Tumblr Vulnerability Concerns Valid Amidst Social Data Breaches

Tumblr Vulnerability Concerns Valid Amidst Social Data Breaches

Earlier this month, short blogging and social media tool Tumblr announced the presence of a vulnerability that could have exposed certain protected information to hackers under specific circumstances.

The news came at a bad time for social media platforms. Just a week prior, Facebook announced an industry-shaking data breach, around the same time that Google announced it was shutting down its Google+ service due also to a huge data breach.

Within the context of those other stories, its important to fully understand the vulnerability and what it means if you use the service.

Problem with Recommended Blogs

According to Tumblr, an unnamed security researcher found a flaw in the “Recommended Blogs” feature on Tumblr, which displays a select, rotating list of other users’ blogs to the reader. When using the desktop version of the site, the researcher found that an attacker could expose blog owners’ information using debugging software in a certain way.

The vulnerable information wasn’t as critical as it could have been. Potentially exposed information included users’ email addresses, salted and hashed account passwords, self-reported location, prior email addresses, last login IP addresses, and blog names associated with the compromised account.

It’s interesting to note that the self-reported location is no longer an available feature.

More Vulnerability Than Breach

So, how bad is the news, really? In light of the breaches at Facebook and Google—we can count Twitter’s API flaw from September in the mix—Tumblr got extremely lucky. Its report was forthcoming about the vulnerability and its limitations.

Given how an attacker would need to see a recommended blog, and then perform a specific set of actions, it’s easy to believe Tumblr’s assertion that it can’t determine if specific accounts were affected, nor the fact that the bug was “rarely present.” That rarity, and the fact that sensitive passwords weren’t exposed in a more open manner, are encouraging facts.

While the Tumblr vulnerability might not reach the level of a data breach, it’s still important to be ready to respond if your data is compromised. Contact Wheelhouse ITif you believe your information was compromised in any of these breaches to determine your best course of action to protect yourself from harm.

Windows 7 is Approaching End-of-Life

Windows 7 is Approaching End-of-Life

If you’re reading this on a computer that’s currently running Windows 7, I have some bad news: the End-of-Life date for this version is approaching.

What does this mean for your business and the workstations that support it? Read on to find out.

End-of-Life?

Don’t worry, this doesn’t mean that your computers are suddenly going to stop working on January 14, 2020. What it does mean is that Microsoft is going to end their extended support of the Windows 7 operating system.

The mainstream support for Windows 7 ended on January 15, 2015. This means that (assuming that Service Pack 1 was installed) the operating system will not receive any updates that add new features, but security updates are still being implemented. Once extended support ends,however, these security updates will no longer be released.

What This Means

There is effectively an arms race being waged over your computer’s security. Hackers and other malicious entities are constantly coming up with new ways to undermine your system’s defenses, while software developers are constantly coming up with better defenses and patches to thwart these new threats.

When Microsoft ends support for a particular operating system, they are effectively conceding the battle to cyber criminals so they can focus their energies on protecting newer, more up-to-date systems.

As a result, once the end of support date passes, any computer running Windows 7 will be vulnerable to attack. It will still work, but with the constant and very real risk of intrusion.

What You Should Do

Frankly, install Windows 10 as soon as possible. To do so, your computer needs to meet the following requirements:

Processor: 1GHz processor or faster

Memory: 1GB RAM for 32-bit; 2GB for 64-bit

Hard disk space: Up to 20GB available

Required video card: 800 x 600 screen resolution or higher. Direct X 9 graphics processor with WDDM driver

If your computer can’t support these requirements, it is probably time to upgrade that as well.

For assistance with managing your technology and keeping it up-to-date, try WheelHouse IT. Our managed services will ensure that your equipment is optimized and operational as much as it can be.

For more information, call us at (877) 771-2384.

2018 Storm Ready

2018 Storm Ready

Every business should prepare for the worst. Those that don’t may never fully recover from a disaster. But not all disasters are created equal. And not all businesses are at risk for every kind of disaster. At WheelHouse IT, we understand what it means to be storm ready!  With the 2018 Hurricane Season, officially here our team has reviewed and refined our hurricane plans.

The WheelHouse IT team have tested our 60,000 KW generator and the redundancies to our office in Fort Lauderdale. While hurricanes and coastal storms can force a business to be closed for days if not weeks at a time we take our business continuity serious.

 

The preparation from WheelHouse IT includes but is not limited to:

  • The systems used by WheelHouse IT to support your business are strategically hosted in data centers far away from exposed coastal areas in the United States. This ensures that even if our office is closed, our systems are up 24/7/365.
  • WheelHouse IT maintains a support staff in multiple locations including our offices in New York and Los Angeles with remote teams in Iowa and Arkansas, enabling us to continue providing remote support even in an extreme event where our Florida office could be temporarily down. We also work to have hotels booked in several cities outside of the storm impact area where members of our team will be located for the duration of the storm.
  • The entire WheelHouse IT team is equipped with company-issued wireless hotspots enabling them to provide support from wherever they have safely relocated to, in the event that the operations at our Florida office are interrupted.
  • Our Fort Lauderdale office is equipped with a generator to allow our office to run at full capacity even if the power cannot be immediately restored by utility crews following an outage.
  • On a quarterly basis, our team runs an internal business continuity tests to ensure that we are prepared to support your business should a Hurricane impact our Florida office.
  • Our team understands the impact that hurricanes have on our customers. With safety being our top priority, they are committed to returning to work immediately once a hurricane has subsided to respond to any on-sites that may be needed after the storm.
  • Our Fort Lauderdale headquarters is strategically located in a well-protected and resilient environment that can withstand most storms.
  • Even though we have put extensive measures in place and were online hours after Hurricane Irma passed, hurricanes are a major natural disaster with unpredictable damage, there is no way we can guarantee that the Fort Lauderdale office will be 100% online immediately after a storm. WheelHouse IT is, however, well distributed and will be online in non-impacted locations.

Throughout this 2018 Hurricane Season, please keep an eye out for additional emails from our team. These emails will come from [email protected]. We will communicate with you about updates we receive from the National Hurricane Center as well as steps we are taking to protect your business during this Hurricane Season.