|
|||||||||||||||||||||
|
IT security news on the latest technology and the number one resource for your hardware and software needs. Visit us at www.hyphenet.com
Monday, March 31, 2014
The End of Windows XP is Near!
Thursday, March 27, 2014
Hybrid Cloud Solutions
The Hybrid Cloud provides users the benefit of on demand access to IT resources for new application development.
The vCloud Hybrid Service, built on VMware technology that many organizations are familiar with in virtual environments, that deliver a secure, dedicated infrastructure. This infrastructure-as-a-service hybrid cloud makes moving applications to the cloud easy and adaptable.
Moving to hybrid cloud depends on the workload of your small to medium size business.
This allows users to transfer applications and doesn’t need re-coding or re-configuration. There is no loss of security or performance with the internal data center.
vCloud Hybrid Service delivers a very cost-effective, secure scalable platform for the deployment of web and e-commerce applications.
Users can move their existing IT policies to meet all security and comply to control requirements.
If the service is disrupted, the public cloud offers a safeguard for the business asset.
An option, is to increase capacity to move to a hybrid cloud solution.
Cloud applications offer security, performance, and have all the necessary requirements for software applications.
All of these capabilities are designed to make it easier to run applications with high performance and high resiliency.
Give us a call at 619-325-0990, so we can help you merge your company to the cloud!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Use Cases for Moving to a Hybrid Cloud Solution – VMWare Blog
https://blogs.vmware.com/smb/2014/01/use-cases-for-moving-to-a-hybrid-cloud-solution…
The vCloud Hybrid Service, built on VMware technology that many organizations are familiar with in virtual environments, that deliver a secure, dedicated infrastructure. This infrastructure-as-a-service hybrid cloud makes moving applications to the cloud easy and adaptable.
Moving to hybrid cloud depends on the workload of your small to medium size business.
Packaged Applications
IT departments have difficulty meeting on-demand business changes. The challenge can be solved by moving packaged applications, like email or collaborative software to the hybrid cloud. The vCloud Hybrid Service supports applications and operating systems certified to run on vSphere.This allows users to transfer applications and doesn’t need re-coding or re-configuration. There is no loss of security or performance with the internal data center.
Web/E-commerce
Web and e-commerce application developers require proper compliance and tools that facilitate dynamic resources.vCloud Hybrid Service delivers a very cost-effective, secure scalable platform for the deployment of web and e-commerce applications.
Users can move their existing IT policies to meet all security and comply to control requirements.
Backup/Archiving/Storage
If something goes wrong like a technical failure, a lack of backup may be critical for your business. The vCloud Hybrid Service built on vSphere, offers automated replication, monitoring, and many features.If the service is disrupted, the public cloud offers a safeguard for the business asset.
Enterprise IT/Outsourced Data Center
There is a high demand for data center space. Organizations that explore outsourcing their data center are burdened with heavy costs.An option, is to increase capacity to move to a hybrid cloud solution.
Development/QA/Test
Development and test applications are commonly moved to the cloud due to the cost of savings. The vCloud Hybrid Service delivers a platform that reduces the need for developers to learn new skills and focus on their work only.Cloud applications offer security, performance, and have all the necessary requirements for software applications.
All of these capabilities are designed to make it easier to run applications with high performance and high resiliency.
Give us a call at 619-325-0990, so we can help you merge your company to the cloud!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Use Cases for Moving to a Hybrid Cloud Solution – VMWare Blog
https://blogs.vmware.com/smb/2014/01/use-cases-for-moving-to-a-hybrid-cloud-solution…
Wednesday, March 26, 2014
Do you know how to stay protected after Windows XP ends?
Do you know how to stay protected?
To stay protected after Windows XP support ends, you have two options; upgrade your software or purchase new hardware.Upgrading your software will enhance security, lower cost of ownership through improved competence, and provide you with higher productivity.
Upgrading your hardware will ensure compatibility with Windows 8.1, give you a longer life-span with your system, boost yield for your company, and improve graphics on your operating system.
Upgrade your current PC
Time is beginning to run out! Microsoft Windows XP support will end on April 8th.
There are only a few older computers that will be compatible with Windows 8.1, which is the latest version of Windows.
Its recommended that you download and run the Windows Upgrade Assistant to check if your PC meets the system requirements for Windows 8.1 and then follow the steps in the tutorial to upgrade if your PC is able to. For more detailed information, read the FAQ.
You may also call us at 619-325-0990 and we can help you with your system upgrade.
What does it mean when XP ends? It means there will be no more support for Windows XP, leaving your system vulnerable to security issues.
Take action and upgrade your system today. Vulnerabilities could exploit your system with malware and your data will no longer be safe.
It is important to migrate to a current operating system, so you can receive regular updates to protect your computer.
Whats the risk?
There are many risks you will face if you are still running Windows XP after April 8th:- Security – Without security updates, your PC is vulnerable to viruses, spyware, and other malicious software.
- Compliance – Businesses have regulatory obligations like HIPAA and will no longer be in compliance with the requirements with unsupported software.
- No Software Support – Software vendors will no longer support any equipment running on Windows XP.
- Hardware Manufacturer Support – PC hardware manufacturers will stop supporting existing hardware running Windows XP.
Every Windows product has a lifecycle. It starts with the release of the software and ends with the software no longer being supported. Below is a list of dates to keep you informed and help you make decisions on when to upgrade your hardware and software.
| Client operating systems | Latest update or service pack | End of mainstream support | End of extended support |
|---|---|---|---|
|
Windows XP
|
April 14, 2009
|
||
|
Windows Vista
|
April 10, 2012
|
April 11, 2017
|
|
|
Windows 7 *
|
January 13, 2015
|
January 14, 2020
|
|
|
Windows 8
|
January 9, 2018
|
January 10, 2023
|
There are roughly more than a half-a-billion active users worldwide that are still using XP. The longer your Windows XP machine is unpatched, the more vulnerable it will become to zero-day attacks.
Now that manufacturers are switching to a newer version of Windows, many devices like cameras and printers will no longer be compatible with Windows XP, according to Microsoft.
There are also issues with long-term support. The new hardware and software will stop working on the old operating system.
With a new upgraded system, your life run smoother, your business will thrive, and your day will become easier.
Don’t wait until the very last minute to upgrade. Call us today! 619-325-0990
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Windows XP: Feds Brace For End Of Support – InformationWeek Government
http://www.informationweek.com/government/cybersecurity/windows-xp-feds-brace-for-end-of-support…
How do I migrate off Windows XP? – Microsoft
http://www.microsoft.com/en-us/windows/enterprise/end-of-support.aspx
Cisco’s Intercloud could change the Internet
Cisco Systems‘ “Intercloud” platform encompasses both Cisco data centers and its partners.
The platform can be combined with remote-computing technology and connect to regional and global data centers.
The OpenStack based system is able to handle any workload on a hypervisor and work with any public or private cloud.
Cisco is planning on investing $1 billion in its cloud business over the next two years, and allowing cloud services to be sold directly to customers through channel partners.
Cisco is also working on combining its Linux platform with IOx on rugged routers, to be placed on ships, rail cars, electrical grids and other hard-to-reach locations.
When this change happens, a cargo ship can
monitor whether the containers on board have shifted en route or the
temperature has reached its maximum hot and cold limits.
The real time data is sent to a center
anywhere in the world with a narrowband satellite link, said Guido
Jouret, Vice President and General Manager of Cisco’s Internet of Things
Business Unit.
Right now, there is no way to use that kind
of information until the ship is in port. A specialized Cisco router
on the ship would be able to collect the sensor data over the onboard
wireless network, analyze it, and share the information over a fast
cellular network after it comes into port.
The IOx will start being shipped by May in the Cisco CGR1240, a weather-proofed router for outdoor use.
Companies will be able to code their own
interfaces to their specialized networks and write Linux-based
applications to run on Cisco’s hardened routers. The IOx is also coming
to Cisco switches and cameras for field use.
The combination of the IOx and the
Intercloud, with networks of software-defined in between, Cisco says it
can make sure computing and communication will work as needed across a
far-flung infrastructure.
IT administrators distributing computing across the core and edge will guarantee data delivery between them.
“You’re now controlling the highways. You could reprogram or reconfigure the links between your clouds to enforce security or quality of service, whereas in the regular public Internet, you cannot,” Jouret said.
Cisco’s Intercloud will feature APIs for application development and a new line of cloud services for the channel.
A key point for the Intercloud is
scalability and full compliance with local data sovereignty laws. A
challenge Cisco is face with revolves around too many workloads being
put on personal credit cards.
65,000 channel partners will have the
opportunity to get involved with this platform. IT departments often
have no idea on what assets they have, no security for their corporate
data, no audit trails, and no compliance.
Cisco’s market strategy with the Intercloud
will involve a Cisco brand offering, a Cisco branded offering for the
reseller channel, and a co-branded effort with Cisco and the channel
partner with a white label model. This will allow a solution provider
to put their own brand on it.
The Intercloud will take storage networking from 6-8 weeks to 15 minutes, virtualizing more than 92% data center environment.
The global reach, rapid business service delivery, and analytics capability will put so much value on the Intercloud.
This will be the first truly open, hybrid cloud.
The anticipated cloud market for Cisco and partners could reach from $22 billion to $88 billion in the next 3 years.
Telstra, Allstream, Ingram Micro, Logicalis
Group, OnX Managed Services, and Wipro are giving their support for the
Cisco Intercloud.
What kind of impact do you think the Intercloud will have? Please leave your comments below!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Cisco’s Intercloud could supercharge its Internet of things plans – InfoWorld Cloud Computinghttp://www.infoworld.com/d/cloud-computing/ciscos-intercloud-could-supercharge-its-internet…
Cisco introduces billion dollar Intercloud – CDN
http://www.computerdealernews.com/news/cisco-introduces-billion-dollar-intercloud…
Monday, March 24, 2014
Microsoft employee arrested for snooping
An ex-Microsoft employee was arrested by the FBI for stealing and leaking copies of Microsoft Windows 8.
Tech companies have denied any acknowledgement of the government spying on people who use their Internet services.
Although, a legal case was recently filed against a former Microsoft employee that proves the companies snoop on their customers whenever they like.
Microsoft accused their former employee of stealing company trade secrets and leaking the software to a blogger.
A further investigation showed that there were email instant messages of the blogger and the ex-Microsoft employee conversing about these accounts.
Microsoft is hanging their head low because they condemned Google of this same allegation in the past. The companies campaign mocked Gmail’s privacy policy that gave them the right to store and access private information of its customers.
The ex-Microsoft accused employee is Alex Kibkalo, he allegedly gave a French blogger the source code to Windows 8, prior to his discharge.
During the case’s investigation, the company snooped on the blogger’s Hotmail emails and instant messages. They found that he did receive confidential information from Kibkalo.
Not too long after the revelation, Microsoft released a statement saying the company would take the necessary steps to reassure users that their communications will be private.
Microsoft’s vice president and deputy general counsel, John E. Frank, said if Microsoft has any evidence of wrongdoing against it, the company will submit that evidence to an outside lawyer who is a former judge, and would conduct a search of private communications only if the judge concluded there was enough evidence to meet the standards for a court order.
Mr. Kibkalo, a Russian national, was arrested in Seattle earlier this week. Russel Leonard, the public defender assigned to represent him, did not respond to the request for any comments.
The blogger also admitted to receiving confidential information and software from Mr. Kibkalo. He disclosed that activation keys were sold for Windows Server software on eBay.
Nate Cardozo, a lawyer with the Electronic Frontier Foundation, said that many companies had broad terms of service. It is extremely rare that the terms are actually followed through and sift through a customer’s personal email.
“To see Microsoft using this right to essentially look through a blogger’s email account for evidence of wrongdoing and then turn it over on a silver platter for law enforcement, it is extremely undesirable,” Mr. Cardozo said.
Click on this link to view the full Document Complaint Against Alex Kibkalo.
If you have any comments or questions, please leave them below!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Microsoft admits snooping on blogger’s Hotmail account to find Windows 8 leak – Tech Spot
http://www.techspot.com/news/56082-microsoft-admits-snooping-on-bloggers-hotmail…
Microsoft Software Leak Inquiry Raises Privacy Issues – NY Times
http://www.nytimes.com/2014/03/21/technology/microsofts-software-leak-case-raises-privacy…
Friday, March 21, 2014
Email Spam was at it’s highest in the Month of February!
Email spam traffic was up 4.2 percentage points and
averaged 69.9% in the month of February. Internet spam mail has taken
over most advertisements for Valentine’s Day.
Consumers were caught off guard during the panic to try and find their Valentine the perfect gift.
Spammers sent out Valentine’s Day offers in February, while ‘Nigerian‘ scammers took advantage of the political situation in Ukraine. The scams would consist of tricking people out of their money because of the tragic events happening in the country.
Most often we expect spam in our inbox’s email and with a poorly written plea for help. Now we are seeing well designed advertisements luring poor victims to fall for their offers.
Programs distributed the email sending notifications from major commercial banks, e-stores, and software developers.
Its crucial for consumers to research the company they are interested in purchasing from. Emails with malicious attachments contained both fake notifications from popular social media sites and ‘online dating’ emails, whose number increased in the run-up to Valentine’s Day.
If these campaigns are successful, they will come out a few hundred dollars richer and you are left with nothing but the bill.
Have you run across this type of spam on the Internet? Please let us know in the comments below!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Spam report: February 2014 – Secure List
http://www.securelist.com/en/analysis/204792328/Spam_report_February_2014
Consumers were caught off guard during the panic to try and find their Valentine the perfect gift.
Spammers sent out Valentine’s Day offers in February, while ‘Nigerian‘ scammers took advantage of the political situation in Ukraine. The scams would consist of tricking people out of their money because of the tragic events happening in the country.
Stories told about tourists who have been robbed is the universal approach to scamming people out of their money.
Many holiday themed spam arose during the
month of February, which adverted users to sites for fake designer
goods, flowers, and gourmet sweets.
The fraudulent email offered a chance to
earn a large sum of money after the holiday gift was purchased. It was a
ploy, no money was intended to be given.
It is expected for March to receive more
holiday themed spam pertaining to St. Patrick’s Day. Online buyers
often make purchases for holidays and themed parties from unknown
sources and small businesses.
Vision Correction
Vision correction spam also redirects users
to fraudulent sites. Messages on promotional flyers created to steal
your information when you fill out the form for more information on the
fake offer.
Office Supply Stores
A series of spam offers for printer and copier cartridges at greatly discounted prices have also increased on the web. Many businesses are now using their own machinery to create and print products. This has opened the market up for the opportunity for fraudulent advertisements to target businesses.Most often we expect spam in our inbox’s email and with a poorly written plea for help. Now we are seeing well designed advertisements luring poor victims to fall for their offers.
Mass spam email in English, Swedish and
other languages are offering these same types of advertisements for
printers, cartridges, and other major office supply equipment. Not all
offers with discount coupons or short-term promotions are going to save
you money.
Spam Source
This is the list of sources distributing spam worldwide in as of February.
In February the Top 10 malicous programs that spread via email as follows:
Programs distributed the email sending notifications from major commercial banks, e-stores, and software developers.
Its crucial for consumers to research the company they are interested in purchasing from. Emails with malicious attachments contained both fake notifications from popular social media sites and ‘online dating’ emails, whose number increased in the run-up to Valentine’s Day.
If these campaigns are successful, they will come out a few hundred dollars richer and you are left with nothing but the bill.
Have you run across this type of spam on the Internet? Please let us know in the comments below!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Spam report: February 2014 – Secure List
http://www.securelist.com/en/analysis/204792328/Spam_report_February_2014
Thursday, March 20, 2014
Over 500,000 PCs attacked after UNIX servers hijacked by Operation Windigo
If your website is running on a Linux server, there is something you
should know. Researchers at ESET have uncovered a cyber criminal
operation that has seized control of tens of thousands of Unix servers.
Click on this link to view a pdf of Operation Windigo.
If your system is infected, it is strongly recommended that you re-install the operating system. Be sure to consider all credentials used to log the compromised machine when restoring your system.
If you are a victim, all the passwords, doesn’t matter if its private OpenSSH or public should be changed.
The attack has been named “Windigo” after the mythical creature from Algonquian Native American folklore.
This attack has resulted in over 25,000 Unix servers being hacked, resulting in 35 million spam messages being sent each day from the compromised machines.
Hackers have been using hijacked web servers to infect visiting Windows PCs with click fraud and spam-sending malware. This displays website adverts to Mac users.
http://www.welivesecurity.com/2014/03/18/attack-unix-operation-windigo/
Click on this link to view a pdf of Operation Windigo.
If your system is infected, it is strongly recommended that you re-install the operating system. Be sure to consider all credentials used to log the compromised machine when restoring your system.
If you are a victim, all the passwords, doesn’t matter if its private OpenSSH or public should be changed.
The attack has been named “Windigo” after the mythical creature from Algonquian Native American folklore.
This attack has resulted in over 25,000 Unix servers being hacked, resulting in 35 million spam messages being sent each day from the compromised machines.
Hackers have been using hijacked web servers to infect visiting Windows PCs with click fraud and spam-sending malware. This displays website adverts to Mac users.
Windigo spam even finds its way to
smartphone users. iPhones are redirected to X-rated content, with the
intention of making money for the cyber criminals.
ESET’s security research team released a
detailed technical paper into “Operation Windigo”, and says it believes
that the cybercrime campaign is gathering strength. This has gone
largely unnoticed by the security community for almost three years.
That is quite some time not to notice such a security issue.
“Over 35 million spam messages are being sent every day to innocent users’ accounts, clogging up inboxes and putting computer systems at risk. Worse still, each day over a half a million computers are put at risk of infection, as they visit websites that have been poisoned by web server malware planted by Operation Windigo redirecting to malicious exploit kits and advertisements, ” said ESET security researcher Marc-Étienne Léveillé.
Windigo’s tackle to hijack servers and
infect computers uses a knot of sophisticated malware components along
with Linux/Ebury (an Open SSH backdoor and credential stealer that was
the subject of a detailed investigation by ESET researchers earlier this
month). Linus/Cdorked, Pear./Calfbot, Linus/Onimiki, Win32/Glubteba.M,
and Win32/Boaxxe.G.
In one weekend, ESET researchers saw more
than 1.1 million different IP addresses going through part of Windigo’s
infrastructure, before it was redirected to servers hosting exploit
kits.
This is an analysis of the visiting computers revealed with the range of operating systems being used.
Researchers
have discovered that “23 people apparently still browse the Internet on
Windows 98, and one person even does it on Windows 95.”
Léveillé and his fellow researchers are
very appealing for Unix system administrators and webmasters to run the
command below. The command will tell them if their server is
compromised or not:
$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"
The Unix command will let you tell you if
your system is really compromised or not by Windigo. This will also
help you figure out if your system needs some care to take steps to
clean-up and better protect your servers in the future.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
References:
Over 500,000 PCs attacked every day after 25,000 UNIX servers hijacked by Operation Windigo – We Live Securityhttp://www.welivesecurity.com/2014/03/18/attack-unix-operation-windigo/
Subscribe to:
Posts (Atom)