Update to Apple FaceTime Flaw

Apple has fixed it flaw in the FaceTime program. It is safe to turn on again, after updating your device.

 

Apple has finally fixed the FaceTime Flaw we reported on week before last. They issued a patch (12.1.4) for iPhones (5S+) and iPad Air+ and iPod Touch 6th gen+ on Friday after initially disabling the group chat on the server side. They fixed the server side early last week but still needed to patch the software on the phones, iPads and iPods. This has now been done.

If you disabled FaceTime on your devices, as was advised, then after you install the latest update for your device, it is safe to turn it on again.

The issue was discovered by a 14 year old boy, who was thanked by Apple in their statement, which is here:

We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.

We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.

Don’t forget to install the update first before switching it back on.

Stay Safe.

CritchCorp Computers Ltd.

New name for our store

We have rebranded our store from yesDomains to store.cc-computers.com. It has now been rebranded to our CritchCorp brand to make it more clear and easy to use. yesDomains links will continue to work for most of January but will then be repurposed after this time to make a new site dedicated to domain names and DNS and will link to the new store for purchases, billing and control over your purchases. It will in short become one of our brands and an informational site to help promote the brand.

Make sure all your links are updated in the next couple of weeks to the new URL of store.cc-computers.com/

Keep safe

CritchCorp Computers Ltd

SecuredMail.App

Secure, easy to use email at a low cost

Get your SecuredMail.App email account and keep your email and attachments private. Your mail is always your mail, and only £2.00 inc VAT/month for 2 email accounts.

Get yours now; get away from those free email accounts and take back control of your data.

Includes - spam and virus filtering, 5GB account, POP/IMAP access, webmail, calendar, auto-responders, import email from your old free account, Address book and much, much more, click below for more details.

New TLDs added

Just a quick note to let everyone know that we have added some new Top Level Domains to our shop. They are:

  • .space
  • .black
  • .blue
  • .pet
  • .pink
  • .pro
  • .promo
  • .red

If there is a TLD that you want and it is not in our shop, let us know and we will see if we can add it, and maybe give you a discount on a new domain name on that TLD as a “thank you” recommending it.

Also there have been some price increases this month. You can see the current prices here.

New Terms and Conditions for invoice payments

As of 1st October 2018 we are adjusting the standard terms for payment of invoices. For new customers and for all invoices for new products and services must be paid immediately.

All subsequent invoices must be paid by their due date. Invoices will normally be issued 7 days before of the due date. There will be one overdue invoice notice 14 days after the due date. The invoice will be reissued with the 10% late fee added on the 28th day after the due date. After 45 days past due interest will begin to be added to the invoice at the HMRC approved rate of 8% + Bank of England base rate. See government website for more information: https://www.gov.uk/late-commercial-payments-interest-debt-recovery/charging-interest-commercial-debt.

If you have any questions then please submit a support ticket to the accounts department.

Update to the new Ransomware

For the original post see: http://www.cc-computers.com/?p=241

In the original post I talked about the new ransomware that it taking hold all over the world. It has even hit a police station in America that had to pay the “fee” to get back their data.

The latest version of this virus now takes advantage of all the help that has been available on line to “improve their product”. Now if you thought that you could get your data back through shadow copies (Also known as previous versions), think again. The virus now encrypts those too.

Here is what it does now, which is the same as before but better.

Currently the infection vector is through email as an attachment; usually a zip file or pdf that is actually an exe file but as most people have the “Hide extension of known file types” ticked on you would not normally see it. You will see filename.pdf when the actual filename is filename.pdf.exe. I expect that this will change or be improved on as well with links in email and other file types, etc.

When you open this file it infects your computer and immediately contacts a server from a list of around 1000 possible domain names generated through an algorithm. When it finds a live server it exchanges details with it and starts the encryption process. At this point it doesn’t let you know that you have been infected and is not picked up by most antivirus software. The first version would finish its work without interruption of antivirus software.

It encrypts all user content that it can find on your PC, mapped network drives and any shares that it can find on the network and file sharing programs data such as box.net and drop box. It also encrypts any shadow copies and backups that it can get to. When it has finished its work it pops up a message to tell you what it has done, it even gives you a list of the files that it has encrypted so that you can verify that they are your files. It then gives you a countdown timer starting around 72 hours. You have this amount of time to pay the fee and get your files back. Now where the old version used to just delete the key if you didn’t pay up in time the new version will give you a discount for paying within the time frame. Currently it is 1/2 bit coin (which is now about £500). If you fail to pay in time then it goes up to 10 bit coin (About £5000). This “service” is available for an extended amount of time.

In short get yourself protected and keep offline backups and redundant copies.

CritchCorp Computers Ltd.

 

Update to Outbound email policy

Due to the recent increase in spam being sent out from customer PCs by viruses and the problems with our servers being blacklisted by some of the more well know blacklists because of these spam-bot, we have taken steps try to prevent this type of problem from occurring.

With immediate effect all outbound email (which is already authenticated), will also be subject to blacklist checking. If you have a virus on your network that is sending out spam it is likely that you will now not be able to send email yourself. We need to implement this because of the problems caused by being blacklisted for the majority of clients who are not infected. So, to protect everyone else we need to stop email from those who are infected from sending email (most probably spam) and causing disruption and problems for everyone else.

There is now also a limit of 50 emails per hour from the same IP address.

If you do find that you are unable to send email, and nothing has changed on our network, then after you have been through the usual checks (restarting the computer, restarting router, etc) then it is possible you have been blacklisted. You will need to start by trying to fin the virus by scanning all computers (Macs, PCs, Linux, Etc.)

If you need help with any of this then please get in contact with us.

We also have a paid outbound SMTP service. This service rarely gets blocked by spam filters due to it nature. Accounts start at £50/year. Please contact us if you need more information.

CritchCorp Support Team

 

Stories of woe from the Fraudulent phone calls

There are many cases on the Internet about the problem with fraudulent phone calls from people pretending to be from Microsoft or an ISP and getting people to pay money with what starts out as a free service. See this post for more detail – here. This case happened to a friend of someone I know.

These people phoned up and said that they were from Microsoft and want to fix the problems she had been having with her computer. After a while they convinced her they were real and she let them on to her computer. She watched what they did and to her horror, they copied all her university work off her computer and then deleted it!!

She had to pay £50 for them to “recover” it for her! For a student this is a lot of money! To be conned out of £50 is not nice for anyone.

I cannot stress enough the old rule of, if you didn’t ask them for something then under no circumstances let them in!

There are many more stories out on the Internet but I thought this one was close to home. There have been many attempts on CritchCorp Customers but luckily so far no-one has succumbed to them. Always know who looks after your computer and there is very little for free in this world and computer support is definitely not. Computer systems vary from person to person so always have someone that knows your system and you to best be able to advise you and do not let anyone else touch it!

CritchCorp.