Repair Centre Location:

Motherwell | North Lanarkshire

TTG Phone Number:

01698 533212

Customer Service Email:

Category Archive News

The Great Suspender Chrome extension's fall from grace

The Great Suspender Chrome extension’s fall from grace

Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

The Great Suspender is a Chrome extension that will suspend unused tabs and unload its resources to decrease the browser’s memory usage. When a user is ready to use the tab again, they simply had to click it on to make it visible.

This extension was immensely popular with over 2,000,000 users and has consistently been a recommended extension due to its ability to reduce Chrome’s memory usage.

When Google removed it on Thursday, users were left with a message stating that “This extension contains malware,” but not providing any further context on how to recover their suspended tabs or why they removed it.

The Great Suspender Chrome extension's fall from grace

With the abrupt removal of The Great Suspender extension, users who had suspended tabs were upset that they could not access them again.

It is possible to see a list of suspended tabs through Chrome’s built-in History feature and use that list to recover the URL of the suspended web page.

Instructions on how to do this, as well as other methods, can be found on this support page.

The Great Suspender’s fall from grace

In June 2020, the developer of The Great Suspender sold the extension to an unknown entity as he did not have the time to properly maintain the project.

At the time, users were suspicious of the sale was suspicious as to why someone would purchase a free open-source extension that did not generate any revenue for the developer.

As free extensions have been purchased in the past and then monetized with malicious changes, such as injecting ads or stealing information, users were concerned the same would happen with The Great Suspender.

Unfortunately, the user’s concerns were justified when the new maintainer updated the extension in October 2020 to release version 7.1.8, which included scripts that tracked the user’s behaviour and executed code retrieved from a remote server.

This malicious activity led to Microsoft removing the Microsoft Edge Store extension and a new 7.1.9 version to be released without the malicious scripts.

The extension, though, continued to remain in the hands of these unknown developers, who could introduce malicious code at a later date, potentially without users’ noticing.

On Thursday, Google pulled the Chrome Web Store extension as malware but has not provided any reason for doing so. It is not clear if Google discovered additional malicious scripts or reacted to its history and the community’s concerns.

For those who truly want to use The Great Suspender extension, the GitHub project page continues to offer version 7.1.6, which is the final release of the extension when owned by the original developer and does not contain malicious scripts.

To install the extension, you will need to do so through Chrome’s developer mode, which is not recommended as it removes the security benefits offered by Google’s extension review process.

NHS Covid-19 vaccination scam email and what to look out for

NHS Covid-19 vaccination scam email and what to look out for

I will show you an example of an email that was received to a users email and how to spot them fast

Ever email may look different however the principle is still the same for all emails you may think is a scam

This particular email is getting you to book a vaccination slot for a price this one was £3 or £5 depending on the day

the email:

NHS Covid-19 vaccination scam email and what to look out for

First thing not to do is click on any links especially if your on a mobile phone 

Now if you have a look at this email that was sent:

1. the sender’s email is not an official NHS Email (From NHS-UK <>), not all email software will show you the full email some will only show the From Name (From NHS-UK) and you may think that it’s from the NHS if you hover your mouse over the from the email  it will show the full email or right click and copy link then paste it into a text file and you will get the full email that way as well

2. Look out for spelling mistakes and grammar errors  as most of the email scams are done by no native English speaking people now with that in mind it’s now getting harder to spot fake emails with just misspelt words

3. Links within the email now in this email you have an (accept invitation) and a (decline invitation) if you hover your mouse over the links do not click them you will see the Web URL the link is going to this one is ( that has nothing to do with the NHS see image:

Home Page image:

NHS Covid-19 vaccination scam email and what to look out for

Image link from the email:

NHS Covid-19 vaccination scam email and what to look out for

NHS Covid-19 vaccination scam email and what to look out for

NHS Covid-19 vaccination scam email and what to look out for

NHS Covid-19 vaccination scam email and what to look out forNHS Covid-19 vaccination scam email and what to look out for


This is a prime example of a phishing email scam that will trick a lot of people as everyone is wanting life back to some sort of normality just be very careful when you receive an email

Official information about the vacation program:

Wait to be contacted
The NHS will let you know when it’s your turn to have the vaccine. It’s important not to contact the NHS for a vaccination before then.
Letters are being sent out every week – you might not get your letter straight away.

Full information can be found here Link to NHS website:
Coronavirus (COVID-19) vaccine – NHS (

Latest macOS Big Sur also has SUDO root privilege escalation flaw

Latest macOS Big Sur also has SUDO root privilege escalation flaw

A recently discovered heap-based buffer overflow vulnerability in Linux SUDO also impacts the latest version of Apple macOS Big Sur, with no patch available yet.

Last week, The Technology Guys Ltd had reported on CVE-2021-3156 aka Baron Samedit, a flaw in SUDO which lets local users gain root privileges.

Sudo is a Unix program that enables system admins to provide limited root privileges to normal users listed in the sudoers file, while at the same time keeping a log of their activity.

This helps limits the rights of standard users on an operating system by preventing them from executing high-risk commands and programs which may compromise the system’s security.

By exploiting Baron Samedit, standard non-root users on Linux, and now on macOS systems can execute applications with root privileges.

Sudo vulnerability impacts latest macOS version
This week, multiple security researchers have noticed that the sudo privilege escalation vulnerability CVE-2021-3156 also impacts the latest versions of Apple macOS Big Sur.

While the vulnerability was patched in multiple Linux distributions including Ubuntu, Debian, and Fedora, according to Qualys Research Team’s original blog disclosure, a fix is not yet available for macOS.

CVE-2021-3156 also impacts Apple macOS Big Sur (unpatched at present) Source: Twitter

CVE-2021-3156 also impacts Apple macOS Big Sur (unpatched at present)
Source: Twitter

PoC exploits available in the wild

To demonstrate the claim, the researcher Matthew Hickey (Hacker Fantastic), the co-founder of Hacker House coded a simplistic Proof-of-Concept (PoC) exploit of under ten lines that can enable standard macOS users to elevate their privileges to root.

CVE-2021-3156 PoC exploit for macOS

CVE-2021-3156 PoC exploit for macOS
Source: Pastebin

PoC exploits for the Baron Samedit vulnerability have also been published for Ubuntu and other Linux distributions.

IBM AIX Unix distros also remain vulnerable to Baron Samedit.

Hickey told ZDNet the vulnerability remained exploitable even in the most recent macOS version after he had applied Apple’s Monday security updates.

No patch is yet available for macOS users, and it is worth noting, the vulnerability might be possible to trigger on multiple system architectures.

Researchers have confirmed running the exploits successfully across both aarch64 and x86_64 architectures.

Female escort review site data breach affects 470,000 members

Female escort review site data breach affects 470,000 members

An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site’s database. is an adult online vBulletin forum community that allows US and Mexico-based escorts to promote their services, share profile pictures, contact information, and biographies to prospective clients. Clients can then post reviews about their experiences with the particular escort.

The site is very active with over 2.4 million topics, 12.5 million posts, and over 470,000 members.

Vb Users the technology guys ltd member and post stats

Hackers posts stolen vBulletin database

This weekend a threat actor posted a link to a stolen vBulletin forum database for the website.



forum post

Leaked database

This database contains the registration information for over 472,695 members, including their display name, email address, MD5 hashed passwords, optional Skype account names, optional birthday, and IP address.

Leaked database

In a sample shared by cybersecurity intelligence firm Cyble, the most recent data is from September 2018.

The TEchnology Guys Ltd has reached out to some of the users listed in the database to confirm if the information belongs to them and is accurate. Only one member replied, who stated that the data is correct.

The site is currently displaying a vBulletin database error to visitors. It is unknown if the site is disabled due to the database’s posting or if the site was permanently shut down.

database error

The last cached Google search page from the site is from January 21st, 2021.

The site ran vBulletin 3.8.9, which has known vulnerabilities that could allow attackers to breach the site. It is unknown if the forum was hacked using one of these vulnerabilities or if the site left an unsecured backup of the database online.

As the site uses MD5 hashed password, which can easily be cracked, it is strongly advised that members change their passwords at other sites using the same one.

Members of the site can also check if their information is part of the data breach using Cyble’s AmIBreached data breach notification services.

Adult site data breaches can be devastating

Data breaches for adult sites, such as those promoting escort services or dating, can be devastating to members if their information is exposed publicly.

This information can be used by threat actors to perform targeted blackmail or sextortion attacks, such as the attacks that occurred after the 2015 Ashley Madison data breach.

Even worse, there are known cases of data breaches leading to people committing suicide after information about their activities was posted online.

Scam Text Messages With Links

Scam Text Messages With Links

scam text messages with links


2020 saw a rise in scam calls and text being sent our targeting UK citizens with a range of promises of tax refunds from the government for coronavirus relief funds to refunds from Paypal account and everything in between with the only thing in common is they’re all a scam.


Now the concept of digital scams are nothing new in fact they have been around for a very long time due to the covid-19 and lockdowns the scammers have been hard at work knowing that there are desperate people and families out there in need of help and a cash injection to see them by


How to spot a suspicious message or scam:

However, this is a phishing scam designed to steal your PayPal user name and password, which can then be used to rack up spending on your account.

Phishing is an attempt made to steal your personal data by impersonating a genuine or trusted source.

This image is advising that you have a tax refund from the government

Now with this phishing scam there trying to get personal information as possible to later use it to gain access to services and bank accounts within your name

The Golden Rule

We’ll look at how you might identify that this is a scam text in a moment, but let’s first reiterate the golden rule when it comes to emails asking you to take action on your account:

Don’t click the link, just log in as normal.

You should follow this rule whether the email or text is genuine or not.

Reputable companies know that email and text scamming is an issue, so if they want you to take any action on your account, they’ll tell you in your dashboard once you log in. Yes, they might send you a reminder as well and include a link to make it easier to jump straight to the right page, but as scammers are getting better and better, its getting harder telling a real from fake messages.

So don’t take the risk – don’t click the link.

How do we know this text is fake?

Phishing scammers play on the fact that most people lead busy lives. Most people just scan messages that come in, and if it looks OK at first glance, will click the link. Because of this, they don’t always have to look 100% genuine. However, there are usually signs if you take the time to look critically at the message.

1. Phone number.

These scammers clearly know that a foreign phone number will automatically attract the attention of a UK recipient, so they’ve used or spoofed a UK number. However, any name or number can be spoofed, so who the text appears to have come from should never be taken as proof of authenticity.

2. Link Address.

This is where the scammers have been clever in this case. People are starting to be more aware of website addresses that are not exactly right, such as or etc…

At first glance, however, this link appears to be from Paypal’s genuine UK domain of

However, if you look carefully, they aren’t slashes after, they are dots. What this means in web grammar is that the actual domain name here is and the has been created as a subdomain of this domain. Subdomains are always to the left of the main domain, separated by dots. Slashes are always to the right of the main domain (aside from the ones in https://) and indicate different pages or sections of that particular site. If this was a genuine Paypal link it would appear as

3. Security certificate.

A bit sloppy this one, but the link isn’t to a secure site, so uses http:// instead of https://.

Every reputable site that carries your payment details should be using https, and because Google and others are now giving more credibility to sites that carry security certificates regardless of whether they are used for financial transactions or not, pretty much every reputable website should now carry an https prefix. You should be suspicious of any unsolicited link you receive using an http prefix.

Added protection

This attempt at fraud is just one of the many thousands that are bouncing around every day, from simple attempts to steal personal data to attempts to seize and control your vital IT assets for financial gain (or just to be malicious, in some cases).

If your business hasn’t taken serious steps to mitigate the effects of online criminal activity, it’s really important that you do so..

Microsoft Fixes Secure Boot Bug Allowing Windows Rootkit Installation

Microsoft Fixes Secure Boot Bug Allowing Windows Rootkit Installation

Microsoft has fixed a security feature bypass vulnerability in Secure Boot that allows attackers to compromise the operating system’s booting process even when Secure Boot is enabled.

Secure Boot
 blocks untrusted operating systems bootloaders on computers with Unified Extensible Firmware Interface (UEFI) firmware and a Trusted Platform Module (TPM) chip to help prevent 


 from loading during the OS startup process.

Rootkits can be used by threat actors to inject malicious code into a computer’s UEFI firmware, to replace the operating system’s bootloader, to replace parts of the Windows kernel, or camouflage maliciously crafted drivers are
legitimate Windows drivers.

The security feature bypass flaw, tracked as 
CVE-2020-0689, has a publicly
available exploit code that works during most exploitation attempts which require running a specially crafted application.

“An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software,” Microsoft explains.

Affected Windows versions include multiple Windows 10 releases (from v1607 to v1909), Windows 8.1, Windows Server 2012 R2, and Windows Server 2012.

How to install the security update

To block untrusted or known vulnerable third-party bootloaders when Secure Boot is toggled on, Windows devices with UEFI firmware use the Secure Boot Forbidden Signature Database (DBX).

 security update released by Microsoft as part of the  January 2021 Patch Tuesday

 addresses the vulnerability by blocking known vulnerable third-party UEFI modules (bootloaders) to the DBX.

Users have to install this standalone security update in addition to the normal security update to block attacks designed to exploit this Secure Boot vulnerability.

If automatic updates are enabled on the computer, the security update will be installed automatically, without user intervention needed.

However, on systems where updates need to be installed manually, you will be required to first 
download KB4535680 for their
platform from the Microsoft Update Catalog.

Next, you will have to make sure that a specific Servicing Stack Update is installed before deploying the standalone security update (you can find the list 



If you also need to manually install the January 2021 Security Updates, the three updates should be installed in the following order:

  • Servicing Stack Update
  • Standalone Secure Boot Update listed in this CVE
  • January 2021 Security Update

On systems where Windows Defender Credential Guard (Virtual Secure Mode) is also enabled, installing the KB4535680 standalone update will require two additional reboots.

Microsoft also released guidance for applying Secure Boot DBX updates after the disclosure of the  BootHole GRUB bootloader vulnerability

 in July 2020 which also allows for Secure Boot bypass.

The company added at the time that it “plans to push an update to Windows Update to address” the BootHole vulnerability in 2021.

Google Shares More Details About Trailblazing Attacks On Android And Windows Devices

Google shares more details about trailblazing attacks on Android and Windows devices

Google shares more details about trailblazing attacks on Android and Windows devices

Advice from Google once again highlights the importance of keeping all your devices updated

Google has published an extensive report about a sophisticated attack that targeted both 
 and Windows devices.

The report is part of a series of blog posts dubbed “In-the-Wild” that are produced jointly by Google’s zero-day bug-hunting team, Project Zero, together with the Google Threat Analysis Group (TAG).

The investigation found that devices lacking the latest security updates were once again easy prey to hackers.

Complex and well-engineered


first post

 shares extensive details about the attack that Google got wind of in early 2020.

the attacks were carried out using two exploit servers, each of whom used a different exploit chain to compromise potential targets, via what is known as 

watering hole attacks

. While one server targeted Windows users, the other focused on Android. 

The post also reveals that both exploit servers used 

vulnerabilities in Google Chrome

 to compromise the victim’s browser, before deploying an OS-level exploit to gain more control over the device. 

After analyzing the well-engineered and complex exploit chains that used innovative exploitation methods, for months, security researchers at the search engine believe that they are the work of a team of experts. 

Given the nature of the attacks, Google believes the attackers had access to Android zero-day exploits, although they couldn’t find any of the exploit servers. In any case, the researchers report that both Google and Microsoft soon
released patches to fix the vulnerabilities, once knowledge of the attack came to light.

“We hope that by sharing this information publicly, we are continuing to close the knowledge gap between private exploitation (what well-resourced exploitation teams are doing in the real world) and what is publicly known,” conclude the

The top five security threats to watch in 2021

The top five security threats to watch in 2021

Life-saving vaccines may be on the way, but for many of us, 2021 will be a lot like the past 12 months, at least until the latter part of the year. That means remote working in large numbers. It means growing use of online
services and applications to reach socially distancing and locked-down customers. And it means heavy investments in SaaS and IaaS cloud services to streamline processes and enhance business agility as we begin to exit the

On the plus side, there is light at the end of the tunnel, and IT security teams should be better resourced and more capable of supporting the business during this crucial year. But cyber-criminals won’t make life easy. Here’s
what to look out for in 2021.

A long tail of COVID threats

Malicious COVID-themed email activity may have died down from a peak in early 2020 when Barracuda Networks detected a 667% spike. But it is still a threat, comprising scams designed to trick users into handing over money and/or
financial details; phishing attempts to harvest personal info; extortion; BEC and more. COVID-19 will be the gift that keeps on giving for cyber-criminals over the coming year. Localised news events and breaking stories such as the
availability of new vaccines will continue to be hijacked and used in malicious email campaigns.

For IT security leaders, layered email security including AI-powered tools and behavioural analytics to spot sophisticated threats will become increasingly important. As will cloud-based deployment to protect the remote workers
targeted by these threats. Enhanced phishing training will also go a long way.

Humans continue to make mistakes

The success of phishing attacks ultimately rests on whether the end-user decides to click or not. But human error can expose organisations to cyber risk in more ways than that. In 2021, we can expect to see many more cases of
misconfiguration, especially in the public cloud, where investments will grow the global market by a predicted 35%. The sheer complexity of multiple hybrid cloud environments running side-by-side will outpace the in-house skills
needed to adequately secure and manage them. Exposed storage buckets and credentials are particularly dangerous, as cyber-criminals get better at scanning for potentially unlocked doors.

Organisations will need smarter tools to automatically scan cloud environments for such mistakes and seamlessly remediate any instances of policy non-compliance.

APIs represent a new attack vector

The application programming interface (API) has been with us for years. But the digital-first businesses of 2021 will increasingly come to rely on APIs to connect to third-party services and enhance application-centric customer
experiences. The challenge is that this will further increase the corporate attack surface and provide cyber-criminals with a potentially useful vector to access customer data and back-end services.

As APIs are intrinsically insecure, organisations will need to do a better job of layering up security via next-gen web app firewalls (WAFs).

Cloud apps under attack

As mentioned, cloud-based applications have become increasingly important to businesses during the COVID-19 crisis. Adoption of SaaS collaboration tools rocketed in 2020, while many organisations—from restaurants to banks—also
developed their own apps to reach customers more effectively. This digital push will continue apace in 2021, especially if vaccine roll-outs drag and/or social distancing continues. The problem is that many apps are being delivered
with coding errors that could leave organisations exposed to simple but devastating attacks, like cross-site scripting and SQL injection.

According to one report, 23% of exploits are published within a week after a patch is released and 50% are published within a month. IT security teams must therefore continuously scan their systems for vulnerabilities and act
quickly to patch where a fix is available. More holistically, they should also look to WAFs to protect their applications.

Ransomware targets the mid-market

Ransomware attacks on big-name brands tend to grab the headlines. But according to one recent report, the majority of threats target smaller organisations. In fact, in Q3 2020, organisations with up to 100 employees accounted for
32% of attacks, and those with up to 1000 workers accounted for 73%. The trend will continue into 2021 as attackers go after the low-hanging fruit. If your business is singled out as rich enough, they may use multi-stage targeted
attacks more reminiscent of APT groups than ransomware.

It goes without saying that prevention should be the focus here, especially as many ransomware groups now exfiltrate data alongside malware deployment. That means deploying cyber-defences across email, network and application
layers. But don’t forget the basics either: easy-to-use cloud back-up tools are crucial to enabling a swift recovery from any incident. Look out for offerings with unlimited storage and retention.

In many ways, the threats targeting organisations over the coming year will look pretty familiar to IT security leaders. That should be of some comfort. However, with so much at stake, there’s no room for complacency as we all
look forward to a more prosperous 2021.

The Growing Problem Of Insider Cybersecurity Threats – And How To Stop Them

The Growing Problem Of Insider Cybersecurity Threats – And How To Stop Them

Cybersecurity continues to be of deep concern to global CEOs. In fact, it was ranked as the fourth-biggest threat to company growth in 2020 – rising a spot from the previous year – according to PwC’s 23rd Annual Global CEO Survey released recently. There is a reason for all this worry.

According to the Identity Theft Resource Center, the number of U.S. data breaches tracked in 2019 increased 17 per cent from 2018, with 1,473 data breaches exposing more than 164 million sensitive records. Even more alarming, the issue
of data, breaches appear to be getting worse.

Consider this:

From January 2019 through June 2020, at least 16 billion sensitive records have been exposed globally. These records include credit card numbers, home addresses, and phone numbers. That’s not all. The first quarter of 2020 has been one of the worst in data breach history, with more than eight billion records exposed globally, according to the Risk-Based Security 2020 Q1 Data Breach QuickView Report.

Overlooking What’s Right in Front of Us

Certainly, these attacks can cause massive damage to any business, which is why so many CEOs worry about them and spend great sums of time and money to try to prevent them. Unfortunately, all of this focus on external attacks has caused
us to overlook – and prevent – potential insider threats created by employees, contractors, and other trusted associates who have easy access to your network.

According to the Ponemon Institute’s Cost of a Data Breach Study, along with hackers, malicious insiders are the leading cause of data breaches. What’s more, incidents caused by insiders tend to have larger costs than other breaches.

The study reported that, over the last two years, the number of insider incidents has increased by 47%. While that is shocking, this is even more so: A staggering 60% of organizations suffered more than 30 incidents per year.

Here’s even more bad news: Over the same period, the cost of insider threats has increased by 31%, with the average insider incident now costing organizations $11.45 million.

Are You Next?

Don’t believe these types of insider incidents can happen? Last year, Canadian banking group Desjardins suffered a data breach that affected some 2.7 million people and around 173,000 companies. The stolen information included names,
addresses, dates of birth, social insurance numbers, email addresses, and information on customers’ transaction habits. The source of the breach? An employee with “ill-intention,” according to Desjardin.

While malicious insider activity can be devastating, it is still not the norm. According to the Ponemon Institute study, two out of three insider threat incidents are caused by employee and contractor negligence. In other words, when an
employee or contractor plugs what appears to be a harmless USB flash drive or smartphone into an open port, it can be the triggering event for an insider threat incident.

Insider threats aren’t going away anytime soon. In fact, they are getting worse. According to the Cybersecurity Insiders 2020 Insider Threat Report, 70% of organizations are reportedly seeing more frequent insider attacks.

More Needs to Be Done

So why aren’t we doing more to stop insider threats? Maybe it’s because the solution seems so daunting that no one knows where to begin. If that describes you and your organization, let us suggest the first, easiest, and least-costliest
step is to lock all of you open computer and network ports. If employees, contractors, and others cannot access your network through open ports, then a large part of your problem is solved. So, you might be thinking that anyone can simply unplug a port connection that is in use and plugin there. Yes, they can, which is why you need to lock your active connections, too.

While USB port locks, network module locks, LAN cable locks, and secure USB hubs for your attached USB devices aren’t foolproof – if someone wants to access your ports badly enough, they’ll find a way – they serve as an effective deterrent to both the malicious and unintentional threat. The malicious threat would certainly be noticed trying to destroy and bypass a port lock, while the unintentional threat would be thwarted entirely simply by not being granted
access to your ports.

If the cost of locking all your ports seems more than you can bite off, first consider that port locks cost as little as £4, and then consider that the average cost of an insider incident is now £11.45 million and rising.

On which side of this financial equation do you want to be?