Month: August 2017

Critical Windows security updates from Microsoft

Earlier this month, Microsoft released a patch that includes several security enhancements and addresses 48 vulnerabilities for all supported versions of Windows. If you’re not in the habit of installing security patches when they come out, now’s a good time to start. Let’s take a look at August’s updates and the issues they address.

Windows Search

Microsoft discovered a flaw that hackers could remotely exploit to take full control over an affected computer. The hacker could then install programs, view, change or delete data, and create new accounts with full user rights. The August security updates address the vulnerability by fixing how your computer’s memory interacts with Windows Search objects.

Windows Hyper-V

Another critical vulnerability is tied to Windows Hyper-V, a virtualization program. This flaw can be exploited when a server fails to properly verify an authenticated user from a virtual desktop.

For example, cyber criminals could exploit the vulnerability by running a malicious application on a guest operating system and cause the server to malfunction. The latest patch plugs the hole by correcting how Hyper-V validates guest operating system user input.

Microsoft Edge

Microsoft security specialists revealed that the Edge browser is exposed to a remote memory-corruption vulnerability. Hackers can exploit this by luring an unsuspecting user to open a fake website that contains malicious programs. The new security update addresses the issue by modifying how Microsoft Edge handles objects in memory.

These are just a few examples of the critical vulnerabilities addressed in the August updates. In total, Microsoft patched 48 vulnerabilities in six of its main product categories, including Windows, Internet Explorer, Edge, SharePoint, Adobe Flash Player, and SQL Server. If you’re interested in all the security updates, check out Microsoft’s official Security Update Guide.

As a Windows user, you’re probably used to seeing pop-up messages that implore you to install a new Windows update. Take heed: These patches and updates cost you nothing and can be installed in a matter of minutes. All you need to do is give your consent with a couple of mouse clicks, so there really is no excuse for not updating.

It’s important to update to the latest Windows version to ensure your computer and data are safe from security threats. If you have any questions about Windows updates or need help scheduling them, get in touch with our experts today.

Published with permission from TechAdvisory.org. Source.

New Locky ransomware: what you need to know

In 2016, the Locky ransomware infected millions of users with a Microsoft Word file. It was eventually contained, and cyber security firms have since created protections to detect and block previous Locky variants. However, a similar malware is currently spreading worldwide and has so far infected tens of thousands of computers.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Once encryption is completed, the user receives instructions to download the Tor browser so they can access the “dark web” for details on how to pay the ransom. To retrieve their encrypted files, users will be asked to pay from 0.5-1 Bitcoin.

What you need to do

This ransomware variant builds on the strengths of previous Trojans. In fact, the original Locky strain made it easy for cyber criminals to develop a formidable ransomware that could evade existing cyber security solutions. This is why adopting a “deny all” security stance, whereby all files are considered unsafe until proven otherwise, is the best way to avoid infection.

Here are other tips to avoid infection:

  • Don’t open unsolicited attachments in suspicious emails. Alert your IT staff, and most importantly disallow macros in Microsoft Office unless they’ve been verified by your IT team.
  • Performing regular backups guarantees you never have to pay cyber criminals a ransom. If all other security measures fail, you can always rely on your backups, which protect your business not just from cyber crime-related disasters, but also from natural and other unforeseen system failures.
  • Train your staff to identify online scams like phishing. This and other similar ransomware strains take advantage of users’ lack of cyber security training.
  • Update your operating systems as soon as updates become available to reduce, or eliminate, the chances of your system’s vulnerabilities being exploited.

Even with a trained staff and the latest protections installed, your IT infrastructure may still have unidentified security holes. Cyber security experts can better evaluate your entire infrastructure and recommend the necessary patches for your business’s specific threats. To secure your systems, get in touch with our experts now.

Published with permission from TechAdvisory.org. Source.

Spyware has been infecting Macs for years

While Macs have a reputation for being more secure than Windows PCs, they are far from immune. Over the past decade, a piece of malware designed to spy on its victims’ computers has remained unnoticed until quite recently. What’s worse is that security experts are still unsure about how the malware gets into Mac computers. Here’s everything we know so far.

Fruitfly spyware
The spyware, known as Fruitfly, was first discovered in January 2017, but Synack chief security expert, Patrick Wardle, discovered a more cunning variant last month.

Along with being able to track the victims’ names and locations, the spyware reportedly gives the hacker control over webcams, mice, microphones, keyboards, and notifies hackers any time the computer is in use. This enables hackers to take non-consensual photos, capture screenshots, track keystrokes, and record audio.

What’s surprising is this type of spyware is not built for financial gain or designed to steal government secrets. It’s used to spy on regular people. According to experts, the hacker developed the spyware for voyeuristic reasons. Collecting private data from users also suggests that hackers planned to set up more targeted social engineering scams.

So far, there have been only 400 confirmed Fruitfly infections, but considering how it has remained hidden for nearly decade, that number could be much larger.

While experts are still not sure who created the malware and how it is delivered, it’s best to follow security best practices like avoiding pop-up ads, banners and suspicious file attachments, using extreme caution when downloading free software, and update applications frequently.

Users should also install anti-malware software with spyware detection capabilities and perform full system scans as often as possible. New security patches have been released to detect and block Fruitfly variants, so you should keep your security software up to date at all times, too.

Surge in Mac Malware
Windows PCs are targeted more frequently, but a recent threat intelligence report by McAfee found that the Mac malware incidents have grown by 53% over the first quarter of 2017.

Hackers will likely uncover new vulnerabilities in the future, which means Mac users can no longer afford to think that their device doesn’t need strong security software and support from managed services providers.

If you’re worried about the security of your Mac, talk to us today. We offer comprehensive solutions that can defend against the new Fruitfly strain and a host of other cyberattacks.

Published with permission from TechAdvisory.org. Source.

How Amazon AppStream 2.0 can help businesses

Today’s workforce is no longer confined to office walls. People work from home, while they’re commuting to and from work, and even on vacation. This is made possible thanks to remote access solutions, and Amazon’s powerful web features. Here’s what you need to know about this powerful application streaming service.

What is it?

Initially released in 2013, Amazon AppStream was created as a platform for remote access to digital resources to help businesses streamline the costly process of managing apps on-premises. Simply put, it streams desktop apps to users across various devices via a browser.

Today, Amazon AppStream 2.0 has been updated with major improvements thanks to user feedback. Now, you can stream desktop applications from Amazon Web Services to any device running a web browser compatible with HTML 5.

What can you do with Amazon AppStream 2.0?

You can run desktop applications on any device, including Windows, Linux, Macs, and Chromebooks. Amazon AppStream 2.0 features multiple streaming options, including the General Purpose, Compute Optimized, and Memory Optimized.

Everything is fully managed by Amazon and all your applications and data will be kept on Amazon Web Services. This means you can expect robust security like network firewalls, web application firewalls, secure streaming gateway, encryption in transit across all services, and the ability to isolate your applications for secure delivery.

You’ll always have access to the latest version of your applications and minimize the risk of compromising confidential data if your device gets lost or stolen, as data is stored on Amazon’s cloud infrastructure.

What other benefits are there?

Apart from mobile access to documents and applications, you’ll appreciate the simple user interface that allows you to upload files to a session, access and edit them, and download them when you’re done.

What’s more, Amazon AppStream 2.0 uses NICE DCV for high-performance streaming. This ensures secure and fast access to applications since NICE DCV automatically adjusts to network conditions.

Amazon AppStream 2.0 also supports delivery of high performance graphics applications from Amazon Web Services. This allows you to stream powerful graphics applications to a web browser on any desktop.

Last but not least, this remote access solution lets you scale up or down as needed and pay only for the streaming instances you use, and a small monthly fee per authorized user. There’s no upfront capital or premises infrastructure maintenance costs.

If your business mainly consists of a remote workforce or is planning to adopt remote work policies, Amazon AppStream 2.0 is one solid option. For other tips on how small- and- medium-sized businesses can leverage technology to improve efficiency and lower costs, give us a call and we’ll be happy to advise.

Published with permission from TechAdvisory.org. Source.

What to do with your dinosaur PC?

When smartphones first outsold PCs in 2010, people no longer have to put up with slow and bulky computers to do business. This comes as no surprise why many stashed their aged PCs away. But there are ways to breathe new life into your ancient laptop and computer, so if you haven’t trashed them, it’s time to plug them in.

You might have to do some light upgrades like install more RAM and a bigger hard drive, depending on how old your PC is, but it’ll be worth it. Once you’ve done that, explore these options:

Try a lighter OS

While you might be tempted to install a new Windows or macOS on your old computer, they won’t work optimally without a fast processor. However, Linux-based operating systems, which come in a variety of options called “distros”, will make your computer feel brand new without exhausting its hardware.

Popular distros options like Ubuntu, elementary OS, and PinguyOS, can be easily installed, have similar interfaces as Windows, and come with a ton of software packages. The best part is they only require a minimum of 4GB of RAM, which means you won’t have to invest much at all.

Make a NAS server

Network-attached storage (NAS) is a server for your home or small business network that allows you to store files that need to be shared with all the PCs on the network. If your old PC has at least 8GB of RAM, you can use it to make your own NAS instead of purchasing one.

Simply download FreeNAS, a software accessible from any OS (Windows, MacOS, Linux) that enables you to make a shared backup of your computers. FreeNAS features access permissions and also lets you stream media to mobile OSes, like iOS and Android.

However, if you prefer turning your PC into a private cloud for remote access and data backup, Tonido is a great alternative. Compatible with Mac, Windows, and Linux, it turns your PC into a storage website so you can access files from anywhere on any device.

Tonido offers up to 2GB of file syncing across computers. There’s even Tonido apps for iOS and Android for mobile access.

Secure your online privacy

Wouldn’t it be great if you could turn your old computer into a dedicated privacy PC so you won’t have to worry about compromising privacy while browsing the web? With The Amnesic Incognito Live System (TAILS), you can.

This Linux-based software routes all your internet traffic and requests through TOR Project, a software that makes it extremely difficult for someone to track you online. All of TAILS’ integrated applications like web browser, Office suite, IM client, and email software, are pre-configured for robust security and privacy protection.

Take your media up a notch

If you’re looking for a way to listen to your music, podcasts, or watch videos on other PCs, or mobile devices, a server software like Kodi can help.

What it does is bring all your digital media together into one user-friendly package so you can use your old PC as an audio and video hosting platform. From there, you can play files on other devices via the internet. There are remote control apps for iOS or Android users and even an app for Kodi playback on the Amazon Fire TV.

Kodi works on any device running Windows, Mac OS, Linux, and even rooted Android and jailbroken iOS devices.

We’re always on the lookout for ways to help our clients make the most out of their technology investments. If you’d like to know more about how to utilize other hardware to your business’s advantage, give us a call.

Published with permission from TechAdvisory.org. Source.

Office 365 gets a slew of new upgrades

There’s a good reason why businesses like Office 365: It’s a feature-rich productivity suite that gets plenty of upgrades throughout the year. Last month, Microsoft announced four new upgrades that will make the cloud platform even more irresistible for small- and medium-sized businesses.

Microsoft Connections
Email marketing campaigns are a great way to build relationships with contacts and increase sales, but they’re often difficult to manage. With Microsoft Connections, you can easily launch a campaign in minutes using pre-designed templates for newsletters, referrals, and promotions.

As you acquire more contacts, Connections allows you to segment your mailing list so you can target different customers. For instance, you can send product promotions to clients who have stayed with your business for more than six months.

After firing off your emails, performance charts track important metrics like open rates, clickthrough rates, new sign-ups, and canceled subscriptions that can be used to improve future campaigns.

Microsoft Listings
Microsoft Listings helps you seamlessly manage your online presence. Whenever you update your business profile, Listings automatically publishes those changes across your Facebook, Google, Bing, and Yelp accounts, allowing you to keep important information like business hours up to date.

What’s more, Listings includes a web dashboard where you can monitor page-views, reviews, and likes, helping you assess your company’s online reputation.

Microsoft Invoicing
Another useful addition is Microsoft Invoicing, a tool that helps you generate price estimates and invoices. When combined with enterprise resource planning (ERP) software, you can program workflows that automatically redirect invoices, pending payments, and estimates to the right accountant. This application works for credit, debit, and PayPal transactions.

Office 365 Business Center
The Office 365 Business Center brings Connections, Listings, and Invoicing all under one roof. This means information listed on one application is automatically registered onto another, saving you from inputting data multiple times.

The main hub also features a unified dashboard where you can track an email campaign’s performance, Facebook impressions, and any outstanding invoices, giving you full visibility into your accounting and marketing processes.

According to Microsoft, these powerful features will be generally available for Office 365 Business Premium subscribers in the coming months. But if you want to get early access, consider joining the Office 365 Insider program.

Office 365 will likely have even more surprises for SMBs this year, so make sure to keep in touch with us to get the latest rundown on feature releases and Microsoft news.

Published with permission from TechAdvisory.org. Source.

Useful business features in Windows 10

The Windows Fall Creators Update released in April introduced many useful and interesting features, including a decluttered Start menu, more control over Windows updates, and an enhanced Microsoft Edge browser. Five months later, Microsoft follows up on all those enhancements with a new set of features. Here’s everything business users should get excited about.

Files on-demand in OneDrive

‘OneDrive Files On-Demand’ solves syncing problems often encountered by those who don’t want all their files synced to all their devices. This feature will give users the option to choose the folders that will be downloaded to the device they’re using, which helps save storage space and bandwidth, and gives users more flexibility.

Greater protection from ransomware

Microsoft beefs up Windows 10 security by introducing ‘Controlled folder access,’ a welcome feature in an era of rampant ransomware outbreaks such as WannaCry and Petya. This security enhancement enables users to assign a ‘switch’ to applications. When the switch is turned on, users are alerted any time unauthorized applications attempt to access or modify files in protected Desktop, My Documents, My Music, My Pictures, and My Videos folders.

Enterprise-level threat prevention

The Fall Creators update will also feature ‘Windows Defender Exploit Guard,’ a threat prevention system that, in Microsoft’s own words, ‘helps make vulnerabilities dramatically more difficult to exploit.’ The platform is primarily intended to recognize and safeguard against brand new malware that has not been cataloged or analyzed by security professionals.

Microsoft will also introduce ‘Windows Defender Application Guard,’ a program that protects Windows 10 users by isolating and containing threats and malware within the Edge browser. For now, it will be available only to Windows 10 Enterprise Edition and Hyper-V users.

Both ‘guards’ will complement firewalls and antivirus software to provide comprehensive protection to data, programs, devices, and networks.

Easier to reach contacts

Windows 10 subscribers will also benefit from the ‘My People’ feature, which will enhance collaboration. This new feature will let users pin contacts from their contact list to the Start Bar for quick access to email, instant messaging, or video calling. To activate, launch the People program and click on the icon found in the taskbar’s notifications area. Contacts can be pinned only if they have the Windows 10 App open in their system.

Other essential enhancements

The Fall Creators Update will also introduce small yet essential enhancements that will prove highly advantageous to businesses, one of which is a bandwidth limiting capability. Using this feature, network administrators can limit the amount of bandwidth allocated for Windows updates, allowing them to manage the updates for all devices across an entire network.

To do this:

  • Go to Deliver Optimization > Advanced options
  • Tick any of the three sliders
  • Adjust download and upload settings: limiting bandwidth for downloading updates; uploading updates to other PCS on the internet; and adjusting monthly upload limit

A battery-saving function will also be introduced to the new Windows 10 via ‘Power Throttling,’ which determines the activities that the system should prioritize based on a user’s activity. For example, if a user has multiple apps open but is actively using only a photo-editing tool, the system will allot greater power resources to the most actively used app and minimal resources to inactive ones.

Are you maximizing your Windows-powered computers’ features and capabilities? Get in touch with our experts to explore what Microsoft products can do for your business.

Published with permission from TechAdvisory.org. Source.

Black and white: Not all hackers are bad

When a cyber security researcher stopped the spread of WannaCry, the headlines praised him as a savior. But just a few short months later he was in handcuffs for allegedly creating a piece of malware that steals banking information. Even if he is innocent, it’s important to understand the difference between white hat, black hat and even gray hat hackers.

A complicated history

Since all the way back in the 1950s, the term hacker has been vaguely defined. As computers and the people who worked with them became more accessible, the word was used to describe someone who explored the details and limits of technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were being caught breaking into government computer systems. Partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cyber security consulting businesses. So what should you call someone who uses their knowledge for good?

“White hat” hackers

Sometimes referred to as ethical hackers, or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the operating system on his computer, he finally released Linux, a secure open-source operating system.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns solely for causing damage. This may be anything from financial harm in the form of ransomware to digital vandalism.

Albert Gonzalez is one of the many poster children for black hat hacking. In 2005, he organized a group of individuals to compromise poorly secured wireless networks and steal information. He is most famous for stealing over 90 million credit and debit card numbers from TJ Maxx over the course of two years.

“Gray hat” hackers

Whether someone is a security specialist or a cyber criminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hand at both white hat and black hat hacking.

Today, there are quite a few headlines making the rounds describing Marcus Hutchins as a gray hat hacker. Hutchins became an overnight superstar earlier this year when he poked and prodded the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He has been arrested and branded a “gray hat” hacker.

The world of cyber security is far more complicated than the stylized hacking in Hollywood movies. Internet-based warfare is not as simple as good guys vs. bad guys, and it certainly doesn’t give small businesses a pass. If you need a team of experienced professionals to help you tackle the complexities of modern cyber security, call us today.

Published with permission from TechAdvisory.org. Source.

Best Mac tips and shortcuts

Mac operating systems are known for their intuitive user interface with minimal learning curve. But did you know that over the years, Macs have been equipped with a bunch of new shortcuts and hidden features? Here are our picks of the ones guaranteed to make life easier.

Use Siri to change your Mac’s system settings

Rather than going through your computer’s System Preferences menus to find the setting you require, you can use Siri to quickly make these changes. Simply activate Siri by pressing command + spacebar and then say out loud the changes you want, such as “increase brightness” or “turn on bluetooth”.

You can even ask how much hard drive space is left to determine your computer’s available storage.

Copy and paste between devices

Universal Clipboard is an extension feature that was first introduced in the Mac OS X El Capitan and has now made its way to macOS Sierra. With this time-saving tool, you can cut and copy items on your macOS and iOS devices, and paste them onto other devices. These include text, images, and even videos without having to use AirDrop or email.

To enable Universal Clipboard, simply turn on Bluetooth on your Mac and iPhone and make sure both devices are logged in using the same Apple ID. Then press Control + C on your Mac and then hold down and select Paste on your iPhone, or vice versa.

Sync Desktops on multiple Macs

Another new feature in the macOS Sierra syncs desktops across iCloud. This means you can go to your iCloud Drive on any device and access the files and folders on your desktop. You can also access your Documents folder on your desktops too. All this depends on is the amount of storage space you have on your iCloud.

To sync your Desktop, go to System Preferences > iCloud. Make sure the iCloud Drive is selected at the top and click on Options. From there, select Desktop & Documents to share those files. iCloud will then upload these files to the cloud, allowing you to access them on other Macs from anywhere with an internet connection. Just go to iCloud.com, log on, and open the Desktop folder there.

Autocap and full stop on your Mac

The Sierra operating system features the auto capitalization of the first word of a sentence as well as the auto-added full stop when you press space twice, a feature that many iPhone users rely on. To activate it, head to System Preferences > Keyboard > Text, and select: ‘Capitalize words automatically’, and ‘Add period with double-space’.

Once these two options are ticked, the necessary capitals and full stops will automatically be added in TextEdit, Pages, and other relevant apps.

Use your trackpad to sign things

Thanks to the magical feature of trackpad, you can now sign PDFs within Preview. Just open the PDF you need to sign and click on the toolbox icon at the top right of the Preview toolbar. Then click the signature icon that looks like a squiggle beneath it, make sure the Trackpad tab is selected, and click Create Signature.

Once done, you can select the signature from the menu and drag it to wherever you want it to appear.

Quickly free up space

macOS Sierra features a number of options available to help you free up storage space. Start by clicking on the Apple logo on the top left of your screen, then click About This Mac > Storage > Manage.

You can choose to store files and photos in iCloud and only keep recently opened files and optimized photos on your Mac as required. You can also choose Optimized Storage, which helps you save space by removing iTunes movies and TV shows and only keeps your recent email attachments. Last but not least, you can choose for your trash to be emptied periodically.

Save battery

The latest macOS Sierra can warn you if your display brightness is too high so you can make adjustments to save battery life. If you click on the battery icon in the top menu bar, you’ll be greeted by a drop down menu that shows your current power source and highlights apps that are draining your computer’s battery. From there, you can choose whether to cut down on those apps or not.

These are some of the tips and hidden features that Mac operating systems have to offer. As always, if you’d like to learn about how Apple products can drive value for your business, or have any questions at all, just give us a call.

Published with permission from TechAdvisory.org. Source.

CRM tips and tricks for beginners

Customer relationship management (CRM) software is essential for every marketing, sales, and customer service department. It allows you to capture your customers’ information and keep a record of their interactions with your business. If you’re new to the concept of CRM, here are some tips and tricks to help you get the most out of it.

Always update customer information
A CRM system is only effective when the data it provides is current. If the customer’s address, company name, or preferred method of contact has changed, your staff should be recording this information immediately so your sales and marketing teams are always equipped with the right information.

Use purchasing history for upselling opportunities
It’s easier to sell to existing customers than acquiring new ones. Boost your sales performance by analyzing your existing clients’ purchasing history and designing promotions or events designed just for them. For example, if they recently purchased a razor from your online store, you can program your CRM to recommend related products like shaving cream or aftershave. Not only does this widen your profit margins, it also makes customers’ lives a lot easier and promotes repeat business.

Automate processes
Take advantage of the workflow automation features in CRM apps to eliminate time-consuming and repetitive tasks. For instance, when a new lead is added to your CRM (via newsletter subscriptions or website visits), the CRM can be programmed to send follow-up emails, offer promotions, and other interactions to keep your business at the forefront of their attention. This saves you from writing the same canned responses while also making sure that you’re engaging your clients throughout the entire sales process.

Learn from analytics
CRM also makes it possible to analyze customer trends and behavior. If you noticed a spike in demand for certain products and services during the holidays, be more aggressive in pushing them out next year. If certain email campaigns were more successful than others (e.g., higher open rates, click-through-rates, and potential customers), understand what elements were responsible for that success and try to replicate them the next time you send a newsletter.

Customer data should also be used to shape sales and marketing tactics. A salesperson that already knows the client’s name, locations, and preferences can deliver more personal sales pitches and has a better chance of closing a deal. The point is this: If you’re not learning from your data, your business growth will be limited.

Integrate CRM with other business software
Tying CRM software to other programs makes it even more powerful. Integration with accounting software combines customer and financial data, eliminating redundant manual data entry and providing more insightful reports. When used alongside a VoIP system, your staff will get relevant customer information from multiple databases displayed on one screen when they’re about to make a call.

Get some CRM support
Last but not least, work with a CRM provider that offers 24/7 support. Ideally, they should be keeping your data safe, updating your software regularly, and advising you on how to use complex CRM features.

This may seem like a lot, but the important thing to remember is that just like every technology investment, CRM requires active participation from executives, managers, and frontline staff. If you need more advice on keeping customers happy or want to know what technologies can add value to your business, call us today.

Published with permission from TechAdvisory.org. Source.