Android Spyware Poses Threats to Users of Facebook, Skype, WhatsApp, and Other Leading Social Media Apps

Google has detected a family of Android malware, known as Tizi, that is able to steal sensitive data from popular social media apps such as Facebook, LinkedIn, Skype, Telegram, Twitter, Viber, and WhatsApp.

In a blog post, Google security engineers described Tizi as a fully featured backdoor that installs spyware with some rooting capabilities. The blog noted that Tizi was used in a targeted attack against devices in certain African countries, specifically: Kenya, Nigeria, and Tanzania.

If the malware gains root in a device, it simplifies and strengthens the task of infiltrating apps. The backdoor malware contains various capabilities common to spyware, such as: recording calls from WhatsApp, Viber, and Skype; sending and receiving SMS messages; and accessing calendar events, call logs, contacts, photos, WiFi encryption keys, and a list of all installed apps.

In addition, Tizi apps can record ambient audio and take pictures without displaying the image on the device’s screen.

Most of the vulnerabilities target older chipsets, devices, and Android versions. Google reports that it has fixed all of the listed vulnerabilities.

However, if a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are all patched, it will still attempt to perform some actions through the high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages, and monitoring, redirecting, and preventing outgoing phone calls.

What You Can Do

To reduce the chance of your device being affected by malware and other threats, Google recommend these basic steps:

Ensure Google Play Protect is enabled: Google Play Protect is on by default, but you can turn it off. Google recommends that you always keep Google Play Protect on.

Check permissions: Be cautious with apps that request unreasonable permissions. For example, a flashlight app shouldn’t need access to send SMS messages.

Enable a secure lock screen: Pick a PIN, pattern, or password that is easy for you to remember and hard for others to guess.

Update your device: Keep your device up-to-date with the latest security patches. As Tizi exploited older and publicly known security vulnerabilities, devices that have up-to-date security patches are less exposed to attacks from Tizi.

Locate your device: Practice finding your device, because you are far more likely to lose your device than install a potentially harmful application.

To ensure maximum safety for your Android device and everything on it, install antivirus software.

Posted From VIPRE

3 Design Tips You Can’t Live Without!

We know the benefits of responsive design, simple navigation and clean layout. But are you following these three design tactics to take your site to the next level?

Clear Calls-To-Action

Are you using buttons on your pages to prompt visitors to click-through? If not, you may be missing out on customers. Use them throughout your site to help guide visitors to what they should do next

Visual Hierarchy

Does your site have a primary area of interest that gradually decreases in importance as one scrolls? Provide a focal point on your site by featuring a large image (called a hero) at the top with your main value prop.

Video Content

Visitors are increasingly relying on video (over text) to educate them on a brand. Consider making short videos about your product, service, or offering to help boost conversion and create interest in your site.

Take a look at your website. Do you love the layout and design? If not, do you know exactly why? Our team of experts will work with you to create a great website that displays beautifully on any device!

Re-posted from HostGator

What is Phishing?

Phishing is often a sophisticated email attempt to trick the recipient into first opening a fraudulent message and then revealing personal and financial information.

A phishing email usually arrives disguised as an email from a legitimate company or known person. Of course, the email is from one of the bad guys.

The bogus email might seek a payment and direct the user to a replica of a banking website, for example, or to a phony payment center of a utility company.

Phishing email also may be crafted strictly to lure a user to a malicious website, where malware would be installed through the user’s browser via an undetected download. The victim could then be monitored by a criminal enterprise in search of sensitive data.

Charity donations, online banking problems, or IRS inquiries are common themes in phishing scams.

Some Internet browsers have phishing and malware detection in their default settings, but not all. Don’t reply to or click links within texts, emails, or pop-up messages requesting personal information.

Some tips to help protect against phishing emails:

  • Do not respond to any unsolicited e-mails of this nature.
  • Do not click on any attachments associated with such emails, as they may contain viruses or malware.
  • If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
  • If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
  • Don’t email personal or financial information. Email is not a secure method of transmitting personal information.
  • If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
  • Use anti-virus software such as VIPRE and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.

Four Tips for Improving Your Computer’s Security

Hackers, as you know, never rest. They spend countless hours looking for holes in our computers’ security so they can steal data, commandeer devices to generate cryptocurrency revenue or use them for other nefarious purposes.

Here are some ways to beef up your security:

Check Your Various Settings

The best way to do this is to use the Microsoft Baseline Security Analyzer (MBSA), a free scan tool that performs local or remote scans of Windows systems.

It scans for missing security updates, rollups and service packs using Microsoft Update technologies. However, MBSA does not scan or report missing non-security updates, tools or drivers.

The latest version, MBSA 2.3, runs on Windows 8.1, Windows Server 2012, and Windows Server 2012 R2, Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP systems.

Keep Your Browser(s) Updated

Keeping your browser updated is fundamental to your computer’s security. But making sure you have the latest versions of browser plug-ins is equally as important. An outdated plug-in leaves your browser and your computer vulnerable, even if the browser is up-to-date.

Regardless of which browser you use for your home or business, each gives you options to disable cookies and to block security risks such as malware that can sneak in through, infected pop-ups, plug-ins and extensions. To learn more, click here.

Make Sure Your Firewall is Rock-solid

A firewall is a hardware device or piece of software that controls the flow of information between your computer and the Internet. Most modern operating systems and routers include a software firewall. The best antivirus solutions, such as VIPRE, come with firewall protection.

Once your firewall is enabled, consult the user guide to learn how to configure the security settings and set a strong password to protect it against unwanted changes.

RePosted from VIPRE

Are You Revealing Too Much Personal Information on Facebook?

Sharing basic personal information on Facebook can give fraudsters all they need to steal your identity.


The bad guys don’t need to know much about you to steal your identity. A full name, date of birth and address are often enough for stealing an identity, draining bank accounts, taking out loans, making major purchases, applying for credit cards and on and on and on.

Recent YouGov research from Equifax in the United Kingdom has revealed that a high proportion of social media users risk identity theft by giving fraudsters easy access to personal information.

The survey found that almost 30 percent of adults with a social media account include their full name and date of birth on their profile pages, notes a blog post on ActionFraud.

Younger people are more likely to display this information.

The survey revealed that 48 percent of 18- to 24-year-olds divulge this information on social media sites compared to 28 percent of those between 35 and 44.

The Bad Guys Can Find Information Easily

Even if you don’t publicly show your age on your Facebook profile, fraudsters can still find it if your friends post birthday messages that mention your age. Once they have your date of birth, they can find out your phone number and where you live. The process is really quite easy.

The bad guys can fill in the missing pieces of information by using online directories, noted an article in the UK’s Telegraph newspaper. These directories hold huge quantities of information, from addresses, phone numbers and even a list of your past and present housemates.

ActionFraud quoted John Marsden, head of ID and fraud at Equifax UK: “People must act now to protect their finances for the long term. More adults in the UK are engaging with social media than ever before, especially on their smartphones, and a high number are readily sharing their personal information on these platforms.

Fraudsters get hold of this type of information so they can impersonate an individual, either by setting up accounts in their name or accessing existing accounts and stealing from them. The extent of damage can run to thousands of pounds worth of debt being racked up in your name. My advice to consumers is to be social savvy; avoid unnecessarily sharing personal details and risking your identity on platforms that can so easily be exploited. It’s always nice to receive well wishes on your birthday – but is it worth the risk?”

What Can You Do?

You should review your Facebook privacy settings and ensure you are not revealing too much. For detailed help, consider using some or all of this advice from Trusted Reviews.

When it comes to personal information, maybe a simple adage should be trusted: “When in doubt, leave it out!”

Posted by VIPRE

FBI Issues Security Warning About Internet of Things Toys

IoT toys have the potential to violate children’s privacy and safety, given the amount of pertinent information the toys can collect and store, the Federal Bureau of Investigation (FBI) warned this week in an advisory.

The sensors, microphones, data storage capabilities, cameras and other features of Internet of Things (IoT) toys are able to vacuum up extensive details about a child’s name, school, activities and even their physical location.

And if those toys are hacked, criminals could use the stolen information to harm a child, the FBI warned.

What Makes IoT Toys Vulnerable?

Data collected from interactions or conversations between children and toys are typically sent and stored by the manufacturer or developer via a server or a cloud service. In some cases, data are also collected by third-party companies that manage the voice recognition software used in the toys.

Voice recordings, toy Web application passwords, home addresses, Wi-Fi information, and sensitive personal data could be exposed if the security of the data is not sufficiently protected with the proper use of digital certificates and encryption when it is being transmitted or stored.

Smart toys connect to the Internet either directly, through WiFi to an Internet-connected wireless access point; or indirectly, via Bluetooth to an Android or iOS device that is connected to the Internet.

Key factors affecting the user’s security include: the cyber security features, the toy’s partner applications and the WiFi network through which the toy connects.

Superior communications connections — where data is encrypted between the toy, WiFi access points, and Internet servers that store data or interact with the toy — are crucial to mitigate the risk of hackers exploiting the toy or eavesdropping on conversations or audio messages.

The FBI notes that Bluetooth-connected toys that do not have authentication requirements (such as PINs or passwords) pose risks for unauthorized access, enabling criminals to communicate with children.

What You Can Do To Protect Your Child

  • Choose IoT toys very carefully by doing lots of research. Look for any known reported security issues regarding a toy.
  • Find out if a toy can receive firmware and/or software updates and security patches — and ensure the toy is running on the latest version.
  • Closely monitor your child’s activities with each toy through the toy’s parent application, if such a capability exists.
  • Ensure the toy is turned off when it is not in use.
  • Create a strong and unique login password when establishing a user account. For example, use lower and upper case letters, numbers and special characters.
  • Provide only what is minimally required for creating a user account.

As always, stay vigilant!

Microsoft issues ‘highly unusual’ Windows XP patch to prevent massive ransomware attack

Update regarding WannaCry Ransomware Outbreak

We are following news reports today of a ransomware strain that has – so far – hit 74 countries around the globe.

•          Notify your users to be extra cautious right now – even clicking on a suspicious attachment could instigate a ransomware attack

URL for patch for all Microsoft Systems:

Google loves Google+

This one is obvious:

Google factors in your presence on Google+. Take 10 minutes each week to spend on your business Google+ page, whether it’s to post something on your business profile, or posting your content into Google+ communities. Be sure to post the content you want to be ranking for on Google+ to prove to Google that you are worthy of positioning high in their search engine.

We make sure you blog also posts to Google+ and other Social Media.



ABOUT SEO (Search Engine Optimization)

Professional and affordable SEO services to companies of all sizes nationwide.

We get results for our customers through a wide range of strategic tactics, such as:

Capitalizing on press releases, blogs and social media
bookmarking websites
Optimizing website meta tags
Writing keyword-rich, targeted website content
Submitting your site to highly relevant online directories
Creating html and xml sitemaps
And much more!

SEO Requires Knowledge, Time & Persistence

Most companies simply do not have the time to effectively employ SEO.  Others assume that SEO can boost search engine rankings overnight and get discouraged when they don’t see results immediately. The fact is there is no “magic solution.” SEO takes hard work, knowledge and time.  When you work with our SEO specialists, you’ll be backed by years of expertise and a proven track record of success.  We focus on increasing your online visibility, so you can focus on running your business.

CBS USA Inc.: Qualified SEO Service Specialists

CBS USA Inc. has the ability to implement customized Search Engine Optimization (SEO) strategies to drive more qualified traffic to your site for increased conversions and profitability.  Our one-to-one consultative approach allows us to get to know your business inside and out as we work to increase search engine rankings for quantifiable results!  For lasting, continued success, we offer monthly SEO packages that work to increase your search engine visibility on an ongoing basis.

Contact us for more information or to request a Free SEO Evaluation.

Plan’s Note: these services should be done every year

Premiere Listing of your website with site maps and Social Media set-up .With follow-ups every three months for a year.

Comprehensive listings of your site. With a Six month follow-up.

Basic listing of your Website.

Premiere Internet Marketing Support For Selected Clientele

For selected clients, CBS USA’s premium marketing support this may be justified to ensure the successful launch of an important project. Services include marketing plan development with market and competitive analysis and performance monitoring. Service is available under contract, with a minimum six-month term of commitment required.

We use Google Sitemaps to inform Google’s crawler about all your pages and to help people discover more of your web pages.


Our New Website is up

CBS USA Inc. Professional SEO (Search Engine Optimization) Services  Social Media Marketing, Graphic Design and Website Services. All services personalized and designed for our clients.

Having a great website does not ensure people will find you.

SEO Requires Knowledge, Time & Persistence

CBS USA Inc.: Qualified SEO Service Specialists
Effective Layout and Site Planning
High End Affordable Web Hosting for all size Business’s

Contact us for more information or to request a Free SEO Evaluation at 518-533-9819