CALL US AT: 508-279-1080

Category Archives: Uncategorized

What is the Best Way to Backup?
Category: Uncategorized Comments: 0

"That will never happen to me." We get through our lives telling ourselves the worst won't happen to us. It's the same with business: "We won't need this data backup." Yet, whatever your industry, secure, reliable backup ensures business as usual. So, what's the best way to backup? Here's help.

Why You Need to Backup

  1. Business disruptions of any kind can be costly. The disaster might take one of several shapes:
  2. Natural (e.g. wildfires, floods, earthquakes, or hurricanes)
  3. On-site (e.g. hardware/software failure, power outage, inability to access building)
  4. Employee driven (e.g. damaging mistakes or intentional sabotage by a disgruntled employee)
  5. Cyber-attack (e.g. data breach, ransomware, or distributed denial of service attack).

Regardless, the best backup solution can help reduce downtime and damage.

Plan B: Approaches to Backup

There are several off-the-shelf backup options your business can use. Let's consider the pros and cons of the most popular ones.

USB Thumb Drives Also known as flash drives, "pen drives," or "memory sticks," these thumb-sized devices are compact and portable. But, they have size limitations compared to hard drives. Also, the mobility makes them easy to lose (which can actually set the disaster scenario in motion).

Additionally, a USB thumb drive is robust when not plugged in, but more vulnerable when attached. If someone inadvertently snaps the drive or employs too much force, they can put the data on that backup at risk.

The cheap ones also tend to be slow, which can make backing up sluggish.

USB Hard Drives Portable hard drives increase the data storage available, often at a decent price. They are designed to be compact and mobile. You can prioritize durability, processing speed, storage volumes and more.

Hard drives are less likely to get damaged than a thumb drive. If knocked or jostled, the cables are flexible. Still, a hard drive can be prone to physical failure. Selecting an external solid slate drive (SSD) can help since it has no moving parts. Information is stored instead in microchips.

Cloud Storage Backing up to the cloud stores data on an external, secure server. If thieves take your computers and USB backup, you can still access your data on the cloud. Cloud storage providers build in redundancy to ensure your backup remains safe.

Most cloud storage services back up to secure centers with thousands of servers storing data. Oh, and they'll have their own server backups too, just in case they're the ones hit by a disaster. The providers also encrypt data during transit to further ensure compliance and security.

Migrating to a third-party cloud storage service also cuts the clutter at your premises. You can count on expert help to ensure security and compliance. Plus, you can cut operational costs by offloading in-house storage or external hard drive expenses.

OK, What's the Best Answer?

Don't think disaster won't strike your business. Research has found data loss and downtime are most often caused by:

  • Hardware failures (45% of total unplanned downtime)
  • Loss of power (35%)
  • Software failure (34%)
  • Data corruption (24%)
  • External security breaches (23%)
  • Accidental user error (20%).

We recommend the 3-2-1 backup strategy. This means having 3 copies of your data. Two (2) of these would be located on different devices (e.g. on your computer and on a backup drive). The other remaining backup copy (1) would be secured offsite, in the cloud.

Want to secure your data for the worst? Give us a call at (508) 279-1080 to set this up.

Read more
Ransomware attacks set to double in 2017
Category: Uncategorized Comments: 0

Ransomware attacks quadrupled in 2016 and will double again in 2017, according to a report issued on Monday by Beazley, a provider of data breach response insurance.

The "Beazley Breach Insights - January 2017," found that enterprises are most at risk after being hit with an IT system freeze, at the end of financial quarters and during hectic shopping periods.

Further, the increasing sophistication of the attacks, including continually evolving variants, enable the coders behind the incursions to survey network systems to choose the most critical assets to lock down and to increase their ransom demands based on the value of files they encrypt.
Based on analysis of nearly two thousand data breaches that Beazley's Breach Response division managed on behalf of clients in 2016, the study determined that there were four times as many ransomware attacks in 2016 compared to the previous year.


"The ease and effectiveness of these attacks portend an even larger increase in 2017 with Beazley projecting these attacks to double again in 2017," the study found.

Source: scmagazine

Article Link

Read more
Yahoo Kids, Deals, More Getting the Boot
Category: Uncategorized Comments: 0

Yahoo chief Marissa Mayer is taking a page from her former employer with a little spring cleaning that will see the demise of several aging Yahoo products.

Yahoo will be shutting down products like Yahoo Deals, Yahoo SMS Alerts, Yahoo Kids and older versions of Yahoo Mail. Most will be gone as of April 30, but Yahoo Mail has until June 3.

"We want to bring you experiences that inspire and entertain you every day. That means taking a hard look at all of our products to make sure they are still central to your daily habits," Yahoo said in ablog post. "As part of that ongoing effort, today we are shutting down a few more products. We realize that change is hard, but by making tough decisions like these we can focus our energy on building beautiful products for you like the two we introduced this week - Yahoo Mail for iPad and Android tablets and Yahoo Weather for iPhone."

First on the chopping block is Yahoo Deals, which got a revamp back in 2009. After April 30, saved coupons will no longer be available on Yahoo Deals. If you want your coupon information for some reason, you'll have to copy and paste it into a separate document before then, Yahoo said. Local guide Upcoming, meanwhile, is also done.

The company is also shuttering Yahoo SMS Alerts, and encouraging users to instead download its apps: Yahoo News, Yahoo Weather, Yahoo Sports, and Yahoo Finance. You'll have to access horoscopes via the mobile Web, Yahoo said. There's also the option to get alerts via email or Yahoo Messenger.

Meanwhile, the Yahoo Messenger and Mail apps for features phones "are going away," Yahoo said, but both services will also be available on the mobile Web.

Yahoo Kids (or Yahooligans) is also getting the boot on April 30. The company suggested that parents instead sign up kids for a Yahoo Family Account.

Starting June 3, meanwhile, Yahoo Mail Classic and other versions of the Web-based mail services will no longer be available.

"Those of you using these older versions of Yahoo Mail can switch to the new Yahoo Mail, which is fast and easier-to-use," Yahoo said. "If you're on dial-up or an older browser, we'll move you to an HTML only/basic version of the new Yahoo Mail."

Yahoo will be sending an email with more details as the shut-down date approaches.

Source: PC Mag

http://www.pcmag.com/article2/0,2817,2417977,00.asp

Read more
OS X Lion Flaw Exposes Login Passwords in Plain Text
Category: Uncategorized Comments: 0

An Apple programmer has accidentally left a debug flag in the most recent version of OS X Lion, which under certain conditions can cause login passwords to appear in a plain text debug log file, reports ZDNet.

The flaw affects users who have used Apple’s encryption software FileVault prior to upgrading to 10.7.3, while FileVault 2 is unaffected.

To make matters worse, Apple has not issued a fix for the matter, so changing your user credentials right now does not help, as those credentials might end up in a debug log file as well.

white-macbook-sad-600

The flaw, which was originally spotted by a security researcher David Emery, potentially enables anyone with an admin password to retrieve other user’s credentials.

“This is worse than it seems, since the log in question can also be read by booting the machine into firewire disk mode and reading it by opening the drive as a disk or by booting the new-with-LION recovery partition and using the available superuser shell to mount the main file system partition and read the file. This would allow someone to break into encrypted partitions on machines they did not have any idea of any login passwords for,” claims Emery.

We’ll let you know as soon as Apple issues a fix for this problem.

Source: Mashable

Read more
Malicious QR Codes: A Mobile Security Blind Spot
Category: Uncategorized Comments: 0

It's hard to read in-store signage, magazine, or newspaper advertisements or product brochures these days without seeing a quick response Code (QR Code) -- the blocky, square two-dimensional barcodes that let smartphone users quickly jump to a Web address by simply taking a photo of the code block.

The codes have proved to be popular with marketers, even if they are not well understood by many mobile users: a recent survey by analyst firm Russell Herder suggested that more than half of all respondents -- including more than 80 per cent of respondents in the 18-24 bracket -- had seen QR codes, while around 16 per cent of all respondents had actually scanned one.

Tellingly, however, one out of five respondents had no idea what a QR code is. That's around the same percentage -- 22 per cent -- of Fortune 50 companies that are experimenting with QR codes in their marketing, and not entirely without success: a separate study by Comscore suggested that 14 million U.S. residents scanned QR codes in June 2011 alone.

While marketers wrestle with building demand for the codes, consumers may unwittingly be wrestling with something far more threatening: what if that barcode led your smartphone to a malware-infected Web site? And what if that malware was optimized to target Apple's iOS, Google's Android, or other mobile operating systems with a Trojan that would run in the background and send passwords to its masters?

QR Readers at Risk

It's an entirely possible scenario, says Scott McKinnel, Australia-New Zealand managing director with Check Point Software Technologies. "There's a body of evidence to say that people writing QR code-reading applications aren't thinking about security," he explains, noting the general lack of encryption in the codes and the threat posed by 'attack tagging' -- printing a QR code with a malicious URL on a sticker and sticking it on top of a legitimate QR code.

Since most QR codes are posted in public places where a replacement sticker is easy to surreptitiously attach -- and since most consumers aren't mentally attuned to question the security of QR codes they scan -- this kind of attack is likely to become more common over time.

"It's a threat and it is real," says McKinnel, noting that an unscrupulous hacker could read the contents of a QR code, then modify the URL with extra elements that incorporate a security exploit. For example, a QR code could facilitate an attack by malware that makes fraudsters money by getting the phone to repeatedly text a premium SMS number at a cost of dollars per message.

"Compared with the kinds of complex attack vectors you see in conventional programming, this kind of attack is not that difficult," he explains. "Inserting or deleting elements -- for example, by adding a command line that would install malware, connect to a remote computer or cause a buffer attack -- would not be that difficult."

Although all smartphone operating systems could be subject to exploits of known vulnerabilities, Android devices have proven more susceptible to malware because of Google's relatively open policies on posting new apps. Google recently addressed this by introducing Bouncer, a feature that automatically scans new apps for malware -- but resourceful hackers have shown remarkable success in bypassing protections to infect Android smartphones and tablets. The addition of QR codes as a new attack vector, McKinnel warns, could only help them further.

Harder to Guard Against

Although conventional mobile security software and URL filtering techniques may go a long way towards stopping mobile users from visiting infected sites, sheer weight of numbers means that most smartphones remain completely vulnerable to new forms of attack. QR code-reading apps could provide a first line of security defence, but few have implemented security-specific capabilities.

While smartphone and tablet security solutions are continuing to evolve, in the short term user education has a major role to play in preventing infections through new attack vectors like QR codes. The problem, McKinnel says, is that most smartphone users would be unaware if their devices have been compromised -- and few take the time to do basic checks on QR codes, such as looking for the telltale edge of a sticker applied over the real code.

Even though many users have learned to think twice before clicking on an emailed URL that may not lead where it says it will, the relative newness of QR codes means most users are unlikely to exercise the same level of caution -- and that makes the codes an extremely open method for attack that may prove able to circumvent normal security controls.

"People tend to take the path of least resistance, and if there's a bargain to be had by visiting a QR code link, they're going to do it," McKinnel explains. "If it's in a legitimate publication and brand, you should be right."

"But if you're having a look at the sticker and don't recognize the brand, or it's on a one-off billboard or something that doesn't feel right, why would you visit that link? This is just another security issue that's adding to the multitude of issues already associated with smartphones. There's another element of a risk that you need to consider when looking at mobile device security -- and ultimately, you just have to use your common sense."

  • See more like this:
  • online security,
  • malware,
  • wireless security

Source: PCWorld

Read more
Facebook Blacklists Bad URLs, Gives Free Trial of Anti-Virus Software
Category: Uncategorized Comments: 0

Facebook is making sure its 900 million users are protected from malicious URLs in addition to spam, phishing and viruses. The company announced Wednesday that it’s partnering with Microsoft, McAfee, TrendMicro, Sophos, and Symantec to offer its growing user-base more protection.

“Our URL blacklist system, which scans trillions of clicks per day, will now incorporate the malicious URL databases from these security companies to augment our existing level of protection,” the blog post notes. “So whenever you click a link on our site, you benefit not just from Facebook’s existing protections, but the ongoing vigilance of the world’s leading corporations involved in computer security.”

Taking security measures a step further, Facebook also announced the AV Marketplace. Users can download a six-month license for a full version of anti-virus software from one of Facebook’s new partners, free of charge. Facebook reminds users to “like” its Security Page to receive regular updates from these partners about how to keep data safe from online predators.

“We have had a long standing partnership with McAfee and many others in the security community, and the AV Marketplace will offer users more choice and increase the scope of our partnerships,” Fred Wolens, a Facebook spokesperson, wrote in an email to Mashable. “We believe we have a unique opportunity to provide our users with the software and technology to help keep their data safe both on and off of Facebook.”

Facebook privacy and security has always been an issue the site has aimed to address, as millions of people put detailed personal information on the site. Earlier this month it was reported that Homeland Security searches the social network for keywords that might lead them to breaking crime news. Scammers also use Facebook for ploys such as fake sick baby scams.

Source: Mashable

Read more
Google’s Project Glass: One day…
Category: Uncategorized Comments: 0

Good news for those of us with imperfect vision.

We, like everyone else, have a lot of questions about Google's Project Glass. Though Google this month invited people to share feedback based on a video that showed how the product might work, Project Glass is still in development, so we don't know an awful lot about it. Still, it seems the search giant is eager to set the record straight on at least one issue that many people seem to be wondering about, and that is whether or not those who already have glasses will be able to use the Google specs.

Google's Isabelle Olsson today confirmed that it's working on several ideas when it comes to using Project Glass with prescription glasses. Google apparently saw this question regarding compatibility for glasses-wearers more than once following its request for feedback.

"Here's a question I saw a few times: 'I use prescription glasses. Will this work for me?'" Olsson wrote. "We ideally want Project Glass to work for everyone, and we're experimenting with designs that are meant to be extendable to different types of frames," she explained. "Many of our team members wear glasses, too, so it's definitely something we're thinking about."

Olsson posted the photo above to show how the device might work with prescription glasses but it sounds like Google isn't even close to settling on a design for the bespectacled masses. That said, it's nice that the company is thinking of us.

If you missed the April 4 video from Google that shows how Project Glass could be used in everyday life, check it out below.

Google Project Glass

Source: Tom's Guide


Read more
Over 600,000 Macs Infected With Flashback Malware
Category: Uncategorized Comments: 0

Typically when we hear the word "malware" or "trojan," the Windows PC or Android platform come to mind. But now Apple's built-in deflector shield in its Mac OS X platform has proven to be not quite so resistant after all, as Russian antivirus company Dr. Web is now claiming that more that 600,000 Macs -- most of which reside in the States and Canada -- are infected with a trojan horse virus called "Flashback," or rather, "BackDoor.Flashback.39."

Originally the number was 550,000 infected Macs, but the company later tweeted a correction with the current number. The report states that 56.6-percent of the infected computers reside in the United States (303,449 infected hosts), and 19.8-percent reside in Canada (106,379 infected hosts). The United Kingdom follows with 12.8-percent and Australia with 6.1-percent. Other infected Macs reside in France, Germany, Spain, Italy, Mexico, Brazil and many more countries.

274 infections are based in Cupertino, Calif., Apple’s hometown, Dr. Web said.

"Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system," the company said on Wednesday. "JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code."

"Links to more than four million compromised web-pages could be found on a Google SERP at the end of March. In addition, some posts on Apple user forums described cases of infection by BackDoor.Flashback.39 when visiting dlink.com," Dr. Web added.

Flashback was originally uncovered by Intego back in September 2011, disguised as an installer application for Adobe Flash. Once it was installed by the end-user, the trojan would deactivate network security features and then install a dyld library that would inject code into running applications. It would also scoop up personal information and send the data to remote servers.

"Each [Flashback] bot includes a unique ID of the infected machine into the query string it sends to a control server. Doctor Web's analysts employed the sinkhole technology to redirect the botnet traffic to their own servers and thus were able to count infected hosts," the antivirus company said.

The Mac-based botnet arrives while Apple pushes the Mac OS X platform as a more secure environment than Windows. "A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers," states Apple on its homepage. "That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part."

Looks like Apple needs to re-route power to the OS X deflector shield, as alien code is beaming in despite the company's "we've better than Windows" stance.

Source: Tom's Hardware

Read more
HDD Industry Set for Return to Growth This Year
Category: Uncategorized Comments: 0

The destructive Thailand flood caused HDD shipments to decline by 4.5 percent in 2011 year-over-year, but 2012 is expected to bring 7.7 percent unit growth. IDC forecasts an average annual growth rate of 9.6 percent between 2011 and 2016.

"In many respects, the hard disk drive industry has collectively hit the 'reset' button," said John Rydning, an IDC research vice president in a prepared statement. "A reset of the HDD industry structure should allow for the remaining HDD industry participants to slowly reduce HDD prices from current levels at a rate that still delivers value to customers, while at the same time ensuring sufficient funding is available to develop new HDD technologies that are needed to improve HDD capacity, performance, reliability, power consumption, and security."

Long-term growth, however, will only be possible if the major HDD manufacturers will be able to evolve into storage device and storage solution suppliers that address more markets than they do now. IDC believes that client PC HDD revenue will substantially decline over the next few years, while HDD demand from personal storage, entry-level storage, and enterprise applications (combined) is predicted to increase. The market research firm said that enterprises will make up the lion's share of sales down the road.

The company also noted that the cost of SSDs is not yet at a level where these devices can be easily justified for integration in an average PC. The opportunity for HDD makers is to convince PC vendors that hybrid HDDs are the more cost effective solution over SSDs, IDC said.

Source: Tom's Hardware

 

Read more
1 2