Categories:
Blog

2019 Threat Look

Sonicwall just published their great Threat Report.

I’d strongly recommend it

Here are some of the highlights:

Industries attacked:

Malware Attacks

Attacks by Country

Types of Attacks

 

The Death of Windows 7

In case you didn’t know, Windows 7 will be decommissioned and unsupported come January of next year. You’ll need to plan on upgrading these bad boys (I have two) or replacing them. But, I wanted to take this time to walk down memory lane with Windows 7.

In true Microsoft fashion, Windows 7 was an operating system that replaced a terrible version (remember Vista?), they seem to get this right every other time. It was released in 2009. Here are some of features you’ve probably come to take for granted that were introduced in Windows 7:

  • “Pinned” programs on the taskbar
  • “Snapping” windows to the sides of the screen
  • “Shake” to minimize all windows except the one you’re shaking

Rest in Peace

Privacy vs National Security | Encryption

Australia just passed a data encryption law that requires companies to give law enforcement access into devices without the user’s permission. “Police can force companies to create a technical function that would give them access to encrypted messages without the user’s knowledge”.

https://www.bbc.com/news/world-australia-46463029

The Thunderbolt 3

What if there was one plug that charged your computer, connected its monitors, internet, and every accessory you could want. Well, it’s here! The new Thunderbolt 3 by Intel is amazing! It can transfer data up to 40Gbps (That’s about 400x faster than your internet speed at 100Mbps). Check out this article on the new plug, I’m hoping all laptops will be using it soon!

https://www.pcmag.com/article2/0,2817,2486078,00.asp

What’s Coming and How to Prepare For It

cloud-business-startup

Like every year for technology, 2019 will continue to see changes. Not just because 2019 is anything special, but because it’s also right before 2020. We see trends continuing that large software companies are forcing smaller companies into a cloud-based model (think Amazon and Microsoft), web applications that are hosted in the cloud are the targets of cyber criminals, and some major technology will end its last full year of support and needs to be migrated. The last item is especially of note, because it will cost businesses thousands of dollars to mitigate this risk, so start planning now. We’ll look at the last item first, then trends, and the risks associated.

Costly Replacements Coming
In January 2020, Microsoft will be ending support for all Windows 7 and Server 2008 (SP1 & SP2) operating systems as well as exchange 2010. These will no longer receive security patches or updates.

What does this mean for you? Any of these systems will pose a serious vulnerability to you and your business. For any Windows 7 machine you have, you either need to replace, upgrade, isolate or trash the computer. Below is a breakdown of the costs you should expect.

Costs per computer:
• Upgrade to Windows 10: $200 license + 1 hour of tech labor.
• Replace: $1,000 per computer (varies greatly), plus setup time.
• Isolate: Disable internet access, 1 hour or so of setup time. This option may render the computer useless for modern workers.
• Trash: Wipe the hard drive and recycle the computer, about 30 minutes per computer.

Continue reading . . . http://cascadebusnews.com/whats-coming-prepare/

Browser Extensions… Beware of Using Them

In a recent article in the BBC, they mentioned how 81,000 users private messages have been leaked and posted for sale on the dark web (See article). The article mentioned how the hackers got into their Facebook accounts by using browser extensions, “Personal shopping assistants, bookmarking applications and even mini-puzzle games”. Be cautious when you install extensions for any browser. Even if you install the extension and it’s safe when you install it, that doesn’t mean that the company who made that couldn’t sell the extension to another company (or hacker) and then they now have full access into your system.

When you do decide to use an extension, follow these recommendations:

  1. Make sure you know and trust the company that has published the extension.
  2. Make sure you understand what kind of data the company is collecting and why they need it.
  3. Regularly review your extensions to make sure you still want/use them.

Getting Conned… Twice | New Ransomware Technique

Really Interesting article about a ransom-ware strain that encrypts your computer, and then asks for admin credentials to your computer in order to decrypt the files! Don’t do it! In effect, you are getting conned twice. The first time they got your files, the second time they could have everything!!!

 

Article: https://www.bleepingcomputer.com/news/security/commonransom-ransomware-demands-rdp-access-to-decrypt-files/

What is Sandboxing?

SANS published an interesting article (see below) showing that Windows Defender is now supporting sandboxing.

So what is sandboxing? And why is this a good thing. “Sandboxing is a software management strategy that isolates applications from critical system resources and other programs.” – Tech Definition. Sandboxing allows applications and code that come into your system to first go to the sandbox and “play” and be watched to see what they do. In this sandbox, the code and the application can be analyzed to see whether it’s malicious, or acting normal.

There are a couple of places you can deploy sandboxing, and it’s a good idea to have them at each level. The first level is on your firewall. Before code can even get onto your computers or servers, your firewall analyzes the code and makes sure it’s not malicious. An ounce of prevention is worth a pound of clean up! The other place sandboxing can happen is with your local anti-virus/anti-malware software (as mentioned in the article). At this point the code is on your computer, but at least it’s still isolated! So that’s a bonus!

 

article: https://isc.sans.edu/forums/diary/Windows+Defenders+Sandbox/24266/