Socialize

September 4th, 2014

Security_Sep02_CWhat do you do when your smartphone needs to be charged but your charger is not at hand? A handy solution is to turn to a public charging kiosk. But what you might not be aware of is the fact that this can lead to juice jacking of your smartphone. To avoid this security threat, it’s time to get a comprehensive view of what juice jacking is and how you can protect your smartphone from it.

What’s juice jacking?

Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The attack can be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information such as private photos and contact information are transferred to a malicious device. However, on the other hand, it can also be as invasive as an injection of malicious code directly into your phone. According to security researchers at this year’s Black Hat security conference, your iPhone can be compromised within one minute of being plugged into a harmful charger.

Exposure to a malicious kiosk can also create a lingering security problem even without the immediate injection of malicious code. Once a device is paired to a computer, it can access a host of personal information on the device, including your address book, notes, photos, music, sms database, typing cache, and even initiate a full backup of your phone, all of which can be accessed wirelessly at anytime.

How do I avoid it?

The most effective precautions center around simply not charging your phone using a third-party system. Here are some tips to help you avoid using public kiosk charger:
  • Keep your devices topped off: Make it a habit to charge your phone at your home and office when you’re not actively using it or are just sitting at your desk working.
  • Carry a personal charger: Chargers have become very small and portable, from USB cables to power banks. Get one and throw it in your bag so you can charge your phone anytime you’re at the office or while on-the-go if you use a power bank.
  • Carry a backup battery: If you’re not keen on bringing a spare charger or power bank, you can opt to carry a full spare battery if your device has a removable battery.
  • Lock your phone: When your phone is truly locked as in inaccessible without the input of a pin or equivalent passcode, your phone should not be able to be paired with the device it’s connected to.
  • Power the phone down: This technique only works on phones on a model-by-model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
  • Use power only USB cables: These cables are missing the two wires necessary for data transmission and have only the two wires for power transmission remaining. They will charge your device, but data transfer is made impossible.
Even the tiniest detail like charging your phone from a kiosk charger could affect the security of your device. While there are many substitutes to using a third-party system, ultimately the best defense against a compromised mobile device is awareness. Looking to learn more about today’s security and threats? Contact us today and see how we can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
August 25th, 2014

Security_Aug18_CSince the advent of the Internet, hackers have been actively trying to exploit it. Over the past few years, many have targeted different websites to obtain user account details like usernames and passwords. There seems to be a trend where the number of accounts compromised with each new security announcement is rising. In early August, news broke that possibly the largest breach to date has been uncovered.

The latest big-scale breach

In early August, it emerged that a Russian hacker ring had amassed what is believed to be the biggest known collection of stolen account credentials. The numbers include around 1.2 billion username and password combinations, and over 500 million email addresses.

According to Hold Security, the company that uncovered these records, the information comes from around 420,000 sites. What is particularly interesting about this particular attack is that such a wide variety of sites were targeted when compared this with other attacks which tend to either attack large brand names or smaller related sites.

How did this happen?

Despite what many believe, this was not a one-time mass attack; all sites that were compromised were not attacked at the same time. Instead, the hacker ring - called the Cyber Vor - was likely working on amassing this data over months or longer. How they were able to amass this much information is through what's called a botnet.

Botnets are a group of computers infected by hackers. When the hackers establish a botnet, they attack computers with weak network security and try to infect them with malware that allows the hacker to control the computer. If successful, users won't even know their computer has been hacked and is being used by hackers.

Once this botnet is established, the hackers essentially tell the computers to try to contact websites to test the security. In this recent case, the computers were looking to see if the websites were vulnerable to a SQL injection. This is where hackers tell the computers in the botnet to look for fillable sections on sites like comment boxes, search boxes, etc. and input a certain code asking the website's database to list the stored information related to that box.

If the Web developer has restricted the characters allowed in the fillable text boxes, then the code likely would not have worked. The botnet would notice this, and then move onto the next site. However, if the code works, the botnet notes this and essentially alerts the hacker who can then go to work collecting the data.

So, is this serious and what can I do?

In short, this could be a fairly serious problem. While 420,000 sites may seem like a large number, keep in mind that the Internet is made up of billions of websites. This means that the chances of your website's data being breached by this ring are small. That being said, there is probably a good chance that one of the sites related to your website may have been breached.

So, it is a cause for concern. However, you can limit the chance of hackers gaining access to your information and a website's information.

1. Change all of your passwords

It seems like we say this about once a month, but this time you really should heed this warning. With 1.2 billion username and password combinations out there, there is a chance your user name for at least one account or site has been breached.

To be safe, change all of your passwords. This also includes passwords on your computer, mobile devices, and any online accounts - don't forget your website's back end, or hosting service. It is a pain to do, but this is essential if you want to ensure your data and your website is secure from this attack.

2. Make each password different

We can't stress this enough, so, while you are resetting your password you should aim to ensure that you use a different one for each account, site, and device. It will be tough to remember all of these passwords, so a manager like LastPass could help. Or, you could develop your own algorithm or saying that can be easily changed for each site. For example, the first letter of each word of a favorite saying, plus the first and last letter of the site/account, plus a number sequence could work.

3. Test your website for SQL injections

If you have a website, you are going to want to test all text boxes to see if they are secure against SQL injections. This can be tough to do by yourself, so it's best to contact a security expert like us who can help you execute these tests and then plug any holes should they be found.

4. Audit all of your online information

Finally, look at the information you have stored with your accounts. This includes names, addresses, postal/zip codes, credit card information, etc. You should only have the essential information stored and nothing else. Take for example websites like Amazon. While they are secure, many people have their credit card and billing information stored for easy shopping. If your account is hacked, there is a good chance hackers will be able to get hold of your card number.

5. Contact us for help

Finally, if you are unsure about the security of your accounts, business systems, and website, contact us today to see how our security experts can help ensure your vital data is safe and sound.
Published with permission from TechAdvisory.org. Source.

Topic Security
August 7th, 2014

Security_Aug05_CSecurity of your systems and technology is always an on-going battle and one you will likely never completely win. There are definitive steps you can take to ensure that your systems are secure, but we find that one of the most effective tools is knowledge. If you know a bit about how your systems can be breached, you can ensure a higher level of caution and security. To help, here are five common ways businesses see their systems breached.

1. You are tricked into installing malicious software

One of the most common ways a system's security is breached is through malware being downloaded by the user. In almost every case where malware is installed the reason is because the user was tricked into downloading it.

A common trick used by hackers is to plant malware in software and then place this software on a website. When a user visits the site, they are informed that they need to download the software in order for the site to load properly. Once downloaded, the malware infects the system. Other hackers send emails out with a file attached, where only the file contains malware.

There are a nearly limitless number of ways you can be tricked into downloading and installing malware. Luckily, there are steps you can take to avoid this:

  • Never download files from an untrusted location - If you are looking at a website that is asking you to download something, make sure it's from a company you know about and trust. If you are unsure, it's best to avoid downloading and installing the software.
  • Always look at the name of the file before downloading - Many pieces of malware are often disguised with file names that are similar to other files, with only a slight spelling mistake or some weird wording. If you are unsure about the file then don't download it. Instead, contact us as we may be able to help verify the authenticity or provide a similar app.
  • Stay away from torrents, sites with adult content, and movie streaming sites - These sites often contain malware, so it is best to avoid them altogether.
  • Always scan a file before installing it - If you do download files, be sure to get your virus scanner to scan these before you open the apps. Most scanners are equipped do this, normally by right-clicking on the file and selecting Scan with….

2. Hackers are able to alter the operating system settings

Many users are logged into their computers as admins. Being an administrator allows you to change any and all settings, install programs, and manage other accounts.

If a hacker manages to access your computer and you are set up as the admin, they will have full access to your computer. This means they could install other malicious software, change settings or even completely hijack the machine. The biggest worry about this however, is if a hacker gets access to a computer that is used to manage the overall network. Should this happen, they could gain control over all the systems on the network and do what they please on it.

In order to avoid this, you should ensure that if a user doesn't need to install files or change settings on the computer, they do not have administrator access. Beyond this, installing security software like anti-virus scanners and keeping them up to date, as well as conducting regular scans, will help reduce the chances of being infected, or seeing infections spread.

3. Someone physically accesses your computer

It really feels like almost every security threat these days is digital or is trying to infect your systems and network from the outside. However, there are many times when malware is introduced into systems, or data is stolen, because someone has physically had access to your systems.

For example, you leave your computer on when you go for lunch and someone walks up to it, plugs in a USB drive with malware on it and physically infects your system. Or, it could be they access your system and manually reset the password, thereby locking you out and giving them access.

What we are trying to say here is that not all infections or breaches arrive via the Internet. What we recommend is to ensure that you password protect your computer - you need to enter a password in order to access it. You should also be sure that when you are away from your computer it is either turned off, or you are logged off.

Beyond that, it is a good idea to disable drives like CD/DVD and connections like USB if you don't use them. This will limit the chances that someone will be able to use a CD or USB drive to infect your computer.

4. It's someone from within the company

We have seen a number of infections and security breaches that were carried out by a disgruntled employee. It could be that they delete essential data, or remove it from the system completely. Some have even gone so far as to introduce highly destructive malware.

While it would be great to say that every business has the best employees, there is always a chance a breach can be carried out by an employee. The most effective way to prevent this, aside from ensuring your employees are happy, is to limit access to systems.

Take a look at what your employees have access to. For example, you may find that people in marketing have access to finance files or even admin panels. The truth is, your employees don't need access to everything, so take steps to limit access to necessary systems. Combine this with the suggestions above - limiting admin access and installing scanners - and you can likely limit or even prevent employee initiated breaches.

5. Your password is compromised

Your password is the main way you can verify and access your accounts and systems. The issue is, many people have weak passwords. There has been a steady increase in the number of services that have been breached with user account data being stolen. If a hacker was to get a hold of say your username, and you have a weak password, it could only be a matter of time before they have access to your account.

If this happens, your account is compromised. Combine this with the fact that many people use the same password for multiple accounts, and you could see a massive breach leading to data being stolen, or worse - your identity.

It is therefore a good idea to use a separate password for each account you have. Also, make sure that the passwords used are strong and as different as possible from each other. One tool that could help ensure this is a password manager which generates a different password for each account.

If you are looking to learn more about ensuring your systems are secure, contact us today to learn about how our services can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
July 10th, 2014

Security_July07_CA common issue many businesses face, regardless of their size, is that their computer systems and devices get progressively older and slower, unless they are constantly updated. This can frustrate some employees who may have up-to-date personal devices, so much so that they simply start to bring these devices into the office. The idea of BYOD, or Bring Your Own Device, is not all that new, but it is a growing concern and if it's not handled properly it can pose a security risk.

What should I do about BYOD?

The first reaction of many office managers and business owners, worried about security threats that could stem from BYOD, is to impose an outright ban of devices. While telling your staff they are not to use their devices for work may seem like a quick and easy solution, you can be 100% sure that there will be employees who ignore this policy and use their personal devices for work regardless.

This could put your business at a higher security risk if the rule is ignored, especially if you don't implement any security measures to protect your networks and data. In order to minimize the potential threats BYOD can expose your business to, we suggest you do the following:

1. Consider embracing BYOD

Instead of simply banning personal devices in the workplace take a step back and look to see if there are any benefits BYOD can offer. For example, if you operate on razor thin margins and have not replaced hardware in years, there is a good chance your employees will have better systems at hand. This could help you reduce your overall tech costs.

The same goes for phones for your employees. Why not offer to pay for the plan and allow employees to use their own devices? Of course, you are going to want to implement security measures and usage rules, but if this is easily achieved then it may help reduce your overall operating costs. Before you do implement a system like this however, we strongly recommend you read the rest of this article and follow the steps below.

2. Set up separate networks for employee devices

Oftentimes, the main reason employees bring their devices to the office and use them for work purposes, especially when it comes to mobile phones, is because they can happily connect to Wi-Fi for free without using their data plans throughout the day.

Chances are high that because they use the work Wi-Fi on their device for non-work tasks, they simply keep using the device when they are doing work related activities. This could pose a security risk, especially if you run business-critical operations on the same network. You could nip this potential problem in the bud and simply install another Wi-Fi network for mobile devices and non-critical business processes.

It is usually quite affordable to simply purchase another line and the networking equipment to support this, not to mention the fact that it will keep business-critical processes secure from errant malware. As an added bonus, you will likely see increased productivity because the bandwidth demand will be limited, so important data will move quicker.

3. Educate your staff about security

In our experience, the vast majority of BYOD related security risks are exposed by mistake. An employee may have a virus on a personal phone and be unaware of it. When they connect to the network it can then be unintentionally spread to other computers resulting in a potentially massive security breach.

One of the simplest ways to prevent this is to educate your employees about proper mobile safety. This includes how to spot apps that could contain malware, sharing security threat updates, and teaching your employees how to secure their devices. You really need to stress just how important security is to them.

On top of this, contact an IT expert like us for a recommended anti-virus and spyware scanner for mobile devices that users can easily install. Encourage employees to not just install this but to keep it up to date too. Many of these mobile specific scanners are free and just as powerful as desktop versions.

4. Work with an IT partner to establish a solution that works for you

Beyond education and simple network establishment, it is a great idea to work with an IT partner like us. As experts, we keep tabs on the trends and solutions related to BYOD and will work with you to establish a program that works for your company.

It may be that you don't actually need to integrate BYOD but to update hardware or software to newer versions instead. It could be that there is a simple solution to employees feeling frustrated with slow performance of existing systems at work.

If you do implement BYOD, we can help establish security measures and policies that will ensure your networks and employee devices are secure. The best advice we can give however, is to do this before you start allowing BYOD, as it can be far more challenging to implement and enforce changes when employees are already using their devices at work.

Looking to learn more? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 26th, 2014

Security_June23_CThe increasing number of businesses turning to a virtual environment is parallel with cyber criminals looking to breach that security. While many businesses think their virtual servers are safe and secure, some are unaware of major security myths that can leave your business vulnerable to attack. With that in mind, isn’t it time you familiarized yourself with five common virtualization security misconceptions to keep your virtual environment secure?

Myth No.1: Existing endpoint security will protect our virtual environment

Most traditional endpoint security solutions are virtual-aware and provide low levels of protection. This simply isn’t enough. Depending on the virtualization platform used (VMware, Microsoft, etc.), your traditional endpoint security suite can probably recognize virtual endpoints. However, this physical software often can’t bring its full tool set of anti-malware to the virtual world, meaning it can only perform basic tasks such as on-access scanning.

Therefore what you need is a solution that has been designed to keep both virtual and physical computing environments secure. There are a wide-number of solutions out there, and the best one for your business will depend largely on the virtual environments you employ. We strongly recommend talking to IT experts like us, as we can help determine, or even offer, the strongest security based.

Myth No.2: My existing anti-malware doesn’t interfere with my virtual operations

Performance issues can create security gaps that don't exist in your physical environment. Traditional endpoint security uses an agent-based model where each physical and virtual machine has a copy of the security program’s agent on it. This agent communicates with the server while performing security tasks. This is fine for physical machines, but if you have 100 virtual machines running off of one main environment that has been infected with malware, you’ll also have 100 instances of malware running on the machines.

This high level of duplication can cause massive performance degradation and waste tons of storage capacity. Therefore, you should make an effort to ensure that all of your systems including the main ones are without malware. This not only makes every system secure, but can also speed up overall operations.

Myth No.3: Virtual environments are inherently more secure than physical environments

Sadly, this just isn’t always true. Virtualization is designed to allow software, including malware, to behave as it normally would, and malware writers will target any and all weak points in a business’s network to accomplish their goals. An attacker who compromises one virtual machine and finds a way to jump to the hypervisor - the system that enables the virtualization - then has access to every virtual machine on that host.

Therefore, malware scanners on both the user and main systems would be a good idea. If it does happen to get on a system, the chances of it spreading are drastically reduced.

Myth No.4: Using non-persistent virtual machines effectively secures a network

In theory, any machine that encounters malware is wiped away and recreated cleanly. However, we are now seeing malware that is designed to survive teardown of individual machines by spreading across the virtual network. This allows it to return when new virtual machines are created.

Additionally, being too eager to create new machines on demand can result in virtual machine sprawl, which happens when virtual machines are created but then forgotten. This leads to an unmaintained virtual endpoint operating without your knowledge. Even if the rest of your virtual machines are secure, it’s possible for one machine to eavesdrop on the traffic of another virtual machine, leading to privacy and security risks.

The best solution to this is to employ an IT manager who can track and maintain systems. Many IT partners offer a solution like this, so experts like us may be able to help ensure your systems are secure.

Myth No.5: Specialized virtual security programs are more or less the same

There are various approaches to virtualization security and your network will probably need a blend of available options. This all depends on what you’re trying to protect.

A non-Web-connected server is going to have entirely different security needs than a virtual desktop of a server that manages customer information. Implementing one without the other simply just won’t do in today’s world, where attackers are set on getting their hands on your data.

Proper security is vital in making virtualization a critical component of your business IT infrastructure. Looking to learn more about virtualization and its components? Contact us today and see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 13th, 2014

security_June13_CThe parallel rise of technological advancement and malicious Internet activity is evident. With advances in technology comes an increase in security threats which, if not taken care of right away, can severely affect your business’ efficiency and overall success. With that in mind, it’s time you familiarized yourself with the top security best practice guidelines which will go a long way to ensuring your business is safe and secure.

10 Security practice guidelines for businesses

  1. Encrypt your data: Encryption of stored data, filesystems, and across-the-wire transfers is essential to protect sensitive data as well as to help prevent data loss due to equipment loss or theft.
  2. Use digital certificates to sign all of your sites: You should obtain your certificates from a trusted Certificate Authority, and instead of saving your certificates on the Web server, save them to hardware devices like routers or load balancers.
  3. Implement a removable media policy: Devices like USB drives, external hard disks, external DVD writers or any writeable media facilitate security breaches coming into or leaving your network. Restricting the use of those devices is an effective way to minimize security threats.
  4. Implement DLP and auditing: Be sure to use data loss prevention and file auditing to monitor, alert, identify, and block the flow of data into and out of your network.
  5. Use a spam filter on your email servers: Using a time-tested spam filter such as SpamAssassin will remove unwanted email from entering your inbox and junk folders. It is important that you identify junk mail even if it’s from a trusted source.
  6. Secure websites against MITM and malware infections: Start using Secure Sockets Layer (SSL) which creates a secure connection between a user and server, over which any amount of data can be sent securely. Through SSL, you’ll be able to scan your website daily for malware, set the Secure flag for all session cookies, as well as use SSL certificates with Extended Validation.
  7. Use a comprehensive endpoint security solution: Using an antivirus software alone is not enough to provide defense against today’s security threats. Go for a multi-layered product to prevent malware infections on your devices.
  8. Network-based security hardware and software: Start using firewalls, gateway antivirus, intrusion detection devices, and monitoring to screen for DoS attacks, virus signatures, unauthorized intrusion, and other over-the-network attacks.
  9. Maintain security patches: Make sure that your software and hardware defenses stay up-to-date with new anti-malware signatures and the latest patches. If your antivirus program doesn’t update on a daily basis, be sure to set up a regular scan and a remediation plan for your systems.
  10. Educate your employees: As simple as it sounds, this might be the most important non-hardware, non-software solution available. An informed user will more likely behave more responsibly and take fewer risks with valuable company data resulting in fewer threats to your organization.
Businesses cannot afford to take chances with security. Why? Because doing so can trigger a domino effect, causing a cascade of problems that can lead to operational outages, data loss, security breaches, and the subsequent negative impact to your company's bottom line. Looking to learn more about security for your business? Call us today for a chat.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 13th, 2014

Security_May13_CThe tool that allows the vast majority of businesses to utilize the Internet in order to carry out their day-to-day operations is the browser. While there are numerous browsers available, many businesses rely on Internet Explorer (IE). This browser comes pre-installed on all machines using Windows. However, if you use IE, there is a new exploit that you should be aware of.

What exactly is a zero-day flaw?

A zero-day flaw is a security vulnerability that is taken advantage of by hackers on the day it is discovered. In other words, there are zero days between the discovery of the vulnerability and people taking advantage of it.

The way most software programs work is if a user finds a security flaw, they will usually inform the developer who will then develop a fix and release it in a patch that users download. The problem is, sometimes it is a hacker who discovers this vulnerability. Instead of reporting it, they start to capitalize on the flaw, exploiting it to attack other users before the developer becomes aware of it and has a chance to fix it.

The IE zero-day flaw

In late April, news broke that a zero-day flaw had been discovered in Internet Explorer's code. The flaw affects IE versions 6-11 - essentially every supported version of the browser. Hackers had found a previously unknown flaw that allowed them to gain the same access rights as a user.

How it worked is that the hackers sent emails to users with links to a website that hosts a malicious code. These emails were largely phishing in nature, meaning they aimed to get the user to click on a link in the email. Some of the subject lines used in attacks included:

  • Welcome to Projectmates!
  • Refinance Report
  • What's ahead for Senior Care M&A
  • UPDATED GALLERY for 2014 Calendar Submissions
In these emails there was a link to a website that hosted a code which could then be executed if the user visited the site using IE. When executed this could potentially expose the user's system. Once vulnerable, the hackers could install malicious software without the user's knowledge.

How do I guard against this exploit?

The good news is that Microsoft has released a patch that fixes this exploit. This has definitely been welcomed, and what is really interesting is that Microsoft has actually released the update for XP users as well - this coming after the cessation of support for XP.

To guard against the exploit you should firstly update the version of Internet Explorer that you are using. The easiest way to do this is to go to the Internet Explorer website and download the latest version - version 11 - of the browser. Version 11 can run on both Windows 7 and 8, so the vast majority of users should already be running this latest version.

If you are using an older version, Microsoft has pushed the patch out via both IE's automatic update feature - so restarting the browser should install the update. The other option is Windows Update. Simply running the Update program and installing the updates should ensure that the latest version of IE is installed.

For Windows 7 and 8 users, you can do this by:

  • Opening the Control Panel on your system.
  • Clicking on System or Performance and Maintenance followed by System.
  • Selecting Automatic Updates from the menu in the window that opens.
  • Following the instructions in the new window that opens.
Once installed, you should restart your computer if you aren't asked to do so. If you noticed that Automatic Updates was already ticked, try restarting your computer and this should install the updates.

If you are using XP, you can visit the Microsoft Update website using Internet Explorer and following the instructions.

Aside from updating your browser, you should ensure that your anti-virus and malware scanners are up to date and scheduled to scan your system on a regular basis. Be sure to look at all emails closely as well, if one seems a bit dodgy, or you receive one from someone you don't know, it is best to ignore it and delete it right away.

Businesses who are using XP should seriously consider updating because Microsoft will not be introducing security updates in the future, leaving your systems at greater risk of attack. At the very least, it may also be a good idea to switch to another browser like Firefox or Chrome, both of which will work on XP and are updated regularly.

Worried that your systems are not secure enough, or still running XP? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
May 1st, 2014

Security_Apr28_CAs everyone knows, we use passwords to prevent anyone getting access to our personal accounts and gadgets. But, with ever-growing numbers of hackers determined to grab our data, people need to be extra vigilant. These cyber criminals are using sophisticated technology to steal information whenever there is a slight hint of opportunity. So don't give them a chance. Your passwords are your first defence. Use these tips to stay safer online.

Observe proper web security

With the rapid advancements in technology comes sophistication of methodologies used by hackers to steal data and destroy web security. Cyber crime is continuously evolving as new programs are made to unlock accounts and combine numbers, letters and special characters to determine passwords. The big question for internet users is – how to choose a strong password that can drive hackers away?

Passwords should have at least eight characters. It is highly recommended that you use a combination of uppercase, lowercase and special characters. “P@s$w0Rd45%” is a thousand times better than “Password1”. Veer away from using passwords that are found in dictionaries. Furthermore, avoid using your name, a family member’s name, phone number, birth date, social security number or any public information. Hackers have found a way to crack passwords with the aid of the many databases out there.

To create even more secure passwords, try using a password that is a full sentence, with random words. For example "I am a purple donkey" (with the spaces) will take a long time to crack, which means it's more secure then even the examples above.

Keep malware off your system

Malware are malicious programs that have been crafted in such a way that they appear authentic and trustworthy. Be careful not to click on pop-ups and links that will redirect you to that place where your security walls are torn down. And do not open email attachments from anonymous users. Mechanisms are often embedded in these programs to gain control of your system.

Get professional help by installing security software from a trusted name in the industry. Build your defences as early as possible. Remember the cliché – better to be be safe than sorry – and nowhere is this more true than in computer system and web security.

Keep your passwords private

While this may seem to be a no-brainer, sadly, a lot of people still tend to share their passwords with their office mates or friends. If you’re one of them, then it’s high time that you change your habits and your password again. Think like James Bond -passwords are for your eyes only.

In the event that you need to give your password to a co-worker to get an important document or presentation, make sure that you change them as soon as possible. Never use the same combination again.

Change password regularly

It also helps if you schedule a regular password change. Within a period of 30 to 60 days, you should update passwords across multiple sites. Moreover, never use the same passwords for different websites. If you use the same passwords, you are putting all of your accounts at a high level risk. Hackers are relentless. Once is never enough for them and they can come back time after time.

It’s an unsafe online world out there. These online troublemakers will never be satisfied. So never let yourself or your organization fall prey to hackers. Take note of these safety measures and strengthen your web security arsenal.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 11th, 2014

Security_Apr11_CThe security of your systems and communication, especially those that utilize the Internet should be paramount for any business. Over the past few weeks a massive new security flaw has been uncovered. This flaw, codenamed Heartbleed, could potentially expose all your vital data and communications that flows between your computer and websites online. All businesses and Internet users should be aware of this Heartbleed so that they can take steps to stay safe.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.

You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.

About Heartbleed

OpenSSL is an open-source version of SSL and TSL. This means that anyone can use it to gain SSL/TSL encryption for their site, and indeed a rather large percentage of sites on the Internet use this software library. The problem is, there was a small software glitch that can be exploited. This glitch is heartbleed.

Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.

The problem with Heartbleed

There are two major problems with this bug. The first being that if an attacker can uncover the SSL handshake used by your computer and the server that hosts the site when you login or transmit data they will be able to see this information. This information usually is made up of your login name, password, text messages, content and even your credit card numbers. In other words, anything that gets transmitted to the site using that version of SSL can be viewed.

Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.

But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.

Am I affected by this?

What makes this so different from other security glitches is that OpenSSL is used by a large percentage of websites. What this means is that you are likely affected. In fact, a report published by Netcraft cited that 66% of active sites on the Internet used OpenSSL. This software is also used to secure chat systems, Virtual Private Networks, and even some email servers.

We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.

The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.

What should I do?

This is a big issue, regardless of whether a website uses this version of OpenSSL or not. The absolute first thing you should do is go and change your passwords for everything. When we say everything, we mean everything. Make the passwords as different as possible from the old ones and ensure that they are strong.

It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:

  • Facebook
  • Google
  • Gmail
  • Yahoo
  • Yahoo Mail
  • Instagram
  • Pinterest
  • Amazon Web Services
  • GoDaddy
  • Intuit
It would be a good idea to visit the blogs of each service to see whether they have updated to a new version of OpenSSL. As of the writing of this article, most had actually done so but some were still looking into upgrading. For a full list of sites, check out this Mashable article.

If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.

Contact us today to see how we can help ensure that your company is secure.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 4th, 2014

Security_March31_CComputers must have appropriate protection from malware attacks. Aside from creating annoyances, malware infections can also affect the performance of your computer. Furthermore, the data on your system and confidential information that you use online may also be tracked and used without your knowledge. Because of the severity of the problems that it can cause you need to be very cautious about preventing malware infections, and know how to deal with them properly.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.

If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.

Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.

After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.

How to prevent a malware attack

Prevention is better than a cure and this definitely applies to malware infections. It’s best to arm yourself with knowledge on how to avoid malware attacks and prevent your systems from being infected.
  1. Ensure that security protection is always updated and that you run system scans on a regular basis.
  2. Avoid downloading attachments or clicking links from unknown sites or senders.
  3. Enable firewall protection.
Malware can hugely affect business operations and the security of private information. One of the best ways to prevent this is to work with an IT partner, like us, who can help recommend and install protection systems. You might want to think about getting help in managing these solutions too, to ensure that your systems are secure at all times.

If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.

Published with permission from TechAdvisory.org. Source.

Topic Security