Back to Top

Tech, Web, Cloud & Cabling Services

Category: BigBeagle.com

BigBeagle.com Category

How to avoid ransomware attacks: 10 tips

As ransomware increasingly targets healthcare organizations, schools and government agencies, security experts offer advice to help IT leaders prepare and protect.

Nigerian princes are no longer the only menaces lurking in an employee’s inbox. For healthcare organizations, schools, government agencies and many businesses, ransomware attacks—an especially sinister type of malware delivered through spear phishing emails that locks up valuable data assets and demands a ransom to release them—are a rapidly-growing security threat.

“We’re currently seeing a massive explosion in innovation in the types of ransomware and the ways it’s getting into organizations,” says Rick McElroy, security strategist for cyber security company Carbon Black Enterprise Response. “It’s a big business, and the return on investment to attackers is there—it’s going to get worse.”

While ransomware has existed for years, 2015 saw a spike in activity. The FBI received 2,453 complaints, with losses of over $1.6 million, up from 1,402 complaints the year before, according to annual reports from the bureau’s Internet Crime Complaint Center. And the numbers are only growing in 2016, the FBIreports.

“The Dark Web and Bitcoin allow almost anyone to sell stolen data without identification—cyber criminals understand they can make easy cash without the risk of being jailed,” says Ilia Kolochenko, CEO of web security company High-Tech Bridge. And hackers—most of which are located in developing countries—are growing more sophisticated, even developing downloadable ransomware toolkits for less-experienced hackers to deploy, according to the 2016 Institute for Critical Infrastructure Technology Ransomware Report.

“The days of grammatically incorrect, mass spam phishing attacks are pretty much over,” says James Scott, senior fellow and co-founder of the Institute for Critical Infrastructure Technology, and co-author of the report. Hackers can now check a victim’s social media accounts, and create a fake email address pretending to be a friend or contact in order to get them to click on an infected link or attachment. “It’s much more targeted, and will exploit a particular vulnerability in a device, application, server or software,” Scott adds.

A typical ransom demand is $300, according to a report from security firm Symantec.

Health threats

The healthcare sector is highly targeted by hacker attacks, due to antiquated or misconfigured computer security systems and the amount of sensitive data they hold, says David DeSanto, director of projects and threat researcher at Spirent Communications.

The large number of employees at most hospitals also makes cyber security safety training difficult, DeSanto says. Experts commonly see attacks occur through spear phishing—targeted emails with attachments with names such as “updated patient list,” “billing codes” or other typical hospital communications that employees may click on if not warned.

In 2015, over 230 healthcare breaches impacted the records of 500-plus individuals, according to data from the U.S. Department of Health and Human Services Office for Civil Rights.

A February ransomware attack launched against Hollywood Presbyterian Medical Center in southern California locked access to certain computer systems and left staff unable to communicate electronically for 10 days. The hospital paid a $17,000 ransom in bitcoin to the cybercriminals, says CEO Alan Stefanek.

Following security best practices can help healthcare organizations protect themselves. “The best way is to make regular backups of all systems and critical data so that you can restore back to a known good state prior to the ransomware being on the system,” DeSanto says.

Without security best practices, healthcare organizations may be left with few options to retrieve information. In these cases, healthcare organizations may choose to pay the ransomware fee. Some make enough money that paying the ransom for a few infected computers is low compared to the cost of maintaining the infrastructure to protect these attacks, DeSanto adds.

Schools and businesses

Hackers are gaining traction and using new methods across other industry verticals as well. In 2014, a large European financial services company (whose name was not disclosed) discovered with the help of High-Tech Bridge that a hacker placed a back door between a web application and a data set.

For six months, the hacker encrypted all information before it was stored in a database, undetected by company staffers. Then, they removed the encryption key, crashing the application, and demanded $50,000 to restore access to the database.

However, the company did not end up paying, thanks to mistakes made by the hackers, Kolochenko says.

Other victims are not as lucky, says Engin Kirda, professor of computer science at Northeastern University. “If the ransomware hacker does the encryption well, once the data is encrypted it’s nearly impossible to decrypt,” he adds.

Such was the case for South Carolina’s Horry County School District this February, when hackers froze networks for 42,000 students and thousands of staff. District technology director Charles Hucks tried to shut down the system, but within minutes, the attackers immobilized 60 percent of Horry County’s computers. The district paid $8,500 in Bitcoin to unlock their systems.

Tips for IT leaders

To prevent a ransomware attack, experts say IT and information security leaders should do the following:

  1. Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  2. Keep all software up to date, including operating systems and applications.
  3. Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  4. Back up all information to a secure, offsite location.
  5. Segment your network: Don’t place all data on one file share accessed by everyone in the company.
  6. Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.
  7. Develop a communication strategy to inform employees if a virus reaches the company network.
  8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
  9. Perform a threat analysis in communication with vendors to go over the cyber security throughout the lifecycle of a particular device or application.
  10. Instruct information security teams to perform penetration testing to find any vulnerabilities.

Mitigating an attack

If your company is hacked with ransomware, you can explore the free ransomware response kit for a suite of tools that can help. Experts also recommend the following to moderate an attack:

  • Research if similar malware has been investigated by other IT teams, and if it is possible to decrypt it on your own. About 30 percent of encrypted data can be decrypted without paying a ransom, Kolochenko of High-Tech Bridge says.
  • Remove the infected machines from the network, so the ransomware does not use the machine to spread throughout your network.
  • Decide whether or not to make an official investigation, or pay the ransom and take it as a lesson learned.

“There is always going to be a new, more hyper-evolved variant of ransomware delivered along a new vector that exploits a newly-found vulnerability within a common-use application,” Scott of ICIT says. “But there are so many technologies out there that offer security—you just have to use them.”

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

Ransomware 2.0 is around the corner and it’s a massive threat to the enterprise

The profits from ransomware are making it one of the fastest growing types of malware and new versions could negatively impact entire industries, according to a Cisco report.

ransomware2.0

Despite the efforts made to improve cybersecurity at many organizations, there are too many systems with aging infrastructure and vulnerabilities that leave companies at risk, with ransomware one of the most sinister threats, according to a new Cisco report.

Ransomware is a top concern because it’s become an area of intense focus for cybercriminals due to its effectiveness at generating revenue. Once a cybercriminal hacks into a company’s files and encrypts them, victims have little option but to pay the asking price for the code to decrypt their files. Ransomware is becoming more ominous as new versions are continually being developed.

“The landscape is simple. Attackers can move at will. They’re shifting their tactics all the time. Defenders have a number of processes they have to go through,” said Jason Brvenik, principal engineer with Cisco’s security business group, discussing the Cisco 2016 Midyear Cybersecurity Report.

Cisco used data from its customers to create the report, since there are more than 16 billion web requests that go through the Cisco system daily, with nearly 20 billion threats blocked daily, and with more than 1.5 million unique malware samples daily, which works out to 17 new pieces of malware every second, Brvenik said.

Brvenik has the following recommendations for companies wanting to improve security:

  • Improve network hygiene – Improve aging infrastructure to limit vulnerabilities.
  • Integrate defenses – Use machine learning techniques combined with novel data views.
  • Measure time to detection – Find out how long an attacker can live in your network before they are found.
  • Protect your users everywhere they are – Protect users whether they’re on a laptop, a smartphone, or another device. Don’t just protect networks but protect users. They are the target.

The next step in the evolution of malware will be ransomware 2.0, which Brvenik said “will start replicating on its own and demand higher ransoms. You’ll come in Monday morning and 30% of your machines and 50% of your servers will be encrypted. That’s really a nightmare scenario.”

Ransomware campaigns started out primarily through email and malicious advertising, but now some attackers are using network and server-side vulnerabilities as well. Self-propagating ransomware will be the next step to create ransomware 2.0, and companies need to take steps to prepare and protect their company’s network, Brvenik said.

New modular strains of ransomware will be able to quickly switch tactics to maximize efficiency. For example, future ransomware attacks will evade detection by being able to limit CPU usage and refrain from command-and-control actions. These new ransomware strains will spread faster and self-replicate within organizations before coordinating ransom activities, according to the report.

JexBoxx, an open source tool for testing and exploiting JBoss application services, had been used to allow the attackers to gain access to networks in the targeted companies. Once the attackers had access to the network, they encrypted multiple Windows systems using SamSam.

Overall, in all aspects of cybersecurity, there are too many companies with vulnerabilities that haven’t been addressed. Out of 103,121 Cisco devices connected to the internet that were studied for the report, each device on average was running 28 known vulnerabilities. The devices were actively running known vulnerabilities for an average of 5.64 years, and more than 9 percent had known vulnerabilities older than 10 years, according to the report.

“In April, Cisco estimated that 10% of all JBoss servers worldwide were compromised. And they were compromised using readily available tools and old vulnerabilities. Adobe Flash is still a favorite. It gives a viable attack surface for them. And we see Microsoft Silverlight vulnerabilities. This means to us that people are opportunizing those that work for them,” Brvenik said.

Brevik noted that the nature of the attack is also likely to change, focusing on service-oriented technologies and systems, with teams ready to attack and try to compromise systems. Advertising is a viable model for attack.

“We saw a 300% increase in the use of HTTPS with malware over the past four months. Ad injection is the biggest contributor. Adversaries are using HTTPS traffic to expand time to operate. That’s the attacker opportunity as it exists today,” he said.

It’s no longer reasonable to expect to block 100% of threats, but being able to detect the threat fast, and limit the time the attacker is in your system is key to minimizing the damage. In December 2014, the median time before an attack was detected was 50 hours. In April 2016, it dipped to a median of 13 hours for the previous six months, Brvenik said.

“It is a living number as defenses improve and attackers change. This is good. It says that for the customers that have these systems, when they are compromised, they’re now down to 13 hours as a median time to detect it. I wouldn’t leave the door to my house open for 13 hours; and that’s what you’re doing when you leave your door open to attackers for 13 hours.”

Industries that previously thought they were immune because their business was of little interest to attackers are wrong.

“No industry is safe,” Brvenik said. “Assuming that what you do is of no interest to attackers is not a good way to think of it.”

Three takeaways for the readers

  1. Of more than 100,000 Cisco connected devices studied for the report, an average of 28 vulnerabilities were running on each one.
  2. Self-propagating ransomware is around the corner and companies need to protect themselves from the threat.
  3. Ransomware is giving massive profits to attackers, encouraging them to create even more sinister ways to attack. The average time of attack lasts 13 hours, down from 50 hours in 2014.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

Microsoft is buying LinkedIn for a whopping $26.2 billion in big data push

Microsoft announced that it will be acquiring LinkedIn Corporation for $196 per share in an all-cash deal, gaining access to the social platform and its data.

linkedin

 

Microsoft announced that it will be purchasing LinkedIn, the social network for professionals, for $26.2 billion. The all-cash deal will bolster Microsoft’s social media presence among professionals and could potentially give LinkedIn more analytics resources.

In the official press release announcing the acquisition, it was noted that LinkedIn will remain its own entity and CEO Jeff Weiner will stay at the helm. Weiner will report to Microsoft CEO Satya Nadella.

Despite the astronomical price, one of the most basic reasons for Microsoft’s pursuit of LinkedIn is to grow its appeal among business users. LinkedIn is the world’s biggest site for networking and job searches with roughly 400 million users, and Microsoft will get direct access to that audience and the data it is creating.

Speaking of data, LinkedIn stands to benefit from this deal as well. Microsoft’s press release, pointed out that LinkedIn has updated its mobile app to help “deliver better business insights,” which it could continue to do with Microsoft’s help.

Of course, a big part of LinkedIn’s publishing platform was built around its acquisition of Pulse in 2013. And, in 2015, LinkedIn announced analytics for publishing to help brands and professionals better understand the reach of their posts.

After Microsoft bought Yammer in 2012, it is integrating a host of Yammer capabilities into Office 365 and we may see the same thing from the LinkedIn deal. In a letter written by Nadella to employees explaining the deal, he cited growth in “Office 365 commercial and Dynamics” as one of the goals of the deal, as well as growth in cloud services.

microsoft-linkedin-

“This deal brings together the world’s leading professional cloud with the world’s leading professional network,” Nadella wrote. “I have been learning about LinkedIn for some time while also reflecting on how networks can truly differentiate cloud services.”

Additionally, Nadella noted that the combination could lead to an interesting overlap between the two brands relative to specific projects or tasks.

“This combination will make it possible for new experiences such as a LinkedIn newsfeed that serves up articles based on the project you are working on and Office suggesting an expert to connect with via LinkedIn to help with a task you’re trying to complete,” Nadella wrote. “As these experiences get more intelligent and delightful, the LinkedIn and Office 365 engagement will grow. And in turn, new opportunities will be created for monetization through individual and organization subscriptions and targeted advertising.”

One other option could be for Skype integration for LinkedIn to help with video interviews for job candidates, but also to assist with learning through the Lynda.com brand. LinkedIn bought Lynda.com back in 2015, which means that Microsoft gets access to the popular training platform and its audience as well.

The deal is expected to be completed sometime in 2016. Microsoft expects that LinkedIn’s financials will be reported as part of its Productivity and Business Processes segment.

The 3 big takeaways for readers

  1. Microsoft announced that it has purchased LinkedIn, the professional social network, for $26.2 billion dollars in order to further integrate the two companies’ technologies.
  2. In a letter penned by Microsoft CEO Satya Nadella, he specifically pointed out the integration will focus on “insights” and “cloud platforms.”
  3. Microsoft also gets access to the data generated by LinkedIn users around job searches, as well as access to LinkedIn’s training platform, Lynda.com, and its audience and data.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

BYOD and the danger of litigation

BYOD means you must make a few extra preparations to protect your organization in cases of litigation and eDiscovery.

BYOD devices

It’s a fact that we live in a litigious world. Bring Your Own Device (BYOD) and even corporate-owned mobile devices often are caught up in legal cases. Chris Gallagher, national director for Adecco eQ, a nationwide eDiscovery firm gives an overview of how businesses can navigate eDiscovery when a business has BYOD devices seized as part of a court case.

eDiscovery and mobile devices

BYOD and corporate-owned devices can be put a litigation hold (sometimes called a “preservation order”) when an organization must preserve all forms of relevant information when there’s the anticipation of litigation.

Gallagher’s firm helps legal counsel with data forensic collection, acquisition on mobile devices and PCs. His company processes the data on these devices and uses advanced analytics to locate information pertinent to the litigation

eDiscovery and BYOD: The blurred line

BYOD is still, from a legal perspective, in its infancy, Gallagher said. He said every time his firm does a customer survey, they still hear about strong BYOD activity in the market.

He said, “Of course, from a discovery perspective, from a litigation hold perspective, it makes both the general counsel’s life that much more difficult as well as the law firm’s life more difficult because number one, there’s that blurred line, what is corporate data versus what is personal and individual data, where does that line cease?”

Gallagher points out that anytime you have devices entering and leaving a network there’s a control factor. Companies who master that control have a better (but still not perfect) time when they get called into discovery.

“When you have a device that is not a corporate-owned device that is accessing corporate information, the ownership of that information always comes into question,” Gallagher said.

“When dealing with eDiscovery, part of discovery requests are information that is under your direction and control,” he said. “It’s on a personal device, it’s not owned by the corporation, but it’s corporate-owned data, so is that under your control? Absolutely.”

Litigation holds on BYOD devices can be an added nuance and one more gray area that corporation have to deal with when it comes to BYOD in their enterprise.

Gallagher said you need to ask, ” How do you get that data back? How do you ensure that you’re not losing, not only from a litigation perspective, but the other major issue is corporate information, trademark secrets, corporate secrets, confidential information that you wouldn’t want to enhance?”

He further explained that a litigation hold over a BYOD devices means going beyond the normal things like a desk drawer, files, email, and shared devices. It means you have to ask “Okay, what else have you used to access the corporate network in the last year?

Wearables and eDiscovery

Wearable tech would have minimal impact on eDiscovery. Gallagher said, “Now, if you’re a corporate attorney, if you’re a defense counsel, one of the things you’re going to argue is “Well, the watch, everything that’s available on the watch, it’s just email, weather, that’s available on the server anyway, so you have another place to get it.”

The wearable is a highly discoverable type of device because most of that information is just replicating from somewhere else, Gallagher said. Usually, you are replicating wearable data from your phone so if you have the phone then everything’s replicated.

“For smaller cases, for cases at a location, for criminal cases, or matrimonial cases, where location is important, wearables could come into play,” he said.

Onboarding BYOD devices and eDiscovery

Much of what Gallagher said around BYOD policies is standard fare. I asked Gallagher how a company could protect themselves in the cases of salespeople (the “original BYOD”users) contracts and non-compete agreements. Competitors in highly competitive industries sue each over this kind of stuff all the time.

Career salespeople have their contacts (built from years of selling in an industry) that they keep on their phones. They may have sold to these customers over the years.

From a legal perspective in this scenario, Gallagher recommends that corporations have an addendum added to their standard employment agreement. The addendum should state, “I certify that I am not bringing anything from my former employee. We are hiring you for your knowledge of the industry in general and not any specific contacts that you may or may not have from former employees.

Gallagher said this sort of contract boilerplate puts the responsibility on their shoulders and that you aren’t hiring them for a particular contact.

He also advised that you want to make sure that they abide by their previous non-compete, but you don’t want them downloading or taking anything with them from their previous employer. Gallagher cautioned that you should not place any data from their previous employer on your corporate-owned system. Take, for example, syncing a personally owned smartphone to a corporate-owned laptop. Along with that sync can come corporate data from your competitor. eDiscovery can detect that data.

He further recommends that you have that new sales rep come to you with a clean slate of a cell phone.

Bringing contacts along on a personal device has become much easier legally speaking according to Gallagher. He said, “One of the recent things that’s come out of court cases is if you look at LinkedIn profiles, if you look at customer information but the sales rep proved that most of the information that he had from his ‘client’ was available publicly on their LinkedIn profiles.”

You don’t want them backing up their tablet to their new computer that could result in a breach of their non-compete, and now it’s backed up on your servers according to Gallagher.

Conclusion

Above and beyond the usual BYOD and challenges that enterprises face each day, you may also be navigating a blurred legal line so prepare yourself accordingly with BYOD policies and advice from your counsel to ensure that you are prepared if and when BYOD devices get put on a litigation hold.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

When free Windows 10 becomes Expensive. You Must Know this!!

Is Microsoft really going to charge $100 to $200 to users who want the Pro edition or who don’t qualify for the free upgrade? Lets take a look at some alternative pricing ideas.

In Last week’s article, qw showed you how to reserve your free copy of Windows 10 upgrade from your Windows 7 and Windows 8.1 System. As you may know, the free upgrade will move you to the same edition of Windows that you’re currently running.

 

Windows 10 cost

“When you upgrade, you’ll stay on like-to-like editions of Windows. For example, Windows 7 Home Premium will upgrade to Windows 10 Home.”

However, what if you get Windows 10 Home and then decide that you would like Windows 10 Pro? How much will it cost to upgrade? What if you are running Windows Vista or XP? Or, what if you are planning on building your own system and want to install Windows 10 from scratch? How much will you have to pay for Windows 10? Let’s take a closer look.

The free upgrade chart

Along with the like-to-like editions description, Microsoft presented an upgrade chart (Figure A).

Figure A

sjt-blog-photo-windows

As you can see, this is how Microsoft will be doling out the free editions of Windows 10. For those getting the Pro edition of Windows 10, this will be perfect. And for most folks getting the Home edition of Windows 10, this will be a fine deal. However, what if you’re really a Pro type of user who just happened to end up with a Home edition of Windows 7/8? Will you be satisfied with the Home edition of Windows 10?

For example, my main system is running Windows 8.1 Pro with Media Center. However, my laptop is running the standard Windows 8.1, because that’s what was preinstalled when I purchased it last year from Dell. I’ve always wished that it had the Pro edition, as there are certain features that I’ve grown accustomed to on the Pro edition that I sorely miss, such as being able to configure my laptop as a Remote Desktop host.

I know that I won’t be satisfied with the Home edition of Windows 10 on my laptop.

The Windows 10 Pro Pack

Microsoft has released statements to various technology media sites, such as CNET, confirming the existence of an upgrade package called the Windows 10 Pro Pack that will allow you to move up from the Windows 10 Home edition to Pro edition. The Windows 10 Pro Pack will cost $99 (USD).

While that might not sound like a lot, when compared to FREE, it seems kind of unfair.

I understand that I’m getting a like-to-like edition upgrade, but I was hoping for some kind of break. After all, I’ve been a loyal Microsoft customer for years.

How about selling the Windows 10 Pro Pack for $39.99 for a limited time? Say, 90 days after launch? That would be more than acceptable to me–and it’s not unprecedented.

As you may remember, back when Windows 8 was first launched in October of 2012, upgrades to the Pro edition were priced at just $39.99 for anyone using an existing product. That offer ran until January 31, 2013. After that, the price of Windows 8 went up to the regular price point.

Retail packages

Microsoft has also released the MSRP for copies of the new operating system. Windows 10 Home will sell for $119 and Windows 10 Pro will sell for $199. Again, this seems to be a pretty stiff deal when compared to FREE.

This is the price that anyone using Windows XP or Windows Vista on a system that’s capable of running Windows 10 will have to pay for the full install of the new operating system. This also applies to users who are planning on building their own systems.

If the goal is to really get everyone off of old operating systems and onto Windows 10, Microsoft should offer these folks a special price for a limited time.

Again, such a deal is not unprecedented. When Windows 8 first came out, the retail package of the Pro edition cost $69.99.

If Windows XP/Vista users and system builders could get Windows 10 Pro for $69.99 for the first 90 days after launch, I think that a lot more people would go for it than if they have to pay $199.

What’s your take?

If you get a free Windows 10 Home upgrade, will you be satisfied–or will you want to move up to Windows 10 Pro? If so, would you be willing to pay $39 for the upgrade? If you don’t qualify for the free upgrade, would you be willing to pay $69 for Windows 10? Let us know

Have questions?

Microsoft’s Partner are here to help.
Call us at: 856-745-9990 or visit: http://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

South Jersey Techies

Shark Tank host, Barbara Corcoran loses $388,700 in phishing scam

Barbara Corcoran of ABC’s “Shark Tank” has lost nearly $400,000 in a phishing scam this week. Corcoran told “People” that she was tricked as a result of an email scheme sent to her team.

The high-powered businesswoman told People that she received a scam invoice approving a real estate renovation, but she didn’t think twice about verifying it because she invests in real estate. It was only until her bookkeeper caught Corcoran’s assistant’s email was misspelled by 1 letter and it was later found to be the address used by the scammer.

“I was upset at first, but then remembered it was only money,” Corcoran told the magazine.

Corcoran’s assistant Emily Burke told CNN Business that the “Shark Tank” star wouldn’t provide any additional comment “at the advisement of her attorneys until the authorities are done investigating.”

However, Corcoran tweeted: “Lesson learned: Be careful when you wire money!” with a link to a TMZ story.

In addition to being an investor and a judge on the hit ABC show, Corcoran formerly owned the global real estate agency that shares her name. She sold it for $66 million in 2001.

Corcoran fell for a phishing scam. It’s common, too: Nearly 30,000 people reported being a victim of that type of scam last year. Together they reported nearly $50 million in losses, according to the FBI’s 2018 Internet Crime Report.

Phishing attacks are common methods of stealing usernames, passwords and money. Hackers pretend to be a trustworthy source to convince you to share personal data. To be safe, it’s important to make sure the sender is authentic before clicking on a link. Google has rolled out security protections that warns people of potential unsafe emails.

If you or your team have any questions or concerns please contact support at (856) 745-9990.



Microsoft will let you unlock Windows 10 with your face

Hello
With a quick glance at your Windows 10 laptop, you’ll be able to unlock it — without entering a password.

Microsoft introduced the latest new feature for Windows 10, called Windows Hello. The security tool will let you access your PC through facial recognition, an iris scan or a read of your fingerprint.

But before you get ready for your closeup, you’ll need get some special equipment — most PCs don’t come with biometric scanners installed (though some do). Windows Hello is primarily targeted at businesses and government agencies.

Microsoft opted not to rely on your webcam for facial recognition because the photos it captures are not terribly secure, and they’re easy to spoof. Instead, Microsoft got infrared cameras to do facial recognition for Windows Hello.

Facial recognition is possible on a low-grade camera. Google allows its Android phones to be unlocked with facial recognition, but the company warns that someone with a photo of you — or even someone who looks like you — will be able to unlock your phone too.

With the proper tools, faces, irises and fingerprints are possible to spoof, but it’s not easy — someone’s got to really want to break in to your PC to go through the trouble.

Microsoft opted for more robust security in Windows 10, because it wants to meet strict standards that companies and government agencies impose for secure logins. Microsoft said Windows Hello has a 1 in 100,000 false accept rate, which is very high. It’s a lot safer than a password, which, as we know, can easily be forgotten, lost, stolen or hacked.

Though it’s not necessarily aimed at the average PC buyer, consumers will be able to use the Windows Hello feature too.

Microsoft promised “plenty of exciting new Windows 10 devices to choose from which will support Windows Hello.” And if your PC already has a fingerprint reader, you’ll be able to login with a fingerprint scan.

Passport: Windows 10 will also support another new security feature, codenamed “Passport,” which lets you login to participating websites, apps or networks without a password. Microsoft said the list of sites and apps that support Passport is growing, but it didn’t say how many participate.

Microsoft is trying to position Passport as the end of passwords. Since you never enter a password to enter a website, “there is no shared password stored on their servers for a hacker to potentially compromise,” says Microsoft boldly in its press release.

But that’s not quite true. Passwords will still exist. Even if you can login to your email via Passport from your work PC, you’ll still need a password to login from your iPad. So passwords aren’t going away anytime soon — and they’ll still be stored on email providers’ servers, which means hackers could potentially still grab them in a cyberattack.

The primary way that Passport ensures that you’re you is through Windows Hello. Oddly, however, you can also enter a PIN into Passport, which is significantly less secure than a password.

Still, it’s about time that something replaces passwords, and Hello and Passport are good starts.

Have questions?

Get answers from Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Office 365 Exchange Online

 

Work smarter, anywhere, with hosted email for business.

Security and reliability

Exchange Online helps protect your information with advanced capabilities. Anti-malware and anti-spam filtering protect mailboxes. Get a Exchange Online Protection Trial or Office 365 Professional Trial to see how good it works. Data loss prevention capabilities prevent users from mistakenly sending sensitive information to unauthorized people. Globally redundant servers, premier disaster recovery capabilities, and a team of security experts monitoring Exchange Online around the clock safeguard your data. And with a guaranteed 99.9% uptime, financially-backed service level agreement, you can count on your email always being up and running.

Stay in control

Maintain control over your environment while gaining the advantage of hosting your email on Microsoft servers. Manage your organization efficiently with the Exchange admin center, an easy-to-use, web-based interface. Run In-Place eDiscovery across Exchange, SharePoint, and Skype for Business data from a single interface through the eDiscovery Center. With mobile device policies, you can create approved mobile device lists, enforce PIN lock, and remove confidential company data from lost phones. And IT-level phone support is available to you 24 hours a day, 7 days a week.

Easy to use and maintain

It’s easier than ever to provide your users with the business email they need to stay productive. Automatic patching eliminates the time and effort of maintaining your system. Give your users an In-Place Archive, so they can keep all their important data in one place. And provide them with anywhere access to email, calendar, and contacts on all major browsers and across devices. Integration with Outlook means they’ll enjoy a rich, familiar email experience with offline access.

Have questions?

Our Hosted Cloud Solution team is here to help.

Call us at: 856-745-9990 or Visit: https://southjerseytechies.net/

To learn more and how Office 365 Exchange Online can benefit your business please contact South Jersey Techies, LLC. South Jersey Techies, LLC is a certified Small and Midmarket Cloud Solutions Microsoft Partner.

To read this article in its entirety click here.

South Jersey Cyber Crime

The hackers used “ransomware” to lock the hospital out of its own medical records.

Not all kidnappers grab your loved ones.

A growing online threat – ransomware – essentially abducts your computer system, putting data and services off-limits to users and demanding a payment to restore access.

“We are seeing more cases of this – sometimes almost on a daily basis,” said New Jersey State Police Capt. Steve Jones. “And we’re not seeing all of it, because people may be too embarrassed or don’t believe it can be helped.”

Ransomware viruses are a plague. Once infected — installed to your computer by a website you’ve visited, a rogue email attachment or link, or instant message — your computer will lock up. With names like CryptoWall, these types of viruses may create a popup window or Web page warning you that you’ve broken some law and have to pay a fine, anywhere from hundreds to thousands of dollars, according to the FBI.

These scams threaten to encrypt your files forever or destroy them unless a ransom is paid, according to the FBI.

Once paid, your computer is unlocked or a code is sent to unlock the machine, authorities said.

Between April 2014 and June 2015, the FBI received 992 CryptoWall-related complaints with victims reporting a loss of more than $18 million.

The state’s top cybersecurity unit recently launched an online effort to help people guard against ransomware.

“For many organizations, preventing ransomware entirely is nearly impossible,” says the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), which introduced a Ransomware Threat Profile page at its website in February.

But it notes individuals and companies can take measures to prevent infections and to limit their impact.

Although ransomware can lock up laptops and desktop computers, the risk is particularly great for data-dependent organizations like hospitals and accounting firms, said Jones, the State Police spokesman.

So far, at least three hospitals have been hit nationwide – in California, Kentucky and the Washington, D.C., area. South Jersey hospitals are well aware of the menace.

“It’s a big concern. It’s something that has really spiked,” said Tom Handlon, chief information security officer for Kennedy Health, which operates three acute-care hospitals in South Jersey.

Handlon gave no details, but said Kennedy seeks to protect itself through protective measures inside its computer system and by promoting safe conduct by employees.
“We’re monitoring it constantly and updating as we go along,” he said. “We are really educating the staff and our entire organization that we are a target.”

A similar view came from Tom Rubino, spokesman for Cooper University Healthcare System in Camden.

“We have tracked the recent wave of ransomware attacks that have targeted hospitals across the nation,” Rubino said. He said Cooper’s IT security team “is proactively taking measures to prevent ransomware infection of our computer systems.”

“Additionally, as a critical component for preventing all computer viruses, we are increasing our employee education efforts.”

A key precaution is to back up your computer’s contents on a frequent basis, Jones said. “But you’ve got to keep the backup drives disconnected,” he warned. “Otherwise, the ransomware can migrate to the backups.”

The State Police in March 2015 investigated a hacking incident that disabled much of the computer system for the Swedesboro-Woolwich school system. In that case, a hacker demanded more than $125,000 in the form of a digital currency called bitcoins.

The district, which did not pay the ransom, had to wipe clean its email servers and cafeteria lunch-ordering system to rid itself of ransomware. Only a handful of classroom computers were infected.

Hackers exploited a gap in the district’s computer security system and a vendor’s “weak” passport to take over the computer system, Michael Procopio, Educational Information and Resource Center’s director of technology, said at the time. EIRC experts helped the district restore its system.

The district’s hacker was believed to have struck from abroad – a familiar pattern, according to the State Police.

“Many of these messages and attacks are coming through foreign servers,” Jones said. “The countries that house these servers are not often countries that have a real open relationship with law enforcement.”

Tools have been available to help decrypt older versions of ransomware, said Dave Weinstein, New Jersey’s director of cybersecurity.

“At this point, the strain has morphed to the point where there is no releasing your files,” said Al Della Fave, a spokesman for the Ocean County Prosecutor’s office. “The lock these cybercriminals put on your files is foolproof at this point.”

Unless you’ve backed up your computer prior to the infection, Della Fave said, “The only way you would get your files back is to pay.”

“Ransomware is working” for cyberthieves, said Ben Johnson, chief security strategist at Carbon Black Inc., a  computer security firm in Waltham, Massachusetts. “People are paying.”

In the last few weeks, cybercriminals have come up with some new twists, he said. For instance, one version encrypts files more quickly after someone opens up a malware-filled Microsoft Word document or some other attachment.

Other versions encrypt the computer at its most basic level so it can’t even power on, or use the computer’s own system administration tools to infect itself, he said.

The best course of action is to make sure you don’t get the virus. “You must be super careful what you click on,” Della Fave said.

Here’s what you should do, according to Johnson and the Ocean County prosecutor’s office:

  • Keep your computer’s security software up to date.
  • Keep your network firewall turned on.
  • Do not open spam email messages or links to suspicious websites.
  • Back up your files, such as documents, photos and music, to a secondary storage device.
  • Be careful when you browse the web. Use ad blockers to help protect yourself.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Save Big on Toner!

toner

TECHIEDEPOT.COM

Your #1 Source for the Best Printer Ink Cartridges

Looking to save on toner ?  Save upto 35% when you order Re-manufactured Toner Cartridges with TECHIE DEPOT. Our toner cartridges are intelligently re-engineered and environmentally friendly.   We offer a 3 year 100% warranty whereas most OEMs only offer a 1 year warranty.

We guarantee our products will perform better than any other aftermarket imaging product.  Rest assure you never have to worry about leaking cartridges because of our Patented Ultrasonic and Gasket Seal Technologies.  Our Secondary cleaning System also eliminates streaking.  Our toner cartridges are ISO Certified for OEM page yield and quality.  With our Extended Yield Cartridges you will get up to 100% more yield.

You will find that we are different because everyone is not as committed to quality like we are and our product is better built and more consistent.  Our cartridges have a documented 99.2% success rate and for 7 consecutive years we were awarded the best quality supplier in the aftermarket  by Recharger Magazine.

Pay less for great quality, we are sure you won’t be disappointed with our product.  Contact us and place your order today!

CALL US NOW!