Category Archives: Security

Application Security

Protecting your personal data from Open Records Directory Sites

Posted on by

Protecting your personal information can help you reduce the risk of identity theft.

Privacy protection in the digital age has become much more complicated and risky than it used to be. In the pre internet days, if people wanted to access your public records, they had to visit the county clerk’s office in person. Today, most government information about you that contain highly sensitive personal data is available on the internet via Open Records Directory Sites.

Hacker Privacy

Most of these Open Records Directory Sites provide an opt out for you to remove your data from their databases. If they do not remove your data from their databases after your request you can submit a complaint with the Federal Trade Commission (FTC). In our requests we had no problems with any of these sites and our data was removed within the hour or up to 48 hours after the request.

The problem with having your personal information easily accessed online is that hackers and other criminals will leverage this information to guess your passwords, account names and steal your identity.

Here are a few opt out links:

White Pages Public: https://www.whitepages.com/suppression_requests

White Pages Premium: https://support.whitepages.com/hc/en-us/articles/115010106908-How-do-I-edit-or-remove-a-personal-listing-

Spokeo: https://www.spokeo.com/optout

Discoverthem: https://discoverthem.com/removal.php

Speedyhunt: https://speedyhunt.com/removal.php

Mylife: email to: removalrequests@mylife.com and read instructions at: https://what-is-privacy.com/2016/01/how-to-get-out-of-mylife-directory-site/

Radaris.com: https://radaris.com/page/how-to-remove

Intelius: Read Instructions at: https://www.reputationdefender.com/blog/privacy/how-remove-information-intelius-and-protect-your-privacy

Using service companies for a monthly fee that claim they will remove your personal data from the Open Records Directory Sites, we found these companies were not effective. Doing it yourself was effective.

Conduct a search engine search on your name and see the search results. Make a list of the companies selling your information and locate their opt out procedure. Most are listed in their terms of use or privacy notification pages. Follow their instructions and your personal information will be removed.

Hackers and other criminals leverage every bit of information they can find on you to add to their tools of stealing and destroying your life, and the lives of others.

You are the best tool on protecting yourself.

Together with cyber security experts that want to help you and with technology we can all work together to prevent the hackers and other criminals from destroying our lives. They can make many mistakes and still win, if we make one mistake we lose. Getting your personal information off these Open Records Directory Sites is one step in the right direction on protecting you.

Contact us today to see how Adept Secure can help you with these problems and many more.

Learn More About Adept Secure

Call us toll free 1-888-392-9623

Social Media Disinformation Bots, Sockpuppets and Trolls the new additions to Cyber Security

Posted on by

The problem for Cyber Security with social media these days is the huge amount of disinformation spread to you by Bots, Sockpuppets and Trolls.

A bot is a computer program that behaves like humans. It performs automated tasks, and were developed to help you feel more comfortable when interacting with automated software systems.

But all too often, automated bots have been built to deceive, especially within the social media software systems. Not only do these bots pretend to be real people, but they spread misinformation, malware and ransomware. These bots are well known for coordinating social media harassment campaigns.

Hacker Software

Not only have individuals been victims to these coordinated bot attacks, but corporations and governments too. In addition to bots, there are two other categories you have to watch out for; sockpuppets and trolls.

A sockpuppet account is created by one individual in order to appear like the account is controlled by a second, distinct individual. The second individual could be a real person, or is a poser that simply masks the identity of the real account creator. What distinguished a sockpuppet from a bot is that the sockpuppets are at least partially controlled by a human, where bots are fully automated via software code. Often a human controls multiple sockpuppet accounts, writing different content from each one, or sending or resending the same content from all of them. There are various tools available to someone who wants to coordinate mass content across multiple accounts.

A troll is an account setup that starts quarrels or just upsets people by posting inflammatory, extraneous, or off-topic content in social media systems.

By leveraging all three of these Cyber Attack account systems, Bots, Sockpuppets and Trolls; one human can overwhelm the information seeking public quit easily.

A good example of this is the Delta Airlines over reaction decision to end their NRA relationship based on what they believed was a main stream demand by the majority of Americans to do it. Their decision cost them $50 million dollars in lost sales tax savings by upsetting the Georgia conservatives. To think that a few people can leverage these Cyber Attack account systems and suddenly your targets (Delta Airlines and others) believe you have every American Citizen on the planet supporting you. These are very valuable cyber attack tools!

FedEx did not follow Delta Airlines because they were obviously protected by very good Cyber Security experts that confirmed the Bots, Sockpuppets and Trolls that attacked them with misinformation and who these human attackers where. Which probably saved Fedex millions of dollars in not upsetting individuals, governments and businesses for unnecessary actions at that time. Information is power.

What can you do when attacked?
Rule number 1 – do not get excited.
Rule number 2 – do not over react.
Rule number 3 – you will need to add protection from Social Media Disinformation Bots, Sockpuppets and Trolls to your Cyber Security Planning and software systems.

Contact us today to see how Adept Secure can help your organization with these problems and many more.

Learn More About Adept Secure

Call us toll free 1-888-392-9623

Microprocessor Speed vs Security Flaw

Posted on by

Microprocessor Speed vs Security Flaw

Spectre and Meltdown are both flaws in every modern microprocessors, based on the concept of predictive computing, that dates back to 1967, but wasn’t implemented into microprocessors until the 1990s.

It appears that for the last twenty years microprocessors have been built for speed over security, thus every modern microprocessor can be exploited.

Intel has rushed to release patches to address these flaws, but has run into system reboot problems and stability problems, which has caused systems to crash. Intel on Monday advised all users to not apply any of their firmware patches.

Software Attack Risks

Major Problems

Intel also isn’t the only vendor having problems patching Meltdown and Spectre. Microsoft pulled their patches after systems froze, and end users received the blue screen of death. Antivirus companies were also required to patch their systems after Microsoft patches were installed.

Many cloud vendors are still trying to figure out which of their products and services are at risk.

It seems the patch updates is getting very messy in the high target Cloud computing market where the systems can be exploited in these public shared computing environments much easier than in non-shared public environments.

For typical desktop users, the risk is less significant, it still is a problem, but less targeted.

Basically the Microprocessor Speed vs Security Flaw has come to roost, and it is and will continue to be a long term messy and costly fix.

Major Questions

The question now is with all the patches being rushed to market, and as we are seeing crashing servers, what other security flaws are being created? How safe in your data in the “Cloud”?
We then add Social media sites like Twitter and Facebook apps, website access, Google searching, and the hundreds to thousands of unknown web server sessions for your modern microprocessors to calculate, along with the hundreds to thousands of server’s microprocessors calculations, are you safe?

Are You Safe?

No you are not safe. Running your enterprise in the public cloud is a bad idea, and sadly the savings to risk analysis will only get worse.

With the constant security flaws in our modern technology world, we recommend running your enterprise with our Adept Enterprise Software, which medicates the risk of being a huge target with Cloud providers to being a very small target with Adept Technologies on-premises systems and private service systems.

It is easier to manage the risks, and it is cheaper when your systems are not a huge and easy target to exploit.

Contact us today to see how Adept Enterprise can help your organization.

Call us toll free 1-888-392-9623

Unsupported software systems: Microsoft shuts down support for Windows 8.1, upgrade to Windows 10 ends today.

Posted on by

Unsupported software systems: Microsoft shuts down support for Windows 8.1, upgrade to Windows 10 ends today.

New York, NY – Microsoft’s Windows 8.1 is essentially a dead operating system. Microsoft ended mainstream support on January 9th. There will be no new features, or bug fixes. There is a last-ditch upgrade to Windows 10 via the Microsoft assistive technology loophole, but it ends today January 16, 2018.

All software has a lifecycle. It gets developed, released, updated, and eventually completely over written for a newer version. There is nothing to stop you from using unsupported software, but the dangers are huge.

Basically the unsupported software has no further updates, no bug fixes, no technical support, then there are the security weaknesses, and security bugs that can be exploited by hackers. We have seen ransomware attacks that are designed to target unsupported software systems. Ransomware systems like Wanncry and Petya have been very active in this field.

Unsupported Software Risks

Bottom line

If your version of any software system is no longer supported, you are putting your business at risk.

Devices connected to your network are more integral to your business then you think. Which means that a virus on any device could cause a major business disruption.

Although you can believe you can accept the risk of running unsupported software, you should treat it as a temporary strategy.

Unsupported software systems will expose your corporate network to cyberattacks. The cost and resources required to replace unsupported software will be much greater then making sure your software is supported. The perceived cost and impact of an adverse event caused by the unsupported software is huge, and can possibly put your organization out of business.

If your organization has decided to allow the use of unsupported software, senior management should fully understand the risks, and they should establish a policy for preventing unsupported software on its network. Such a policy must be part of the business risk management plan. It should specifically identify resources and earmark funding to implement the policy.

What can you do?

1) Inform senior management about the risks of running unsupported software.
2) Establish a corporate wide policy for preventing unsupported software use on your networks.
3) Ensure the corporate wide policy aligns with your corporation’s risk management plan.
4) Identify resources and earmark corporate funding to implement the policy.
5) Contact Adept Technologies: www.adepttech.com.

We at Adept Technologies have replaced numerous unsupported software systems in our industry.

Contact us today to see how Adept Enterprise can help your organization.

Call us toll free 1-888-392-9623

Meltdown and Spectre Vulnerabilities

Posted on by

Meltdown and Spectre Vulnerabilities

New York, NY – We at Adept Technologies have already updated all of our server systems at our datacenters and offices for the Meltdown and Spectre Vulnerabilities. We have already sent out updates to our “on-premise” software systems that support the fixes being released by OEM vendors.

For our “off-premise” solutions over the last ten years we at Adept Technologies have invested large sums of money in having our own hardware and datacenter spaces. We do not use Amazon, Google, Microsoft Azure or any other 3rd party “cloud” service providers and we never will. We do not use VMware or any other Hypervisor based technology. Unlike other technology companies that leverage these services to reduce their costs with your data, we are not like them, and you are safe with us.

We have added information based on outside sources on what is Meltdown and Spectre Vulnerabilities, it is listed below.

Adept Technologies Datacenters

What are Meltdown and Spectre?

Three critical vulnerabilities were recently identified by independent teams of security researchers. The three vulnerabilities, collectively dubbed Meltdown and Spectre, impact all Intel CPUs built in the last 10 or so years – which is quite a significant number of devices. These two vulnerabilities enable a malicious user LAN application to read the protected kernel memory of other processes (Meltdown) and applications (Spectre). This could include things like passwords, personal documents, and credit card data.

Who is affected by this?

Almost everyone, especially Cloud Server providers. Meltdown exclusively impacts Intel processors. So, if you have an Intel CPU you’re impacted. Spectre on the other hand impacts Intel, AMD, and ARM processors. Combined, the list of vulnerable devices includes PCs, Macs, Android and iOS devices, and smart devices – all of which run a potential vulnerable CPU.

How are they exploited?

Exploitation occurs through the execution of malicious untrusted applications. Proof of concept JavaScript code has been released for Linux. This means that all a victim has to do is visit a website that has been compromised. Spectre is a more difficult vulnerability to exploit, and to this point no proof of concept code has been seen in the wild.

What do they do?

The vulnerabilities enable an attacker that has gained access to the device to be able to defeat the barriers between the memory space of user-land (normal) processes and kernel process. This effectively enables a malicious application to read portions of kernel memory, which often contains data prior to being encrypted, processed, and sent to a socket.

How do I protect myself?

Update your software! Microsoft, Apple, Google, and other vendors have released patches to mitigate the risk Meltdown. If an update is available for your platform, install it. Intel has also announced that 90% of the CPUs released within the last 5 years will have a patch available by next week, which should mitigate the impact of Spectre.
Outside of software updates, use sound fundamental security principles when accessing the Internet. Avoid downloading an executing files from untrusted sources, and avoid visiting unknown sites.