Hack

,

Ccleaner Ccompromised

,

Several publications are reporting that Windows efficiency tool Ccleaner has been compromised and the compromised version was distributed for over a month to over 2.3 million computers. Our company has never deployed or used this tool, nor advocated it's use. It was originally designed as a way to free up space on hard drives and evolved into a psuedo-privacy tool. I personally used it once in college and it removed some things that I needed, so it left a bit of a distate in my mouth, and I haven't given it a second look.

Anyway, if you use Ccleaner, make sure you are now using the current version, released on or after September 12th - and then once you are up to date with the latest version, I recommend unisntalling it - you don't really need it.

,

Equifax

,

US credit reporting bureau Equifax has released details of a massive breach that exposed social security numbers and other important credit details for 143 million Americans. This is ludicrous, one of the most imoprtant services this company should provide is protecting data - especially since most people don't even realize theeir credit worthiness and personal info is being tracked by this company.

Especailly reprehensible is that the breach occured for over 2 months and was discovered and stopped more than a month ago, but only became public today. In the meantime, 3 top executives sold off stock in the company.

You can see if you are victim of the breach by visiting here; though you have to endure a dubious, lenghty enrollment program.

Go(oogle) Phish

We've had a lot of clients hit by this phishing attempt today. Some people at one of our security service vendors were even hit, which just goes to show you no one is immune to these types of attacks. Google services for businesses (G Suite) is such a behemoth and in many cases is the "budget" solution. In our experience, being a behemoth means they are a large target. In our experience, the budget solution means they devote a lot fewer employees and a lot less money in protecting their clients and users, compared to their competition. If you are forced to use G Suite or other business solutions from Google, (or even just Gmail for your personal email) your best protection is enabling 2 factor authentication, followed by using password best practices that we have previously written about.

,

Yahoo!

,

By now you've probably heard about the Yahoo! breach. This is almost certainly the largest known breach of passwords and user information of all time. What makes it worse is that the breach not only includes passwords and email accounts, but also security questions and answers.

If you've ever been a Yahoo! user, which I suspect is almost everyone reading this, you should first change your Yahoo! password and all your security questions and answers, but secondly, and this is very important, you should enable multi-factor authentication for Yahoo! which provides a second layer of protection. You should actually enable multi-factor authentication for any service that allows you to do so, but especially for email accounts, banking and social media (the most likeley targets of hacking).

The worst part about this is that it is likley Yahoo! has known about this for several months, and it may just be coming out now only the purchase of Yahoo! by Verizon.

Good luck, and please contact us with any questions.