Monthly Archives : April 2016

Storage and Backup Products that Save the Day

Nasuni Cloud Storage – Leveraging the cloud as a primary storage component, Nasumi Cloud NAS combines local storage controllers and cloud storage to provide global access to data with local performance. The only file system of its kind that can scale from hundreds to hundreds of billions of objects without any degradation of performance. If your company is having trouble taking on highly data-intensive projects because of limited storage capacity that is costly to upgrade, NAS is the right solution.pic

DataCore’s SANsymphony-V – This software-defined storage option maximizes IT infrastructure performance by virtualizing storage hardware in a universally compatible format. The SANsymphony-V software runs on standard x86 servers, providing one set of common storage services across all storage devices even allowing communication between unlike storage devices. Customers and IT techs rave about the increase in performance and especially the 75% reduction in storage costs. “[It] meets our replication needs — replicates all critical data between two data centers. Also provides rich SAN capability.”says David Blaisdell, assistant IT director at the New London, NH, college.

Intermedia SecuriSync – Backup and File sharing with Intermedia SecuriSync is made easier by providing real-time backup and point-in-time restore for PCs and Macs. When data is the core of your business, you need to be able to retrieve and analyze data without delay. SecuriSync provides both consolidated file management and continuous backup of documents, while securing access to sensitive data. Going beyond read-only access, employees can edit documents from mobile devices without having to worry about version control. Real time backups give users the comfort of being able to easily restore corrupted files.

CloudBerry Managed Backup – This flexible and cost effective solution allows the user to choose the storage providers as well as provides remote management capabilities. For small to mid-sized businesses this is the perfect option. Cloudberry provides all of the benefits of cloud based storage, scalability, reliability and security but at a size attainable for small businesses. Backups are made both easier and less costly.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: Go-to storage and disaster recovery products

 

ATM’s – The Next Target For Hackers

Use of outdated operating systems like Windows XP and lack of security means it’s still possible to crack ATM security, warn researchers.

As one of the millions of people who frequent their banks ATM at least once a week, the last thing on my mind is usually the security of the operating system. But when you think about the foundation of the machine taking your card and spitting back cash, you’ll realize this machine is just a PC running on old software. Easily susceptible to malware. Not comforting.

There was a 15 percent jump in ATM fraud activity between 2014 and 2015 and researchers believe statistics will only increase. Within this time cyber criminals were able to get their hands on more than $150 million. Researchers credit security vulnerabilities to the use of outdated platforms that no longer receive patches and fixes such as Windows XP.

“If we think of a modern ATM as a MS Windows PC with a money box attached to it that’s controlled through software, it is easy to see how it becomes an attractive target for any malware writer,” Sancho and Huq said.

Trend Micro and Europol’s European Cybercrime Center (EC3) discovered two main malware threats that either provide hackers with the card details of the user, or give the hacker privileges to dispensed cash. Most worrisome is the lack of extreme measures hackers have to employ in order to infect ATMS. Simply put all hackers have to do is install malware onto the machines via a USB or the CD- drive.

At the moment, malware ATM fraud has only been reported in international cases, Eastern Europe and South America. Despite little activity in the United States, authorities are aware of increasing malware ATM concerns and are monitoring cyber criminal forums for activity.1447059385670243


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: A Windows PC with a money box attached: Why hacking ATMs is big business for criminals

Ransomware Attacked My Mom’s Computer

04CYBERWALL-facebookJumbo
How My Mom Got Hacked, a real life story about Brooklyn artist who receives a panicked phone call from her mom one day complaining her personal computer has been taken over by some sort of strange encryption. The story unravels the journey Alina Simone and her mom Inna endure in order to restore the files back from the hackers. After the initial shock of the situation sets in the two research their options and realize, as many do, that there is little to no answer as to how to get the files back without paying the hefty $500 ransom fee.

“I thought it was a typical mom rant about hr hardware crashing and having to pay the repair people $500 because her computer crashed.” Like many of us do when our parents call us after a long days work, Alina didnt take her mom seriously. Seeing as it was Thanksgiving weekend, a major snowstorm had just hit, and the ransom deadline was already decreasing to less than a 24 hour bracket, Alina and her mother were frantic. Her mother didn’t make the deadline, and according the the hackers the ransom would double due to this. Inna pleaded with the hackers and they let her off with $500 ransom and all her files. Luckily.

Others, such as the case of the Hollywood Presbyterian Medical Center that was hacked in early February and had to pay a whooping 40 bitcoin, $17,000 ransom, in order to get their system back on track.

“The value of my personal files and pictures caps off somewhere. But [if] I encrypt the back-end of your corporate system and prevent you from processing payments, that has a tremendous value. And if the hacker can recognize the value of what he has, the ransom can be more dynamically set based on the content of the data.”explains Grayson Milbourne, Security Intelligence Director for Internet security firm Webroot.

From personal to corporate, ransomware is most certainly an eye opening experience to security vulnerabilities.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: The Growing Threat of Ransomware

VPN, you need one

tunnelA Virtual Private Network, or VPN, is used to connect a private network, such as a company’s internal network, using public wires. In other words you can use an other IP other than your own to appear you are something other than where you actually are. Pretty nifty.

The use of VPNs started as a way for work at home users to access their workplace network just like if they were working in the office. Benefits reach farther now than just work from home capabilities. It is difficult for advanced malware to self install through open ports because the computer will always appear to be another system someplace else. This other machine is often a server that is more heavily protected and harder to attack. Not a sure fire way to avoid attack, but most certainly a viable preventative option.

This presents an extra method of protection, basically playing a little hid and go seek with potential malware. Increased mobile internet usage will eventual open a new vulnerability for hackers to infiltrate, and VPNs could be the eventual answer to avoiding attacks on mobile devices as well. Need for mobile phone VPNs could be the next big thing for data protection.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: You Need a VPN, or You’re Screwed

Who’s in Charge of Your Cybersecurity?

 

The first step in successful cyber-security is getting every employee on board. It is pretty obvious that some hardware goes into creating a security shield around important data. As an Information Technology company ourselves, we already know the value Firewall, and anti virus software have on making your network more secure. However, in order to adopt a more proactive protection policy, the groundwork needs to be laid, starting with company culture and communication. It is increasingly important to enforce awareness and education in order to save a lot of headache later down the line.

The CEO of the company needs to take interest in cyber-security before any of the employees can get on board. Simple risk analysis is a great start. Buying products online is not sufficient. A knowledgeable IT professional should be on hand. You need someone who is going to leverage the right equipment as well as set security measures that fit your establishment.

“The cyber threat cannot be solved by buying products” says Tim Holman, president of the Information Systems Security Association in the UK. Holman has the right idea, if your company is not equipped with the right skills to manage these products they are basically junk. It is important to attack cyber-security the way a hacker does. Common sense leads us to find that reducing the amount of sensitive data stored will always be a great measure. Restricting access to information and getting cyber liability cover is another way to lessen the probability of attack.

As information continues to flow in and out of your business remember that with any exchange over the internet comes a great deal of risk. Ensure your company professionals understand how to practice good security efforts. Never open an attachment that is unfamiliar, back up data in two separate places, and utilize solid Firewall and anti-virus software. Keep all platforms up to date with the latest patches and security fixes. Top to bottom, cyber-security is the responsibility of all.bva_withninja_teal-centered

 


 

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: The CISO, the CIO, the CEO, or you: Who is really responsible for cybersecurity?

The Rumors are True, Ubuntu Coming to Windows 10

 

Windows 10 Ubuntu

“The Bash shell is coming to Windows. Yes, the real Bash is coming to Windows” said Microsoft’s Kevin Gallo at the Build 2016 keynote.

The partnering of Canonical and Microsoft have made way for Ubuntu users to run Ubuntu simultaneously with Windows, not as a virtual machine, but as an integrated part of Windows 10. Speculation leads us to believe that Ubuntu will run on top of Windows 10’s Linux subsystems in a new Windows 10 Redstone build. Rather than integrate Linux into Windows, Ubuntu will run on the foundation of native Windows libraries.

With this new addition, Ubuntu users will be able to run Ubuntu simultaneously with Windows.”This is not a VM. This is not cross-compiled tools. This is native,” Gallo said. “We’ve partnered with Canonical to offer this great experience, which you’ll be able to download right from the Windows Store.”  

Although Ubuntu has not taken the container approach, Canonical and Microsoft have joined forces to bring containers to Windows. Using LXD, an open-source hypervisor designed for use with containers rather than virtual machines. You can look for the finished product in Azure, but most likely not Windows 10. In addition to this, the focus will not be on the Ubuntu Unity Interface but instead with CLI tools such as Bash and make, gawk, and grep.

The collaboration of companies stems from the shared user demographic. Both Ubuntu and Windows 10 main audience of users are developers. It is suspected that as the two companies continue to work together, more tools will appear that benefit the needs of programmers. For instance, as ZD.net anticipates, Ubuntu and Azure cloud effortlessly working together.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Microsoft and Canonical partner to bring Ubuntu to Windows 10

 

 

Windows 10 just gets better and better!

 

 

In light of the Windows 10 Anniversary update coming this summer, Microsoft is vamping up some of their already offered features. Cortana becomes a stronger force, Windows Hello is improved and gaming capabilities are increased.

The new update provides a more powerful Cortana. Cortana will appear more throughout the system, in the lock screen and with Skype as a bot conversation. She is gaining momentum as a suggestion advocate, providing cuisine ideas and even following commands. Although barely touched on at the Microsoft conference, one of the new features associated with Cortana is the ability to system control. Microsoft gives viewers a reason to believe Cortana will soon be able to recognize phrases such as “Cortana, turn off Wifi.” or “Shut down PC.” In o92a2806addition, Cortana will tap into third party apps more often. She already is able to access Yelp and TripAdvisor for information, but now she will have access to 1,000 apps that integrate with Cortana. The Microsoft app store section, “Better with Cortana” provides plenty of options to make Cortana more proactive for the average user.

Windows Hello will increase as a feature, with the ability to log into websites on the Microsoft Edge Web browser along with third party apps. As you may already be familiar with Windows Hello works with Windows 10 to allow users to log into their machine via face recognition, iris recognition, and fingerprints. The new update allows web developer the option to integrate this feature into their site using JavaScript APIs. Windows Hello verifies your identity and Microsoft Passport gets to work ensuring the public-key encryption can access resources.

Exciting for gamers, Microsoft is enhancing a few of the top features such as allowing support for multiple GPUs and the ability to turn off VSync and enable GSync and FreeSync instead. Game developers will be able to use the new Desktop App Converter to put out Universal Windows App versions of their work. The biggest announcement for gamers is Dev Mode for Xbox One. Developers can easily use Xbox One as a development kit and create more games.

 

 


 

If you would like to educate yourself in more detail about material presented in this blog post please visit: 4 Big Updates Coming to Windows 10 this Summer

 

The Newest Security Trend – Rewarding Hackers

hacker-malware

There is always that one superhero willing to play nice with the villain. In the world of tech hackers, HackerOne is that superhero. HackerOne acknowledges that modern security is hacker-powered. They have created a platform for vulnerability coordination and bug bounty. In other words, HackerOne works with hackers to find security holes in your company, because to be honest, who better to trust than the villain himself!

HackerOne facilitates communication between hackers and companies. If a hacker does find a bug, HackerOne works as the middleman ensuring the company pays the hacker for the discovery, charging 20 percent commission of the hacker’s pay out. Companies such as Uber, Dropbox, Square, Snapchat, Airbnb, Vimeo, have all joined the HackerOne movement.

Bugcrowd works similar to HackerOne, bringing together good hackers with companies looking to verify their security systems. In comparison to HackerOne, which rewards hackers with a payout decided by the company in question, Bugcrowd works on a subscription basis. Charging a service fee or a project-based charge, Bugcrowd provides market rate suggestions for rewards and manages all payouts for their companies. Their companies consist of AT&T, Dropbox, Facebook, Etsy, Paypal, Twitter, just to name a few. As you might notice, some of the companies listed are clients of both HackerOne and Bugcrowd.

Google, of course, has a public bug bounty program of their own, that offers up to $100,000 for hackers who find vulnerabilities in its Chrome software. Although the reward amount depends on the size of the bug, the rewards are substantial enough to keep hacker interest, ranging from a few hundred dollars to several thousands.

Opening a bug bounty program to the public, puts forth the message that the company values the security of its systems and lessens the likelihood of malicious activity. Despite strong efforts to keep systems secure, no one bulletproof organization exists. In the fight against hackers, a little incentive goes a long way toward a more secure system.

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Meet the Middlemen Who Connect Hackers for Hire With Corporate America

U.S. unlocks iPhone in San Bernardino Case, without Apple’s Help

applefbiAccording to the New York Times, law enforcement has figured out a way to sidestep the encryption on the iPhone in the San Bernardino case, and they did it without the help of Apple. The U.S. Department of Justice has since dropped legal action against Apple as they no longer need their assistance. The government pushed relentlessly for Apple to help unlock the phone. They even went as far as to say that an Apple created encryption key was the only method for gathering the stored data on the smartphone. We now know this to not be the case.

Apple’s main concern with complying to the government’s cry for help came from an understandable viewpoint. Apple CEO, Tim Cook, said creating a backdoor for this specific case would lead to a slippery slope for future cases with encryption components.

As it turns out Apple is off the hook for the time being, thanks to Cellebrite, an Israeli security firm. This firm provides mobile forensic services and assisted the FBI in unlocking the smartphone.

Withdrawing from prosecution leaves many questions open ended for future encryption cases. Something tells me this won’t be the last time Apple and other private companies will be faced with a difficult decision to make. Should such companies be forced to aid in encryption breaking for law enforcement purposes, or only special cases? What guidelines should be made?

If you would like to educate yourself further about the information presented in this blog post please visit:

http://www.pcmag.com/news/343264/u-s-unlocks-iphone-ends-legal-action-against-apple