Archive for Security

Look Out: Critical Microsoft Office Flaw Finally Patched

b2ap3_thumbnail_microsoft_office_vulnerability_400.jpgDoes your office practice proper maintenance and security against the latest threats, like Sandworm and CryptoWall 2.0? You should, or else your business might get a nasty holiday gift in the form of the Schannel vulnerability in Microsoft Office. This particular threat allows a hacker to take over the entire system, making it an exceptionally dangerous vulnerability that you can’t ignore. Thankfully, a patch is available to the general public, so you want to apply it as soon as possible.

On October 21st, Microsoft issued the security advisory which states that the vulnerability allows for remote code execution. Even worse, the vulnerability can be found in most supported versions of Microsoft Windows, excluding Windows Server 2003. Users can trigger this vulnerability by opening an infected Microsoft Office file which contains an Object Linking and Embedding object, or an OLE. If the hacker is successful in exploiting the vulnerability, it could mean a completely compromised system on your network. These hackers could then proceed to delete data, install malware, or other sketchy activity.

Earlier this November, the patch was issued. If you haven’t patched your business’s systems yet, it’s imperative that you do so at your earliest convenience.

Thankfully, the vulnerability can’t be taken advantage of unless the system administrator grants the file permission to open. This means that if you download a file with an OLE object from the Internet, a permissions prompt will ask you whether or not you want to download it. For example, a spreadsheet embedded into a Word document would be an OLE object.

in blog_office_flaw

In the official security advisory, Microsoft states that any Office file using an OLE object is vulnerable to being infected by this threat. Here are some tips on how to avoid this vulnerability until you apply the security patch.

  • Enable the Windows consent prompt. In the observed attacks, the User Control Account interface shows a window requesting permission to download files. Depending on the privileges of the logged-in user, it will appear just before the file begins to download. This feature can give you a second chance to not download the file, if need be, making it a powerful tool to stop an infection before it’s too late.
  • Grant fewer user rights to your team. Thanks to the hacker hijacking the entire system from the currently logged-in user, they will have the same permissions as them upon system takeover. This means that hackers can do more damage if they have more lenient user rights. The average employee shouldn’t have administrative user rights, as it could lead to unapproved actions.
  • Avoid email phishing scams. In theory, a hacker could also convince a user to download an attachment containing a vulnerable Office file. These will typically be found in emails disguised as important documents. Keep an eye out for suspicious behavior or activity surrounding the messages, and never click on a link unless you know for sure it won’t redirect you to a malicious web page.
  • Avoid downloading files from the Internet. This might sound impossible, but you shouldn’t download a file from the Internet unless you know for sure it’s legit. Unknown files could have adware, malware, or any number of other nasty things lurking in their code.

It’s always important to protect your business from the latest threats as they become known. Updates and patches are regularly released by companies to ensure that they are fixed for the majority of the general public, and your business needs to take advantage of these. Total Networks can apply these updates automatically and remotely with our remote IT maintenance service.

Total Networks can also integrate our Unified Threat Management solution into your network security policy to protect your business from all manners of nasty threats. Our UTM is a comprehensive security solution designed to protect your business from both internal and external threats. For more information about remote maintenance or our UTM solution, give us a call at (602)412-5025.

Continue Reading →

Posted in: Security

Leave a Comment (0) →

Tip of the Week: 4 Signs You’re in an APT Hacker’s Crosshairs

b2ap3_thumbnail_apt_hackers_are_dangerous_400.jpgHackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.

An Advanced Persistent Threat (APT) hacker has no interest in your email password or personal information. Instead, they have their sights set a little higher: your business, and everything it’s built on. APT hackers will try to make off with any valuable or confidential information they can find, then sell it to the highest bidder; or, they hijack enough information to steal your business’s identity, making fraudulent purchases of incriminating or expensive merchandise. Whatever their reasons, they want to ruin your business, and without proper precautions, your company can collapse in the event of one of these attacks.

An APT hacker is a serious threat that must be dealt with. Unlike the lone wolf hacker, APT hackers tend to work in packs, taking advantage of their numbers to prey on whoever is most vulnerable. Even the most powerful of networks can be overwhelmed by numbers. Just like the typical worker, these APT hackers are even known to work regular hours in an office, not unlike yourself.

The signs of an APT hacking attack are far more diverse than if a single hacker tries to break into your network. Though the signs might be stronger or more noticable, an APT hacker uses the same techniques as the lone wolf hacker, including phishing emails, or malicious websites which download malware or spyware onto your PC. Here are four signs from InfoWorld that can sound the alarm for an APT attack:

  • More late-night logins: A covert operation like an APT hack is likely being done from the shadows, when nobody will notice what is going on. Take note of when your logins are occurring, especially if they are during the wee hours of the night by high-level users.
  • Finding backdoor Trojans: Ordinary hackers will only want to access your account once, but APT hackers will want to get back in and steal more of your data. Trojans are a reliable back door if they need to return to the network, even if the login credentials have been changed.
  • Unexpected information flows: Large, unexpected flows of data from internal origin points can be problematic, especially if they come from somewhere else entirely (i.e. a different country).
  • Discovering unexpected data bundles: If an ATP hacker wants your data, they may gather it in one location before moving it outside of your network. This makes large data packets easier to transfer. Look for information gathering where you know it shouldn’t be.

Think of APT hackers as the white-collar workers to the blue-collar ordinary hackers. These people are professional hackers who want nothing more than to take your business out. You need a powerful solution to keep them at bay. Total Networks can equip your business with an enterprise-level security solution called a Unified Threat Management (UTM) device. The UTM is designed to keep threats out of your network so your business can live to see another day.

Total Networks also offers remote monitoring and maintenance solutions for your business. These proactive managed IT services are designed to detect suspicious activity before it causes major problems. We can fix any issues remotely and efficiently. For more information about how to protect your business, contact Total Networks at (602)412-5025.

Continue Reading →

Posted in: Security

Leave a Comment (0) →

Getting a Computer Virus is Like Catching the Flu

b2ap3_thumbnail_under_the_weather_virus_400.jpgGrab your tissues, it’s flu season! Just like biological viruses such as the flu can cripple an entire office, digital viruses can cause a lot of trouble for businesses too. Both downtime-causing virus scenarios can be prevented if proper safety measures are followed, like sanitation and cybersecurity.

The point of cybersecurity is to keep the viruses (and other threats) out of your network. One would think that keeping viruses out of your network wouldn’t be too difficult. If you have a reliable firewall solution, then, for the most part, it’s simply a matter of not clicking on malicious links or downloading files attached to phishing emails. However, in the same way that the flu virus spreads because one person does something stupid, like fail to wash their hands or sneeze all over the place, all it takes is one employee on your network to be dumb and download a computer virus for it to spread and infect every company workstation.

While a computer virus won’t leave you gripping your porcelain throne in the middle of the night, it can certainly prove to be unhealthy for your business. Malware can do several different things, all sickening in their own ways: destroying network files, stealing sensitive information, or even holding your data ransom. Whatever hackers try to do with your systems, you can bet it’s a big, warm chunky mess that you won’t want to clean up.

The spread of the flu virus in the office is a perfect example of how a virus can cause serious downtime. All it takes is one unsanitary employee to sneeze on a door handle, and then another worker catches it, then another. Before you know it half your staff has called out and the other half are shuffling around the workplace like a bunch of zombies. Translation: a microscopic virus just decimated your operations. In the same way, all it takes is one small and malicious code to breach your company’s firewall, infect your computers, and cause serious downtime. In a worst-case scenario, your business is hit with both virtual and biological viruses.

When it comes to viruses, you need to take preventive measures and keep as far away as possible. As seen by real-world viruses, as soon as they infect one person, they can spread if not controlled properly. Therefore, the best approach to cybersecurity is to keep viruses outside of your network at all times.

One of the best solutions out there to protect your company from digital threats is to integrate a Unified Threat Management device (UTM) into your tech infrastructure. Total Networks can provide your business with this comprehensive security solution, which includes a firewall, antivirus, web content filtering, spam blocking, and more. It’s engineered for the sole purpose of protecting your network from the dangers that lurk in the underworld of the Internet. The firewall protects your network on the outside, while the antivirus and anti-spam technology protects your business on the inside.

It’s also important to emphasize the importance of security best practices with the rest of your team. All it takes is just one mistake to undermine your entire security infrastructure. If you’re not careful, a virus infection could turn into an epidemic. Call in the IT paramedics at Total Networks. We’ll help you integrate powerful security solutions to keep your business infection-free.

Continue Reading →

Posted in: Security

Leave a Comment (0) →
Page 1 of 14 12345...»
Facebook Auto Publish Powered By :