Veteran Owned Business logo

Archive for the ‘West Valley Tech’ Category

FBI warns Russians hacked hundreds of thousands of routers

FOREIGN CYBER ACTORS TARGET HOME AND OFFICE ROUTERS AND NETWORKED DEVICES WORLDWIDE

SUMMARY

The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The actors used VPNFilter malware to target small office and home office routers. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.

TECHNICAL DETAILS

The size and scope of the infrastructure impacted by VPNFilter malware is significant. The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer. The initial infection vector for this malware is currently unknown.

THREAT

VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.

DEFENSE

The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.

 

Also note the story from Rueters here.

Upgrade your Internet Router Firmware

As I have mentioned previously on this blog, home & some small business routers are not secure.

One of the issues is that most routers do not automatically install firmware updates when they become available. Another issue may be that your router is just to old ant the manufacturer no longer supports the device and thus does not release new firmware updates. You may ask what does my router do? Well, mainly two things. It allows your internet connection to be shared by all the devices in your house, and secondly it is supposed to help isolate those devices from all the bad things that float around on the internet. There are new software vulnerabilities found almost every month in regards to the software that runs your router.

Thus it is extremely important that router firmware be kept up to date.

Most newer routers it as as simple as logging into the router going to the Administrator section and click Check/Upgrade Firmware, the router will download the new firmware and reboot, some routers you have to manually download the firmware from your router manufacturers website and install it. Below are the manufacturer support pages for the most common internet routers.

Asus Support

Linksys Support

NetGear Support

Here a few websites explaining more details of the firmware issue.

Consumer Reports – Wireless Routers Outdated Firmware Poses Security Risk

Forbes – Russia Accused of Hacking Network Infrastructure

Fox News – How to protect your router from Russian hackers

If you would like to have us upgrade your router firmware and teach you how to do it in the future, give us a call!

Protect your Internet Devices with IBM’s new Quad9 Service

Quad9 LogoIBM offers a free DNS service that will help protect your computers, tablets, smartphones and other internet connected devices from malicious attack.

Whats a DNS service?

Computers talk to each other on the internet by using IP addresses. When you want to go to say www.google.com your computer contacts a Domain Name Server or DNS server and simply asks the server what the IP address for google.com com is. The server will return a IP address such as 216.58.219.14, your computer then contacts that IP requesting Googles website.

Why is QUAD9 better?

Here is a excerpt from the Quad9 website describing how it works.

Quad9 routes your DNS queries through a secure network of servers around the globe. The system uses threat intelligence from more than a dozen of the industry’s leading cyber security companies to give a real-time perspective on what websites are safe and what sites are known to include malware or other threats. If the system detects that the site you want to reach is known to be infected, you’ll automatically be blocked from entry – keeping your data and computer safe.

Your network already has a DNS service provided by your internet service provider. You can however change your DNS server settings to use the QUAD9 service. Giving all your devices on your network a layer of protection against malicious websites. This will help protect your devices from viruses, malware, ransom-ware and other things that are bad on your computer.

How to setup Quad9

The instructions to set this up can be found on the Quad9 website its very simple.
The best way to set this up is to add the DNS server addresses to your router, that way all the devices on your network are protected.

If you need help setting things up give as a call 602-456-0064.

Another Fake Virus Scareware Scam

I’ve received two phone calls today with similar sounding circumstances. Apparently a screen will pop-up on a your browser telling you that you have been infected with a virus and you must pay to have it removed. It will ask for personnel information, payment information & your phone number. It will also not allow you to close the webpage. Once you have entered your information you will receive a phone call discussing your payment information and terms on service with them. Do not fall for this it is a scam being run by unethical people overseas. If your browser will not close when this popup occurs follow the directions listed HERE.

You Have Been Hacked – SCAM

This is very common I get calls about it at least once a week. The websites locks your browser and displays a message stating there is some type of problem with your computer,You Have Been Hacked - SCAM
sometimes it plays an alarm sound or a voice message stating there is some type of problem with your computer. It then displays a toll free number to call, if you call you will get a hold of some one wanting $200-$300 to “fix” your computer. This is a scam and in all likely hood there is nothing wrong with your computers. Check out this video about the scam on NBC News. While in the video it states that the business is being closed I have a feeling this isn’t the only one out there.

How to get this off your computer:

  1. Press Ctrl-Alt-Delete on your keyboard at the same time
  2. Select TASK MANAGER
  3. Find the brower that you were using on the list (Chrome, FireFox, Internet Explorer)
  4. Click on the browser name so its high lighted
  5. At the bottom of the box there is a END TASK button click on it
  6. If there are anymore listings of your browser click on them so there high lighted then END TASK until there all gone.
  7. Open your browser again if is asks “Do you want to restore website?” Click no or it will reload the SCAM site and you will have to start over

If you use your computer for online banking, bill paying or managing your stocks I strongly advise you purchase a quality anti-virus product.

Should I Upgrade to Windows 10? YES!

Windows 10 is a great operating system. It is a faster and more efficient operating system over Windows 7 and slightly faster then Windows 8.1, gone is the big purple Start Menu of Windows 8, that has been replaced with a more useful Windows 7-ish menu. Windows 10 is significantly more secure then Windows 7 or Windows 8.

There are all the rumors flying around about how Microsoft is now spying on you with Windows 10. The scoop is Microsoft has released updates to all of there operating systems (Windows 7 & 8) that track user and operating system metrics. Things like how many times a user uses a certain feature or turns a feature off, also the type of hardware in use CPU speed, how much ram a system has. This is all anonymous usage data it doesn’t track your identity or bank account information, its simply “anonymous user, turned on feature Y, with an i3 CPU & 4GB of ram”. Microsoft uses this data to build a better product in future updates. Most newer operating systems manufactures monitor user metrics even on your smart phone. The upgrade does not usually break anything, there are a few pieces of older software that will not work any more because they are not compatible with Windows 10 but that rarely happens. If you have upgraded to Windows 10 and found your computer to no longer function it is usually because the previous operating system had problems to begin with, more often I find that an upgrade to Windows 10 will usually clear up a lot of underlying problems. So my recommendation is to upgrade before the July 29th deadline so that the upgrade is free. That being said the one thing I don’t like about Windows 10 is the new Edge browser that has replaced the familiar Internet Explorer “E”. Internet Explorer is still there Microsoft has just hidden it, so click on the search box in the lower left corner next to the start flag and type “Internet Explorer” the more familiar looking IE icon should show up next to Internet Explorer right click on Internet Explorer and select pin to “Pin to Task bar”, there you go…. So get to upgrading.

Any problems or want us to upgrade for you give us a call.Windows 10 Desktop

Windows 10 Upgrades

windows-10-logoAs many of you know Microsoft has released Windows 10 free for one year.  We have already upgraded a dozen computers with perfect results. Sometimes there is a occasional driver missing on older computers but that can usually be remedied. The interface is more user friendly then Windows 8, over all Windows 10 is new, fast, stable operating system. If don’t want to wait in line for Microsoft to slowly roll out the update to your computer or would like help with the upgrade give us a call. We will upgrade your computer to Windows 10 for a flat rate of $60, you don’t even have to leave your house as we can do the entire upgrade remotely.

Your Home Router Not Secure

An exploit has been found in the NetUSB module on many home routers. Most manufacturers have released a firmware update to fix the issue. However NetGear has stated that there is no fix for many of there router. NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the “computer name” kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.

The attacker would have to have access to your local network to effect this exploit. If your router is one of the effected and you provide public Wifi service you should upgrade your firmware if a update is available or replace your router.

The vulnerability has been verified to exist in most recent firmware versions of the following devives:Router

TP-Link TL-WDR4300 V1
TP-Link WR1043ND v2
NETGEAR WNDR4500

Furthermore we’ve identified NetUSB in the most recent firmware version of the
following products (list is not necessarily complete!):

D-Link DIR-615 C
NETGEAR AC1450
NETGEAR CENTRIA (WNDR4700/4720)
NETGEAR D6100
NETGEAR D6200
NETGEAR D6300
NETGEAR D6400
NETGEAR DC112A
NETGEAR DC112A (Zain)
NETGEAR DGND4000
NETGEAR EX6200
NETGEAR EX7000
NETGEAR JNR3000
NETGEAR JNR3210
NETGEAR JR6150
NETGEAR LG6100D
NETGEAR PR2000
NETGEAR R6050
NETGEAR R6100
NETGEAR R6200
NETGEAR R6200v2
NETGEAR R6220
NETGEAR R6250
NETGEAR R6300v1
NETGEAR R6300v2
NETGEAR R6700
NETGEAR R7000
NETGEAR R7500
NETGEAR R7900
NETGEAR R8000
NETGEAR WN3500RP
NETGEAR WNDR3700v5
NETGEAR WNDR4300
NETGEAR WNDR4300v2
NETGEAR WNDR4500
NETGEAR WNDR4500v2
NETGEAR WNDR4500v3
NETGEAR XAU2511
NETGEAR XAUB2511
TP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22)
TP-LINK Archer C20 V1.0 (Not affected)
TP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25)
TP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22)
TP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30)
TP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30)
TP-LINK Archer C7 V2.0 (Fix already released)
TP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30)
TP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22)
TP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22)
TP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25)
TP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25)
TP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31)
TP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25)
TP-LINK Archer VR200v V1.0 (Fix already released)
TP-LINK TD-VG3511 V1.0 (End-Of-Life)
TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31)
TP-LINK TD-W1042ND V1.0 (End-Of-Life)
TP-LINK TD-W1043ND V1.0 (End-Of-Life)
TP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30)
TP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25)
TP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-W8970 V3.0 (Fix already released)
TP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25)
TP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-W9980 V1.0 (Fix already released)
TP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30)
TP-LINK TD-WDR4900 V1.0 (End-Of-Life)
TP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30)
TP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30)
TP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30)
TP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22)
TP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22)
TP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22)
TP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30)
TP-LINK TL-WR842ND V1.0 (End-Of-Life)
TP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31)
Trendnet TE100-MFP1 (v1.0R)
Trendnet TEW-632BRP (A1.0R)
Trendnet TEW-632BRP (A1.1R/A1.2R)
Trendnet TEW-632BRP (A1.1R/A1.2R/A1.3R)
Trendnet TEW-634GRU (v1.0R)
Trendnet TEW-652BRP (V1.0R)
Trendnet TEW-673GRU (v1.0R)
Trendnet TEW-811DRU (v1.0R)
Trendnet TEW-812DRU (v1.0R)
Trendnet TEW-812DRU (v2.xR)
Trendnet TEW-813DRU (v1.0R)
Trendnet TEW-818DRU (v1.0R)
Trendnet TEW-823DRU (v1.0R)
Trendnet TEW-MFP1 (v1.0R)
Zyxel NBG-419N v2
Zyxel NBG4615 v2
Zyxel NBG5615
Zyxel NBG5715

Based on information embedded in KCodes drivers we believe the following vendors are affected:
Allnet
Ambir Technology
AMIT
Asante
Atlantis
Corega
Digitus
D-Link
EDIMAX
Encore Electronics
Engenius
Etop
Hardlink
Hawking
IOGEAR
LevelOne
Longshine
NETGEAR
PCI
PROLiNK
Sitecom
Taifa
TP-LINK
TRENDnet
Western Digital
ZyXEL

Workaround:
———–
Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can’t be firewalled nor is there a way to disable the service on their devices.

Used Laptops

I have a few nice used Lenovo t420’s. Theses are nice business grade laptops with Intel i5 CPU’s.

Upgrade your computer with a Solid State Drive

SSD vs HDD

SSD vs HDD

Upgrading your computer with a SSD can vastly improve performance on a desktop or a laptop. SSD stands for SOLID STATE DRIVE it stores data electronically on non-volatile memory rather than by the electro-mechanical design used in modern hard disk drives. SSD’s do not have mechanical spinning media that limit speed and drain battery life on a laptop. They can breath life into desktops and laptops making them run faster then they did when they were new. For on the go laptop users they will speed up your computer and give you a boost in battery life as most SSD’s use less power than a hard disk drive. At the time of this writing the cost to upgrade most computers is $180 to $210 depending on the size of the SSD that is installed. Contact us and we can get your computer upgraded.

Used Computers
Used laptops for sale
Customer Reviews
West Valley Tech customer reviews picture link
Surprise, AZ Location | 602-456-0064
West Valley Tech
13954 W Waddell Rd #103-263
Surprise, Arizona 85379

SundayClosed
Monday8:30 AM - 6:30 PM
Tuesday8:30 AM - 6:30 PM
Wednesday8:30 AM - 6:30 PM
Thursday8:30 AM - 6:30 PM
Friday8:30 AM - 6:30 PM
Saturday12:00 PM - 4:00 PM

On the northwest corner of Litchfield Rd and Waddell Rd next to the Frys grocery store, inside The UPS Store.

Also available by appointment after hours.

West Valley Tech Location's