CCleaner was hacked and used to deliver malware to unsuspecting computers and Android devices…

September 18, 2017

This morning I am catching up on the tech news and the one thing that is jumping out at me is the news that CCleaner was hacked and used to deliver malware to unsuspecting computers and Android devices. I drilled down on this more and based on information from Piriform (the developers of CCleaner), a suspicious activity was identified on September 12th, 2017, where Piriform saw an unknown IP address receiving data from software found in version 5.33.6162 of CCleaner, and CCleaner Cloud version 1.07.3191, on 32-bit Windows systems. Based on further analysis, they found that the 5.33.6162 version of CCleaner and the 1.07.3191 version of CCleaner Cloud was illegally modified before it was released to the public.

All CCleaner users are encouraged to update their CCleaner software to version 5.34 or higher. The latest version is available for download from here.

CCleaner has been around for years and years and is a “go to” utility that is used by millions to clean and optimize their PC’s in order to protect their privacy and make things faster. I personally have used it for many years.


SOURCE: Piriform Blog – Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users


A Tool For People In The USA To Check If They Have Been Affected By The Equifax Breach

September 14, 2017

Equifax has provided a website dedicated to providing information (CLICK HERE) about the breach and a tool for people in the USA to check if they have been affected (CLICK HERE) by it. Equifax has not provided a similar facility for people in the UK and Canada yet. The online tool will ask for your “last name” and the “last six digits of your social security number”.

I. What Happened

On July 29, 2017, Equifax discovered that criminals exploited a U.S. website application vulnerability to gain access to certain files. Upon discovery, we acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

II. What Information Was Involved

Most of the consumer information accessed includes names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 consumers and certain dispute documents, which included personal identifying information, for approximately 182,000 consumers were accessed. In addition to this site, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. We have found no evidence of unauthorized access to Equifax’s core consumer or commercial credit reporting databases.


SOURCE: Equifax


FREE Drive Wiping Tool To Erase All Data With No Method Of Recovery

September 12, 2017

Getting rid of an old computer? Before handing that old computer over to someone else, you may want to consider using “MiniTool Drive Wipe Free” to remove all data from the computer. Deleting your personal files is not enough. There are third party software utilities, readily available on the internet, that will let anyone recover deleted files. By using “MiniTool Drive Wipe Free” to wipe the drive, there is no method of recovery.

Wiping is the process of continuously writing some specific data to a hard disk or partition so as to overwrite original data stored on the disk or partition. Once wiping is completed, original data can not be recovered by any data recovery method.

To effectively carry out this operation I would remove the drive from the old computer and put it in a drive docking station such as the Sabrent USB 3.0 to SATA External Hard Drive Lay-Flat Docking Station. This docking station is inexpensive and will work with 2.5 or 3.5in HDD or SSD drives. Once the drive is in the docking station, connect it to a workable Windows computer and use the “MiniTool Drive Wipe Free” software to “wipe the disk” that is in the external docking station. After performing this operation, you can safely reinstall the hard drive back into the old computer and do with it what you want (i.e. donate it, recycle it, give to a friend, sell, etc…)


SOURCE: MiniTool Drive Wipe Free


We use Facebook as a tool to connect, but there are those people who use that connectivity for malicious purposes…

September 3, 2017

Since I started using Facebook, I am seriously looking at the security and privacy ramifications that we expose ourselves to when we do social networking (such as Facebook). With that being said, I encourage you to read “4 Ways to Crack a Facebook Password & How to Protect Yourself from Them“.

You will see more postings, from me, in the future in regards to Facebook vs. Security and Privacy, as an effort to help protect ourselves from that element of our society who prey on honest people.


Crystal Security – A cloud-based system that detects and removes malicious programs (malware)…

September 1, 2017

Crystal Security, a cloud-based system that detects and removes malicious programs (malware), is new to me. I am currently testing the portable version and so far the interface part looks great (user friendly). The detection engine, from I am can tell, is based on data gathered from millions of participating users systems around the world to help defend against the very latest viruses and malware attacks.

Due to not being familiar with Crystal Security, at this point, I will continue to test and use it solely as a troubleshooting application to inform when the possibility of malware exists. If you are familiar with Crystal Security, I would like to hear your experience with this. I do like the idea that there is a portable (no install) option.

I do recommend that you know what you are doing when using applications, such as this; so as not to cause accidental havoc to your PC.


SOURCE: Crystal Security


US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey…

August 29, 2017

In light of hurricane Harvey, I pulled the information below in this blog post directly from the US-Cert website and the FTC website warning people to be cautious when responding to emails that may contain links or attachments that direct user to phishing or malware-infected websites.

From my experience, when life events occur of great magnitude, there is an element of our global society that will try to take advantage of people. This element of people will try to scare, intimidate, scam and rob you via electronic means; whether it be by phone, email, SMS messaging and even Facebook. My motto in our electronic world is “Believe Nothing, Verify Everything”. Just because it looks legit or a friend posted it, make sure you verify it.

I encourage you to read the article below by Colleen Tressler, Consumer Education Specialist, FTC to educate yourself about scammer’s exploiting people when tragedy occurs.

Wise giving in the wake of Hurricane Harvey
August 28, 2017
by Colleen Tressler
Consumer Education Specialist, FTC

It’s heartbreaking to see people lose their lives, homes, and businesses to the ongoing flooding in Texas. But it’s despicable when scammers exploit such tragedies to appeal to your sense of generosity.

If you’re looking for a way to give, the FTC urges you to be cautious of potential charity scams. Do some research to ensure that your donation will go to a reputable organization that will use the money as promised.

Consider these tips when asked to give:

  • Donate to charities you know and trust with a proven track record with dealing with disasters.
  • Be alert for charities that seem to have sprung up overnight in connection with current events. Check out the charity with the Better Business Bureau’s (BBB) Wise Giving Alliance, Charity Navigator, Charity Watch, or GuideStar.
  • Designate the disaster so you can ensure your funds are going to disaster relief, rather than a general fund.
  • Never click on links or open attachments in e-mails unless you know who sent it. You could unknowingly install malware on your computer.
  • Don’t assume that charity messages posted on social media are legitimate. Research the organization yourself.
  • When texting to donate, confirm the number with the source before you donate. The charge will show up on your mobile phone bill, but donations are not immediate.
  • Find out if the charity or fundraiser must be registered in your state by contacting the National Association of State Charity Officials. If they should be registered, but they’re not, consider donating through another charity.

To learn more, go to Charity Scams. For tips to help you prepare for, deal with, and recover from a severe weather event, visit Dealing with Weather Emergencies.


SOURCE(S): US-CERT – Potential Hurricane Harvey Phishing Scams AND Federal Trade Commission – Wise giving in the wake of Hurricane Harvey


Control, Protect and Secure Your Google Account Information, ALL IN ONE PLACE

August 22, 2017

If you have a Gmail (Google) account you need to bookmark the link provided below that gets you to a dashboard (called “My Account”) that gives you quick access to settings and tools that let you safeguard your data, protect your privacy, and decide how your information can make Google services work better for you. You can even use the dashboard to help find your phone if you lose it; or,  to see how much Google Drive space you have left.

Many Gmail (Google) account users are unfamiliar with this dashboard. I highly recommend that you put this one on your bookmark list and periodically visit the dashboard site to review your settings.

From the “My Account” dashboard you can manage (and control) things such as:

Sign-in and Security – Control your password and Google Account access (Signing in to Google, Device activity & security events and Connected apps & sites).

Personal Info and Privacy – Manage your visibility settings and the data we use to personalize your experience (Your personal info, Manage your Google activity, Ads Settings and Control your content).

Account Preferences – Set language, accessibility, and other settings that help you use Google (Language & Input Tools, Accessibility, Your Google Drive storage and Delete your account or services)

Security Checkup – Protect your account in just a few minutes by reviewing your security settings and activity.

Privacy Checkup – A quick checkup to review important privacy settings and adjust them to your preference.

Find Your Phone – Whether you forgot where you left it or it was stolen, a few steps may help secure your phone or tablet.

My Activity – Discover and Control the data that’s created when you use Google Services.


SOURCE: Google – My Account