Another Data Security Breach As Instagram User Details Are Exposed

There’s been another data security breach. This time it’s the turn of Instagram.

According to a recent post by BullGuard, a vast database containing the contact information of millions of Instagram influencers’ accounts has been found online.

They reported that:

  • The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At least 49 million records were allegedly vulnerable
  • Each data record contained public data from influencer Instagram accounts, bio details, profile picture, number of followers and the influencers’ city and country location
  • The data also contained personal contact information, such as the Instagram account owner’s email address and phone number

Once discovered the data breach was discovered, a security researcher traced it back to Mumbai-based social media marketing firm Chtrbox, which pays influencers to post sponsored content on their accounts.

On top of the information above, the records also showed data that calculated the worth of each account, based on the number of followers, engagement, reach, likes and shares they had.

Once the discovery was made Chtrbox pulled the database offline. Instagram also investigated and said it found that no private emails or phone numbers of Instagram users were accessed.

This is yet another worrying case where a database containing important information was left unprotected on the internet.

Sadly, it’s not the first time, and it won’t be the last. That’s why you must be vigilant at all times with how you share your personal data.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  Source: Bullguard

Keeping Your Children Safe Online

Internet safety is always a big news story. The anonymity of the web has proven to be an issue when it comes to our children safely enjoying the social side of our technological world.

In a recent blog by BullGuard, they look at a specific app called Yolo, which is used as a way for users to anonymously ask questions to Snapchat users.  People who receive the questions can then post them on their Snapchat Stories. This allows followers to see the responses and helps encourage the spread of the app.

They go on to say that: “…the NSPCC warns that such anonymous apps can be easily misused to send abusive messages to others or by those looking to exploit young people.

“It added that these types of apps are becoming increasingly popular among children, yet their very anonymity is a magnet for predators and bullies and those who want to send abusive of upsetting messages.

“The NSPCC is calling on the UK government to establish an independent regulator that will have the powers to make tech companies consider the risks that their services pose for children.

“The Yolo app, which is an acronym for ‘You only live once,’ was developed using Snap Kit, a piece of software provided by Snapchat that enables app developers to integrate their products with the popular social network.”

Children and social media

Last year the NSPCC surveyed 2,059 children and 2,049 parents for a young people’s social media guide.  It asked children and parents about violent, bullying or adult content on social networking sites and games used by children and young people. The research revealed:

  • 1 in 4 young people have been contacted over social media by an adult they didn’t know. A  third of those contacted were children under 13
  • Facebook, YouTube and Grand Theft Auto: San Andrea were the only sites to be ranked high risk for all three of the categories violent, bullying and adult content
  • Twitter and Reddit also ranked highly for inappropriate content
  • The top 15 risky platforms included lesser-known sites, such as Sarahah, Omegle and Yubo
  • Two in three young people know how to perform safety functions, including reporting, blocking users, and changing privacy and location settings.

These alarming stats show that the threats for youngsters on social media are real.

It’s hard for parents to keep up to speed with everything their child does online, the sites they visit and the social platforms they use. Facebook no longer holds an appeal for them. Now they prefer the likes of Instagram and Snapchat.

Internet safety

The use of parental controls is a must to help parents filter what their children are exposed to. If in doubt, get in touch, and we can recommend the right product to keep your family safe online.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.  

Source: BullGuard

Malware – There’s A New One In Town

A powerful malware is spreading through phishing campaigns using a Microsoft Word attachment.

It’s called Smoke Loader, and, according to Bullguard, has several components:

  • It can download browser plug-ins for Firefox, Internet Explorer, Chrome, Opera, QQ Browser browsers and Thunderbird and Outlook email clients
  • These plug-ins steal stored credentials, such as passwords, and also sensitive information transferred over a browser
  • The malware is injected into applications like TeamViewer, an application that allows users to remotely view others desktops

Although it’s been around for some years, it has become increasingly sophisticated.

Its creators have recently added anti-analysis techniques to make forensics difficult. As a result, it’s harder to trace the source of the servers. Plus new runtime AV scanners, tracing, and debugging features to confound researchers who try and find out more about it.

Keep your eyes peeled

The best way to guard against phishing campaigns, other than using good security software, is to be on your guard.

Phishing emails contain some form of bait message, such as an invoice, a parcel for collection or a PDF requiring downloading.

You can protect yourself by:

  • Casting a healthily suspicious eye on an unexpected email promising something
  • Questioning emails from apparently legitimate organisations with which you have had no dealing. Cybercrooks are good at mocking up emails that appear to be legitimate
  • Looking out for spelling or syntax errors; these are often clues that the email is not what it claims to be
  • Never revealing your personal information such as passwords, bank account numbers and card information even if the mail appears to be from your bank. If in doubt call your bank and speak to someone in the fraud department

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: Bullguard

Cyber Attacks – What Happened In 2017 and What’s In Store For Us This Year?



2017 was quite a year for cyber attacks. According to, every month saw dozens of serious cyber attacks affecting the personal information of billions of internet users worldwide.

Shocked? We were too.

We were too.

BullGuard outlined some of the biggest ones in a recent blog post.


The WannaCry ransomware spread through 150 countries affecting more than 300,000 computers including the UK’s National Health Service, FedEx, rail stations, universities, car manufacturers and a national telco.

It spread rapidly because of a worm-like component expedited by a large number of organisations using unpatched XP operating systems.

It was considered among the worst breaches of all time because of the amount of sensitive information that was taken.


Yahoo dropped a bombshell in August 2017 announcing that every one of its three billion accounts was hacked in 2013.

This was three times what was first thought to be the case. According to the former Yahoo CEO Marissa Mayer, the company only found out about the breach in 2016 when it reported that 1 billion accounts were hacked.

The company still doesn’t know who was responsible.

National Security Agency

The National Security Agency (NSA) is responsible for spying on other countries and mass surveillance of its citizens.

As you would expect, it has an arsenal of cyber tools for hacking into foreign banks, infrastructure, government departments, etc. However, a group of hackers called Shadow Brokers leaked a suite of hacking tools widely believed to belong to the NSA, which were then used in some of the year’s most significant global cyber attacks, including Wanna Cry.

How embarrassing!


Back in 2016, hackers stole the data of 57 million Uber customers. The company paid the hackers $100,000 to cover it up. The breach was only made public in November 2017 by the new Uber CEO Dara Khosrowshahi.

It also turns out that Uber was also playing on the other side of the fence too. A former member of Uber’s security team recently revealed details about a secretive unit within Uber dedicated to stealing trade secrets, spying on competitors, using self-destructing messages and dodging government regulators.

What can we expect in 2018?

It doesn’t take a rocket scientist to work out that a prime target of the hackers is going to be the Internet of Things.

Smart devices face the same cybersecurity challenges as your desktop PC, laptop and smartphone. The only difference being that smart devices are attached to real things in the real world.

As BullGuard reports:

“When someone hacks a PC, personal data is at risk. But when someone hacks a robotic manufacturing arm that entire manufacturing line is at risk, if someone hacks a medical monitor a patient is at risk, if some hacks a smart lighting system that smart home is at risk.”

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Tips From the Pros to Help You Find the Right Cybersecurity Product For Your Business

keep data safe


Making sure you find the right Cybersecurity product for your business is essential but with so many companies out there vying for your cash, how can you be sure you pick the right one?

A recent article on includes some top tips from actual buyers of enterprise security products. Here’s a summary of what they said:

  • Do your research by looking at customer recommendations instead of relying on what the vendors say

  • Test the security product in house

  • “Great security companies are concentrating not just on selling, but they’re interested in supporting your enterprise, and providing consulting [and] best security practices” – Damian Finol, security technical program manager at a major internet firm

  • Approach your product search with a firm plan – “identify what your success criteria is and tell that to the vendor. And then bake that into the service contract” – Quentin Taylor, director of information security at Canon EMEA

  • “Bad vendors tend to use scare tactics, while good vendors listen to your needs and try to help secure your business, even if that means offering free advice” – Jonathan Chow, a CISO at an entertainment focused company

  •  “Be wary of vendors that can’t offer any customer references, or that only offer product demos under strict test conditions” – Brian Honan, CEO of BH Consulting

You can see the full article here.

All sound advice.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Is There a Script Kiddie Watching You?



A recent article in Trascendit caught our eye. It was about webcams, or more specifically about people watching you through yours.

It’s not a sophisticated hack, but it’s rather unnerving because they’re not doing it for financial gain; instead, they’re doing it for fun.

The people behind it are known as Script Kiddies (or skiddies). They don’t write any complicated software or code to get into your machine; they rely on you to do the damage for them.
They use a simple phishing scam that’s sent directly to your email that’s made to look like any other email from an organisation. But once you click a link the malicious software installs without you realising.

This type of malware isn’t designed to steal your passwords or card details, (at least, not at first) but to give the sender remote access to your machine. It’s called a Remote Access Tool, or just a RAT – and it’s exactly as unpleasant as it sounds.

Once installed, the Script Kiddie has complete control of your machine. They can flip your screen, open your disk drive, open websites, browse your private documents and pictures and log your keystrokes to steal your information. Or, if they prefer, just turn on your webcam and microphone and start watching.
The scariest part of this hack is that it’s almost impossible to know whether you’re a victim.
There are things you can do to make sure that you don’t end up on one of these sites:

  • Learn how to identify phishing emails
  • Don’t use torrents
  • Install antivirus software, and do a full scan every month or so
  • Get yourself awebcam cover – just in case.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Smart Protection: Security of Things

Internet of Things


It is the age of IoT (the Internet of Things).

More and more IoT devices are being launched, which on the face of it should be a good thing but think again.

The rise of IoT means there are millions of unsecured routers, webcams, IP cameras, baby monitors, etc., out there ready and waiting for a botnet to come along and cause mayhem. This problem will get bigger as smart connected devices become commonplace.

The good news is that security vendors have recognised the need for smart device protection. However, many of these products are reworked versions of existing security suites that are designed to protect computers so not particularly useful.
Effective smart device protection needs a more robust defence. For example, Dojo by BullGuard is a smart home protection technology that features five protective layers, as Forbes magazine said:

[Recently,] personal security company BullGuard announced it had acquired Israel’s Dojo-Labs, [which] has been working on a product that provides security across devices to the Smart and connected home. Some have called this SoT, the Security of Things, the logical next step in the development of IoT; the much better-known Internet of Things.

“In stealth mode since the winter of 2014, the Israeli startup had been early to realise that a smart home will be wide open to hackers because of the proliferation of devices and the huge challenges of ensuring they are secure.”

This security platform uses artificial intelligence and machine learning to provide the most cutting-edge IoT security available today. It’s also incredibly simple to use.

It is hoped that technologies like this will help redress the balance and provide the much-needed protection that smart device users need as the IoT revolution rolls forward.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Have You Installed the Emergency Flash Patch?

emergency flash patch


As a PC user, you rely on Microsoft’s regular patch updates to make sure your system works smoothly and remains secure.

Adobe and Microsoft release Flash Player updates at about the same time to limit the number of vulnerable users, but in February something went wrong.

We’re not sure what because Microsoft is keeping tight-lipped, but for some reason, the software giant cancelled it’s usual Patch Tuesday that month.

As a result, a critical security fix has been released to resolve the problem with Adobe’s Flash Player on:

  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 RE
  • Windows RT 8.1
  • Windows 10
  • Windows Server 2016

According to The Verge:

“The patch requires a restart, and fixes a problem that could lead to remote code execution. It’s a serious issue, so check Windows Update and install the patch immediately.”

Check your patches

Historically it’s been shown that attackers analyse Flash Player updates to find vulnerabilities, which are then used to attack the users who haven’t patched their systems.

That’s why it’s important to double-check whether you have downloaded the patch.

If you haven’t, your whole system is at risk.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Spiceworks

2017 Will See More Advanced Cyber Attacks Says Panda Security

Cyber attacks


Cyber attacks are getting more sophisticated. Hardly a month goes by without another report such as the one that recently hit the NHS.

Companies are being warned to be more and more vigilant as the cyber criminals find new ways of infecting their increasingly connected worlds.

To look at this further and identify the potential weak spots that could be targeted in 2017 and beyond, Panda Security has ranked the most popular attacks of the year and analysed their evolution.


Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalising their operations in a way that allows them to make quick and easy money in an efficient manner.


This Trojan Horse will take centre stage with regard to cybersecurity and will cannibalise other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Of course, paying the ransom does not guarantee the total recovery of stolen data.


The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.


The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Panda Security

Security Advice For New Computer Owners

New PC


Security isn’t always the first thing you think of when you get your first computer.

The excitement of getting it out of the box and working your way through the setup procedure is much more fun.

You can’t wait to get on the internet and besides, all that security stuff is just hype to get you to spend more money, right?


Online security threats are real, and if you don’t take it seriously, you could end up losing your data and watch your beloved computer slowly curl up and die.

Here are our top 10 tips for new computer owners. None of them are complicated, but they’re all important.

  1. Your computer is a sturdy piece of kit, but it’s not indestructible. It does like to be cleaned (see your computer’s guide), and it doesn’t like liquid or food
  2. Even though you write a document on your computer, it doesn’t mean it’s there forever, even if you save it – back everything up
  3. The best policy is not to trust anything that comes from the internet until it’s proven safe
  4. Saving is not automatic. If in doubt save it again
  5. The internet is a public entity. Only post things you’re happy for everyone in the world to know
  6. Don’t attempt any DIY fixes. If in doubt don’t touch your machine and get someone who knows what they’re doing (it will be cheaper in the long run)
  7. If you get a call from “Microsoft” hang up, it’s not them
  8. Get paid antivirus
  9. Set a strong admin password and use a non-admin account for everyday use
  10. Above all, if it sounds too good to be true, it probably is

If you follow those tips as you start to get to know your computer, you won’t go too far wrong.

Above all, take care of it, and it will take care of you.


MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.