Syscom Business Technologies announces the hire of new Sales Manager, Scott Huxley. Huxley joins Syscom with 29 years of sales experience, including 8 years with a local phone system provider.
Originally from Nottingham, England, Huxley’s experience includes working for ADT Fire and Security within the large system projects division.
Syscom Business Technologies offers managed technology solutions including hosted desktop, hosted servers, hosted e-mail and managed print solutions since 1978. Syscom is located at 3124 Logan Valley Rd. in Traverse City. For more information, call 231.946.1411 or visit www.syscomtc.com.
Syscom Business Technologies announces the hire of new Technology Compliance and Security Manager, Patrick McKay. McKay joins Syscom with 19 years of Information Technology experience, with ten of those years in the financial services industry for a local credit union.
McKay served in the United States Marines where he received his Cat-5 and Fiber Optics certifications from the IEEE Computer Society in Yokosuka, Japan; earning his Cisco, CCENT, and CCT military certification equivalents in Quantico, VA. He also attended Advanced Network Engineer School at Camp Pendleton, CA.
Syscom Business Technologies offers managed technology solutions including hosted desktop, hosted servers, hosted voice, hosted e-mail and managed print solutions since 1978. Syscom is located at 3124 Logan Valley Rd. in Traverse City. For more information, call 231.946.1411 or visit www.syscomtc.com.
Microsoft has recently changed the Windows 10 upgrade for Windows 7 and Windows 8 machines. It is being rolled out as a Recommended Update through Windows Updates, but now with a unique twist on things.
Recently, clients were getting a pop-up requesting that you upgrade to Windows 10. The catch with the pop-up is that if you click the “X” in the upper-right corner it will act as consent for the upgrade; causing Windows 10 to install. Now, however, the upgrade installation can automatically begin even if you don’t take any action!
It’s very frustrating and is tricking tons of Windows 7 and Windows 8/8.1 users into upgrading to Windows 10. Over these past few weeks we’ve received several service tickets for clients that have been tricked into upgrading and requesting us to roll this back. Please contact us today if you’d like to be proactive and prevent the upgrade in the first place. Likewise, if you’ve already been “tricked” into the upgrade and would like us to roll your system back, we can do that too.
Ransomware Hits Another Hospital in Kansas, But This Time the Thieves Don’t Give All of the Files Back
We’ve likely all read a story about a hospital being hit by ransomware before. It’s been in and out of the news over these past few months. One incident that comes to mind was regarding a hospital where the crooks demanded 9,000 Bitcoins (more than $3,000,000)! The CEO of that hospital put in an official letter that he actually ended up paying 40 Bitcoins, or $17,000.
Most ransomware we’ve ran across asks for a more affordable dollar amount, typically around 1 Bitcoin, which is about $300-$400, but the determined amount is often created at the instance you visit the hacker’s “ransom page,” rather than hard-coded into the ransomware virus/malware itself. This means that the thieves can change the ransom amount whenever they’d like and for whatever reason they’d like!
According to multiple online sources, a new hospital attack has made the news this week. This time it’s the Kansas Heart Hospital, located in Wichita, Kansas. The unusual twist to this story, is that the hospital evidently paid ransom, but didn’t get all of their files back! Instead, a second request for more ransom followed, but this time, the hospital didn’t pay; assuming that there was, again, no guarantee to get their files back.
You can read more about this story here: http://www.healthcareitnews.com/news/kansas-hospital-hit-ransomware-pays-then-attackers-demand-second-ransom
How Ransomware Spreads?
Ransomware attacks are typically sent out as email attachments in bulk runs of SPAM. From what we’ve seen in the business-world with larger organizations, they’ll typically target a handful of organizations at a time, but try to hit everyone in the organization. A large organization could receive 100’s of malicious emails, all being sent to different personnel, all at the same time.
On the contrary, in most malware-based ransomware attacks, like TeslaCrypt or Locky, the encryption and the ransom demand happen automatically, but still through e-mail. You can still think of it as a “targeted attack,” but the target is anyone and everyone. By purchasing mailing list data from breached websites (or from unethical mailing list operators), the hackers can give even the most broad attack a personal touch that makes each email in the SPAM-attack look legit and difficult to determine it’s legitimacy.
Regardless of the method, all ransomware will do two things.
Encrypt your critical data, rendering it as unreadable.
Leave you with a very sweet message saying “Pay up or else.” (Or else try to figure out your own way to get your data back is what they mean.)
What Can You Do to Protect Your Business?
Make sure that your organization has a single, well-known e-mail address () or phone number (231-946-1411) where your staff are encouraged to report suspicious e-mails, hacking attempts, phishing e-mails, etc. One person who puts in a report promptly, could warn the rest of your users and prevent a data breach or virus outbreak.
A few critical defenses in your cyber-security strategy should include:
Backups Performing regular backups is critical. Keep a recent copy off-site or look into a good cloud-based backup, such as the cloud-based backup offered by Syscom Business Technologies through TC Cloud Computing. Backups should always be encrypted, regardless of your industry requirements.
Limit Login Access Don’t give users on your network more login power than they need (i.e. no admin rights). If you do have to login as an administrator, avoid browsing the web, opening documents or other “regular work” while you are logged in as an admin.
Limit File Access Don’t give users on your network access to more files than they need. We recommend segregating your users into departments and creating drives based on those departments. If someone on your staff does download ransomware, they are only going to be able to infect what their user has access to.
Patches Patch early and patch often. Although a lot of the ransomware and other malware come via document macros, those that don’t rely on security bugs in popular applications, such as Microsoft Office, your web browser (Chrome, FireFox, Internet Explorer, Safari, etc), Adobe Flash, Java and many more. The quicker that you patch, the fewer “open holes” that will be open for the hackers to exploit.
This is just a very small portion of what should be in your defenses to prevent ransomware and other malware, viruses, hacking attempts and other threats. At Syscom Business Technologies, we’ve developed a time-tested, proven method for preventing most cyber-security threats with little maintenance after the system is implemented. We encourage you to contact us at Syscom Business Technologies for a full cyber-security evaluation in order to stay protected agains ransomware and other threats.
A San Francisco-based startup called Streak has developed a free Google Chrome browser extension that’s changing the email game: the extension lets email senders see when recipients open an email. When using their gmail with the extension, the senders will be notified when their email they sent has been read.
If that’s definitely not practical — or for a few, unsettling — enough, Streak also informs you the spot that the e-mail was opened at. The extension will put the email on a map, giving the user real-time location updates about the recipients. Streak is free while in beta; the developers plan to maintain a free version of the extension as it continues in development.
Let us be your IT department for a fraction of the cost! When you walk through the door or call our computer repair facilities, you’ll immediately recognize the difference.
At Syscom, our years of experience in computer repair has taught us that the “Quick Fix” in the computer repair world is rarely the right solution. We don’t just address the symptom, we dig deep to make sure our computer repair service takes care of the problem the first time. We talk your “language” so it’s clear what are the problems, solutions and costs are.
Our quick response time, trained technical staff, and extensive parts inventory make us the unanimous solution to your repair needs. Thank you for your interest in our services. For fast reliable service, call our service facility and a qualified service professional will be promptly dispatched to your location. Visit or give us a call today!
Another zero-day exploit that dwells in all renditions of Internet Explorer has been seen in the wild, Microsoft affirmed late Saturday.
A security vulnerability, which could permit remote code execution, is continuously utilized within “constrained, focused on ambushes,” as stated by a report issued by Microsoft. While all forms of the web program, IE 6 through 11, are influenced by the exploit, Attacks are at present focusing on IE forms 9, 10 and 11, as stated by security firm Fireeye, which initially reported the exploit Friday.
The attack leverages a previously unknown “use after free” vulnerability — data corruption that occurs after memory has been released – and sidesteps both Windows DEP (information execution counteractive action) and ASLR (location space format randomization) securities, as stated by Fireeye. The weakness is presently being used, by a gathering of programmers focusing on financial and defense associations in the US.
“The APT [advanced constant threat] bunch answerable for this endeavor has been the first gathering to have admittance to a select number of program based 0-day misuses (e.g. IE, Firefox, and Flash) previously,” Fireeye said. “They are extremely proficient at lateral movement and are difficult to track, as they typically do not reuse command and control infrastructure.”
Fireeye said the imperfection was noteworthy on the grounds that it influences more than a quarter of the aggregate program market.
“Altogether, in 2013, the powerless adaptations of IE represented 26.25% of the program market,” Fireeye said in its report.
An assault could be activated by drawing guests to a spcially designed website page, Microsoft reported.
“The exploit exists in the way that Internet Explorer gets to an article in memory that has been erased or has not been appropriately assigned,” Microsoft said. “The exploit may degenerate memory in a manner that could permit an assaulter to execute subjective code in the connection of the current client inside Internet Explorer.”
Microsoft said it is exploring the vulnerability and may issue an out-of-cycle security upgrades to address the issue.
Even with the news of Microsoft dropping support for Windows XP on the 8th, XP is still the 2nd most used operating system under Windows 7. On the eve of Microsoft’s BUILD developer conference, Statcounter has published a snapshot of the challenge that Microsoft faces to get its users to adopt its current and future products over its legacy systems.
Microsoft notes in its page announcing the discontinuation of support for Windows XP that
…you should take action. After April 8, 2014, Microsoft will no longer provide security updates or technical support for Windows XP. Security updates patch vulnerabilities that may be exploited by malware and help keep users and their data safer. PCs running Windows XP after April 8, 2014, should not be considered to be protected.” Pulling the plug is certainly one way of using a stick rather than a carrot to get people to upgrade. In more than one place, as a solution, Microsoft tells users that “it is important that you migrate to a current supported operating system – such as Windows 8.1 – so you can receive regular security updates to protect their computer from malicious attacks.
There are some carrots Microsoft is adding, too. In February, Microsoft noted that it would be bringing back some legacy features into its new OS such as the return of a “start” tab on the desktop and more mouse and keyboard-friendly features to complement the touch-focused UI.
Google is continuing to push Google+ and it is about to touch one of the company’s most beloved products: Google Voice.
The company’s free VoIP phone-call, texting, voicemail and voicemail-transcription product will soon merge with the Google+ Hangouts apps on both iOS and Android, leading to the complete elimination of Google Voice as a separate service, according to 9to5Mac.
Dedicated consumers associated with Google Voice are already voicing their concern that the change could impact the product experience in unexpected ways, as well as drive all of them into much deeper integration with Google+ — even if they have got absolutely no specific interest in Google’s social-networking program.
There’s no word on when the reported change will take place, but the upcoming Google I/O conference, just a couple of months away, could be a perfect stage on which to launch the next phase of Hangouts and Google+.