Monthly Archives : August 2016

Latest Windows 10 Update Breaks PowerShell

powershell

The latest Microsoft cumulative patch for the Anniversary update had unexpected consequences for PowerShell, the command line shell and scripting language. Notes accompanying the release suggest that this was not unexpected for Microsoft, as the company appears to have known of the implications for PowerShell features when pushing the update. The Windows 10 upgrade has brought a few issues to users, such as frozen screens and broken USB-connected webcams. These two issues have not yet been solved in the KB3176934 (OS Build 14393.82) –for Windows 10 version 1607, also known as the Anniversary Update. However this PowerShell break proves to be the most relevant and recent issues to emerge.

Microsoft explains that the update breaks PowerShell due to a missing MOF file in the build package, and therefore breaks PowerShell Desired State Configuration, a feature used by IT admins to manage enterprise environments.

“All DSC operations will result in an ‘Invalid Property’ error,” Microsoft said. “In addition, due to a missing binary in the build package the update breaks PowerShell implicit remoting. Implicit remoting is a PowerShell feature where PowerShell commands work on a remote session instead of locally. Specifically, importing a remote session no longer works.”  www.zdnet.com 

Microsoft open sourced PowerShell and brought it to Mac OS and Linux distributions just a week ago.

Microsoft expects the PowerShell issues to be resolved with the next update release, today August 30th.


 

 

If you would like to educate yourself in more detail about the material presented in this blog post please visit : www.zdnet.com 

Pegasus Spyware Detected – Upgrade to iOS 9.3.5 ASAP

Pegasus2Pegasus

Malware that spies on user phone calls and text messages, has been alleviated thanks to the latest iOS mobile operating system upgrade, and the wise proceedings of a human rights activist. Canadian cyber security research group, Citizen Lab, published a report that a human rights activist, Ahmed Mansoor, received a text message with a malicious malware link attached. Thankfully Mansoor was not tempted to click on the link.

Rather he passed the link to Citizen Lab where researchers identified the correlation between the link and the NSO Group, an Israeli company notorious for selling a government-exclusive spyware product, Pegasus, that is described as a “lawful intercept”. Most have dubbed this the most sophisticated spyware software detected and Apple, Android and Blackberry smartphone users are the target. The main difference between this malware and others is Pegasus’s ability to infect the powerhouse of the operating system, the kernel of the phone. This allows the software to intercept any conversation before encryption ever takes place, so encrypting such apps proves pointless against Pegasus. The link would have been capable of jail breaking the iPhone and installing surveillance software used to access the camera and microphone. Mansoor’s WhatsApp and Viber calls would have been especially vulnerable in addition to his GPS location services.

Citizen Lab wrote in its report that “[w]e are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign.”

Last Thursday Apple released the latest version of iOS 9.3.5, which I highly advise upgrading to if you have not already done so. The update improves how iOS devices access memory and adds a patch that prevents visits to maliciously crafted websites from remotely executing arbitrary code.

Phew.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com 

Security Alert – Hide your IP Address

ipaddress

IP address is the identifier that allows information to be sent between devices on a network. It contains location information and makes devices accessible for communication. IP addresses are mathematically assigned by the Internet Assigned Names Authority (bet you didn’t know that!). This might be fine and dandy news for the non-technical, but odds are you still have no idea why hiding your IP address is advised. Since your IP has location information, it can be used to discern your physical location. The accuracy of determining your location via IP address information is actually extremely accurate. Another reason to hide your IP is the increase in cyberattacks as of late. IP addresses can often be used to target attacks.

You can also hide your IP with the goal of watching blocked content in your region.

Changing your IP can be done, but this is a more detailed process. Hiding it is a much easier option.

A Virtual Private Network creates an encrypted tunnel between your device and the service’s server rather than connecting to a website directly, adding a layer of protection. The VPN allows you to connect to the internet as normal and retrieve the information but through the tunnel created. This ensures that your web traffic cannot be intercepted, and furthermore anyone looking at the IP will only see the IP address of the VPN.

What you can also do is use a series of computers that are distributed across the globe. Rather than a request made between two points, your computer will send out layered requests that are each encrypted. You will be relayed from Tor node to Tor node before exiting the network and reaching the desired destination. Each node only knows the previous jump and the last jump. This method of Tor will make your movements much harder to track, making you much less susceptible to attack. In order to complete this method, download the Tor Browser, or talk to your IT professionals.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

A Steal of a Deal- Latitude 13 7000 Series 2-in-1

 

latitude

 

At $599, this 2-in-1 combines a laptop and tablet in perfect harmony. Whether it be business needs, student work, or basic computing, a 2-in-1 is the ultimate solution. Be free to switch between typing on a keyboard, and writing with a tablet, without the need for multiple devices. Superior performance makes way for easy to navigate user-friendly features. And it’s a Dell, which means a 3 year hardware service warranty and onsite service with remote diagnostics.

The Latitude comes fully loaded with 4 GB of memory and a 128 GB Mobility solid state drive, sure to handle any and all computing needs with superior performance. The battery life isn’t too shabby either, with 10.5 of promised battery life to get you through your work or school day without having to travel with the charger. If you opt for a 2-in-1 device, most likely you are an avid multitasker with an eye for streamline technology. The Latitude is equipped with a powerful Intel Core M processor with the multitasker in mind. The 13.3 inch HD touchscreen display implements the 10 point  touch technology for pinpoint accuracy.

latitude 3

This is not the average 2-in-1 device. No need to feel like you are working on half a machine, with the capabilities of a tablet but the lacking of laptop power. The Latitude is built with laptop standards in mind, so the ease of switching between tablet and laptop doesn’t feel like a compromise for efficiency.

Encryption protects you data across all endpoints, including external media and in public cloud storage, and if you have been keeping up with basically any tech news these days, this is huge. Advanced malware attacks are prevented with Dell Data Protection security tools.

Make sure to add the Dell Active Stylus to optimize the Latitude’s versatility.

latitude2

 

$599 is a pretty good deal for all the benefits of a tablet and a laptop rolled into one vamped up device!

 

 

 

 

 

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.dell.com 

Google Fiber seeks to test Super Fast Wireless

google-fiber

In 12 major cities, Google is planning to rely on wireless technology rather than fiber-optic cables, and requesting permission to test wireless in 24 U.S. cities. Google parent company, Alphabet, has also suspended Google Fiber gigabit speed projects in San Jose, California and Portland.

As of right now, Google Fiber has reached six metro areas, the first of which being Kansas City in 2012. This process has cost hundreds of millions of dollars, largely due to the digging up and putting back together of streets and private residences. Google Fiber has not released how many customers they have in Kansas City or any of the other six metro areas. The Google Fiber blog however continues to promote the service, with three new business internet plans, including the $250 a month for 1 Gbps upload and download speeds with no data caps. Those eligible for the three plans include small businesses in Charlotte, North Carolina, Provo Utah, Austin Texas, and Nashville Tennessee.

The prediction that Google Fiber will move to a wireless reliance rather than the fiber-optic cable, is no surprise to analysts comparing industry ISPs. ISPs have plans in place already to deploy smaller cellular equipment for shorter distances to connect homes and small business to the closest high-speed fiber-optic cable. The wireless link could be a short distance away however, perhaps less than 100 feet away from the building or street in question. Also on the market already are small outdoor devices that are “small cell” and called “picocells”, as small as a shoebox, and easily hung from a light post or pole.

AT&T Gigapower is reportedly superseding  Google Fiber in citywide fast internet fiber rollouts. Google reliance on wireless however, could significantly influence this report, matching At&T. The speed of deployment with wireless will certainly allow Google to move more easily into more cities, keeping Google Fiber competitive.

Gartner analyst, Bill Menezes, thinks that wireless with have a boatload of advantages for Google, including the speed at which it can be installed, because of the elimination of having to drop a cable line on premise. This most certainly makes sense, as the service provider can ship to the customer directly, the premise receiver and self installation software, cutting the need for on-site installation. Menezes relays that it will be crucial that Google test the effectiveness and speed of wireless technology. Reliance on wireless technology at a higher frequency will transit over a short distance and have poor in-building penetration, possibly leading to more outdoor antennas such as the shoe box sized picocells.

This past April Google began testing wireless connections in their first Google Fiber location, Kansas City, testing the 3.5 GHz spectrum. This test is believed to last 18 months.

Always keeping things interesting.

Fiber


 

To find the original post, and educate yourself in more detail about the information presented in this blog post please visit : www.networkworld.com 

Cerber Ransomware – Business Model for Extortion

cerber ransomware

Cerber ransomware earned close to $200,000 in July alone, despite a payment rate of 0.3 percent (not even 1 percent!), due to its affiliate distribution model, according to Check Point Software technologies Ltd.and IntSights Cyber Intelligence.

If this rate were to continue, without increasing, that would mean a $2.3 million payout over the course of the year, said Maya Horowitz, group manager of threat intelligence at Check Point.

An affiliate model means that non-technical customers can run their own campaigns using the platform and still walk away with 60 percent of the profit. Customers receive access to management rools, Cerber’s Bitcoin laundering system, and of course, the Cerber ransomware. Horowitz reports that each day an average of eight new cerber ransomware campaigns are launched, adding to the over 150 affiliates.

Another “brand name” ransomware commonly seen today is Locky. Locky differs greatly from Cerber in that Locky is run by one solo team of threat artists, with all proceeds directly going to this team as they do not share their malware with any other parties. Cerber is acting as a business model, taking ransomware to a new level and allowing anyone to join in on the cyber crime cash cow. Not only does Cerber allow user to gain a 60 percent cut, but they also offer a 5 percent referral bonus for member that recruit. This is most certainly the future of malware, with more services to follow this model.

This is one of the first times that security researchers have been able to follow the trail. By extracting the unique Bitcoin wallet identifiers assigned to each victim, Check Point was able to follow the money trail to the central wallet, then to a network of other wallets that are apart of the Bitcoin mixing service, and then to the final destinations. Hundreds of thousands of wallets were followed, which allowed Check Point to actually see the payment rate of people who paid the Bitcoin ransom.

Surprising to most, the number was a very small 0.3 percent. In comparison to other ransomware reports, this percent is much lower. However, this number has been able to foster a hefty income.

 


 

To view the origin of this post, and to educate yourself in more detail, please visit : www.csoonline.com 

Monthly patch rollups for Windows 7, 8.1 start October 2016

microsoft-patch

Monthly patch rollups for the Windows 7, 8.1, Windows Server 2008 R2, Windows Server 2012 and Server 2012 R2 operating systems will commence in October 2016. Microsoft will also move the same monthly rollup model for the .NET Framework in October as well.

A rollup is multiple patches, “rolled up” into a single update, replacing individual patches for operating systems. Previous individual patches allowed users and administrators to select the patches they wished to apply, but Microsoft officials say this has led to fragmentation, with different PCs having different sets of updates installed.

“The new rollup model gives you fewer updates to manage, greater predictability, and higher quality updates. The outcome increases Windows operating system reliability, by eliminating update fragmentation and providing more proactive patches for known issues. Getting and staying current will also be easier with only one rollup update required. Rollups enable you to bring your systems up to date with fewer updates, and will minimize administrative overhead to install a large number of updates.” –  Microsoft said in a statement

Security and reliability patches will be included in the rollups, yet Servicing Stack and Adobe Flash updates will not. Windows Update, Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM) and the Microsoft Update Catalog will have the monthly updates published.

Microsoft’s goal is for the monthly rollups to be fully cumulative, happening as the team adds patches previously released, so users can install the latest single rollup and be up to date.

Windows will release a single Security-only update, including new security patches for each month with individual patches no longer available. The Security update will not be available on Windows Update, but will be available from WSUS, SCCM, and the Microsoft Update Catalog.

 

 

 


 

If you would like to educate yourself in more detail about the information presented int his blog post, please visit : www.zdnet.com

Protect your HR department against Cyber Attack

Human resources management concept business man selecting virtual interface

Human Resources is often the target of malicious attacks via hackers and fraudulent email, simply because of the wealth of information available in your HR department. Employee names, birth dates, Social Security numbers, W2 forms and addresses will snag a high price tag on the dark net. The most common means for obtaining this information is phishing emails that appear to be from a trusted employee or head executive asking for sensitive company data, financial records, or access to employee information. In most cases the employee on the receiving end of the email cannot recognize that the email is fraudulent, and will pass on the information without hesitation. HR departments from numerous organizations have reported W-2 tax form whaling scams. After receiving a spoof letter from a company executive requesting employee information, Seagate Technology said employees handed over thousands of current and past employee W-2 forms. Snapchat has reported a similar story, stating that a scammer posed as CEO Evan Speigel and asked for payroll data and an employee in the payroll department complied thinking the request was legitimate.

The hackers are not going to stop asking for your information so you might as well protect your company from vulnerabilities. This means educating employees, storing data in the cloud, encrypting such data in the cloud storage, and bringing in Identity Management Software. As always I recommend a highly capable IT department as well.

Train your employees about the elements and characteristics of company emails. Teach them to pay attention to the person requesting the information as well as the information in question. Let them get used to asking “Why?” before pressing send. For example, the head of the financial department has access to all financial data and probably does not need to email employees in the financial department for additional access. This may sound like pure common sense, but it never hurt to reiterate the importance. Let employees see what a fraudulent phishing email lots like. Cybersecurity training company KnowBe4, has taken a hands on approach to teaching employees to recognize phishing emails. Sending over 300,000 fraudulent emails to employees at 300 client companies over the course of the year, using the example emails to educate staff on key elements to spot an attack email. According to KnowBe4 founder and CEo Stu Sjouwerman, before the training 16 percent of employees clicked on links in the simualted phishing emails, after a year of education only 1 percent of employees clicked on the links.

Regardless of how much training you provide for your employees, all it takes to create chaos is one simple mistake.

A viable way to double the protection in this case would be to encrypt data and store it in the cloud, rather than in document folders on the desktop or laptop. If an employee were to accidentally release information to a non-credible source, the hacker would be lead to a link they could not open because additional information needed to open the link would not be in the hands of the hacker.

San Francisco identity management company, OneLogin, has banned the use of files in their office entirely. CEO Thomas Pedersen gives us his reasoning, “It’s for security reasons as well as productivity,” said David Meyer, OneLogin’s cofounder and Vice President of Product Development. “If an employee’s laptop is stolen, it doesn’t matter because nothing’s on it.” Not a bad idea.

Identity Management Software that controls log-ins and passwords is a great tool to protect your HR department. Rather than trusting that HR staff are protecting usernames and passwords for each platform they use for payroll, benefits, recruiting, scheduling and such, the single log-in allows access to everything. This helps the employees, as only one password needs to be remembered, eliminating the need to write down passwords or save them elsewhere. The identity management software you choose should use a multi-factor authentication, which ensures even if the password got into the wrong hands, additional approval from another device will be needed to access the log-in. Companies can also employ geofencing to restrict log-ins so admins can only sign in from specified areas, such as the office.

HR tech platforms and cybersecurity firms are working together to improve the security of HR departments, fingerprint log-in is one of the safer means of logging in, but that technology is not available across all platforms. Until these needs can be met, the best protection is prevention.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

Why You Need to Deploy Encryption and How

encryption

Encryption is the transformation of data from plain text to ciphertext. In other words, basically taking data that is easy to read and placing it into a riddle that has no rhyme or pattern so that only those that know the riddle, can read your data. Still with me?

Encryption alone is not enough to guarantee the safety of your data. An endpoint protection software is necessary to monitor for malware, especially making sure you aren’t hit with ransomware which will most certainly blackmail you for the encryption key, bringing us back to square one. It is known however, that hackers don’t particularly like encrypted data, and are much less likely to continue along once they learn you’ve employed encryption throughout your business.

“The best reason to encrypt your data is that it lowers your value,” said Mike McCamon, President and CMO at SpiderOadk. “Even if [attackers] got in, all the data stored is encrypted. They’d have no way to do anything if they downloaded it.”

Passwords are a great start, but lets take it one step further. If an attacker were to get into your network they most likely can navigate around and find where all your passwords are kept, again back to square one. No point in a password if hackers can find it without breaking a sweat. Password encryption allows you to put an extra layer of protection on your passwords. Any password you use to log in to a portal, will be encrypted as soon as you press Enter. The password will be scrambled and saved on your company’s endpoint in the same matter explained above, a riddle so to speak. The only way to get past the encryption is to have the encryption key.

Protect the house, with database and server encryption. Anyone who can gain access to your network can see information in plain text. If the house of all your data is in plain text, that is a surefire road to disaster.

Secure Sockets Layer (SSL) Encryption  protects the transfer of data from the browser to the website. This will encrypt and protect the data employees and clients exchange via browsers to your company website. This is a safeguard against the interception of information as it is being transferred from the browser to the endpoint. However, once the data has reached your company server the information will be in plain text, and yet another encryption method should be used.

Email identity encryption provides employees with a complex key, known as a Pretty Good Privacy (PGP) key. This key is given to all email recipients, so that if and possibly when one of your clients receives an email without the decryption prompt, such as one claiming to be from your company’s CEO, the client knows to ignore the email.

Device Encryption is critical to the safety of your organisation. Device encryption should be required of all employees. IT management can significantly help in this process, and can also set up mobile device management software for all mobile devices. This will protect your employees and your business from avoidable and preventable vulnerability.

End-to-End and Zero-Knowledge Encryption is the most comprehensive form of encryption. Before your data can reach the end-point it is manipulated, jumbled, bamboozled – including all log ins, device passwords, application information, files. The only way to decipher the code and gain access to the information is with an encryption key that only your IT management company has, along with the software company that works to encrypt the data.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.pcmag.com

The Last Operating System – Windows 10 Support Till 2026

Win10-Logo-6-780x445Microsoft is moving forward with it’s plans to support Windows 10 as its last operating system by extending the Windows 10 support lifetime to 2026. Microsoft refreshed the Windows support lifecycle database to signal a one-year extension to Windows 10 Enterprise after the release of the Windows 10 Anniversary Update. This was designated as an LTSB build, which Microsoft has set to periodically label new upgrades as LTSB so that corporations can update as they wish, with the Anniversary update being supported for 10 years from its release.

Consumer and small business versions such as Windows 10 Home and Windows 10 Pro will remain in support until October 2025 despite being refreshed when the Enterprise was with the Anniversary Update, otherwise known as 1607.

“The addition of a year to Windows 10 Enterprise’s lifetime validated a prediction made more than a year ago by Steve Kleynhans, a Gartner analyst who focuses on Microsoft and its operating system. “At some point [Microsoft] will have to reset the clock to start another 10 years [of support] and mark some kind of stake in the ground,” Kleynhans said in a July 2015 interview.” – Gregg Keizer for Network World

Those who adopted the original LTSB will receive security updates until October 2025. Patches however will have to be obtained with this year’s 1607 rather than the LTSB 1507.

Customers who adopted the original LTSB will receive security updates until October 2025. To obtain patches for the additional year, IT staffers will have to replace LTSB 1507 with this year’s 1607.

“Extending Windows 10 support to 2026 gives credence to Microsoft’s touting the OS as “the last version of Windows,” a phrase that, while perhaps not technically true, was meant to emphasize the software-as-a-service pivot.” – Gregg Keizer for Network World

More information on Windows 10’s support lifecycle can be found on Microsoft’s website, including dates when various versions exit “mainstream” support and when they drop off the support list.

 

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.networkworld.com