Blog - BizTek Connection, Inc.

Blog

A New Threat – Trojan.Bladabindi

We’ve just learned of a new computer virus that you should take note of.  It is a Trojan virus named “Bladabindi”. It adds itself to your firewall exception list so that it can gain access to your computer.  It can capture your various credentials (user names & passwords) and other personal information.  It can even access your webcam and record & steal your video.

Currently it is predominantly attacking outside the US (like India) but these things don’t take long to travel here.  One known carrier of the virus are USB drives.  So be careful using other people’s thumb drives or other external USB devices.

Our recommendation is to be sure to use enterprise-class antivirus software, and update its definitions weekly.  Also make sure that your Microsoft patches and updates are current.  And always be suspicious of any attachments or links in email from someone that you do not know.  Even from known senders, if it looks or seems strange, ask them before you open them!

For more information, click on this link:

http://www.symantec.com/security_response/writeup.jsp?docid=2013-072415-3728-99

 

Posted in: Malware, Security

Leave a Comment (0) →

WordPress MailPoet Plugin (wysija-newsletters) Has BIG Bug

It seems that every time we turn around there’s another area in which someone is jumping on a new way to exploit weakness on programs on our computer, Operating Systems and even on the websites/server we use to promote out businesses.  Today is no exception.  There has been another serious security vulnerability in the MailPoet WordPress plugin. Unupdated versions of MailPoet allows an attacker to upload any file remotely to the vulnerable website without any type of username or password being required.

File uploads of this time are used to ad code to your site that can cause you to become a spammer, or sell products that you know nothing of, nor make any money from those sales.  Basically, they can make your site open to just about anyone to do just about anything they want to do.  Any way you slice it, this is a serious issue. The MailPoet plugin (wysija-newsletters) is a very popular WordPress plugin with over 1,700,000 downloads so far. This vulnerability has been patched!  So, if you run the WordPress MailPoet plugin, please upgrade ASAP!

Are you affected?

If you have this plugin activated on your website, the odds are not in your favor. An attacker can exploit this vulnerability without having any privileges/accounts on the target site. This is a major threat, it means every single website using it is vulnerable.

The only safe version is the 2.6.7, this was just released a few hours ago (July, 1, 2014).

Why is it so dangerous?

This vulnerability gives a potential intruder the power to do anything they wants on a victim’s website. It allows for any PHP file to be uploaded. This can allow an attacker to use your website for phishing lures, sending SPAM, host malware, infect other customers (on a shared server), and so on!!!

Technical Details

Because of the nature of the vulnerability, specifically it’s severity, I won’t go into the technical details. The basics of the vulnerability however is something all plugin developers should be mindful of: the vulnerability resides in the fact that the developers assumed that WordPress’s “admin_init” hooks were only called when an administrator user visited a page inside /wp-admin/.

It is a easy mistake to make and they used that hook (admin_init) to verify if a specific user was allowed to upload files.

However, any call to /wp-admin/admin-post.php also executes this hook without requiring the user to be authenticated. Thus making their theme upload functionality available to everybody.

How should you protect yourself?

Again, update the plugin as soon as possible! Keeping WordPress and all plugins updated is the first step to keep your sites secured. If you don’t know how to do this, or even if you are not sure if your site us using this plugin, give us a call at 501.542.4241. We’ll help mitigate any risks.

Posted in: Malware, Security

Leave a Comment (0) →

TimThumb WebShot Zero Day Exploit

I have not idea if you are, or aren’t, using TimThumb WebShot after a serious vulnerability was discovered last year but, if you are, you may want to rethink it now.

A Zero Day exploit is one where there is now time delay between a particular exploit being discovered and it being released into the “wild”.  And, there’s a new Zero Day that was just disclosed on TimThumb’s “Webshot” feature.  Simply put, this exploit allows for certain commands to be executed on the vulnerable website remotely without any authentication (username/password) being required. With a simple command, an attacker can create, remove and modify any files on your server.

I could bore you with examples but, simply out, someone could remove files and/or create files using very simple URL (web browser, address bar, code execution).  Those two simple things are not the only possibilities… There are many others can be executed remotely (Remote Code Execution).

Are you vulnerable?

The good news is that Timthumb comes with the webshot option disabled by default, so just a few Timthumb installations are vulnerable. However, you have to check if your timthumb file does not have this option enabled to prevent it from being misused. Open your timthumb file (inside your theme or plugin) and search for “WEBSHOT_ENABLED” and make sure it is set to “false”, just like this one:

define (‘WEBSHOT_ENABLED’, false);

If it is enabled, you have to disable it asap.

We can help you, both check for the vulnerability and mitigate any vulnerabilities, if you need our help.   Another piece of good news is that we offer website firewall that will automatically protect against this vulnerability, and many others.

Posted in: Malware

Leave a Comment (0) →

Another Zero Day Exploit Affects Almost ALL Versions of IE

Zero-Day Attack is an attack that exploits a new vulnerability that developers have not had time to address and patch.  Simply put, the name comes from the concept that there were zero days between the time the vulnerability is discovered (made public) and the first attack.  In this case, Microsoft has confirmed this vulnerability in Internet Explorer that could allow remote code execution.

As you might expect, Microsoft is scrambling to fix a security flaw in its browser (Internet Explorer) that could allow a hacker to remotely execute malicious code if a user visits an infected website.  It’s important to know that there is no way for an attacker to force you to the infected site, so this is normally accomplished by convincing the user to visit the site by getting them to click a link in an email message or Instant Messenger.

Enhanced Protected Mode, which is enabled by default on IE 10 and IE 11, will help protect against this potential risk. You can also use Google Chrome or Firefox, since this particular exploit doesn’t appear to involve these browsers.  But, even more importantly, you can simply avoid clicking on suspicious links!  You may ask; what is a suspicious link?  In my opinion, any link in a message sent to be from any external source.  I know, that may be a bit “over the top”, but I see the repercussions from people clicking those links almost every day.

Not to sound like a broken record, but clicking links in messages sent to you, even from people that you know and trust, is a risky venture.  It is extremely common for attackers to mimic the email address of someone that you may know to get you to click that link.  It’s always a best practice for you to contact the sender of a message to confirm that they sent the message and there is a valid reason to visit a site by clicking the link imbedded in a message.  As a general rule of thumb, whenever I receive a message with a link, even if it’s from a trusted source and they have confirmed the message to be valid, I will type (as opposed to clicking the link) the entire URL into the address bar.

Exploits are, and will always be, around.  I’ve frequently said that whatever one person is bright enough to create, another is bright enough to break (or exploit, in this case).  So, do everything you can to mitigate the risks, including explore using a different browser AND being extremely skeptical about clicking links in messages.

Posted in: Malware

Leave a Comment (0) →

Microsoft OneDrive/SkyDrive Changes: 10 Things to Expect

It’s official. Microsoft’s SkyDrive has officially become OneDrive. I’ve heard a lot of quesions related to “Why”? The rebranding wasn’t one of choice, but follows a bitter legal battle with the United Kingdom’s British Sky Broadcasting, or BSkyB. It was a simple matter of making the change rather than waste time and money trying to win what looks like a loosing battle.  Whatever the reason, SkyDrive is dead, and now, OneDrive appears to be here to stay. Overall, OneDrive is an awful lot like SkyDrive, including its design layout and feature set. Still, the platform is notable in that it’s Microsoft’s best effort yet to compete with cloud-storage services from Google and other players in the market. It’s also arguably one of the most important online services the company will offer in the coming years as the cloud continues to evolve as an integral component in the average person’s life. I’ll give you some basic bullet points to outline both new and old features, and key factors for your consideration.  Here is what to expect from OneDrive.

  • The overall look and feel will be similar since Microsoft was forced to make the transition from SkyDrive to OneDrive somewhat quickly. Those who had been using SkyDrive will find that getting around the service is simple, and completing many of the same tasks won’t require any breaking in, which is a good thing.
  • Microsoft is offering Free Storage.  In a continued effort to entice new users to sign up for OneDrive, they are giving free storage. Microsoft says that every new person who signs up for the cloud solution will get 7GB of free storage. Beyond that, there are some nominal fees that will be accrued annually.
  • There is a “Refer-a-Friend” to bring on new members to OneDrive. The company said in a blog post Feb. 19 that customers who refer others to OneDrive will receive 500MB free, up to a maximum of 5GB free. Microsoft is even giving customers 3GB free when they use its camera backup feature.
  • Pick a Device, Any Device! One of the nice things about Microsoft’s OneDrive is that it’s available on just about every device imaginable. The service works with Android handsets, can connect to Windows PCs and works on Macs. The service also works exceptionally well on the Xbox One, and allows users to back up files from iOS. Ubiquity might be a key reason OneDrive could eventually enjoy success.
  • Automatic Android Photo Backup is one new feature of OneDrive.  This feature allows users to set their Android handsets so that as soon as an image is taken, it’s automatically backed up to their OneDrive. The feature is similar to the automatic backup available with OneDrive on iOS and Windows Phone 8.
  • Sharing Videos Just Got Easier!  One of the issues SkyDrive users were having was the general inability to quickly and easily share and watch videos. In many cases, they were forced to wait an inordinate amount of time to access the content. That has been solved with OneDrive. Microsoft says that the issues users were previously experiencing are now gone and should allow for a more entertaining time watching videos
  • Office Web Apps? Still There! Office Web Apps are still accessible from OneDrive. Users can access and view Office files, as well as edit Word, Excel, PowerPoint and OneNote documents. OneDrive also includes the ability to integrate those files with the desktop versions of Office.
  • Microsoft Added Real-Time Document Collaboration which is, by many opinion, one of the biggest improvements to OneDrive!  With that feature, users in a corporate environment (or friends on the consumer side) can work on the same document in real-time without fear of OneDrive losing the latest version. It’s something that Google Drive users have had for a while, and it’s nice to see Microsoft offering a similar solution.
  • Microsoft’s “Smart Integration”  works with Third-Party Apps!  Microsoft realizes that, in order to be successful, its offering must be capable of playing nice with any and all third-party services. We’ve already mentioned support for Macs, iOS and Android, but Microsoft also allows users to seamlessly share photos or videos to Facebook or email. After recording game play from the Xbox One, the content can be uploaded to OneDrive and shared with others. Microsoft is platform-agnostic with OneDrive and should be commended for that.
  • There’s an Act-Fast Opportunity… This one might have a short shelf life, but Microsoft announced that it will be giving away 100GB of free storage for one year to 100,000 people. Microsoft hasn’t said exactly how it will determine who gets the free storage, but it has urged users to follow its Twitter page “for clues.” It’s a nice offer, and speaks to just how serious Microsoft appears to be about getting users onto OneDrive.

All in all, I’m a big fan of OneDrive and it’s offerings.  There are other players in the market, but this one is desinged to work and play well with all platforms and it tightly intergrated into the Microsoft Platforms and Applications.  Like them or not, they are a major player that most of us use regularily.  That’s just one person’s opintion, feel free to add your two cents worth.

Posted in: Cloud Computing, Technology and How it's Used

Leave a Comment (0) →

6 Password Tips to Protect Against Business and Identity Theft

Ah, those pesky passwords. If you work in the corporate world or in an office, you have one for your PC/Network and, unless there is a password synchronization application that combines them, you probably have more than one for other applications. Add those to the ones that you have for your home Internet, your banking and other websites that require passwords, and before you know it you have a nightmare on your hands in trying to manage them. How easy a target are you for business and identity theft?

Part of the frustration has to do with the different requirements for password formatting. Some systems only require four characters, some require eight. Some need a combination of alpha and numeric characters and others do the same with the addition of a few capital letters thrown in for extra security. It can be positively maddening.

The worst thing you can do with your passwords is to place them in a text document which can be accessed on the hard drive of your computer. Your files are vulnerable to business and identity theft- even if you think they are not. If someone is intent on finding them, they can. Even if you place them into a password protected document, those can be cracked, too.

Writing them down has its own vulnerabilities, too, and there are varying opinions on this practice. If you do write them down on a piece of paper, put the document in a locked location whether it is in your home or at work.

Here are 6 tips on how to handle your passwords to protect against business and identity theft:

1. Make them complex. People who use easy to remember or short passwords are inviting disaster. Use a little imagination and pick a password that is very difficult to attach to your life. Stay away from birth dates, phone numbers, house numbers, or any other number that is associated with your life.

2. Keep passwords unique. When you change your passwords, make them unique from each other. Do not use the same password on all of your sites. If you do, then you are open to having every site that you have a password to being vulnerable to hackers to log on and steal your identity, money or destroy your reputation.

3. Be obscure. Use a combination of letters, numbers, capital letters and special characters if possible. The more you do this, the more secure your passwords will become. Create an alphanumeric version of a term you can remember. Using this technique the word “Spaceship” becomes “Sp@ce5h!p”.

4. Change regularly. This is the singular tip that can save you if you do not heed any of the other tips. How often should you change your password? How secure do you want to be? The frequency with which you change your password will determine how secure you are from becoming a victim. The more often you change it, the better you are. The longer you leave it the same, the more vulnerable you become. Three months is a good cycle for a password, but certainly if you fear for the security of your identity, then a monthly change is not out of the question.

5. Password-protect your PC. Be sure to give your PC a password on power-up. This will help protect your files unrestricted access to your PC.

6. Password-protect your wireless home network. If you have a wireless home network, be sure to password protect it as well. Use the same principles above in order to secure your wireless network. This will prevent others from accessing your connection and using it maliciously to hack the personal or business PCs and laptops you and your family use at home.

Finally, there are password programs that can help with this important task, but the best advice is to start with the tips above right away. Password software can be useful as an organizational tool, but it is no match for using sound methods to manage and make your passwords difficult to crack.

Click here to learn how BizTek Connection, Inc. can help protect you against business and identity theft with our Network Security Services for your business in Little Rock, AR and surrounding cities.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

How to Create a Basic Businesses Disaster Recovery Plan in 4 Steps

Loss of data is a common problem for businesses. Fortunately, it’s a problem that can easily be avoided with the correct preparation. While devastating amounts of data can be lost during catastrophes like hurricanes, terrorist attacks, fires and floods – it doesn’t take such large events to cause a business to lose important data. It can be as simple as dropping a laptop to the floor, or a power surge that results in burning out a storage device. If you don’t have your crucial data backed up, even a small situation can turn into a disaster. That’s when having a business disaster recovery plan can help.

If you still think natural disasters are the leading causes of data loss – and that the chances of it happening to you are pretty slim, take a look at the results from a study by Strategic Research Corporation of the leading causes of business continuity and disaster recovery incidents:

  • Hardware Failures (servers, switches, disk drives, etc) – 44%.
  • Human Error (mistakes in configurations, wrong commands issued, etc) 32%
  • Software Errors (operating systems, driver incompatibility, etc)14%
  • Viruses and Security Breach (unprotected systems are always at risk) 7%
  • Natural Disasters 3%

Establishing a disaster recovery plan can be done in the following four steps:

1) Take a potential risk inventory. Make a list of every potential cause of data loss and the solutions to each. Your list should include losses that won’t affect the business very much, and those that would shut the business down temporarily or permanently. Information Technology experts can assist you with creating the potential risk inventory – as they will have the knowledge and experience to identify possibilities that you are not likely to think of but need to plan for all the same. These IT experts will also be able discuss preventative solutions to guard against each type of potential data loss.

2) Rate each of your potential data loss situations. How likely is it for each of the items on your risk inventory to occur? Rating them in order of importance and likeliness to occur will help you determine where to focus your disaster recovery plan efforts.

3) Develop your disaster recovery plan. Go through each of your potential risks and their solutions, and determine how long it would take you to recover from the loss of data for each risk. Could your business be offline for 24 hours? A week? Depending on the nature of your business, being offline for even just 24 hours could result in your losing customers to your competition. Look at ways to reduce the length of time it would take you to recover from each type of data loss risk.

4) Put your disaster recovery plan to the test. Once you’ve created your plan of action for recovering lost data, you should test your solutions. A disaster recovery plan is just a plan until it can be tested and proven.

Click here to learn how BizTek Connection, Inc. can create a business disaster recovery plan for you with our Disaster Recovery and Business Continuity Services for your business in Little Rock, AR and surrounding cities.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

How Managed IT Services and Cloud Computing Improve Your Business

Small business owners who are not already on board the “cloud” may be missing out on a great opportunity to improve their business operations as well as profitability. Cloud computing has changed the landscape of business dramatically in the past few years. In order to reap the most rewards from technological advances, it is important first for business owners to understand what they are dealing with and how new technologies can improve the functionality of their business.

What is Cloud Computing?

To better understand this concept you must only turn to the Internet. How the Internet is used has changed greatly over the years and in terms of business, any programs or services that you use via an Internet connection could loosely be described as a cloud service. Cloud computing allows you to utilize software and services without having to run the servers or software in house. These outside vendors run the software and servers, making it possible for you to pay attention to what is most important, running your business. Examples of cloud computing services that are commonly used by businesses today include; Salesforce.com which offers programs to aid sales staff in tracking customer information and data storage backup services such as those offered from Amazon.com.

Benefits of Cloud Computing

As more and more businesses are relying on cloud computing services you might wonder how they can benefit your business. There are many benefits including long term reduction of software and computer costs, improved data security (secure off site backup and storage) and increased functionality and customer service. As cloud computing continues to evolve and offer additional products and services, many businesses that are currently on the fence will make the decision to venture to “the cloud”.

Managed IT Services Can Make the Transition to Cloud Computing easier

Despite the growing popularity of cloud computing and the increased number of companies utilizing these services, not all business owners nor customers are completely convinced this is the way to go. There is little doubt that this area of technology will continue to develop and likely become main stream within a few years. With that in mind, business owners who question this technology can benefit greatly by consulting with managed service providers to help guide them through any transitions. Managed services providers are up-to-date with all new technology and can offer services that include cloud computing to improve the way your business runs as well as provide much needed assistance in the event of a man-made or natural disaster.

By working with a Managed IT Services Provider your business can immediately reap the rewards of cloud services while still having trained professionals in your corner to ensure your business is adequately protected and invested in this technology. Finding the right managed services provider can make the difference between your small business increasing efficiency and improving functionality versus getting left behind in the virtual dust. Working with a qualified managed services provider will eliminate much of the confusion associated with “new” technology and position your business in a place where you can compete with others in your field while reducing in-house IT costs.

Click here to learn how BizTek Connection, Inc. can help you benefit from the Cloud with our Cloud Computing Solutions for your business in Little Rock, AR and surrounding cities.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

When Is Your Business Ready For Managed IT Services?

If you are a small business owner and considering whether or not Managed IT Services will benefit your company, the answer is almost always- yes. There is little doubt that most small businesses can benefit from Managed IT Services, yet that in itself does not always justify the cost of bringing on a third party provider. Accepting that Managed IT Services Providers can offer solutions to common problems found in small business operation, the real question is: when does it make sense to switch from in house IT solutions to the next level which includes Managed IT Services?

There is a good chance if you are already considering Managed IT Services the time might be near when you are ready to make the switch. Small business owners do not have the luxury of a never ending IT budget, therefore it is very important to recognize when your current IT management is no longer cost effective. For most small businesses this occurs when the business grows to the point of needing either a contract with a local service provider who is “on call” for IT needs or hiring a full time IT person to remain on staff. There is of course another option for small business owners to consider and that is hiring a Managed IT Services Provider to oversee their IT needs.

If you are still unsure that your business is ready for the switch, ask yourself the following questions:

  • Do you find IT costs are continually increasing?
  • Is it difficult to find and retain quality IT staff?
  • Is your network and workstation performance and speed decreasing?
  • Are your employees spending more time dealing with IT issues than focusing on job they have been hired to perform?
  • Do you have problems with viruses, spyware and other security issues that could threaten the confidentiality of proprietary information?
  • In the event of a natural or man-made disaster, would your network be at risk? Would recovery be a concern?
  • Do you find network downtime is increasing?

If you answered yes to one or more of the above questions, then your business is ready for Managed IT Services.

Now that you have determined Managed IT Services are right for your business, the next challenge is finding the right provider of these services. This is a decision that should not be made lightly or rushed as the wrong provider can end up costing your company more money than your current situation. Before you begin the search for a Managed IT Services Provider you should first consider your IT budget as well as issues or problems you want to be addressed. It is important to remember that Managed IT Services are not a one-size-fits-all type of solution to business problems. Each business and industry has their own issues to contend with and a qualified Managed IT Services Provider will work with you to find the solutions that will benefit your company the most. If a potential provider is more intent on selling you services and not listening to the needs of your business, move on to another provider who is willing to listen to your concerns and offer customized solutions that address these needs. The point of outsourcing your IT management is to save money while freeing up time to focus on other business operations. For this reason it pays to put forth the effort to find the best Managed IT Services Provider to oversee your technology needs.

Click here to learn how BizTek Connection, Inc. can help you benefit from Managed IT Services for your business in Little Rock, AR and surrounding cities.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Beware: Ransom-ware CryptoLocker

Once this malware is executed on a computing device it encrypts files in the victim’s computer, and demands a ransom 300 USD to be paid by the victim within 72 hours in order decrypt the victim’s files.

In early September 2013, security experts around the world became aware of a very nasty piece of malware that, once executed, encrypts files in the victim’s computer, and then demands a ransom of $300 for decryption.
This one of the most destructive malware infections I have ever seen! It is essential that anyone with a connection to the Internet is aware of this beast.
This type of malware is popularly known as ransomware and is spread using social engineering tricks especially via email such as fake FedEx, banking, credit card, or UPS tracking notifications with attachments. Once the victim opens such email attachments, CryptoLocker gets installed and starts scanning the hard disk for all kinds of documents. These include images, videos, documents, presentations, spreadsheets AND including any backup files that may also be maintained on the target system. Thereafter it encrypts these files converting them into an unreadable form. The ransomware then pops up a message demanding a payment of $300 (currently) to obtain the private key to decrypt the files. The message also displays a time limit within which the payment must be made.
CryptoLocker uses unique RSA encryption method of public private key pair to encrypt its victim’s data. It is not possible to decrypt the files encrypted in this way until one has access to the private decryption key. The key is not stored on the infected computer, but rather on the hacker system which, of course, we do not have access to.
There is no known fix – other than paying the ransom. Without the key it is not possible to decrypt the data encrypted by this malware. The malware defines a window of 72 hours to pay the ransom and to get the private key to decrypt your data. If the amount is not paid the hackers destroy the private key and your encrypted data is locked forever with no way to recover it. Hackers behind this malware are able to avoid the trace back by using digital cash systems like Bitcoins, UKash and MoneyPack, where the payments can be anonymous.
Here are two very simple steps you can take to minimize your risk:

* Never entertain unknown or unwanted emails with attachments, especially those that come from FedEx, banking, credit card, or UPS tracking notifications. Use strong anti-phishing, anti-spam and content filtering to filter out the fraudulent emails and no-go web sites.

* Ensure that your systems are backed on a regular basis. Preferably daily, with multiple versions and maintained at an off-site location.
I have attached a link to recent NakedSecurity newsletter from SOPHOS that includes a MUST WATCH video that illustrates how Crypto-Locker works, prevention, cleanup and recovery.

http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

Posted in: Malware, Tech Tips for Business Owners

Leave a Comment (0) →
Page 1 of 28 12345...»