Newsletters

PC Pitstop sends out a monthly newsletter to update visitors about PC trends and what’s going on at the site. Each issue contains helpful computer tips. To subscribe, complete this form and you will receive a confirmation email. In the email body please click on the link Confirm Your Subscription to complete the process. You can rest assure we will never share your email address with others, see our privacy policy.

To get the most out of the site we strongly suggest creating an account with us. Be sure to check the box to indicate you want to get the newsletter. Below you’ll find an archive of the newsletters we’ve sent out in the past.

    Attackers Find a New Way to Spread Ransomware Faster Than Ever

    Ransomware has been riddling home users, business entities, governments, schools, and more for years. The attacks have grown in frequency, with ransom demands growing as well.

    In order to continue their profitability, hackers have to find new ways to infect networks. This includes exploiting software vulnerabilities, using social engineering, creating new versions of malware, and now - targeting businesses with access to multiple networks. Often, but not always, these targets include managed service providers (MSPs). Due to the access MSPs have in various business entities, by targeting an MSP, multiple networks become available to infiltrate.

    This is exactly what happened last week. Percsoft and Digital Dental Record, two businesses that offer online services for dentists around the U.S., were targeted by cyber criminals. After infecting their networks with ransomware, the hackers were able to infiltrate the networks of over 400 dentist offices. This left the dental offices unable to access patient charts, x-rays, or payment ledgers.

    Percsoft and Digital Dental Record have contacted the FBI.

    Pearson, Major Education Publishing Giant, Suffers Data Breach

    September 03, 2019 by Kayla Elliott in Newsletter

    Pearson Notifies Schools Impacted By Breach

    In November 2018, the massive education publishing giant, Pearson, suffered a data breach. Although the breach was reported to the FBI in March 2019, it wasn't until last week that the organization had an idea of the full extent of damages.

    An exact number of records impacted is unclear. However, it has been confirmed, over 13,000 educational institutions have been impacted. The breach impacts past and current student files, including names and birthdates. A letter will be sent to all potentially impacted individuals, notifying them of the breach, along with information to obtain free credit monitoring services.

    How Do Breaches Happen?

    With news breaking weekly about yet another data breach, consumers are likely wondering, "How does this happen?" And they should. Unfortunately, there is not just one factor. Data breaches occur for various reasons, whether it is a lack of proper cyber security protection, improper patch management, open remote desktop protocol (RDP) ports, rogue employees, and more.

    The best ways for organizations to thwart data breaches is to implement the following:

    • Deploy a security solution that implements application whitelisting
    • Keep all operating systems and third-party applications updated
    • Disable all RDP ports that are not used
    • Enable two-factor authentication
    • Enforce role-based access for employees
    • Implement strong password requirements

    Optimizing Windows 10 Start Menu Through Personalization

    September 03, 2019 by Kayla Elliott in Newsletter,tips

    We Personalize Everything!

    We live in an era where we feel a need to personalize everything.  Our shirts, gym bags, device cases, cars, and our computers — just to name a few.  However, personalizing our items isn’t always a bad thing.  For instance, if you aren’t personalizing your devices to meet your needs, you could be missing out.  Adjusting our devices to meet our needs could not only simplify things but also make them more efficient.  For instance, if your device has 15 programs on it that you don’t use — get rid of them!  It’s wasting storage and could be slowing it down.  Beyond personalizing the software, you can also personalize settings, backgrounds, sounds, etc.

    Today, we are going to discuss how to personalize your Windows 10 Start menu.

    Personalizing Windows 10 Start Menu

    First, you will want to open your Start menu.  Once you do, you will see something similar to this:

    When I was first playing around with this, I combined several tiles into one box.  I thought less to look at would be good.  You can do the same by dragging whatever tile you would like, on top of another.  This then puts them into their own single box, or folder, together.

    I wasn’t crazy about this.  It still looked unclean and too clustered for me.  So, I decided to “unpin” whatever tiles I wasn’t using from the Start menu.  You can do so by right-clicking on a tile and selecting “Unpin from Start”, as seen here.

    In addition, you can also resize tiles, rate, and review, or uninstall certain programs right from this function.

    Also, you may create new tiles for some of your most-used software.  Handy feature? I say so. If you want a specific tile, find the program within the Start menu and right-click.  Once you do so, you can select “Pin to Start”, seen below:

    After clicking “Pin to Start”, a tile will populate within the Start menu for the software/program you requested.  Once you have all of the pins you like and have unpinned those you don’t, you can drag and drop the tiles where ever you’d like that creates the most efficient use of the menu for you.

    The last and final fun trick is personalizing your Start menu accent color, which determines the color of the tiles. You can customize this by opening Windows 10 Settings, navigating to Personalization, then clicking the “Color” option in the left margin. Scroll down and select your favorite color. You can also set it to automatically change the color based on your wallpaper colors.

    If you have any fun tips and tricks for Windows 10 that you'd like to share, drop them in the comments section below!

    New York School District Pays Hackers $100,000

    Rockville Centre School District Forks Out Thousands

    After falling victim to ransomware, the Rockville Centre School District decided to follow the path of least resistance -- pay the ransom demands. The school had a cyber insurance policy, which helped to cover the cost of the $100,000 payment, as well as assist with the payment and negotiation process.

    Ransomware victims are often discouraged from paying the demands because there is no guarantee the hackers will send the decryption keys after getting paid. However, this time, they did.

    Unfortunately, just because you receive the decryption keys doesn't mean the remediation process is quick. The attack took place in July, and Rockville Centre School District is still working to restore their networks. Meanwhile, a neighboring school in Mineola, NY was hit with the same ransomware, and was able to restore using backup files and is operating at normal capacity. The lesson -- back up your files.

    Other Ransomware Attacks

    For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

    Ransomware Now Spreading Through Fortnite Cheat Hack

    Hackers Post Ransomware in Fortnite Forums

    Although ransomware has been targeting the business sector, they haven't forgotten about home users. In a new campaign to spread malicious software, hackers have masked ransomware as a Fortnite cheat hack. By posting the malicious link in various Fortnite forums, cyber criminals hope gamers will click the link and unknowingly install Syrk. Syrk is a ransomware variant that encrypts the user's files and attempts to encrypt any data found on connected USB drives.

    Once encryption is complete, a ransom note displays on the screen. The ransom note states all of the user's personal files have been encrypted and a timer begins counting down. In two hours, if a ransom payment has not been made, the files in the photo folder will be deleted. Then a second timer is set, and the files in the desktop folder will be deleted. If a payment is not made, a third timer displays claiming the files in the document folder will be deleted.

    The exact amount of the ransom demand hackers are requesting is still unknown. In order for the user to determine the payment amount, they are asked to email a specific email address for payment instructions.

    Hackers Copy NordVPN's Website to Spread Bank Trojan

    August 21, 2019 by Kayla Elliott in Newsletter,tips

    Users Hoped for Security, Ended Up with Malware

    Cyber criminals have found an effective way to distribute malicious software, and users are none the wiser. By copying the popular VPN (virtual private network) website for NordVPN, users believe they are using something that is meant to boost their security. Instead, they are downloading a bank trojan.

    Now, one may think they cannot be dupped by a fictitious website but these hackers are good. Not only did they replicate the site entirely, but they also added a valid SSL certificate, which helps the fake website appear more legitimate while also allowing it to bypass browser security checks.

    Tricky? Yes, yes indeed.

    What is a VPN?

    As mentioned earlier, a VPN is a virtual private network. However, that still doesn't exactly state what it does. Take a firewall, for example, that helps to protect your data on your computer. A VPN does the same but does so online. By utilizing a VPN, users are able to securely access a private network and share data on public networks.

    Don't Fall Victim

    The best way to avoid these scams is two-fold. First, when you visit a website, type the URL into the address bar instead of searching for the URL on a search engine. Often times, even if they are malicious, websites will show up in the search results. For instance, if you wanted to go to espn.com, type in www.espn.com in the browser's address bar. Do not go to google.com and search ESPN. Granted you'll likely go to the correct place, but you also may end up on a spoofed site. So, searcher beware.

    Also, deploy a security solution that uses an application whitelist. By running a whitelist, only known trusted programs are permitted to execute. Therefore, if you find yourself somewhere you shouldn't be -- the malware still cannot run, because it has not been tested and proven secure.

    Grocery Store Chain, Hy-Vee, Experiences Data Breach

    August 19, 2019 by Kayla Elliott in Newsletter

    Hy-Vee Suffered Data Breach Through PoS Systems

    One of the largest U.S. grocery-store chains, Hy-Vee, has experienced a data breach after staff discovered a vulnerability on some of its point-of-sale (PoS) systems.

    The company reported transactions made at Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants may have been recorded by hackers. A list of the exact locations of those impacted has not yet been released. However, the company is certain the breach does not impact all locations, as different PoS systems are used in different locations.

    Hy-Vee has confirmed, payments made through Aisles Online were not compromised.

    A company spokesperson reported the organization believes it has taken appropriate actions to stop any unauthorized activity on their PoS systems moving forward.

    In the meantime, Hy-Vee, is encouraging customers who believe they might have had their card data swiped to check card statements at regular intervals for any suspicious transactions. If unauthorized transactions do occur, it is imperative individuals contact their banking institutions as quickly as possible.

    Lonestar State Targeted in Vicious Cyber Attack

    Several Local Texan Governments Infected with Ransomware

    Update, 8/21/2019: Two Texas towns, Keene and Borger, have confirmed they were amongst the 23 municipalities hit with ransomware last week. Mayor Gary Heinrich of Keene stated the attack accessed their network through their outside security provider. The use of a third-party security provider is rather normal for small municipalities, as they lack the IT staff to manage their own IT needs. Therefore, it is entirely possible, this one security provider was managing all impacted governments. This has not been confirmed but does help to make sense of how 23 different facilities fell victim on the same day. The ransom demands have also leaked to the public -- a whopping $2.5 million to unlock the data for the 23 local governments impacted. At this time, it is unclear if officials will pay.

    Last week, multiple governments municipalities throughout the state of Texas found their networks corrupted with ransomware. Although many details are being kept under wraps, we do know approximately 23 different government entities were impacted.

    Ransomware is malicious software used to encrypt files within a network, making them inaccessible to network users. The cyber criminals then demand a ransom payment, typically in an untraceable digital currency such as Bitcoin. If victims opt to pay the ransom, hackers provide a decryption key which is supposed to restore the data.

    Several state and federal government entities are working together in an attempt to recover the lost data. So far, it has been confirmed the FBI, DHS, and Texas Department of Public Safety are involved. There are several factors that remain unknown, including what the ransom demands were, what ransomware variant infected the networks, and how it bypassed cyber security software.

    The best way to avoid falling victim to ransomware is to follow these five steps:

    • Deploy a security solution that uses application whitelist security - meaning only known trusted programs will be allowed to execute
    • Backup data daily to either an external device or via the cloud
    • Keep all third-party applications and operating systems updated
    • Complete cyber security training to ensure users are aware of current cyber threats, and the red flags to identify them
    • Close all unused, enabled remote desktop protocol (RDP) ports

    Other Ransomware Attacks

    For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

    416 total views, 1 views today

    (Visited 1 times, 1 visits today)

    About The Pit Crew

    PC Pitstop's Pit Crew is committed to providing you with the information you need to keep your PC safe and running like new.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.