s mostly timed for Microsoft’s big partner conference in Las Vegas this week. However, this new deal could be a unique test ground for Microsoft’s bigger AI ambitions and any future plans it has to push other retailers to use its range of cloud services.

Source: Theverge.com

Intel wants its Low Power Display Technology to become nearly ubiquitous sometime next year.

Nearly lost in the flood of Intel announcements at Computex—Intel’s 28-core chip, the 8086K Anniversary Edition, and more—was something a bit more fundamental: the development of 1-watt display panels, which will have a profound impact on battery life.

Intel said it is working with Innolux and Sharp to develop what it calls its Low Power Display Technology, which optimizes the display technology, including the backlight and panel circuitry, to halve power from a typical power consumption of about two watts down to a single watt. They’ll be optimized for Intel’s U- and Y-series processors for ultrabooks and ultra-low-power devices.

In the real world, that could extend battery life by as much as four to eight hours, according to Josh Newman, the general manager of mobile innovation segments for Intel. For laptops whose batteries already last a dozen hours or more, it could push the laptop’s stamina to levels that approach 20 hours or more depending on the existing battery, Newman explained.

Fortunately, Intel’s Low Power Display Technology doesn’t appear to change the fundamental nature of the panel themselves. Intel showed off prototype laptops from Dell and HP with the LPDT panel technology already installed. It sounds like those laptops will still be able to project all the light output users need—350 nits or so. What’s unknown (and probably unlikely) is whether you’ll be able to run at full brightness and still achieve the longest battery life.

Newman said the first systems with the display technology installed would appear on store shelves this holiday season. It’s unclear whether LPDT panels will affect the prices of the laptops themselves—that’s up to notebook makers, Newman told PCWorld.

Intel’s been facing pressure from Qualcomm on the battery front, as its Snapdragon-powered Always Connected PCs emphasize connectivity and long battery life—specifically 20 hours or more, the same range Intel is targeting. With Intel beginning to push 5G-equipped PCs forward in conjunction with low-power technologies like LPDT, it’s going to be a close fight. That’s good news for consumers, who will ultimately benefit.

Source: PCWorld.com

The FBI is recommending that all small business and home router owners reboot devices, even if they’re not among the brands known to be affected.

The FBI is urging small businesses and households to immediately reboot routers following Cisco’s report that 500,000 infected devices could be destroyed with a single command.

The malware, dubbed VPNFilter, was developed by the Russian state-sponsored hacking group Sofacy, also known as Fancy Bear and APT28, according to the FBI, which last week obtained a warrant to seize a domain used to control the infected routers.

Cisco’s Talos Intelligence researchers revealed in a report last week that 500,000 routers made by Linksys, MikroTik, Netgear, and TP-Link had been infected with VPNFilter.

The malware is capable of collecting traffic sent through infected routers, such as website credentials.

However, the most worrying capability is that malware allows its controllers to wipe a portion of an infected device’s firmware, rendering it useless. The attackers can selectively destroy a single device or wipe all infected devices at once.

Cisco released the report on Wednesday after observing a spike this month in infections in the Ukraine, which accused Russia of planning an attack to coincide with Saturday’s Champions Cup final in Kiev.

The country also blamed Russia for last June’s NotPetya attacks that mostly affected Ukraine organizations but also spread within multinational corporations with offices in Ukraine.

Users with infected routers can remove the dangerous Stage 2 and Stage 3 components of VPNFilter by rebooting the device. However, Stage 1 of VPNFilter will persist after a reboot, potentially allowing the attackers to reinfect the compromised routers.

The web address the FBI seized on Wednesday, ToKnowAll[.]com, could have been used to reinstall Stage 2 and Stage 3 malware, but all traffic to this address is now being directed to a server under the FBI’s control.

The FBI nonetheless is urging all small office and home router owners to reboot devices even if they were not made by one of the affected vendors. This will help neuter the threat and help the FBI identify infected devices.

“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” the FBI said in a public-service announcement.

“Owners are advised to consider disabling remote-management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.”

Cisco and the Justice Department have also urged all home and small office users to reboot routers.

See: What is phishing? How to protect yourself from scam emails and more

The Justice Department said the FBI-controlled server to which infected devices are now communicating with will collect the IP addresses of each device.

The addresses are being shared with the non-profit cybersecurity group, The Shadowserver Foundation, which will disseminate the addresses to foreign CERTs and ISPs. The FBI and US DHS CERT has also notified some ISPs.

It’s not known how the attackers initially infected the routers, but Symantec noted in its report on VPNFilter that many of them have known vulnerabilities.

“Most of the devices targeted are known to use default credentials and/or have known exploits, particularly for older versions. There is no indication at present that the exploit of zero-day vulnerabilities is involved in spreading the threat,” wrote Symantec researchers.

Known infected devices include:

• Linksys E1200
• Linksys E2500
• Linksys WRVS4400N
• MikroTik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
• Netgear DGN2200
• Netgear R6400
• Netgear R7000
• Netgear R8000
• Netgear WNR1000
• Netgear WNR2000
• QNAP TS251
• QNAP TS439 Pro
• Other QNAP NAS devices running QTS software
• TP-Link R600VPN

Source: ZDnet.com

Check out these features added in recent Windows 10 updates, including new features from the April 2018 Update. They’ll help you get things done on your PC and across your other devices.

Return to past activities in your timeline

In the April 2018 Update, continue your recent PC or phone activities instantly from your timeline. Select Task View on the taskbar, or press Windows logo key  + Tab, then select an activity to get started. Scroll down to look for past activities, or search to find a particular activity.

Share a picture with a nearby device

In the April 2018 Update, open Photos  and select the picture you want to share. Select Share , then select another PC you want to share it to. On the other PC, select Save & Open when the notification appears.

Bring the Microsoft experience to your phone

Get beautiful Bing wallpapers that refresh daily, sync your Office docs and calendar, and more with the Microsoft Launcher app. Open the Google Play Store app on your Android phone, type “Microsoft Launcher” in the search box, and then install it.

Switch seamlessly from your phone to PC

Start browsing the web, writing emails, and using apps on your Android or iPhone, then continue on your PC, instantly. To link your phone, on your PC select the Start  button, and then select Settings  > Phone  > Add a phone .

Add emoji from your keyboard

Express yourself with emoji wherever you want, including conversations, docs, and even web searches. Press Windows logo key + period (.) to open the emoji panel in a text entry field, then select an emoji.

Talk instead of type

Talk to write an email or message instead of typing it. Select touch keyboard  on the taskbar, select microphone or press Windows logo key   + H, and then talk to dictate.

Note

This feature is available in US English only.

Stay focused with focus assist

In the April 2018 Update, hide distractions while you work
—turn on focus assist to send notifications directly to action center. Select action center  on the taskbar, then select focus assist.

Pin sites you use frequently

Get to your favorite websites faster by selecting them from the taskbar. In Microsoft Edge, open a website, then select Settings and more  > Pin this page to the taskbar.

Add security questions to a local account

In the April 2018 update, local account users won’t have to worry about forgetting their password when they add security questions. While you’re logged in with your local account, select Start  > Settings > Accounts > Sign-in options , and then under Password, select Update your security questions.

Source: Support.Microsoft.com

If your organization is running Windows 10, April 10, 2018 marks an important milestone.

For Windows 10 version 1607 (the so-called Anniversary Update), that date marks the official end-of-service date. To continue receiving monthly security and quality updates, you need to install a newer feature update from the Semi-Annual Channel.

If that abbreviated lifecycle seems like a major change from previous versions, welcome to the “Windows as a service” era.

Microsoft has a well-established support lifecycle for its software products. As I’ve noted before, it’s basically an agreement that the company makes with everyone who purchases a license to use its core products, Windows (desktop and server) and Office.

That assurance of support is especially important for business customers, who tend to be conservative in their approach to upgrades.

For more than a decade, the support lifecycle for each new version of Windows or Office was 10 years, with mainstream support for five years and extended support for another five years. (For details on what each support phase means and how end-of-support dates are calculated, see the end of this post.)

Windows 10 privacy guide: How to take control

In this guide, Ed Bott shows you which privacy settings help you create the right balance of privacy and convenience in Windows 10.

Read More

That 10-year support lifecycle is rapidly fading away, as Microsoft moves to its “Windows as a service” and Office 365 subscription models. For a few more years, software sold under the Fixed Lifecycle Policy is still alive and kicking. But it’s rapidly being supplanted by products like the Windows 10 Semi-Annual Channel and Office 365 that follow the Modern Lifecycle Policy. (For details on the differences, see the Microsoft Lifecycle Policy home page.)

A long list of Microsoft products have end-of-support dates in 2018. That comes on the heels of a similarly long list of products whose support ended in 2017, including Windows Vista and Office 2007.

Here’s the rundown on commitments for currently supported client versions of Windows and Office, starting with the newest member of the family.

How long will Windows 10 be supported?

We might need a whiteboard for this one because the story is complicated.

In the run-up to the release of Windows 10, many wondered whether Microsoft would take the opportunity to change its established 10-year support lifecycle. The answer, as announced with the release of the new operating system in July 2015, is no. The Windows 10 support lifecycle has a five-year mainstream support phase that began on July 29, 2015, and a second five-year extended support phase that begins in 2020 and extends until October 2025.

A note to that policy qualifies the support commitment to devices where the OEM continues to support Windows 10 on that device. And that’s where things become complicated.

Windows 10 feature updates (the new name for what used to be full-version upgrades) are delivered via Windows Update automatically. Microsoft released the first major update, version 1511, in November 2015; the second feature update, version 1607 (the Anniversary Update) was released in summer 2016; versions 1703 and 1709 were released in April and October 2017, respectively.

These updates are required for ongoing servicing, and Microsoft supports each feature update for 18 months. That period ended for the initial release of Windows 10 on May 9, 2017. Support for the Anniversary Update ended on April 10, 2018.

For an up-to-date list of end-of-service dates for each Windows 10 version, see the Windows lifecycle fact sheet. (Spoiler: Version 1703 servicing ends on Oct. 9, 2018, and the end date for version 1709 is April 9, 2018.)

Microsoft has made one exception to these dates for customers running Enterprise and Education editions of Windows 10 versions through 1709. For those customers, the end-of-service date is pushed back an additional six months, which means the end date for Windows 10 version 1607 is October 9, 2018.

But what if your device is incapable of installing a new feature update? That unfortunate situation actually happened to owners of three- and four-year-old devices built using the Intel Clover Trail chip family. Microsoft has blocked those devices from installing the April 2017 Creators Update but eventually agreed to extend the support deadline to match the Windows 8.1 support lifecycle.

The 10-year upgrade cycle for Windows 10 matters most to customers running the Long Term Servicing Branch (LTSB) in enterprise deployments. The 2015 LTSB release shares the support dates shown here. For the 2016 LTSB release, the support dates are pushed out by a year, to Oct. 12, 2021, and Oct. 13, 2026, respectively.

Mainstream support ends: Oct. 13, 2020

Extended support ends: Oct. 14, 2025

How long will Windows 8/8.1 be supported?

Microsoft’s official Windows 8.1 Support Lifecycle Policy treats Windows 8.1 as if it were a service pack for Windows 8. That means the lifecycle calculations start when Windows 8 shipped, in 2012.

Support for the original release of Windows 8 ended “two years after the General Availability of the Windows 8.1 update,” or Oct. 18, 2015.

A similar policy applies to Windows Server 2012 (released at the same time as Windows 8) and 2012 R2 (equivalent to Windows 8.1). Both operating systems are still supported, but the end of support date is identical for both and is based on the release date of Windows Server 2012.

Most PCs that included a preinstalled version of the original release of Windows 8 have long since disappeared from retail channels. For the dwindling population of PC users still running Windows 8, a free upgrade to Windows 8.1 is available through the Windows Store.

Mainstream support ends: No longer supported

Extended support ends: Jan. 10, 2023

How long will Windows 7 be supported?

This is still an incredibly popular release of Windows, although Windows 10 is making serious inroads, especially in the consumer segment of the market. The following support dates require that you install Service Pack 1 (Windows 7 RTM support ended in April 2009)…

Source: ZDnet.com

‍

The following are the 11 best antivirus tools for Android, according to AV-TEST’s March 2018 evaluations of 20 Android security apps. (The AV-TEST Institute is a Germany-based independent service provider of IT security and antivirus research.) Each Android antivirus software app listed below received perfect protection and usability scores of 6.0. The apps are in alphabetical order.

Overall, the industry average for detection of the latest Android malware in real time is 97.5 percent, and the detection of Android malware discovered in the last four weeks is 97.1 percent.

1. Alibaba Mobile Security 5.8

Like all the other top Android anti-malware tools, Alibaba Mobile Security detected all newly discovered malware and all other previously known malware. It checked all the boxes for usability and gave no false warnings. It has a good feature set including anti-theft, call blocking, message filtering, safe browsing, and an app lock. However, it lacks parental control, personal data backup, and encryption.

2. Avast Mobile Security 6.9

Avast Mobile Security 6.8 managed Android malware detection in real-time 99.9 percent of the time. It found 100 percent of the latest Android malware discovered during the previous four weeks. The app doesn’t negatively affect battery life or cause the device to get sluggish during normal use. It registered zero false warnings during installation and use of legitimate apps from Google Play or third-party app stores.

Mobile Security’s safe browsing features help protect against phishing attacks and malicious websites, and it offers anti-theft features such as remote wipe. Additional features not evaluated by AV-TEST include an app lock, a privacy advisor, and wi-fi security.

3. AVG AntiVirus Free 6.9

AVG AntiVirus Free had a nearly perfect 99.9 percent detection rate for real-time malware detection and a 100 percent detection rate for recently discovered malware. It gave no false warnings. It has a decent set of features including anti-theft, call blocking, an app lock, wi-fi security, and backup of personal data. However, it lacks a message filter, parental control, and encryption.

4. Bitdefender Mobile Security Version 3.2

Bitdefender Mobile Security’s Android malware detection in real-time is 99.8 percent, and it discovered the newest Android threats discovered in the last four weeks 100 percent of the time as well. For usability, the app gets big check marks for not dragging down battery life or device speeds. AV-TEST found zero false warnings during installation/usage of legitimate apps from Google Play and third-party app stores.

Unlike some Android malware protection apps, Bitdefender’s Mobile Security offers anti-theft features, including remote lock, wipe, and locate, as well as safe web browsing and phishing protection. Like many other Android security tools, it doesn’t include message filtering or call blocking and doesn’t support all types of encryption. Additional features not evaluated include app lock and a privacy advisor.

5. G Data Internet Security Version 26.2

G Data’s Internet Security has more features than many of its other top-rated competitors. AV-TEST checked the boxes for remote lock, wipe, and locate; call blocking; message filtering; safe browsing; parental control; and support for all encryption. The only ‘x’ the app received was for not enabling personal data to be saved to an SD card or cloud storage.

Otherwise, Internet Security’s real-time Android malware detection rate was 100 percent, while it detected threats discovered in the past four weeks 100 percent. The excellent usability score resulted from not negatively affecting battery life, dragging down device performance, or generating too much traffic. The app issued zero false warnings during installation and use of legitimate apps from Google Play and third-party app stores.

6. Kaspersky Lab Internet Security Version 11.15

Kaspersky Lab’s Android malware scanner caught the latest Android malware in real-time 99.9 percent of the time and the latest threats discovered over the prior month 100 percent of the time. The app’s perfect usability score results from not impacting battery life or slowing performance. The feature set is more robust than most, with remote locking, wiping and location; call blocking; message filtering; and safe browsing/anti-phishing protection—though G Data’s Internet Security product offers a few more features. Additional features not tested include privacy protection and anti-phishing protection for texts.

7. McAfee Mobile Security Version 4.9

McAfee Mobile Security Android malware scanner detected bugs in real-time 99.8 percent of the time, but caught malware discovered in the last four weeks 100 percent. As with all other apps in this roundup, usability was stellar. The app’s feature set is strong, including a full set of anti-theft tools, call blocking, safe browsing and phishing protection, and the ability to save personal data to an SD card or the cloud. Mobile Security doesn’t support all types of encryption, however, or text message filtering. Other features not tested include a battery optimizer, privacy, and app lock.

8. PSafe DFNDR 5.4

PSafe DFNDR did a flawless job of Android malware detection for threats discovered in the previous four weeks. For the latest threats discovered in real time, it deteced 99.8 percent. DFNDR also earned high marks for not impacting battery life, slowing the device during normal use, or generating too much traffic on the device. It issued zero false warnings during installation and use of apps from Google Play or third-party app stores.

DFNDR offers safe browsing and protection from phishing as well as the ability to block calls from specific or unknown numbers. It also offers anti-theft features such as remote locking, wiping, or locating your device, according to AV-TEST.

9. Symantec Norton Mobile Security 4.1

Symantec Norton Mobile Security caught 100 percent of all Android malware, including those discovered recently, with no false warnings. It has a good set of usability features, including safe browsing, personal data backup, anti-theft, and call blocking. Features not reviewed include an app advisor, wi-fi security, and an app lock.

10. Tencent WeSecure 1.4

With Tencent’s WeSecure, you won’t get anti-theft features (remote lock, wipe, and locate). AV-TEST didn’t list any additional noteworthy features that weren’t tested, but you’ll get call blocking, safe browsing/anti-phishing protection, and the ability to backup personal data to SD cards or the cloud. The app aced real-time detection of new malware, catching it 100 percent of the time, and it detected new malware reported in the previous four weeks 100 percent of the time. Usability was excellent, with no downsides for battery life or performance and no false warnings.

11. Trend Micro Mobile Security and Antivirus 9.2

Trend Micro’s Mobile Security and Antivirus checks most of the feature boxes: anti-theft, call blocking, text message filtering, safe browsing and anti-phishing protection, and parental control. Plus, there are a privacy scanner, messenger protection, and network protection. The app achieved a 100 percent detection rate for new malware in real-time as well as for threats discovered in the past four months. Usability was excellent, too, with no drag on battery life or performance and zero false warnings.

The state of Android security

Research from the AV-TEST Institute shows that Android malware samples collected have increased sizably every year. In 2014, the total was more than 326 million. The next year, the malware tally reached more than 470 million. In 2016, AV-TEST recorded nearly 597.5 million samples—nearly double the amount from two years earlier.

Source: ITnews.com

‍

iOS 11 has been heavily criticized by the security community and there seems to be evidence to back up these concerns. Whenever new and shiny features are rolled out, they often come at the joy of the consumer base while security experts immediately dive into the cracks in the armor.

One of the newest features offered by iOS11 is the ability to toggle Wifi from the Control Center. For those not familiar with this terminology, the Control Center is the menu that is dragged up from the bottom of your home screen with a finger stroke. On this menu, users can control a variety of different aspects of their iPhone. Mobile phones are especially vulnerable to Wifi attacks, which is why it is a good idea to be proactively cautious. Many users will assume that toggling their Wifi off from the Control Center will provide a protective shell from Wifi attacks, which is understandable as iOS11 certainly makes it seem that way. However, this is has proven to be misleading.

Toggling the Wifi off does indeed cut off connections, however this is only temporary. The wrinkle in the design happens when a user approaches a new Wifi-enabled location. As soon as the user’s phone pickups a new Wifi location, the auto-join feature is automatically activated. This is important to note for user’s that believe their toggle action has effectively cut off all wireless internet connections.

While this flaw is not an enormous deal, it could still spell trouble for some iOS users. With this in mind, if you are in a situation where you need to ensure that all wireless internet connections are cut off, your best bet is to navigate to your settings and disable your connection from there.

‍

Top Laptops of 2017

We all know how quickly the IT and technology world changes. New innovations mean new devices and at ICC, we really are your full-service IT company. Whether you need technical support, new infrastructure or technology recommendations, we’re here to help.

Buying new equipment can be a daunting process and we want to guide you through the decision. An investment in technology is an investment in your business and should be worth your energy. Here’s a peak into some laptops that have stood out in 2017.

Best Overall Ultrabook: HP Spectre 13.3

The ultrabook is quickly becoming a dominant force in the laptop industry. Their lightweight body, tough exteriors and cloud integration capabilities are evening the laptop playing field and allow your business to be efficient while on the job. They still have their weaknesses, but our experts can help find the ultrabook device that will work best for your needs.

HP’s newest version of the Spectre is equipped with a 15-watt i7 processor. Adding in their two Thunderbolt 3 ports and USB-C port, its easy to see why the HP Specre 13.3 has earned top reviews. Their capabilities are endless and their design is sleek.

Best Overall MacBook: Apple MacBook 12 inch

This year’s version of Apple’s MacBook takes sleek, brushed metal design to another level. Fitted with a 12-inch screen, the resolution is ultimately unchanged. However, boasting a 1.2 GHz Intel Core m3-7Y32 CPI and 256GB SSD, the Macbook offers performance that rivals that of its highest competitors. This year’s version has also compounded on the keyboard structure of last year’s, offering users a better overall  experience when using the device. We typically recommend that your business operate on PC devices due to security, mobility and compatibility reasons. The programs that are HIPAA compliant are more often than not built for PC devices and infrastructure. If your company is insistent on using an Apple product, let our experts guide you through which products will work best for your needs.

Best Overall 2-in-1 Laptop: Asus Zenbook Flip UX360

In today’s laptop landscape, it is impossible to create a list of the best laptops of the year without inevitably listing a convertible laptop. Long gone are the days when these 2-in-1 machines were perceived as  low-power gimmicks. Now, there is a substantial demand and an increase in use capabilities for these machines,  and the Asus Zenbook Flip UX360 delivers on many  fronts.

Compared to their performance, their price points are absolutely affordable. We’ve seen them used in industries across the board like dental offices, medical facilities, executive meetings and daily use. The 8GB DDR3L RAM and 13.3 inch, 1920×1080 screen propels this device past its predecessors and into the top class. Combine that with 512 GB SSD storage and it quickly becomes evident why this machine has stood out in the current 2-in-1 market.

These three devices are just a few of many on the market that can perform and operate in a way that makes sense for you. Like we mentioned, having a device that works best for your business is crucial to your overall success and we are here to guide you. We can offer you expert advice on your next laptop, phone system, email network and more so that your IT is made easy with ICC.

Give us a call at (877) 463-0781 or email sales@iccusa.net for more information.