Author: David Shelley

Google Revealed a rare Mac security flaw- BuggyCow

Screen Shot 2019-03-05 at 7.23.51 PM

Google has uncovered a rare security flaw for Apple’s computer operating system MacOS…it was a bug that was known by Apple…they are aware and have been notified that it has to be fixed in the next 90 days.  The Google folks are calling the bug, “BuggyCow.”

The bug allows malware already running on a Mac, or a rogue logged-in user, to gain access to the more protected bits of their computer. The Mac would already need to be compromised in some way to actually exploited the bug.  Security is build in layers and in this case at an OS layer that is not the case with the current OS in production.

USB 4 Finally Here – 40GB Throughput

Screen Shot 2019-03-05 at 7.12.12 PM

Finally USB 4 is out and should be something to consider when purchasing your next computer.  The new standard is based on Intel’s Thunderbolt protocol and supports a range of features, including data transfer rates of up to 40 Gbps, display interfaces, and power delivery.  Its support to be released around May 2019.  The new interface will use USB Type-C connectors and will maintain backwards compatibility with USB 2.0, USB 3.2, and Thunderbolt 3 interfaces.

Is Your Office365 Environment Backed Up

Microsoft Office365

It is a great misunderstanding that your email is backed up in the cloud with Microsoft when you leverage their service for email.  This is not the case and something that organizations should be mindful of depending on compliance or overall legal requirements via liability.  In many cases if there is a legal situation with an employee or client, the judge in the discovery process will request an organization to reproduce emails for the time period in question and many organizations are not set up for this.  There are several solution out there that bva uses that will capture all inbound and outbound message correspondence.  Typically a service of this nature is an additional cost of about $2 to $4 per user/per month but having an online backup of your data in a secure location is a must.  If you would like to know more about solutions that could work for your business, please contact bva.

Russian Hackers Develop Malware that stays After OS Rebuild

Russia

So basically hackers are getting a lot smarter, they have finally developed a new Malware that stays around after you rebuild a PC in the event that is it compromised.  This created quite a difficult situation when trying to isolate and deal with.  The name os the malware is called Lojax and developed by Russian hackers…pretty eloquent and precise.  The malware hides out in the flash memory by re-writting the computers UEFI which allows for it to remain after rebuilding a PC via wipe and build or replacing its hard drive with another.

 

Security is Build in Different Layers

Screen Shot 2015-09-18 at 3.19.21 PM

Network and Computer Security is build in different layers of solutions to ensure you are truly protected. Too often I walk into meetings with CEO/CFO’s that claim they are secure due to being on a single security platform of products. Of course all of this is in a single interface and connection point. Layers…layers…

Dangerous USB Cable – Hacker Tool

Screen Shot 2019-02-24 at 11.50.44 AM

Some hackers are getting creative in getting into people’s system by leveraging USB cables that have a Wifi Card in them which hallway the hacker the ability to access remotely and be in your local system.  Once in the hacker can browse the network and servers at their leisure to capture any intellectual property without anyone knowing.  The only left over signature would be the local device the USB cable is plugged into.  It’s important to be mindful of the USB devices your are leveraging in your business community to ensure a better degree of security.  There are also system tools that can be installed on all systems to notify your local admin when a device of this nature is within the network.

 

Screen Shot 2019-02-24 at 11.35.50 AM

Sophos Mobile Management – Great Security Solution for Mobile Devices

Screen Shot 2019-02-21 at 2.07.55 PM

Just deployed this for over 200 mobile devices to ensure that a client has the ability to control all data.  This product was fairly easy to deploy and from a technical administrative perspective works very well.  Allows for a single interface to control everything….lots of features.

Sophos Mobile Security Free Edition

  • Protects your Android smartphones and tablets from malicious apps
  • Provides loss and theft protection with remote lock or locate (optional)
  • Uses our extensive SophosLabs threat intelligence to identify potential risks
  • Offers a Privacy Advisor which lets you see which apps can access personal data, create costs or access the Internet

Sophos Mobile Encryption

  • View and access encrypted files in cloud storage on your iPad, iPhone or iPod Touch
  • Full integration with Dropbox for transparent use
  • Password protection allows simple and secure collaboration
  • Fully integrated with our SafeGuard Enterprise Encryption for Cloud Storage module
  • Additional features available via in-app purchasing

50 Arizona Local Businesses Breached

Screen Shot 2019-02-19 at 5.55.43 PM

Restaurants groups really need to get their technology together and secure their environments.  A data breach may have compromised the personal information of customers who patronized any of 50 Arizona businesses last month.  This affected certain restaurants and hotels between Jan. 3 and Jan. 24.  This affected businesses such as Chompie’s, Someburros, and Zipps Sports Grill.

What is a VPN and Why do you need it?

VPNWhat is a VPN? A VPN (Virtual Private Network) is a secure, encrypted connection between your computer and the VPN’s Server. No one can see what you do on your desktop outside of that VPN connection. This keeps you safe from Hackers and scammers looking to access your personal information. If you travel and access public Wi-Fi this is a great tool to protect you and your web traffic. I mean who doesn’t go to a Starbuck’s and immediately log into their Wi-Fi?! Without a VPN tool you are opening your personal information to a hacker or scammer just looking for a quick payday.

When choosing the right VPN tool for you and or your company do not focus on the price, look for performance, type of encryption used, support, and reputation. Once you’ve found a company that meets these requirements see If they have a free trial so you can test out their service, you don’t want to get stuck with a slow speeds and unreliable servers. In this day and age there is no reason to deal with issues like that.

Private Internet Access VPN, NordVPN, and Hotspot Shield Elite are three good VPN tools to start researching if you are interested in locking down your web traffic.