Monthly Archives

March 2017

Vulnerabilities on WordPress websites

By | Web & Cloud

“Easy-to-use,” “SEO-friendly,” “open-source,” and “customizable.” These are some of the words that best describe WordPress, currently the most popular Content Management Solutions (CMS) platform. With thousands of websites affected in a recently launched series of attacks, “easy to target,” “hackers’ favorite,” and “prone to attacks” could soon be used to define the experience of running a WordPress website.

WordPress attacks by the numbers

In 4 separate attacks, an estimated 40,000 websites were compromised, defacing 67,000 web pages, which has quickly gone up to 1.5 million. A security release update, WordPress 4.7.2, was immediately launched to mitigate the flaw, but not everyone was able to deploy it on time, thus inflating the number of corrupted web pages.

Although WordPress took measures to ensure that the vulnerability would go unnoticed, hackers found a way to get around the initial fixes and exploited the sites that remained unpatched. Those who haven’t applied WordPress’s latest security release were the ones most harmed by the defacement campaigns, and it soon became highly publicized.

Steps taken

Fixes have been deployed and stronger patches are in the works, but hackers do not just sit around and wait to be taken down. In fact, more attacks are being launched concurrently with security developers’ attempts to strengthen blocking rules.

In preparation for further exploits, WordPress liaised with cybersecurity firms to implement protective measures. Google did their part by announcing via Google Search Console the critical security updates that webmasters must install to protect against the WordPress-specific attacks. Meanwhile, web application vendors and web hosting companies are poised to protect their customers from attacks by installing web filters on their customers’ web servers.

Despite these measures, the attacks are expected to continue and the masterminds behind them will come up with strategies more insidious than merely modifying several web pages. Updating security patches that can effectively alleviate the vulnerabilities’ impact will also take time to develop and launch.

The importance of patches

Some attacks may cause a blip on your business’s networks, while others might cause its demise. From all these attacks, one lesson is worth emphasizing: Applying the most up-to-date patches is critical to your systems’ security and business’s survival.

Unpatched systems are the easiest targets for hackers who are always on the lookout for vulnerabilities to exploit. If your organization lacks the capacity to manually update security patches, consider deploying patch management software. Keeping all your software updated with the latest patches may seem like an insurmountable task, but the price of neglecting it can cost you dearly.

WordPress remains the most widely used CMS and its popularity is not going to wane anytime soon. If your website runs on WordPress and you’re considering security options that will ensure your company is poised to handle breaches, we can help you.  Call Simpatico Systems today at 855.476.6347.

Published with permission from TechAdvisory.org. Source.

New Mac malware linked to DNC hacking group

By | Apple

Fancy Bear, also known as APT28, is the Russian cybercriminal group responsible for hacking the Democratic National Party last year. Since then, the group has developed a host of tools to exploit Linux, Android, and Windows vulnerabilities. Last month, they spread a new strain of malware that specifically targets Apple Macbooks. If you own a Mac or an iOS device, here are some crucial details about the new malware.

According to antivirus provider Bitdefender, the new malware — named Xagent — is a Mac OS backdoor that is usually delivered via spear phishing emails.

To deploy the malware, hackers attach a Trojan software downloader in the email. If users interact with it, the program immediately creates a backdoor and connects to the cybercriminal’s network.

The malware then avoids detection by checking for antivirus software; and if it determines that cybersecurity solutions are offline or unpatched, it will begin to send system information, locally-saved passwords, iPhone backups, and desktop screenshots back to hacker headquarters.

Although security updates for the new malware are still unavailable, there are some things you can do to minimize the possibility of infection.

Approach emails with caution
Since hackers use phishing scams to distribute the Xagent malware, train your staff to be critical of email links or attachments, even if from the CEO or a close friend. And under no circumstances should you interact with any email from an unknown sender.

Keep your OS up-to-date
Always remember to install the latest operating system and application updates to make sure that Mac vulnerabilities are covered immediately.

Don’t save passwords
While it may be easier to save your passwords on your local browser, it gives hackers easy access to your accounts. If you can’t remember all your passwords, consider password management software. And while we’re on the subject, make sure you set unique passwords with a good combination of letters, numbers, and symbols.

Encrypt backups
To add another layer of protection, encrypt your iOS backups. This ensures that unauthorized users won’t be able to read the contents of your iOS data even if they do manage to gain access to your computer.

Cybersecurity is a universal issue, even for Mac users. But adopting these basic security habits will keep any hacker, whether from Russia or the US, at bay. Fortify your defenses by calling Simpatico Systems, today!  855.476.6347.

Published with permission from TechAdvisory.org. Source.

Firewalls: hardware vs. software

By | Hardware

Most people have a vague idea of what a network firewall does. But some business owners are easily fooled by promises of quick and easy solutions that can be installed and managed right from your desktop. In the software vs. hardware debate, there’s a clear winner when it comes to your security. Let’s take a look at what the differences are and why they matter.

Software firewalls

Calling a piece of software a “firewall” is a bit of an exaggeration. Installing it on a local hard drive is more like locks on a door than impenetrable walls. When data is scanned for threats by a software firewall, the information it contains has already been passed through your router, network switch, and finally your local hard drive.

Once the whole cycle has finished, software firewalls can prohibit risky activities based on blacklisted IP addresses, known malware definitions, and suspicious application requests.

Although these solutions do have value, they can’t guarantee that malware won’t spread to other systems before each packet of data can be scanned, unless they’re standing guard at your business’s gateway to the internet. And whenever the computer with the firewall is powered off, everything it protects is left unguarded.

Hardware firewalls

Because the drawbacks of a software-based firewall are centered around their inefficient network position, a hardware solution is the safer option. Hardware firewalls sit directly behind your router, so every single packet of data coming from the internet must pass through your gatekeeper before landing on any of your internal drives.

Most of these solutions include far more sophisticated controls than just web filtering and basic data scanning. Like most developments in the IT industry, newer hardware firewalls focus on “intelligent” functions that analyze huge datasets to recognize malware and cyberattacks based on irregular activities instead of relying solely on cataloged viruses and attack vectors.

Another benefit of hardware firewalls is that they’re always on. There’s no need to worry about whether the workstation hosting your solution will crash because these devices are built for 24/7 protection. The only downside to this type of solution is the level of monitoring and maintenance it requires. Hardware firewalls are extremely complex and managing them is no easy task.

“Cloud” firewalls

The most recent, and undoubtedly best, solution to network perimeter security are “cloud” firewalls. These are on-site pieces of hardware with software interfaces that can be managed remotely by certified security professionals.

This service model means that experts will monitor your network performance and security for anomalies while your team goes about its business as usual. No need for onsite tweaks and updates — all of it can be done remotely.

You may hear a lot of experts telling you that the age of on-site hardware has passed and everything can be done in the cloud. Remote administration may be the next wave in network services, but the need for hardware will never go away. If you need someone to manage your physical devices, contact Simpatico Systems at 855.476.6347 option 3.

Published with permission from TechAdvisory.org. Source.

Some ransomware strains are free to decrypt

By | Security

Ransomware is everywhere. Over the last couple years, dozens of unique versions of the malware have sprung up with a singular purpose: Extorting money from your business. Before you even consider paying for the release of your data, the first thing you must always check is whether your ransomware infection already has a free cure.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.

Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.

Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting against a never-ending stream of cyber attacks — hand it over to us and be done with it. Call 855.476.6347 option 3 to find out more.

Published with permission from TechAdvisory.org. Source.

‘Always Free’ added to Google Cloud Platform

By | Google

To those who are unfamiliar with Google Cloud Platform, it’s an app-development program offered via Google’s public cloud. It is Google’s answer to Amazon Web Services (AWS) and Microsoft Azure. Like those two cloud platforms, Google Cloud Platform offers similar services and a similarly structured free-trial period. Recently, Google improved its own service with an ‘Always Free’ tier, which enhances its free-trial offering with more cloud features. Let’s take a look.

What’s included?

With 15 new services in total, Google’s ‘Always Free’ Cloud Platform provides users with 5GB of Regional Storage (US only) per month; one f1 micro-compute instance that comes with the requisite virtual machine features; various web applications and mobile backends; NoSQL database; messaging and streaming data services; and loads more.

Not to be confused with the ‘Always Free’ tier, the ‘12-month, $300 free trial’ tier slightly differs from the former with a consumable $300 credit, which can be used for any Google Cloud Platform products such as Google Compute Engine, Google Cloud Functions, and Google Stackdriver. This free credit is given upon sign-up and is valid over the course of the 12-month trial period; previously, it could be used only within the first 60 days.

The catch

The ‘Always Free’ tier has usage limits and is subject to eligibility and requirements, which include an upgraded billing account and a good Google account standing. There are also regional restrictions, with many of the associated Google Cloud products and services being offered only in Google’s us-east1, us-west1 and us-central1 regions.

Other providers

Google’s cloud platform services and tier offerings are similar to those of leading cloud providers in the market, Amazon Web Services (AWS) and Microsoft Azure. Like Google Cloud Platform, AWS also offers a free tier (‘AWS Free Tier’) and a 12-month free option. Google’s noticeable advantage is the free virtual machines — something that Amazon does not, or is yet, to offer.

From this new service tier, one can surmise how competitive the cloud market is. Google’s generous offer of a $300 free trial credit was apparently not enough to persuade users of competitors’ services, particularly those who have been using Amazon’s platform, which explains the new and improved ‘Always Free’ tier.

It’s easy to become complacent in choosing the best cloud provider as there are a lot, but even though there are many similarities among the services offered by Google, Amazon, and Microsoft, Simpatico Systems offers cloud platforms that fit certain businesses better than others. Looking for a cloud platform that’s perfect for your business? Call us today at 855-476-6347 for professional cloud advice.

Published with permission from TechAdvisory.org. Source.

What you need to know about Cloudbleed

By | Web & Cloud

Internet security company Cloudflare revealed a major flaw in their system. The so-called ‘Cloudbleed’ vulnerability leaked customer information from thousands of websites, according to Cloudflare researchers. Fortunately, there have been no signs of exploitation, but that doesn’t mean you should be complacent. Here’s everything you need to know about Cloudbleed.

What is Cloudbleed?
Although it’s technically similar to Heartbleed, a bug that compromised millions of websites and accounts, Cloudbleed is less severe. Google security researcher Tavis Ormandy discovered that several Cloudflare-hosted websites, including Fitbit, Uber, and OkCupid, were inadvertently leaking customer information and saving them within the source code.

For example, when a person visits a bugged Uber page, the website code could contain data and login credentials from another user who recently visited the page. The data may be hidden between several lines of code, but a skilled hacker can easily find it.

Exploiting it, however, is more difficult. The Cloudbleed bug collects random bits of data, which may or may not contain any sensitive information, making it a less attractive point of attack for cybercriminals. Over time, a cybercriminal may be able to compile enough information to exploit, but it doesn’t seem to be a viable option for targeted attacks.

The response
According to Cloudflare, Cloudbleed was triggered 1,240,00 times and found in 6,400 websites between September 22 and February 18. After the bug was discovered, the internet security company quickly alerted affected websites, fixed the code, removed cached pages from search engines, and monitored client websites for any strange website activity.

Cloudflare-hosted websites also checked what data was leaked and reassured customers that there was minimal impact to their private information.

What can you do?
While Cloudflare and other companies are telling everyone that the possibility of Cloudbleed attacks and password leaks is low, you should still ensure your account is safe.

Start by setting stronger passwords with a combination of letters, numbers, and symbols. Make sure to set unique passwords for every online service, especially for any of your accounts that use Cloudflare. Whenever possible, use two-factor verification to keep your account secure even if someone gets a hold of your password.

And, last but not least, call us at 855-476-6347 for any cybersecurity, cloud, and website issues. Keep your business data safe, and sleep better tonight!

Published with permission from TechAdvisory.org. Source.

Beyond SMART Goals: “SMARTER” Goals – Attributes Vs Actions

By | Business, Uncategorized

by:  Logan McLean

The never-ending seesaw of goal setting and goal failure. Most of us set goals this time of year to put our families and ourselves into a better position than we were a year ago. It is a noble pursuit; however, goals seem forgotten as fast as they come. We either become demotivated, too busy, frustrated with lack of progress or one of another 100 excuses.

After a series of these failures, one will usually choose between three paths: keep doing the same thing, quit setting goals altogether or decide to do some research on setting better goals. Personally, I’ve done all three of the above in that exact order. If you’ve reached the last step you may have come across a century old management technique called SMART goals. SMART is an acronym that goes by several variations but my favorite is Specific, Measurable, Attainable, Realistic and Time-bound.

For brevity’s sake, I will only lightly touch on each of these. If you wish to dig more deeply there are hundreds of articles at your disposal.

A SPECIFIC goal is unambiguous. I would be willing to bet that most of my readers have set the “get into better shape” goal at least once in their lives. I would rather not admit how many times I set a goal to have the abs of someone like Ryan Gosling. However, a more specific goal would be to lose two inches off your waistline or to drop 10 pounds. While these are more specific, they miss an important part of the goal setting process: the why. Why you want to do something is more important than what you want to do or how you’re going to do it. For a deeper appreciation of this simple yet profound message, look up the author and speaker Simon Sinek.

If your goal were MEASURABLE, you would be able to answer these two important questions: Are you on track? How do you know when you accomplish it?

An ATTAINABLE goal asks if the goal is set too high or too low. For example, I could read a book a month but, even though I really want it, I couldn’t become a starting forward in the NHL.

REALISTIC goals are often confused with attainable. I could set an attainable goal of becoming a doctor in so many years. However, it isn’t realistic because it does not align with my other professional and personal goals.

Finally, a TIME-BOUND goal sets a point in the future to hold yourself accountable. Did you or did you not hit your goal by the date set.

For many of you, SMART goals are neither new nor revelatory. I would also wager that by implementing the above, you may have increased your odds of success but you still may not be achieving your goals at the rate with which you would like to be.

Attributes vs Actions

After a lot of self-reflection, discussions with my teams over the years about their own goal achievement (or lack thereof) and the always-enlightening conversations with Tim Lee (Goal-Setter-In-Chief and my former colleague) I have identified what, more often than not, separates those who succeed versus those who fail using the same SMART method.

What the SMART system does is allows us to set goals with specific attributes that make it more likely for us to achieve those goals. What we need in conjunction with these attributes is a system of actions that complement the SMART system. So, let us graduate together from SMART goals to SMARTER goals.

E – Evaluate

To evaluate is to create a process and actively test yourself against your goal as time progresses. This is an expansion on the MEASURABILITY of a goal. Creating a measurable goal is passive. It ensures that you can measure it along the way. However, just because you can measure your progress doesn’t mean you have or frankly, ever will.

This evaluation process should cover three bases:

  1. What benchmarks are you testing that ultimately lead to your goal?
  2. What is your checkpoint frequency to test these benchmarks?
  3. What progress should you have made at each checkpoint?

Think of it this way, if you have a sales goal of $1000 a month. You know based off close ratio and average sale size you need to actively seek out ten new prospects, set two new meetings and propose one new quote every day. Prospects, meetings and quotes are your benchmarks, the frequency is daily and the progress is your predefined number (ten prospects for example).

This creates a rigid process that will more quickly alert you to when you are either ahead of or behind where you need to be. I suggest setting daily or weekly checkpoints for monthly goals. As well as setting bi-weekly (every two weeks) or monthly checkpoints for yearly goals.

R – Reward

Have you ever wondered why the world’s best athletes have cheat days? It’s because studies have shown that you are less likely to achieve your goals unless you celebrate wins both large and small along the way. In the case of cheat days, an athlete may work out several times a day while closely monitoring every bit of food intake along the way. A cheat day is a mental (and sometimes physical) break that allows this person to come back in with a fresh mind after rewarding him or herself for a job well done over a specified period of time.

However, rewards such as cheat days are only effective if they are pre-planned. The reason for this is twofold. First, rewards will begin to lose their meaning if they are not linked to a specific win. Second, without structure, it is tempting for your rewards to become more frequent, despite where you are on your way to your ultimate goal.

I suggest celebrating small wins at each checkpoint with equally small rewards. For example, if you like to golf, your small reward could be going to the range to hit a bucket of balls. Finally, your large reward comes after achieving your ultimate end goal. To stay with the theme, an appropriate large reward may be buying yourself a new golf club. I suggest scaling the size of your large and small rewards to the size of the overall goal itself. For example, if your goal is finally cleaning out the gutters this weekend, buying yourself a new car for the achievement is probably not appropriate.

By adding a process or actions to your goals, the likelihood that you will achieve them this year will increase dramatically. Remember, it takes 21 days to break a habit or create a new one. What will your habits be three weeks from now?

About the author: Logan McLean is an amateur writer, a poor woodworker and an expert queso critic. Born and raised in Texas, he avoids country music and any sort of group dancing. He surrounds himself with people who are far more intelligent and successful than he is… they are not difficult to find. He loves technology, epic fantasy novels and low budget sci-fi movies almost as much as he loves his wife and kids.  Logan serves as Director of Business Development for Simpatico Systems.  Contact Logan at logan.mclean@simpat.co.  

How to recover from ransomware in your Mac

By | Apple

While a vast majority of ransomware that’s been developed targets Windows computers, malware authors have begun to attack Mac devices. Recently, researchers discovered a new ransomware strain, OSX/Filecoder.E, which encrypts Mac files and keeps them locked even after the victims have paid the ransom. But don’t worry, there is still hope if you follow the security advice below.

According to ESET security researchers, even though the Filecoder ransomware was written in Apple’s programming language, the malicious code is not as potent or as skillful as other viruses. In fact, it’s so poorly written that hackers never developed a method to retrieve the encryption key once the ransom has been paid.

In any case, whether you’re dealing with Filecoder or some other ransomware, we advise against ever giving in to the hacker’s demands.

Avoid Filecoder
So far, Filecoder isn’t given out via phishing emails like most ransomware; instead, it’s distributed on Torrent sites and goes by the name “Patcher.” Therefore, it’s best to stay away from these highly unregulated (and mostly illegal) websites and stick to trusted app stores like Mac, Microsoft, and Google.

Even if the ransomware is not sent out via phishing campaigns, you should still be careful of any unsolicited emails with strange file attachments in case the malware authors decide to branch out.

Install preventive measures
Like with any other malware, being proactive with your cybersecurity solutions is the best way to defend against Filecoder. Install reliable antivirus software, intrusion prevention systems, firewalls, and update systems whenever possible.

You must also maintain backups and have a disaster recovery plan to keep your business running in the off chance that ransomware or any other cyberattack successfully infiltrated your systems.

Defeat the ransomware
Given the ransomware’s shoddy code, security researchers have found a way to decrypt files without paying. Free cracking tools like PKCRACK can recover Filecoder-encrypted data if you have one original version of the affected files. The recovery process, however, does require some programming knowledge, so contact an IT expert or a managed services provider to unlock the ransomware for you.

Filecoder may not be the strongest malware around, but this could just be the start of Mac-based attacks. To protect your business from the onslaught of cyberattacks, you need security experts. Contact us today at 855-476-5526.

Published with permission from TechAdvisory.org. Source.