Back to Top

Tech, Web, Cloud & Cabling Services

Category: Internet Security

BigBeagle.com / Internet Security Category

Upgrade to Windows Server 2012

10 Compelling Reasons to Upgrade to Windows Server 2012

Takeaway: Windows Server 2012 is generating a significant buzz among IT pros. Deb Shinder highlights several notable enhancements and new capabilities.

We’ve had a chance to play around a bit with the release preview of Windows Server 2012. Some have been put off by the interface-formerly-known-as-Metro, but with more emphasis on Server Core and the Minimal Server Interface, the UI is unlikely to be a “make it or break it” issue for most of those who are deciding whether to upgrade. More important are the big changes and new capabilities that make Server 2012 better able to handle your network’s workloads and needs. That’s what has many IT pros excited.

Here are 10 reasons to give serious consideration to upgrading to Windows Server 2012 sooner rather than later.

1: Freedom of interface choice

A Server Core installation provides security and performance advantages, but in the past, you had to make a commitment: If you installed Server Core, you were stuck in the “dark place” with only the command line as your interface. Windows Server 2012 changes all that. Now we have choices.

The truth that Microsoft realized is that the command line is great for some tasks and the graphical interface is preferable for others. Server 2012 makes the graphic user interface a “feature” — one that can be turned on and off at will. You do it through the Remove Roles Or Features option in Server Manager.

2: Server Manager

Speaking of Server Manager (Figure A), even many of those who dislike the new tile-based interface overall have admitted that the design’s implementation in the new Server Manager is excellent.

One of the nicest things about the new Server Manager is the multi-server capabilities, which makes it easy to deploy roles and features remotely to physical and virtual servers. It’s easy to create a server group — a collection of servers that can be managed together. The remote administration improvements let you provision servers without having to make an RDP connection.

3: SMB 3.0

The Server Message Block (SMB) protocol has been significantly improved in Windows Server 2012 and Windows 8. The new version of SMB supports new file server features, such as SMB transparent failover , SMB Scale Out, SMB Multichannel, SMB Direct, SMB encryption, VSS for SMB file sharing, SMB directory leasing, and SMB PowerShell. That’s a lot of bang for the buck. It works beautifully with Hyper-V, so that VHD files and virtual machine configuration files can be hosted on SMB 3.0 shares. A SQL system database can be stored on an SMB share, as well, with improvements to performance. For more details about what’s new in SMB 3.0, see this blog post.

4: Dynamic Access Control (DAC)

Even though some say Microsoft has shifted the focus away from security in recent years, it would be more accurate to say it has shifted the focus from separate security products to a more “baked in” approach of integrating security into every part of the operating system.

Dynamic Access Control is one such example, helping IT pros create more centralized security models for access to network resources by tagging sensitive data both manually and automatically, based on factors such as the file content or the creator. Then claims based access controls can be applied. Read more about DAC in my “First Look” article over on Windowsecurity.com.

5: Storage Spaces

Storage is a hot — and complex — topic in the IT world these days. Despite the idea that we’re all going to be storing everything in the public cloud one day, that day is a long way off (and for many organizations concerned about security and reliability, it may never happen). There are myriad solutions for storing data on your network in a way that provides better utilization of storage resources, centralized management, and better scalability, along with security and reliability. Storage area networks (SANs) and network attached storage (NAS) do that, but they can be expensive and difficult to set up.

Storage Spaces is a new feature in Server 2012 that lets you use inexpensive hard drives to create a storage pool, which can then be divided into spaces that are used like physical disks. They can include hot standby drives and use redundancy methods such as 2- or 3-way mirroring or parity. You can add new disks any time, and a space can be larger than the physical capacity of the pool. When you add new drives, the space automatically uses the extra capacity. Read more about Storage Spaces in this MSDN blog post.

6: Hyper-V Replica

Virtualization is the name of the game in the server world these days, and Hyper-V is Microsoft’s answer to VMware. Although the latter had a big head start, Microsoft’s virtualization platform has been working hard at catching up, and many IT pros now believe it has surpassed its rival in many key areas. With each iteration, the Windows hypervisor gets a little better, and Hyper-V in Windows Server 2012 brings a number of new features to the table. One of the most interesting is Hyper-V Replica.

This is a replication mechanism that will be a disaster recovery godsend to SMBs that may not be able to deploy complex and costly replication solutions. It logs changes to the disks in a VM and uses compression to save on bandwidth, replicating from a primary server to a replica server. You can store multiple snapshots of a VM on the replica server and then select the one you want to use. It works with both standalone hosts and clusters in any combination (standalone to standalone, cluster to cluster, standalone to cluster or cluster to standalone). To find out more about Hyper-V replica, see this TechNet article.

7: Improvements to VDI

Windows Terminal Services has come a long way, baby, since I first met it in Windows NT TS Edition. Renamed Remote Desktop Services, it has expanded to encompass much more than the ability to RDP into the desktop of a remote machine. Microsoft offered a centralized Virtual Desktop Infrastructure (VDI) solution in Windows Server 2008 R2, but it was still a little rough around the edges. Significant improvements have been made in Server 2012.

You no longer need a dedicated GPU graphics card in the server to use RemoteFX, which vastly improves the quality of graphics over RDP. Instead, you can use a virtualized GPU on standard server hardware. USB over RDP is much better, and the Fair Share feature can manage how CPU, memory, disk space, and bandwidth are allocated among users to thwart bandwidth hogs. Read more about Server 2012 VDI and RDP improvements here.

8: DirectAccess without the hassle factor

DirectAccess was designed to be Microsoft’s “VPN replacement,” a way to create a secure connection from client to corporate network without the performance drain and with a more transparent user experience than a traditional VPN. Not only do users not have to deal with making the VPN work, but administrators get more control over the machines, with the ability to manage them even before users log in. You apply group policy using the same tools you use to manage computers physically located on the corporate network.

So why hasn’t everyone been using DirectAccess with Server 2008 R2 instead of VPNs? One big obstacle was the dependency on IPv6. Plus, it couldn’t be virtualized. Those obstacles are gone now. In Windows Server 2012, DirectAccess works with IPv4 without having to fool with conversion technologies, and the server running DirectAccess at the network edge can now be a Hyper-V virtual machine. The Server 2012 version of DA is also easier to configure, thanks to the new wizard.

9: ReFS

Despite the many advantages NTFS offers over early FAT file systems, it’s been around since 1993, and Windows aficionados have been longing for a new file system for quite some time. Way back in 2004, we were eagerly looking forward to WinFS, but Vista disappointed us by not including it. Likewise, there was speculation early on that a new file system would be introduced with Windows 7, but it didn’t happen.

Windows Server 2012 brings us our long-awaited new file system, ReFS or the Resilient File System. It supports many of the same features as NTFS, although it leaves behind some others, perhaps most notably file compression, EFS, and disk quotas. In return, ReFS gives us data verification and auto correction, and it’s designed to work with Storage Spaces to create shrinkable/expandable logical storage pools. The new file system is all about maximum scalability, supporting up to 16 exabytes in practice. (This is the theoretical maximum in the NTFS specifications, but in the real world, it’s limited to 16 terabytes.) ReFS supports a theoretical limit of 256 zetabytes (more than 270 billion terabytes). That allows for a lot of scaling.

10: Simplified Licensing

Anyone who has worked with server licenses might say the very term “simplified licensing” is an oxymoron. But Microsoft really has listened to customers who are confused and frustrated by the complexity involved in finding the right edition and figuring out what it’s really going to cost. Windows Server 2012 is offered in only four editions: Datacenter, Standard, Essentials, and Foundation. The first two are licensed per-processor plus CAL, and the latter two (for small businesses) are licensed per-server with limits on the number of user accounts (15 for Foundation and 25 for Essentials).

To View Full Article Click Here

Get SSL Trusted Certificates at a Low Price

SSL Certificate

With Purchasing SSL Certificates through BigBeagle.com you receive the following great services!

  • Includes a FREE website Malware Scanner to monitor your site for malicious links inserted by hackers trying to spread worms, viruses and spyware to your visitors.
  • Pay up to 90% LESS and get your certificate FAST!
  • Encrypts data transferred to and from your site and protects against session hijacking attacks, including Firesheep.
  • Secure UNLIMITED servers. Compare that to other Certification Authorities that charge for licensing on each server.
  • Enjoy the backing of established industry standards. There is NO TECHNICAL DIFFERENCE between our certificates and any other major Certification Authority.
  • 99.9% browser recognition and up to 256 bit-encryption.
  • Get industry-best service and support! Help is always there when you need it.

About Our SSL’s:

  • One SSL Covers Unlimited Servers
  • Cost up to 90% Less
  • Among the First to Offer Green Browser Bar
  • Works with all Major Browsers
  • Backed by industry-best support

Need an SSL certificate that supports Intel vPro technology for remote PC management? Check out our Deluxe Certificate

Call (888) 505-1532 to get started now or Click Here

Apples URGENT iPhone Software Update for CRITICAL Spyware Vulnerability

Apple has updated its software for iPhones to address a critical vulnerability that independent researchers say has been exploited by notorious surveillance software to spy on a Saudi activist.

Researchers from the University of Toronto’s Citizen Lab said the software exploit has been in use since February and has been used to deploy Pegasus, the spyware made by Israeli firm NSO Group that has allegedly been used to surveil journalists and human rights advocates in multiple countries.

The urgent update that Apple (AAPL) released Monday plugs a hole in the iMessage software that allowed hackers to infiltrate a user’s phone without the user clicking on any links, according to Citizen Lab. The Saudi activist chose to remain anonymous, Citizen Lab said.

Apple credited the Citizen Lab researchers for finding the vulnerability.

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Ivan Krsti?, head of Apple Security Engineering and Architecture, said in a statement.

Krsti? said Apple rapidly addressed the issue with a software fix and that the vulnerability is “not a threat to the overwhelming majority of our users.”

Still, security experts encouraged users to update their mobile devices for protection.

In a statement, NSO Group did not address the allegations, only saying, “NSO Group will continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime.”

The firm has previously said its software is only sold to vetted customers for counterterrorism and law enforcement purposes.

Researchers, however, say they have found multiple cases in which the spyware was deployed on dissidents or journalists. In 2019, Citizen Lab analysts alleged that Pegasus was used on the mobile phone of the wife of a slain Mexican journalist.

In a lawsuit filed in 2019, Facebook accused NSO Group of being complicit in a hack of 1,400 mobile devices using WhatsApp. (NSO Group disputed the allegations at the time.)

The proliferation of easy-to-use mobile hacking tools has given governments around the world a new and stealthy means of targeting adversaries. Sophisticated spyware made by NSO Group and other vendors has been reportedly used from Uzbekistan to Morocco.

The surge in spyware prompted a United Nations panel of human rights experts in August to call for a moratorium on the sale of such surveillance tools. The UN panel said the ban should remain in place until governments have “put in place robust regulations that guarantee its use in compliance with international human rights standards.”

Cyber Security Awareness

As school, socializing, and many aspects of life have moved online this year, it’s more important than ever that you protect your digital devices and steer clear of cybercriminals. Computer security threats are relentlessly inventive. Masters of disguise and manipulation, these threats constantly evolve to find new ways to annoy, steal and harm. Arm yourself with information and resources to safeguard against complex and growing computer security threats and stay safe online.

Examples of Online Cybersecurity Threats

Computer Viruses

Probably the most eminent computer security threat, a computer virus is a program written to alter the way a computer operates, without the permission or knowledge of the user. A virus replicates and executes itself, usually doing damage to your computer in the process.

What can you do to avoid computer viruses? Carefully evaluate free software, downloads from peer-to-peer file sharing sites, and emails from unknown senders. These things are critical to avoiding viruses. Most web browsers have security settings which can be configured for top defense against online threats. But, as we’ll say again and again, the single most-effective way of fending off viruses is up-to-date antivirus software and monitoring agent, like we include in our Managed Service Plans.

Spyware Threats

A serious computer security threat, spyware is any program that monitors your online activities or installs programs without your consent for profit or to capture personal information.

While many users won’t want to hear it, reading terms and conditions is a good way to build an understanding of how your activity is tracked online. As always, if a company you do not recognize is advertising for a deal that seems too good to be true, be sure you have an internet security solution in place and click with caution.

Hackers and Predators

People, not computers, create computer security threats and malware. Hackers and predators are programmers who victimize others for their own gain by breaking into computer systems to steal, change, or destroy information as a form of cyber-terrorism. These online predators can compromise credit card information, lock you out of your data, and steal your identity. As you may have guessed, online security tools with identity theft protection are one of the most effective ways to protect yourself from this brand of cybercriminal.

Phishing

Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. Phishing attacks are some of the most successful methods for cybercriminals looking to pull off a data breach. Antivirus solutions with identity theft protection can be taught to recognize phishing threats in fractions of a second.

Cyber Safety Tips

  • Keep software systems up to date and use a good anti-virus program.
  • Examine the email address and URLs in all correspondence. Scammers often mimic a legitimate site or email address by using a slight variation in spelling.
  • If an unsolicited text message, email, or phone call asks you to update, check, or verify your account information, do not follow the link provided in the message itself or call the phone numbers provided in the message. Go to the company’s website to log into your account or call the phone number listed on the official website to see if something does in fact need your attention.
  • Do not open any attachments unless you are expecting the file, document, or invoice and have verified the sender’s email address.
  • Scrutinize all electronic requests for a payment or transfer of funds.
  • Be extra suspicious of any message that urges immediate action.
  • Confirm requests for wire transfers or payment in person or over the phone as part of a two-factor authentication process. Do not verify these requests using the phone number listed in the request for payment.

 

If you have any questions, please email us at support@sjtechies.com or call us at (856) 745-9990.

Cyber-attack hits world’s largest meat supplier

The breach is the latest targeting of a crucial supply chain and comes three weeks after the Colonial Pipeline hack disrupted fuel operations in the U.S.

Here’s what we know:

What is JBS?
JBS USA is part of JBS Foods, one of the world’s largest food companies. It has operations in 15 countries and has customers in about 100 countries, according to its website. Its customers include supermarkets and fast food outlet McDonald’s and in the US, JBS processes nearly one quarter of the county’s beef and one-fifth of its pork. JBS’s five biggest beef plants are in the US, and the shutdowns have halted a fifth of meat production there, according to Bloomberg.

Its brands include Pilgrim’s, Great Southern and Aberdeen Black. The US headquarters is based in Greeley, Colorado, and it employs more than 66,000 people.

What happened?
Hackers attacked the company’s IT system last weekend, prompting shutdowns at company plants in North America and Australia. IT systems are essential in modern meat processing plants, with computers used at multiple stages including billing and shipping.
JBS hack shuttered nine US beef plants but normal operations to resume Wednesday
The hack, which the White House described Tuesday as ransomware, affected all of JBS’s US meatpacking facilities, according to an official at the United Food and Commercial Workers union that represents JBS employees. The cyberattack resulted in the closure of all nine of the company’s US beef plants, which are located in states including Arizona, Texas, Nebraska, Colorado, Wisconsin, Utah, Michigan and Pennsylvania, the union official said. The company said on Monday that it suspended all affected IT systems as soon as the attack was detected, and that its backup servers were not hacked.

The White House has said that the ransomware attack was likely carried out by a Russia-based criminal organization, and that it is dealing with the Russian government on the matter.
JBS’ operations in Australia were also affected. The Australian Meat Industry Council, a major trade group, said in a statement that “there is no indication whatsoever that this cyberattack will cause a major impact on Australian domestic red meat and pork products supply.”

What is ransomware?
In a ransomware attack, hackers steal an organization’s data and lock its computers. Victims must pay to regain access to their network and prevent the release of sensitive information.
Some sophisticated ransomware hackers, such as the Russian hacker group Darkside, sell their ransomware technology and take a cut of any ransoms paid to their customers.

Experts generally encourage ransomware victims not to pay any ransom. But a company’s ability to get back online without paying hackers may depend on whether it has protected backups of its data. In some cases, hackers can delete their target’s backups before locking its files, leaving the victim organization with no recourse.

JBS did not comment to CNN about details of the ransomware attack, including whether it paid the ransom.

This kind of cyberattack sounds familiar. Where have I heard that?
The hack comes a few weeks after a ransomware attack targeted Colonial Pipeline, which forced a six-day shutdown of one of the United States’ largest fuel pipelines. That May attack resulted in gas shortages, spiking prices and consumer panic. Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom to the cyber-criminal gang responsible.

Similar to JBS, Colonial Pipeline’s systems were hit with ransomware. Once a company has been hit by ransomware, its first course of action is usually to take much or all of its systems offline to isolate the hackers’ access and make sure they can’t move into other parts of the network.
That may be among the reasons why JBS shut down its operations and Colonial shut down its pipeline — to disconnect the companies’ operations from the IT systems that hackers breached. People briefed on the Colonial attack have said that the company halted operations because its billing system was also compromised and feared they wouldn’t be able to determine how much to bill customers for fuel they received.
The pipeline has since returned to normal operations.

Don’t be the next victim of a ransomware attack. Contact South Jersey Techies to discuss how your critical information can be secure.

If you have any questions, please email us at support@sjtechies.com or call us at (856) 745-9990.

 

 

Is Your Organization Using SHA-1 SSL Certificates? If so here’s what you need to know and do:

ssl

 

Following a recommendation by the National Institute of Standards and Technology (NIST), Microsoft will block Windows from accepting SSL certificates encrypted with the Secure Hash Algorithm-1 (SHA-1) algorithm after 2016. Given the number of mission-critical SSL certificates that are allowed to expire from inattention, administrators have their work cut out for them. By knowing what will happen, why it’s happening, and what you need to do, you won’t be surprised by these important policy changes.

What’s Happening?

On November 12, 2013, Microsoft announced that it’s deprecating the use of the SHA-1 algorithm in SSL and code signing certificates. The Windows PKI blog post “SHA1 Deprecation Policy” states that Windows will stop accepting SHA-1 end-entity certificates by January 1, 2017, and will stop accepting SHA-1 code signing certificates without timestamps after January 1, 2016. This policy officially applies to Windows Vista and later, and Windows Server 2008 and later, but it will also affect Windows XP and Windows Server 2003.

SHA-1 is currently the most widely used digest algorithm. In total, more than 98 percent of all SSL certificates in use on the Web are still using the SHA-1 algorithm and more than 92 percent of the certificates issued in the past year were issued using SHA-1.

Website operators should be aware that Google Chrome has started warning end users when they connect to a secure website using SSL certificates encrypted with the SHA-1 algorithm. Beginning in November 2014 with Chrome 39, end users will see visual indicators in the HTTP Secure (HTTPS) address bar when the site to which they’re connecting doesn’t meet the SHA-2 requirement. Figure 1 shows those indicators.

 

Figure 1: Visual Indicators in the HTTPS Address Bar

 

Google is doing this to raise end users’ awareness and to help guide other members of the Internet community to replace their SHA-1 certificates with SHA-2 certificates.

Why Is Microsoft Deprecating SHA-1?

SHA-1 has been in use among Certificate Authorities (CAs) since the U.S. National Security Agency (NSA) and NIST first published the specification in 1995. In January 2011, NIST released Special Publication 800-131A, “Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.” This publication noted that SHA-1 shouldn’t be trusted past January 2016 because of the increasing practicality that a well-funded attacker or government could find a SHA-1 hash collision, allowing them to impersonate any SSL website.

Realizing that it’s highly unlikely that CAs and the industry at large will adopt more powerful encryption algorithms on their own, Microsoft is leading the charge by making Windows reject certificates using SHA-1 after January 1, 2017. Doing this will lead website operators to upgrade to stronger SHA-2 certificates for the betterment of all Windows users and the broader public key infrastructure (PKI) community. The Windows PKI blog post “SHA1 Deprecation Policy” noted that, “The quicker we can make such a transition, the fewer SHA-1 certificates there will be when collisions attacks occur and the sooner we can disable SHA1 certificates.”

In the end, the issue isn’t if SHA-1 encryption will be cracked but rather when it will be cracked.

What Do I Need to Do?

January 1, 2017, might seem like a long way away, but now is the time to understand the problem and how to mitigate it.

As per Microsoft’s SHA-1 deprecation policy, Windows users don’t need to do anything in response to this new technical requirement. XP Service Pack 3 (SP3) and later versions support SHA-2 SSL certificates. Server 2003 SP2 and later versions add SHA-2 functionality to SSL certificates by applying hotfixes (KB968730 and KB938397).

Web administrators must request new certificates to replace SHA-1 SSL and code-signing certificates that expire after January 1, 2017. As of this writing, that would probably affect only public SHA-1 certificates that were purchased with a long expiration date (three years or more) or long-duration certificates issued by internal SHA-1 CAs. Most third-party CAs will rekey their certificates for free, so you simply need to contact the CA to request a rekeyed certificate that uses the SHA-2 algorithm.

When ordering new SSL certificates, you should confirm with the CA that they’re being issued with the SHA-2 algorithm. New certificates with expiration dates after January 1, 2017, can only use SHA-2. Code-signing certificates with expiration dates after December 31, 2015, must also use SHA-2.

Note that the algorithm used in SHA-2 certificates is actually encoded to use SHA-256, SHA-384, or SHA-512. All of these are SHA-2 algorithms; the SHA number (e.g., 256) specifies the number of bits in the hash. The larger the hash, the more secure the certificate but possibly with less compatibility.

It’s important that the certificate chain be encrypted with SHA-2 certificates. (A certificate chain consists of all the certificates needed to certify the end certificate.) This means that any intermediate certificates must also use SHA-2 after January 1, 2017. Typically, your CA will provide the intermediate and root CA certificates when they provide the SHA-2 certificate. Sometimes they provide a link for you to download the certificate chain. It’s important that you update this chain with SHA-2 certificates. Otherwise, Windows might not trust your new SHA-2 certificate.

Root certificates are a different story. These can actually be SHA-1 certificates because Windows implicitly trusts these certificates since the OS trusts the root certificate public key directly. A root certificate is self-signed and isn’t signed by another entity that has been given authority.

For the same reason, any self-signed certificate can use the SHA-1 algorithm. For example, Microsoft Exchange Server generates self-signed SHA-1 certificates during installation. These certificates are exempt from the new SHA-2 policy since they aren’t chained to a CA. I expect, however, that future releases of Exchange will use SHA-2 in self-signed certificates.

What About My Enterprise CAs?

If your organization has its own internal CA PKI, you’ll want to ensure that it’s generating SHA-2 certificates. How this is done depends on whether the CA is running Windows Server 2008 R2 or later and if your CA has subordinate CAs.

If you have a Server 2008 R2 or later single-root CA without subordinates, you should update the CA to use SHA-2. Doing so will ensure that subsequent certificates generated will use the SHA-2 algorithm. To check which hash algorithm is being used, you can right-click the CA and go to the General tab. If SHA-1 is listed, you can run the following certutil command to configure the CA to use the SHA-256 algorithm:

certutil -setreg ca\csp\CNGHashAlgorithm SHA256

You must restart the CertSvc service to apply the change. Now when you view the CA properties, you’ll see that the hash algorithm is SHA-256. All future certificates issued by this CA will use SHA-256, but keep in mind that existing certificates will still be using SHA-1. You need to renew any SHA-1 certificates issued by this CA to upgrade them to SHA-2 certificates.

If your CA is older than Server 2008 R2, you can’t upgrade the CA to use SHA-2. You’ll need to rebuild it with a newer version.

If your organization’s internal CA is multi-tiered with one or more subordinate CAs, you’ll need to reconfigure them to use SHA-2. This is done using the same certutil command just given on each subordinate or issuing CA. Keep in mind that if you use subordinate CAs, you’re not required to update the root CA to SHA-2 since that certificate is at the top of the certificate chain, but it won’t cause any problems if you do. You still need to renew any SHA-1 certificates issued by the subordinate CAs to upgrade them to SHA-2 certificates.

Take Action Now

Administrators and website operators should identify all the SSL certificates used in their organizations and take action, as follows:

  • SHA-1 SSL certificates expiring before January 1, 2017, will need to be replaced with a SHA-2 equivalent certificate.
  • SHA-1 SSL certificates expiring after January 1, 2017, should be replaced with a SHA-2 certificate at the earliest convenience.
  • Any SHA-2 certificate chained to an SHA-1 intermediate certificate should be replaced with another one chained to an SHA-2 intermediate certificate.

The following tools and websites are useful for testing and for further information about SHA-1 remediation:

  • Microsoft Security Advisory 2880823. This website discusses the deprecation policy for the SHA-1 hashing algorithm for the Microsoft Root Certificate Program.
  • Migrating a Certification Authority Key from a Cryptographic Service Provider (CSP) to a Key Storage Provider (KSP). The section “How to migrate a CA from a CSP to a KSP and optionally, from SHA-1 to SHA-2” in this TechNet web page provides detailed instructions for upgrading a CA to use SHA-2.
  • Gradually sunsetting SHA-1.” This Google Online Security Blog post explains how the transition to SHA-2 affects Chrome and details Google’s rollout schedule.
  • SHA-256 Compatibility. This GlobalSign web page lists OS, browser, server, and signing support for SHA-256 certificates.
  • DigiCert SHA-1 Sunset Tool. This free web application tests public websites for SHA-1 certificates that expire after January 1, 2016.
  • DigiCert Certificate Inspector. This tool discovers and analyzes all certificates in an enterprise. It’s free, even if you don’t have a DigiCert account.
  • Qualys SSL Labs’ SSL Server Test. This free online service analyzes the configuration of any SSL web server on the public Internet.

49% of businesses fell victim to cyber ransom attacks in 2016

Ransom is the top motivation behind cyber attacks, according to a report from Radware, and IT professionals are most concerned about data loss. Here’s what you need to know.

Nearly half of businesses report that they were the subject of a cyber-ransom campaign in 2016, according to Radware’s, Global Application and Network Security Report 2016-2017.

Data loss topped the list of IT professionals’ cyber attack concerns, the report found, with 27% of tech leaders reporting this as their greatest worry. It was followed by service outage (19%), reputation loss (16%), and customer or partner loss (9%).

Malware or bot attacks hit half of all organizations surveyed in the last year. One reason for the pervasive attacks? The Internet of Things (IoT). Some 55% of respondents reported that IoT ecosystems had complicated their cybersecurity detection measures, as they create more vulnerabilities.

Ransomware attacks in particular continue to increase rapidly: 41% of respondents reported that ransom was the top motivator behind the cyber attacks they experienced in 2016. Meanwhile, 27% of respondents cited insider threats, 26% said political hacktivism, and 26% said competition.

While large-scale DDoS attacks dominated the headlines of 2016, this report found that only 4% of all attacks were more than 50 Gbps, while more than 83% of DDoS attacks reported were under 1 Gbps.

“One thing is clear: Money is the top motivator in the threat landscape today,” said Carl Herberger, vice president of security solutions at Radware, in a press release. “Attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data.”

Despite the growth in attacks, some 40% of organizations reported that they do not have an incident response plan in place, the survey found.

The report listed five cybersecurity predictions for 2017:

1. IoT will become an even larger risk. The Mirai IoT Botnet code is available to the public, making it more likely that cyber criminals of all experience levels are already strengthening their capabilities. “In 2017, exponentially more devices are expected to become targeted and enslaved into IoT botnets,” the press release stated. “IoT device manufacturers will have to face the issue of securing their devices before they are brought to market, as botnet attacks from these devices can generate large-scale attacks that easily exceed 1 Tbps.”

2. Ransomware attacks will continue to grow. These attacks will target phones, laptops, and company computers, and will likely take aim at healthcare devices such as defibrillators in the future, the press release stated.

3. Permanent Denial of Service (PDoS) attacks on data centers and IoT operations will rise. PDoS attacks, sometimes called “phlashing,” damage a system to the degree that it requires hardware replacement or reinstallation. These attacks are not new, but Radware predicts they are likely to become more pervasive in 2017 with the plethora of personal devices on the market.

4. Telephony DoS (TDoS) will become more sophisticated. These attacks, which cut off communications in a crisis, “could impede first responders’ situational awareness, exacerbate suffering and pain, and potentially increase loss of life,” the press release stated.

5. Public transportation system attacks will rise. As cars, trains, and planes become more automated, they also become more vulnerable to hackers, Radware stated.

You help your business avoid ransomware attacks and other cyber threats by keeping software up to date, backing up all information every day to a secure, offsite location, segmenting your network, performing penetration testing, and training staff on cyber security practices.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

How to take control of your privacy in Windows 10

Where do you draw the line on personal privacy? The right options are different for everyone. This guide shows the privacy settings that will help you to create the right balance of privacy and convenience in Windows 10.

windows-10-privacy-blinds

Over the past year, We’ve read countless “privacy guides” for Windows 10. Most are well-intentioned, but they invariably take a simplistic approach to privacy: Just turn off every switch in the Privacy section of the Settings app.

If you do that, you’re not understanding the privacy landscape, which encompasses far more than just those settings. You’re also missing some important additional steps.

Windows 10 is a mix of software and services. With every session, a Windows 10 device exchanges a great deal of information with Microsoft’s servers. That’s neither unusual nor alarming. Microsoft’s chief rivals, Google and Apple, are also blending services into their software, with the goal of making your life easier and making that software more reliable.

So are other tech companies that you don’t think of as software companies: Amazon, with the Echo. Tesla, with its self-updating, software-driven cars. Your thermostat and your home security system.

There’s something profoundly satisfying about a service that anticipates your every move, reminding you when to leave for an appointment to arrive on time, or to pick up flowers for your anniversary tomorrow. Your digital personal assistant, whether it’s Siri or Cortana or Alexa or Google, needs to be able to see your calendar and contacts to make that magic happen.

But when that sort of personal attention goes too far, it “crosses the creepy line,” to use a phrase that Eric Schmidt probably regrets uttering when he was Google’s CEO.

The thing about that line is that it’s drawn in a different place for everyone. There are people who are thrilled at the idea that their PC or mobile device is so familiar with their actions that it can anticipate what they’ll do next. I know others who would like to build a virtual Faraday cage around their computing hardware so that none of their personal details can escape.

Both of those viewpoints, and everything in between, are perfectly valid. That’s why the software and services we use are loaded with switches and dials designed to help you take control of their potential privacy impact.

In this post, We’ll walk you through the big privacy questions for Windows 10, with enough context to help you decide which settings are right for you.

Note that this guide assumes you are using Windows 10 on a personal PC or one in your small business. If you are in an enterprise setting, or if you are in a regulated industry, you should seek professional assistance to ensure that you’re meeting proper standards.

Let’s start with the part of your PC that has the biggest impact on your personal privacy.

THE NETWORK

No one knows more about your online identity than your Internet service provider. Every packet you send or receive from anywhere online goes through their servers. When you travel and connect to Wi-Fi networks that are under the control of others, the owners of those networks can see every connection you make and can intercept their contents.

Regardless of the platform you use, that’s why it’s important you use encrypted connections for any kind of sensitive communications. Using a virtual private network whenever possible is an excellent best practice.

Windows 10 does offer one obscure option that can help protect third parties from tracking your movements based on your connections to Wi-Fi networks. (Note that this feature requires support from your Wi-Fi adapter, so if you don’t see this option, the most likely explanation is that your hardware doesn’t support it.) Under Settings > Network & Internet > Wi-Fi, turn the Use random hardware addresses setting to On.

windowsprivacy02

That step keeps third parties from matching your Wi-Fi adapter’s hardware address with your personal information, making it more difficult to track your location.

THE BROWSER

Countless third-party ad networks and analytics companies use cookies and other tracking technology to record your movements around the web and to correlate your online activities with your offline identity.

The result is a digital fingerprint that can be extraordinarily detailed and, unfortunately, outside of your ability to change.

To limit the amount of information that those ad and analytics companies know about you from your web browsing, consider third-party anti-tracking software such as Abine’s Blur, which is available for every web browser except Microsoft Edge. (That lack of solid support for add-ons is one reason I can’t yet recommend Edge as a full-time browser for most Windows 10 users.)

Another privacy product worth considering is Ghostery, although some are suspicious of this browser extension because of its uncomfortably close ties to the online advertising industry.

Ad-blocking software can also provide some privacy protection as a side-effect of performing its basic function. Here, too, watch out for close ties between some ad-blocking add-ins and the third-party trackers they supposedly protect you from.

Note that none of these steps is unique to Windows 10. Anti-tracking software is typically a browser add-in and works with most popular browsers.

THE OPERATING SYSTEM

With those two big, platform-independent factors out of the way, we can now turn to Windows 10 itself. When you use a Windows 10 device, it is capable of sharing the following types of information with Microsoft’s servers:

Your location

Windows 10 can determine your location to help with actions like automatically setting your current time zone. It can also record a location history on a per-device basis. Go to Settings > Privacy > Location to control the following:

  • Location on/off?Use the master switch at the top of this page to disable all location features for all users of the current device.
  • Location service on/off?If location is on for Windows, you can still turn it off for your user account here.
  • General location?This allows you to set a city, zip code, or region so that apps can deliver relevant content.
  • Default location?Click Set default to open the Maps app and specify the location you want Windows to use when a more precise location is not available.
  • Location history?Click Clear to erase the saved history for a Windows 10 device.

If location is on, a list at the bottom of the Settings > Privacy > Location page allows you to disable access to that data on a per-app basis.

Your input

If you enable Cortana, Windows 10 uploads some info from your devices, such as your calendar, contacts, and location and browsing history, so that Cortana can make personalized recommendations. If you don’t want any accounts on your PC to use Cortana, follow the steps in this article to disable the feature completely: Turn off Cortana completely.

Windows 10 uses some feedback from the way you type, write, and speak to improve performance for you and as a way to improve the overall platform. This isn’t keystroke logging; rather, the operating system uses a very small amount of information. A separate feature uses your speech and writing history to make better suggestions in Windows and Cortana.

You can control this collection with two sets of controls:

Under Settings > Privacy > General, click Info about how I write and turn it off so that your typos aren’t used to improve things like the built-in spell checker.

Under Settings > Privacy > Speech, inking, & typing, under the Getting to know you heading, click Stop getting to know me to turn off personalization.

To clear previously saved information associated with your Microsoft account, click the first link under the Manage cloud info heading. That takes you to this Bing Personalization page, which includes this prominent button:

windows-privacy01

Click Clear to remove that saved information from the cloud.

Files and settings

When you sign in with a Microsoft account, you have the option to save files to the cloud using OneDrive. Windows 10 also syncs some settings to OneDrive, allowing you to have the same desktop background, saved passwords, and other personalized settings when you sign in with that account on multiple PCs.

If you use a local account, of course, none of your settings are synced. If you use a Microsoft account, you can turn off syncing completely or remove certain settings from the sync list by going to Settings > Accounts > Sync Your Settings.

OneDrive is an opt-in service. If you don’t sign in, it does nothing. You can’t save files to OneDrive accidentally, and no files are uploaded without your explicit permission, which you can revoke any time. To disable OneDrive for all users on your PC, follow these instructions: Shut down OneDrive completely.

Telemetry

Microsoft, like all modern software companies, uses feedback from its installed base to identify problems and improve performance. In Windows 10, this feedback mechanism produces diagnostics data (aka telemetry) that is uploaded to Microsoft at regular intervals. The data is anonymized and is not used to create a profile of you.

The default telemetry setting for all consumer and small business versions of Windows 10 is Full, which means that the uploaded data also includes details (also anonymized) about app usage. If you are concerned about possible inadvertent leakage of personal information, I recommend that you go to Settings > Privacy > Feedback & diagnostics and change the Diagnostic and usage data setting to Basic.

THE APPS

Although the number of subcategories under the Privacy heading in Settings seems daunting, most of them govern access to your information by Windows Store apps. That set of apps includes those that are preinstalled (Mail, Calendar, Groove Music, Photos, and so on) as well as those you acquire from the Store.

Most of the categories offer a single on-off switch at the top, which you can use to disable all access to that feature by all apps. If you leave the feature enabled, you can use a list of apps at the bottom of the page to enable or disable access on a per-app basis.

This capability works the same with the following categories: Camera, Microphone, Notifications, Account Info, Call History, and Radios. The Other Devices category lets apps automatically share and sync info with wireless devices that aren’t explicitly paired with your PC. Use the Background Apps category to specify which apps are allowed to work in the background.

If Location is enabled, you have the option to disable location access on a per-app basis and to disable Geofencing.

The Contacts, Calendar, Email, and Messaging categories allow you to control which apps can have access to these features. If you want to share content from an app using email or messaging, this option has to be on for that app. Note that Mail and Calendar, People, and Phone always have access to your contacts; Mail and Calendar are always allowed to access and send email and always have access to your calendar.

Finally, one horribly misunderstood setting is available under Settings > Privacy > General. Advertising ID controls whether Microsoft serves personalized ads to ad-supported apps. If you turn this option off, you still get ads, but they’re not personalized. In any case, your information is not shared with advertisers.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Mozilla Joins Google and Facebook in Phasing Out Adobe Flash

Web browsers don’t like the security and stability problems that come with Flash.

Another popular web browser has had it with Adobe Flash.

Mozilla said this week that it plans to gradually wean its Firefox web browser from Adobe’s ADBE -1.07% multimedia player. In August, Firefox will no longer support “certain Flash content” that it deems “not essential to the user experience,” although Mozilla did not specify what type of Flash content it was referring to.

Mozilla will still support “legacy Flash content” for an unspecified time, but the company urged websites that use Flash or Microsoft MSFT -0.25% Silverlight, another multimedia web player similar to Flash, for their videos or online games to adopt newer “HTML technologies as soon as possible.”

In May, Google GOOG -0.59% detailed its plans to end support of Flash for its Chrome web browser, and it hopes to completely rid itself of Flash advertisements by the beginning of 2017.

Google, like Adobe, is urging website operators to switch to the HTML5 coding language to display multimedia like video on their sites.

Flash is notoriously buggy and prone to many security vulnerabilities. Firefox believes that by ending support for Flash, its users will see “enhanced security, improved battery life, faster page load, and better browser responsiveness.”

Still, Mozilla is not totally cutting ties with Adobe. Mozilla said it would “continue to work closely with Adobe to deliver the best possible Flash experience for our users” as it phases the multimedia player out, and said that an engineering partnership between the two companies has improved some performance and stability in Firefox when it displays Flash content.

Last summer, Facebook’s FB -0.27% chief security officer Alex Stamos urged Adobe via Twitter to disable Flash because of its security vulnerabilities.

In April, Adobe issued an emergency update to Flash after security researchers found a flaw that allowed hackers to distribute so-called ransomware to owners of Microsoft Windows personal computers. Ransomware is basically a form of malware that lets hackers block people from accessing their computer or related computer networks so that a hacker can demand payment in return for access.

In 2010, legendary Apple AAPL -1.32% CEO Steve Jobs wrote a 1,700 word essay on Flash and why Apple’s problems with the multimedia player, which he claimed hurt the “reliability and security of our iPhones, iPods and iPads.”

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

CALL US NOW!