As systems and market demands continue to require better productivity and efficiency, it only follows that the software that businesses use also needs to upgrade sooner or later. Such is the case with Windows XP, which Microsoft will stop issuing support for in 2014. Part of using any sort of software is the inevitable need to upgrade. Most if not all software needs to either be replaced and upgraded as the demands of the market entail more efficient processing of the various data and information a business handles. Such is the case with Windows XP. While many continue to use this proven straightforward operating system, Microsoft has decided to stop support by the year 2014. Microsoft further recommends upgrading to its latest OS, Windows 7, in order for users to continue to receive OS support. While there are some lines of business applications that have not been upgraded to work with Windows 7, most have — and there are alternative approaches. Also, your business needs the security and protection that only a current, up-to-date operating system can provide. We understand that changing your OS will entail some expense, including new licenses, hardware, and some training. Fortunately, these things are designed to help you operate more efficiently and increase your productivity in the long run. But such change will take time, and if you are interested in starting to plan for an upgrade now, we’ll be happy to sit down with you and develop an upgrade process that meets your specific needs.
A recent attack by cyber-criminals has highlighted the need for many SMBs to re-evaluate the security protocols between themselves and their bank. Hackers exploit weaknesses in such systems, and when successful, can siphon tens of thousands of dollars from your accounts. In a recent attack, cyber-thieves managed to get away with $63,000 after they exploited vulnerabilities in the online payroll system of a small business with its bank. First, the crooks managed to infiltrate the company’s system through a piece of malware called the Zeus Trojan. This gave them access to the company’s data, including the password and username used in transacting with the company’s bank. The thieves then created several new ghost employees and created payroll accounts for them, which they sent to the bank and authenticated using the company controller’s username and password. And to cover their tracks, the hackers erased the confirmation emails regarding the transaction. This incident highlights the need for better security systems in both the business and their bank – as security experts cite online banking transactions as one of the favorite targets of cyber-criminals. Cyber-attacks such as this one exploit weaknesses in many existing systems that rely on very simple and automated authentication procedures to confirm transactions. A direct threat to your business finances is not something to be taken lightly. You not only need to review your current online banking system, but also the current security protocols you have installed, since hackers and cyber-criminals are constantly updating Trojans and other malware to adapt to changing IT protection systems. We encourage you to have us take a look at the systems you have in place to determine if you are at risk for attacks like these. Please do not hesitate to contact us and we will be happy to draw up custom security solutions that address your specific needs. References: Sold a Lemon in Internet Banking Cybercrooks Drive Away With $63,000 from Car Dealership
With hackers and electronic thieves constantly on the lookout for the latest exploits and security breaches they can take advantage of, it is comforting to know that there are also people behind bold initiatives to make our web experiences much safer. If you think hackers are the only ones doing their research to release newer and scarier viruses and malware on the web, think again. It is comforting to know that there are also very capable people doing what they can to make the internet a safer place – like Professor Dawn Song, associate professor at the University of California at Berkeley and MacArthur Foundation fellow. In a nutshell, Professor Song has been looking at different ways to make the internet experience more secure. Her two initiatives – WebBlaze and BitBlaze – are aimed toward developers who want to create better and much more secure programs and applications. WebBlaze is a compilation of different strategies from Song and other like minds who tackle different problems and solutions in all sorts of platforms, and BitBlaze is an analysis tool for malicious software. While we won’t go into too much detail (it involves very complicated math), the gist is that Song and her colleagues are drawing up some very solid solutions to constantly evolving security issues on the web. It’s exciting to see developments like these in the security industry. As threats continue to evolve, so does the means through which they are fought. The more we use the internet and the more the online experience becomes integral to the day-to-day operations of businesses big and small, the more important securing your data and information becomes. And because of efforts such as Professor Song’s, we can expect security programs to be much more effective and efficient as time passes. Know more about BitBlaze and WebBlaze Learn more about Dawn Song here If you are looking to assess and beef up your security systems, we’d be happy to sit down with you and take a look at improvements that can make your business and your data much more secure.
Using shared Wi-Fi networks can be really convenient, but it is not without risks of its own. These days, more and more people are on the go, and many of them bring their work with them. And in this day and age, it’s ideal if you’re working – or playing for that matter – while connected to the internet, which is often through public Wi-Fi hotspots. While connecting to public and open-access Wi-Fi hotspots is indeed convenient, using open networks also poses risks that endanger your security. The open nature that allows anyone to use the connection also enables unscrupulous people to gain access to your private information. The whole act of stealing information from people who are using public Wi-Fi networks is called ‘sidejacking’. There are applications such as Firesheep, for example, that provide an easy-to-use platform that others can exploit to spy and harvest personal, sensitive information from you. And since Firesheep is a Mozilla Firefox plug in, virtually anyone can download and use it to sidejack people on the same network. You can’t be too cautious with your personal and business data these days, so you always need to have the proper laptop configuration and security infrastructure to protect your system, especially when you frequently avail of open and public networks. To know more about this, please feel free to give us a call and we’ll be happy to draw up some security options that meet your specific needs.
Users beware of ransomware : malicious software that extorts money from users in exchange for freeing the user’s computer or data. One particularly nasty version was recently discovered by researchers at CA which came bundled with a software download called uFast Download Manager. The malware blocks Internet access for users until they pay the publisher a fee via SMS. Users who download the software are immediately infected, seeing a message posted in Russian demanding a ransom under the guise of activating the uFast Download Manager application. To keep your computer environment safe, always be wary of downloading suspicious free software on the Internet. If you need help or are unsure, please contact us first so we can help!
Spanish authorities report that they have arrested the masterminds behind a string of online criminal activities using the botnet dubbed Mariposa. Mariposa is the original name of a commercially distributed Do-it-Yourself malware kit, sold online for 800/1000 EUR for “wannabe” hackers. Along with the arrest, authorities seized sensitive data belonging to about 800,000 users in 190 countries, gathered from an estimated 12M+ infected host computers on the Internet. What’s particularly interesting is that the cybercriminals arrested were not themselves the author of the malware, nor were they any more techincally adept than many ordinary users. They simply had access to malware widely available on the Internet, and were able to conduct a crime of such a wide scale and reach. This illustrates that it’s become easier for many cybercriminals to conduct their nefarious deeds online, and highlights the need for more vigilance on the part of law-abiding netizens in keeping their network secure from hackers and malware. Is your network safe? Contact us to find out. Related articles: How FBI, police busted massive botnet (go.theregister.com) Botnet takedowns ‘don’t hurt crooks enough’ (go.theregister.com) Vodafone distributes Mariposa Bot, Conficker and Lineage in HTC Magic (techie-buzz.com)
Microsoft recently released a number of security bulletins and patches addressing vulnerabilities in Windows and Office that are of high risk to users. It’s widely believed that many will be exploited by hackers within the next 30 days. One of them could potentially allow hackers or malware authors to easily compromise systems by tricking users to download malicious AVI-formatted files. Others require nothing more than just visiting a website. Another specifically targets Powerpoint Viewer 2003, and opening a malicious .ppt file could affect your system. This latest round of patches and vulnerability updates is really nothing new – although the sheer number made public in one day is notable. This highlights the need for a comprehensive security policy, because vulnerabilities do exist in even the most mundane or old versions of software. Customers under our Managed Services plan can rest easy since we monitor and update their computers as soon as these patches and advisories are released. Find out more about what we do to make your systems safe and secure. Contact us today. Related links: Patch Tuesday: Microsoft plugs critical Windows worm holes (zdnet) Researchers warn of likely attacks against Windows, PowerPoint (computerworld) Microsoft delivers huge Windows security update (computerworld)
A malicious piece of software making the rounds of news websites this week is believed to be behind the compromise of over 75,000 systems in over 2,500 international organizations – many of which are government agencies and large Fortune 500 companies. Called the Knebner botnet after the name in the email used to register the initial domain used in the campaign to propagate the malware , the software infects computers and captures user login access to online financial services such as Paypal and online banks, social networking websites such as Facebook, and email. Infected computers can be centrally controlled from a master computer, which presumably harvests the data captured for nefarious means. The Knebner botnet itself is not new. It’s based on the ZeuS botnet, and has gained prominence lately because it’s slipped under the radar of so many organizations. However, there are ways to prevent compromises from botnets – one of which is to have a proactive security system and policy in place. Our Managed Security customers have this assurance in place since we continuously protect their system from botnets and other malware. If you’re not sure that you’re protected, talk to us today. Related articles: Kneber botnet described as ‘massive’ and ‘worldwide’ (inquisitr.com) Kneber attack resurrects notorious Zeus Trojan, say experts (guardian.co.uk) Malicious Software Infects Corporate Computers (nytimes.com)