February 2021
Download

Windows 10 version 1903 from November 2019 (and earlier) have reached end of support.  There will be no more security updates for these versions.  A complete list of versions is here.

If you are on maintenance, and you do not have remote worker access to your computer (like remote desktop or LogMeIn) and would like to, please contact us. There are no additional charges for this service.

Workona is a browser extension that organizes your browser pages by project, and much more. If you spend a lot of time in online browser windows or portals, this may improve your productivity. Figure on about ½ hour of learning time to get it set up.

OneDrive’s single file size limit is now 250GB up from a ‘mere’ 100GB.

Apple releases iOS 14.4 with security fix, iPhone camera improvements.

Apple warns against putting an iPhone 12 too close to your pacemaker.

Organize and play digital media – MediaMonkey.com. We also like VLC Media player.

The Facebook Oversight Board announced Friday that it would begin accepting public feedback on Facebook’s suspension of former President Trump.

WhatsApp Will Disable Your Account If You Don’t Agree Sharing Data With Facebook

The Federal Trade Commission said Monday that it has a settlement with Zoom allegedly misleading its users about the privacy and security of its core product.

Google says it could pull its search engine from Australia

Australia is considering new legislation in that would force Google and others (like Facebook) to pay for news stories it now scrapes for free. This could set a precedent worldwide.

More in the NY Times 

Amazon said it processed 27,664 government demands for user data in the last six months of 2020, an increase of close to 800%.

COVID and Technology

Broad Coalition of Health and Technology Industry Leaders Announce Vaccination Credential Initiative to Accelerate Digital Access to COVID-19 Vaccination Records.

Microsoft, Salesforce and Oracle back plan to develop a digital Covid vaccination passport.

The COVID Tracking Project will stop collecting data on March 7th.

The COVID Tracking Project started when it was nearly impossible to get consistent data on the coronavirus pandemic in the US. The CDC’s improved COVID Tracker, will take its place.  Proposed House legislation on improved tracking.

Walmart will use robots to turn some stores into automated fulfillment centers.

At-home smart phone-based COVID-19 tests.

The $30, single-use Ellume test can analyze a nasal swab and send the results to an app in around 15 minutes. It’s said to be 95 percent accurate. Ellume’s test is one of three that US residents can self-administer and the only one that’s available over the counter.

Internet Service and Entertainment

You’ll see higher bills for internet services:

Comcast…will go up next month by $3 per month for all its plans,

Most DirecTV customers will be paying $5 to $9 more each month, depending on the plan, starting Jan. 17.

U-verse customers will see price increases from $5 to $9 per month on most plans.

Charter raised prices on internet service by $5 per month,

The Cost of online entertainment Is Going Up.

Netflix, DirecTV and Hulu Are Raising Their Prices – Here’s How Much More You’ll Pay,

Netflix is introducing price hikes for its US subscribers today, increasing its standard plan to $14 a month and its premium tier to $18 a month.

Disney+ has a $1 price increase to $7.99 coming in March,

Hulu is announcing a $10 monthly increase for existing customers, according to The Hollywood Reporter.

There are two kinds of streaming. 1. Video on Demand (VoD), from such providers as Amazon Prime Video and Netflix. VoD can come Free, with commercials such as Crackle, Peacock, and Pluto TV.

  1. Live TV streaming services including AT&T Now, Philio, and Sling TV.

Americans Now Spend $47 Per Month on Streaming Services

Video streaming services in the US: Your complete guide

The new stimulus package expected to pass Congress includes a $3.2 billion emergency broadband benefit for households that are eligible for the FCC’s Lifeline program.

Security

Solarwinds Orion Security Breach

The scope of this attack is shaping up to be the worst in decades. The scope of the campaign and the precision in targeting specific U.S. defense and national security interests is chilling.

Four more security vendors confirm SolarWinds incidents

Malwarebytes says SolarWinds hackers accessed its internal emails

SOLARWINDS ATTACK REPERCUSSIONS: MANAGING YOUR SECURITY RISK

It is essential to ensure that suppliers are appropriately vetted and are held to the same or better security standard as your company.

 

More details on the timeline.

The official government response and recommendations.

Microsoft’s analysis

Ubiquiti alerts customers of potential data breach

Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider.  If you have Ubiquiti products, change your password(s).

Hackers Exploiting Critical Zero-Day Bug in SonicWall SMA 100 Devices

This does not affect most SonicWall firewalls, only their Secure Mobile Access (SMA) product line which is used for large scale VPN deployments.

US Cellular hit by a data breach after hackers access CRM software

Why hackers want your computer

“I don’t bank online, I don’t store sensitive information on my machine! I only use it to check email. What could hackers possibly want with this hunk of junk?,”

… nearly every aspect of a hacked computer and a user’s online life can be and has been commoditized (sold).  …This guy makes and markets dozens of account checking tools that are used to test the validity and status of many popular online stores and services, including Amazon, American Express, eBay, Facebook, iTunes, PayPal and Skype, to name a few.

Data breach exposes 1.6 million Washington state unemployment claims
An unauthorized person was able to exploit a software vulnerability in Accellion’s file transfer service… With Accellion being a popular service used by numerous organizations, we should expect to see more hacks come to light.
Data includes name, social security number and/or driver’s license or state identification number, bank account number and bank routing number, and place of employment.

Thousands of US lab results and medical records spilled online after a security lapse

NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password.

From <https://techcrunch.com/2020/12/01/ntreatment-lab-results-medical-records-exposed/>

A billion medical images are exposed online, as doctors ignore warnings

PACS servers, used to store medical images allow for easy storage and sharing. Many medical offices connect their PACS server directly to the internet without a password.

Torian Group

This is a repeat of information sent out last month just in case you missed it.

Torian Group is upgrading the software used to monitor and maintain your computers. You may see new icons as a result of these changes.

Currently, your taskbar shows the following Icon (it may be hidden depending on your settings):

There will now be up to 3 new icons, which look like this:

  • Bitdefender GravityZone Is replacing the Endpoint Security Console icon (anti-malware)
  • Torian Group Monitoring Service (for monitoring and maintenance)
  • ConnectWise Control icon (for remote access)

More information on Solarwinds

As you may have seen on the news, the Solarwinds Orion software was hacked. Torian Group does not use the Solarwinds Orion product, and your network is not affected.  We have been assured by SolarWinds executives during multiple online meetings that there is no link between the product that was hacked (SolarWinds Orion) and the product we have been using for monitoring and maintenance (SolarWinds N-Central).  However, to err on the side of caution, we are replacing the SolarWinds N-Central product with a product from ConnectWise Automate. We are also upgrading to a more capable anti-malware product called GravityZone by Bitdefender which includes “endpoint detection & response”.  The Bitdefender, ConnectWise Control, and Torian Group Monitoring Service icons are part of the upgrade.

If you or your staff currently use the system for remote access to your office computers, we will contact you with instructions for using the new web portal. This will not affect any VPN connections you have.

If you don’t have remote worker access to your computer and would like to, please contact us. There are no additional charges for this service.

There is no cost for the upgrade process, and it will happen automatically. Separately, the monthly cost for the agent went up from $5 to $6 starting January 1, 2021.

Here is a detailed technical analysis of the hack, and the analysis by the Cybersecurity agency (CISA) and a list of affected Solarwinds products.

Here is the notification from SolarWinds.

NY Times summary of what is known.

HUMOR

Yes, it’s plugged in….

by Tim Torian

Newsletter Sign-Up

The Torian Group Times Newsletter is a service to our clients, and anyone who finds it useful. Topics include security updates; known problems with recent patches; new and upcoming software and hardware that might affect your business; and information about technology in the Visalia area.  It is free to anyone who wishes to subscribe by providing their name and email address. We will not do anything with this information other than sending the newsletter – no unsolicited marketing of any kind.

Subscribe to our Newsletters

 

Unsubscribe from Newsletters