Browse Category

Uncategorized

Protecting our customers: A look into how Cisco’s Meraki MX prevents Ransomware like WannaCry

The WannaCry Ransomware outbreak started hitting the headlines around the world on May 12th. This is just the latest in a particularly pernicious type of exploit, which typically involves locking or encrypting data to render a computer unusable, and then demanding a ransom to have that encryption removed. Sadly, many victims have felt compelled to pay up, even when there is no guarantee their system will recover, which only encourages criminals to repeat their behavior.

Exploits of this nature are entirely indiscriminate in the way they target their victims, seeking out any unpatched machine or unwary user. Unfortunately this means that even systems crucial to protecting lives can be affected, as was the case with WannaCry. The ransomware hit, among many others, the UK’s National Health Service, causing severe disruption to vital services. This was not the first attack of this kind, and we can be sure it won’t be the last.

This attack serves as a reminder of the importance of keeping our computer systems patched, but human nature being what it is, there will always be systems vulnerable to attack. So what else can we do to protect ourselves? Fortunately, Cisco invests heavily in security technology and boasts the industry’s foremost threat intelligence organization, Talos.

Among the tools maintained by Talos is Snort, the industry leading intrusion detection and prevention technology, which is integrated into every Meraki MX. Snort performs real-time traffic analysis and packet logging in order to identify traffic patterns that match known threats. The good news for Meraki MX customers is that if they have Intrusion Prevention enabled and set to the ‘security’ ruleset on the Threat Protection page, the signatures for WannaCry are already in place, having already been added to the Snort database. For this outbreak we’ve taken the additional measure of adding them to the ‘balanced’ ruleset as well, to protect a broader set of customers against this threat.

We’re proud of our integration of critical Cisco security technologies like Snort and Advanced Malware Protection into our MX platform, ensuring that customers who choose Meraki enjoy world-class protection for their valuable network assets.

New Sinister Ransomware On The Loose

This new ransomware known as Popcorn Time will decrypt your files if you forward the link to the ransomware to your contacts and two or more of them pay the ransom of two bitcoins, which cost more than $700 each.

To prevent being a victim of ransomware, it is imperative that you have the essential layers in place to protect your computers and data. The essentials are a working backup solution of all of your critical data from all PCs (laptops, desktops and servers), top of the line Anti-virus software running on all PCs, a good and properly configured firewall, good SPAM and Email security software, and general awareness of users (don’t click on links that look suspicious).

For more information, read:

AUTHOR: LILY HAY NEWMAN. LILY HAY NEWMAN
www.wired.com

DEVIOUS RANSOMWARE FREES YOU IF YOU INFECT TWO OTHER PEOPLE

A PARTICULARLY NASTY malware that holds your data hostage until you pay up—just got more pernicious with a version that lets you sell out your friends instead of handing over your cash.

The diabolical software Popcorn Time, which is not at all affiliated with the Popcorn Time piracy app, shakes victims down like any other ransomware. If you can’t afford the one bitcoin payout or you’re feeling especially spiteful, you can share a link to download Popcorn Time in an attempt to infect others. If two of your victims pay up, the attackers give you the key to decrypt your data. It’s a bit like the movie It Follows, but for malware instead of killing.

MalwareHunter, a hacker with the MalwareHunterTeam research group, recently discovered Popcorn Time. It resembles any other malware in terms of infecting a computer, encrypting its drive, and locking you out. The social aspect is what makes it novel. It’s like sharing a referral code for cheap takeout or a free Uber ride. “The model for getting it off your system is sort of a pyramid scheme, multi-level marketing style approach,” says Kevin Butler, a cybersecurity and malware propagation researcher at the University of Florida. “It could certainly make for some interesting discussions amongst one’s group of friends if you’re trying to figure out who infected you with this malware.”

Hackers regularly get creative with ransomware, offering things like support desks where victims can negotiate their ransom. Popcorn Time goes further by tapping into eat-or-be-eaten instincts. It’s fascinating in its psychological gamesmanship, and indicative of experimentation in an already disruptive field. “The bad guys are making a lot of money and they’re going to make a lot more money. A certain percentage of those funds are going to go into research and development for them to try new things,” says Jeremiah Grossman, chief of security strategy at cybersecurity defense firm SentinelOne. “The bad guys are innovating.”

There’s some good news, though. First, the Popcorn Time code doesn’t appear to be finished. “It is still not perfect, but it’s getting better,” MalwareHunter says. “Infect more to get free key is already unique thing. This system is something you not see every day.”

It also remains to be seen how wide Popcorn Time spreads. “No one really knows if the mechanism is going to have any meaningful impact,” Grossman says. “You infect someone and you try to get them to infect other people. That’s a human-to-human process. Does it really scale versus all other ways, like mass-blast email? Does this process really work economically?”

Still, ransomware tends to cluster in families and strains that share similar attributes. Even if Popcorn Time isn’t a viral hit, hackers could study its successes and failures to make their own variations more effective. Your best bet? Avoid getting hit in the first place. Regardless of whether Popcorn Time spreads like a virus, there’s no reason to be patient zero.

One Billion Yahoo Accounts Hacked

If you’re using Yahoo for Email, you should stop ASAP, especially if you’re using Yahoo Email for business Email. Yahoo’s Email has proven to not be secure, and it’s also a lousy Email platform.

If you must maintain the Email address, we recommend that you setup forwarding your Yahoo mail to a new Email address at your company’s domain (ie @sony.com, @amex.com, etc.). If you don’t have your company’s domain name setup, along with Email services to your company’s domain, we at Innovatviv IT can get you going in no time. Using @yahoo or @gmail for your business Email is missing a branding opportunity, and makes your company look small and unprofessional.

If you choose to continue to keep your Yahoo Email account alive and functional, then we recommend you follow these guidelines to keep your account secure:

By Lucian Constantin
Romania Correspondent, IDG News Service | Dec 15, 2016 6:46 AM PT
via: www.pcworld.com

1. Don’t save emails you don’t need

Because space is no longer a problem with most email services, users tend to never delete emails. While that’s extremely convenient, it’s not a very good idea, because it allows hackers to easily discover what other online accounts are tied to that address by searching for sign-up or notification emails from various online service providers.

Aside from exposing the link between your email address and accounts on other websites, sign-up and notification emails can also expose specific account names that you’ve chosen and are different from the email address.

You might want to consider cleaning your mailbox of welcome emails, password reset notifications and other such communications. Sure, there might be other ways for hackers to find out if you have an account on a certain website, or even a number of websites, but why make it easier for them to compile a full list?

2. Check your email forwarding and reply-to settings

Email forwarding is one of those “set it and forget it” features. The option is buried somewhere in the email account settings and if it’s turned on there’s little to no indication that it’s active.

Hackers know this. They only need to gain access to your email account once, set up a rule to receive copies of all your emails and never log back in again. This also prevents the service from sending you notifications about repeated suspicious log-ins from unrecognized devices or IP addresses.

Which Programming Languages Are Currently In-Demand?
SponsoredPost Sponsored by DeVry University
Which Programming Languages Are Currently In-Demand?
More than 500 programming languages are available to create our digital world.
Another technique that attackers might use to get a copy of your emails is to change the reply-to address in your email settings, although this is noisier and can be spotted more easily than a forwarding rule.

The reply-to field is included in every email message that you send and allows the recipient’s email client to automatically populate the To field with an address you chose when they hit reply. If a hacker changes the reply-to value with an address that he controls, he will receive all email replies intended for you and these typically include the original emails that you sent.

In order to ensure that you also get those replies, the attacker can set up a forwarding rule in their own email account and automatically forward those replies to your address.

3. Two-factor authentication everywhere

Turn on two-factor authentication—this is sometimes called two-step verification—for any account that supports it, including Yahoo. This will prompt the online service to ask for a one-time-use code sent via text message, phone call, email or generated by a smartphone app when you try to access the account from a new device. This code is required in addition to your regular password, but Yahoo also has a feature called Account Key that does away with regular passwords completely and instead requires sign-in approval via phone notifications.

Two-factor authentication is an important security feature that could keep your account secure even if hackers steal your password.

4. Never reuse passwords

There are many secure password management solutions available today that work across different platforms. There’s really no excuse for not having unique, complex passwords for every single account that you own. If you do want memorable passwords for a few critical accounts use passphrases instead: sentences made up of words, numbers and even punctuation marks.

According to Yahoo, this breach happened in August 2013, at a time when the company hadn’t yet switched to the more secure bcrypt password hashing algorithm. As a result, most passwords that were stolen are in the form of MD5 hashes, which are highly vulnerable to cracking.

If you made the mistake of using your Yahoo password elsewhere and haven’t changed it yet, you should do so immediately and review the security settings of those accounts too. It’s very likely that hackers have already cracked your password and had three years to abuse it.

5. Phishing follows breaches

Large data breaches are typically followed by email phishing attempts, as cybercriminals try to take advantage of the public interest in such incidents. These emails can masquerade as security notifications, can contain instructions to download malicious programs that are passed as security tools or can direct users to websites that ask for additional information under the guise of “verifying” accounts.

Be on the lookout for such emails and make sure that any instructions you decide to follow in response to a security incident came from the affected service provider or a trusted source. Official Yahoo emails are easily recognizable in the Yahoo Mail interface because they are marked with a purple Y icon.

In the future, be selective in what personal information you choose to share and which websites you choose to share it with, even when those websites are legitimate. There’s no guarantee that they won’t be hacked in the future and you simply don’t know how securely they store your details.

In Yahoo’s case, the compromised account information includes names, email addresses, telephone numbers, dates of birth and, in some cases, unencrypted security questions and answers. These details can be used to impersonate you or to authenticate you on other websites.

Don’t provide real answers to security questions, if you can avoid it. Make something up that you can remember and use that as answer. In fact, Yahoo doesn’t even recommend using security questions anymore, so you can go into your account’s security settings and delete them.

Innovativ IT Now Accepts Bitcoin!

Bitcoin_accepted_here_printable

We are excited, and pleased to announce that we are now accepting Bitcoin as a form of payment from our clients.

 

Send money to:

Innovativ Bitcoin QR Code

1B7AaefytfQ6dQFKypGUvoxuewqKpeYD4c

 

We are also excited to announce that Innovativ IT has also formed partnerships with a few of the leading companies in the Bitcoin/Blockchain space, to bring new and exciting solutions to the market.

 

Below are the (other) top 5 reasons we have made this exciting move:

 

  1. Lower transaction fees.Per transaction fees for accepting Bitcoin are generally significantly lower than those charged for credit and debit card purchases. White says this is the biggest reason smaller merchants are latching onto Bitcoin payments.

“Small businesses, on average are paying higher credit card fees than Walmart is, and Best Buy,” White says. “These are large, enterprise level businesses that have scale and therefore they can negotiate lower credit card transaction fees. Small mom-and-pop shops can’t.”

He says most smaller merchants pay 2 to 4 percent per credit card transaction, often with additional “hidden fees” heaped on that quickly add up.

Bitcoin, on the other hand, can reduce their credit card processing fees to less than 1 percent, White’s colleague Nicholas Tomaino, a business development manager at Coinbase, recently told Entrepreneur.com. Accepting the virtual currency can save them from sacrificing between 3 and 5 percent of their revenues to credit and debit card fees, Tomaino estimates.

White points out that Coinbase charges a 1 percent flat per-transaction fee to convert Bitcoin payments to your local currency, after your first $1,000,000 USD in merchant processing. Unlike a lot of credit card companies, it doesn’t charge account setup or termination fees. So, if your customer pays for a purchase that costs $1, Coinbase will only charge you one penny for payment processing.

 Bitcoin Payment processor BitPay charges no per transaction fees, but its customers pay monthly fees for its services, ranging from $30 to $300.

  1. Fraud prevention.Because people can pay businesses in Bitcoin without divulging personally identifiable information (names, billing addresses, etc.), they enjoy a level of identity-theft protection that credit cards simply can’t offer, White says.

“With Bitcoin, there is no personal identity attached to that form of value. It’s a lot like digital cash, and there’s no way it can be intercepted, and my identity can’t be disclosed. That prevents a lot of issues like we saw with the Target data breach and the recent UPS Store breach.”

It’s important to note, though, that Bitcoin exchanges that operate in the U.S., including Coinbase, collect personal identifying information from their users — names, addresses and applicable bank account numbers included — in order to establish their Bitcoin wallets. They have to in accordance with certain state and federal regulations.

  1. No chargebacks.Bitcoin purchases are final, so there are no chargebacks and no returns, like those rife in credit card dealings, yet another way transacting in the virtual currency saves merchants money.

Credit card chargebacks occur when a card user disputes a purchase made with his or her card, often because of defective goods or items never received. Or, perhaps he or she fell victim to identity theft and never authorized the purchase in question in the first place.

When a chargeback happens, not only does the credit card company withdraw the money for a transaction from your merchant account and deposit it back into the customer’s, you typically also get slapped with a costly chargeback fee. These can put you back between $5 and $15 each, according to CardFellow.com.

As it is now, people who purchase from you in Bitcoin generally have no recourse in a dispute. Transactions in the cryptocurrency are basically perceived as cash. They’re final, insulating merchants from the possibility of chargebacks and the fees associated with them. As Bitcoin Foundation member Kevin Rand puts it, “Bitcoin puts all the power in the merchants’ hands.”

  1. The ability to get paid quickly.Having cash on hand is often critical to survival for small businesses. Accepting Bitcoin payments can put cash within your reach faster than it does when you accept credit card payments.

“The problem is, with credit cards, a lot of times your funds can be locked up for a week or more and there held in a sort of escrow in case someone requests a chargeback,” says White.

That’s generally not the case with Bitcoin. For example, at Coinbase, payouts arrive in merchant’s bank accounts typically in only two business days.

Every payment settles “at the moment of transaction,” White says. “So when a customer pays in Bitcoin, the merchant receives it and immediately sells it to Coinbase to convert it to U.S. dollars. At that time, they’re guaranteed their money.”

  1. Ease of accepting international payments.Small online retailers and independent consultants often don’t sell their wares and services internationally because of expensive cross-border transaction fees. Bitcoin relieves the steep cost of going global, making cross-border payments easier, faster and cheaper.

“Bitcoin breaks down all of these invisible borders that previously existed,” says White. “When you accept Bitcoin, you can accept payment from anyone anywhere in the world at the speed of an email.”

Another benefit: The digital currency’s lower transaction fees could save retailers who operate internationally up to 8 percent, Wedbush analyst Gil Luria recently told The New York Times.                                                                 (Excerpted from https://www.entrepreneur.com/article/237026)