January 2023
Download
For most business clients, we recommend waiting to upgrade to Windows 11 on existing business computers. It often makes more sense to upgrade when the computer is replaced.
Microsoft is still making incremental improvements in Windows 11 22H2. They have yet to document how to control “Moment” or incremental releases.
If you buy a Windows 11 machine, you can set it up without a Microsoft account. When you get to the “Let’s add your Microsoft account” step in Windows 11 Setup, enter no@thankyou.com plus any password. It will fail and then go around the Microsoft account requirement.
QuickBooks password hacking tool – $39. Resets QB company passwords to blank.
Intuit (QuickBooks) is selling a PCI (Payment Card Industry) compliance service to customers who take credit cards via QuickBooks.
This is usually paid for by the banks that process payment. Details (PDF).
You can use a lower-cost card processing option and still automatically input your sales data into QuickBooks. Pricing for Intuit merchant accounts is not competitive.
Apple released updates for nearly all its platforms, including iOS 15.7.2 and iOS 16.2.
Microsoft Authenticator will have the option to offer additional security by requiring you to enter a matching code when logging in.
DUO authenticator is offering a similar feature.
Multi-factor authentication (MFA) fatigue and how to defend against attacks.
Cybercrime May Become Uninsurable. Rates are rising and many policies that used to include coverage are not bundling cyber insurance.
“Firms should choose insurance policies carefully and according to their needs. For example, many cybercrime insurance companies don’t cover social engineering attacks. It’s important to read and understand the fine print, which is often deliberately written in an opaque style.“
MediaTemple web hosting was sold to GoDaddy.
A Lab-grown meat company is going into production. https://www.believermeats.com/
Another 3D printed meat company.
Scientists can 3D print wood – without cutting a single tree.
ECONOMY
The number of deals on even the latest-gen laptops (WSJ paid link) is higher than at any point in memory – outside the Apple world, at least. Companies will likely continue to increase prices on subscription services, however.
“What’s happening now is very different from the dot-com bust [and] the financial crisis. … The numbers are not large enough yet to make big dents in other parts of the economy.”
A cryptocurrency crash and a falloff in PC sales reduced the demand for GPUs (Video cards), which improved the stock situation. Due to increased costs, Nvidia says higher prices are here to stay.
EVGA will no longer manufacture Radeon or Arc GPUs for AMD or Intel.
SECURITY
We have had a lot of clients ask what they should do to protect their LastPass account.
According to LastPass, no passwords were compromised. However, encrypted account data was stolen.
We recommend using a hardware key (such as the Yubikey) along with a strong master password.
Here’s an excellent article summarizing the risks:
Just How Bad Is the Recent LastPass Compromise?
“… if you’ve been following LastPass’s master password recommendation of 12-characters or longer, didn’t make it an easy to guess password, and didn’t reuse it (or a similar pattern) on other web sites that were compromised, you’re probably fine.”
If your master password was weak, or you used the same password on multiple sites, it is theoretically possible that hackers could access your passwords. If so, consider changing stored passwords – particularly bank and financial site passwords.
A key concern is the potential for users to be targeted by sophisticated phishing campaigns in the wake of this news. “ …The attacker didn’t just get encrypted passwords. They got unencrypted URLs.” meaning that users “should expect to get phishing emails” in the coming days and months.
It is believed that hackers will likely use this breach to target users and encourage them to change passwords and click on malicious links.
“Be VERY careful about password reset alerts in these next few months,”
Password managers are a prime target for hackers but are still better than the alternatives.
Identity Provider Okta – source code was hacked. No passwords were exposed.
The Equifax data breach settlement – you may be entitled to a small payment.
New Zealand Government Hit by Ransomware Attack on IT Provider.
1 in 5 users on mobile devices may be compromised with mobile malware.
The Malware tool marketplaces make it easy to create malicious apps.
Data breach at Connexin Software compromised data of Valley Children’s Hospital patients.
HUMOR
TORIAN GROUP
We will raise our hourly rate to $150/Hour (7% increase) starting on April 1, 2023, to keep up with costs. Travel time will be $80/Hour.
Tim Torian