Tag Archives: Microsoft

Twitter Offer Bug Bounty Rewards

Twitter has become the latest company to offer computer experts financial rewards for discovering a vulnerability in their security systems. This is known as a bug bounty.

Twitter has confirmed that there is a minimum reward of $140 (£85) available but that no limit has been set on the maximum reward that is available.

Twitter released a statement confirming the bug bounty. The statement read, “There is no maximum reward. Reward amounts may vary depending upon the severity of the vulnerability reported. Twitter will determine in its discretion whether a reward should be granted and the amount of the reward.”

Twitter concluded, “This is not a contest or competition. Rewards may be provided on an ongoing basis so long as this program is active.”

The bug bounty actually started in June through a company called HackerOne but there were no financial rewards available. This was reflected in the uptake as only 44 bugs were reported but this is now expected to increase.

In order to be considered for financial rewards, the person reporting the vulnerability must be the first to have reported it and not disclose the vulnerability until it has been resolved.

Twitter is not the first company to set up a bug bounty which has been successfully utilised by other market leading companies such as Microsoft and Google. A bug bounty helps companies reduce the number of security flaws they have and can also prove very profitable for individuals who discover any security flaws.

One example of this occurred when a security expert earned $100,000 from Microsoft during their bounty program.

Microsoft urges users to uninstall BSOD update

Microsoft’s latest round of Tuesday updates brought about a subtle U-turn from the software giant after some users experienced the blue-screen of death (BSOD) following its installation.

The update MS14-045 was supposed to fix three separate issues, among other things, but it wasn’t long after its release that users were complaining that their PCs, mainly Windows 7 PCs, were getting stuck in the blue screen mode when the PC was next switched on. The severity of the issue was such that many users were unable to get out of the blue-screen mode without booting up the machine using original install media.

The issue sparked a raucous response on the Microsoft support forum website, with nearly hundreds of comments being made to a single thread. The comments also mentioned similar issues with other updates released as part of the same round of updates.

Since the alarm was raised Microsoft have removed the affected patches from its website, but they are still being pushed out by Windows auto-update, and so many users will still be able to download the faulty packages.

Microsoft released this statement; “Microsoft is investigating behavior associated with the installation of this update, and will update this bulletin when more information becomes available”. The company then revised the FAQs for the update itself, stating “Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2982791 security update.”

However, the patch wasn’t erroneous in all cases, with many reporting successful updates to individual PCs as well as to hundreds of client machines.

Unfortunately for users, bad updates appear to be all too frequent with the latest Windows products. 2013 was a particularly bad year for faulty updates with more BSOD issues reported as part of an April 2013 update, multiple problems with MS Office updates in August and September, and problems with a Windows 8.1 update issued in October.

This incident, and others like it, all emphasise the importance of having a sound backup of important data, regardless of its nature. Through using Asigra, Backup Technology can provide you with a reliable service to backup your critical data. Asigra’s versatility makes it ideal for backing up all major data types, whilst its automated nature means it can be configured and forgotten about until its needed.

Make an enquiry today on our website!

Blackmailers Triumph as Nokia Lose Millions of Euros

It has been revealed that Nokia lost millions of euros to blackmailers who threatened to sabotage its smartphone operating system.

It has been claimed that the blackmailers managed to obtain the security encryption key for a vital component of the Nokia’s Symbian software and threatened to make it public if their demands weren’t met. If the security encryption key had been made public, anyone could have written additional code for the Symbian software which could have included malware.

Malware is malicious software that is used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

After Nokia received the demands from the blackmailers, the police were contacted. It was decided that Nokia would pay the ransom fee and left millions of euros in a car park with the police looking on. The operation soon went wrong as the blackmailers managed to lose the police tail after collecting the money and are still at large.

This incident occurred in 2008 but has only just been made public.

Detective Chief Inspector Tero Haapala from Finland’s police service confirmed that they are investigating the case and that Nokia is the company involved.

Haapala stated, “We are investigating felony blackmail, with Nokia the injured party.”

Since this incident, there has been a large scale of change at Nokia as they now utilise Microsoft’s Windows software for its smartphones and its phone arm has been sold to Microsoft.

Jon French who is a senior security analyst for AppRiver believes that ransom money should never be paid as it only encourages other cybercriminals to target such corporations.

French stated, “Paying can only further show other hackers that they have a chance of making a lot of money from these corporations. Nokia seems to have gotten incredibly lucky that the hacker didn’t release the key anyways.”

It is now critical that all companies ensure that they have the best security plan in place and regularly test it to help protect themselves against the threat of cyber hackers and cyber thieves. This should be supported with a robust backup solution to ensure that data can always be recovered no matter what action a hacker or cyber thieves takes such as modifying or deleting the data.

Microsoft Release Windows XP Update

Despite Microsoft declaring that the end of life for Windows XP would occur on Tuesday 8th April 2014, Microsoft has taken the unprecedented action of releasing a security update foe the archaic operating system.

The declaration of the end of life for Windows XP should have meant that no security updates were released for the Windows XP operating system and therefore leaving anyone who is using Windows XP after 8th April 2014 more vulnerable to cyber-attacks. However, it looks like Microsoft has taken an exception in this case.

The security update that has been released is meant to fix a security flaw in the Internet Explorer browser.

Microsoft stated that they rolled out this security update because of how soon after the security flaw was discovered from the end of life support date.

Adrienne Hall, General Manager, Trustworthy Computing, Microsoft stated, “ Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP.”

Hall added, “We made this exception based on the proximity to the end of support for Windows XP.”

The security flaw was present in Internet Explorer versions 6 to 11 in which hackers could exploit the flaw by hosting a specially crafted website. Users would have to visit the website and interact with it. If a user did this, it would allow hackers to gain access to user’s computer with the same permissions as what they were logged in as.

Microsoft has confirmed that the security update has been fully tested and is ready to go.

Microsoft stated, “This update is fully tested and ready for release for all affected versions of the browser. The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically.”

Regardless of what operating system you use, it is vital that data is protected by utilising a robust backup solution. By having the latest security updates downloaded and applied to your machine does reduce the likelihood of becoming a victim of a cyber-attack but doesn’t rule it out completely.

Therefore, by having a robust backup solution in place, you can be sure that you can recover your data in the desired state, no matter what happens.

Chinese Government Continue Using Windows XP

The Chinese government is attempting to patch potential security flaws in the Windows XP operating system after it reached its end of life on 8th April 2014.

As the end of life has been reached for this operating system which is 13 years old, no new security updates are released by Microsoft which leaves those that are still using the operating system vulnerable to cyber-attacks.

Senior official Yan Xiaohong stated, “Security problems could arise because of a lack of technical support after Microsoft stopped providing services, making computers with XP vulnerable to hackers.”

The reason why the Chinese government is attempting to create its own patches is because they deem the price to upgrade the machines using the XP operating system to Windows 8 as being too expensive.

At the moment, Windows 8 costs 888 yuan (£84) in China. The Chinese government is keen to avoid the increased procurement costs and therefore want to continue to use Windows XP.

Chinese security providers have already released patches for the XP operating system which are currently being appraised by the Chinese government.

Yan Xiaohong stated, “The government is conducting appraisal of related security products and will promote use of such products to safeguard users’ information security”

At the moment, it is reported that nearly 70% of all computers in China use the Windows XP operating system whilst this figure is as little as 18% in the US.

This means that there are a huge number of computers that are still running on XP and leaves the users more vulnerable to cyber-attacks which could have unprecedented results.

Regardless of what operating system you use, it is vital that data is protected by utilising a robust backup solution. By having the latest security updates downloaded and applied to your machine does reduce the likelihood of becoming a victim of a cyber-attack but doesn’t rule it out completely. Therefore, by having a robust backup solution in place, you can be sure that you can recover your data in the desired state, no matter what happens.

Have you upgraded from Windows XP? Do you think Microsoft should have continued to support Windows XP?

Scammer Swoop in on Windows XP

It didn’t take long, and was always inevitable but numerous scammers and con artists are out to make a quick buck by advertising extended support and compatibility solutions for Windows XP machines. Such adverts have started to appear on you-tube and websites.

Among the range of applications that are being pushed are “Media Centre” keygen tools designed to harm the performance of computers.

Christopher Boyd who is a Malware Intelligence Analyst at Malwarebytes and former Director of Research at FaceTime Security Labs and threat researcher at GFI Software believes that keygens should be avoided altogether as you never really know what you are downloading.

Boyd stated, “Keygens are something you should really avoid, as more often than not you never know quite what you’ll end up with. As for XP themed ‘setup files’, those links too us to the usual selection of surveys and ringtone offers.”

Boyd added “Take care with the last minute surge of XP themed downloads and offers – whether on social networks, forums or video sharing sites, a lot of what you’re going to see over the coming will probably not do you any favours. XP may be dead and gone in terms of updates, but that doesn’t mean pitfalls booby trap have followed suit.”

As Windows XP is no longer officially supported by Microsoft, no operating system upgrades will be released and therefore leaves the machine highly vulnerable. Virus warnings are still available but little can be done to protect the machine.

If you persist on using Windows XP rather than upgrading to a newer and supported version, it is advisable to be very careful with what you download. It is inevitable that more and more adverts claiming to offer extended support and compatibility solutions will start to appear in an attempt to fool people. Do not fall for these adverts and if you feel that you need to use a supported platform, upgrade your operating system to a newer version. This will give you a much better chance to ensure that your data remains safe and out of the hands of devious scammers and con artists.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal