Ransomware encrypts files and demands ransom. Malware-facilitated blackmail uses a different strategy, delivering trojan-class malware to mobile devices that gathers information and transmits it outside the network, then threatens to make public some private information unless you pay a fee, classic blackmail. More Information
In most cases, you can avoid malware by downloading apps only from Google Play Store, Microsoft Store and The Apple Store. But two apps in Google's Play Store (Wallpapers Blur HD, Booster & Cleaner Pro) were infected with malware that demanded $50 to stop a leak of photos, Facebook messages, web browsing history, emails, and location history to all contacts in the device and in breached cloud accounts like Facebook.
Before this malware initiates it's malicious activity, it must obtain permission to manage calls, read and send messages and have access to contacts. Why would a wallpaper app or an app that boosts a devices' performance need access to these areas? It doesn't, and should never have been given these permissions. Here is a familiar app and the permissions it has been granted:
So what can you do? First, read reviews of any app you are considering, though there can be fake reviews mixed in. Second, after download and installation, you will be asked to grant access permission to areas of your device and data. This is the time to stop, read and think through each granting. If any seem odd, then deny access and uninstall the app. Then do some research about the app, and only when satisfied should installation be completed. Third, mobile devices can be further protected with one of the free antivirus and firewall apps for Android and iPhone devices:
Last week, Cisco released a security alert for customers that utilize network security devices and their corresponding software. These appliances that are configured with a clientless VPN(WebVPN) software are vulnerable to attackers that seek to gain control through commands. This would give the attacker unlimited access to the device and ultimately the protected network. The device also could potentially reload or block incoming VPN authentication requests.
This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
3000 Series Industrial Security Appliance (ISA) ASA 5500 Series Adaptive Security Appliances ASA 5500-X Series Next-Generation Firewalls ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers ASA 1000V Cloud Firewall Adaptive Security Virtual Appliance (ASAv) Firepower 2100 Series Security Appliance Firepower 4110 Security Appliance Firepower 4120 Security Appliance Firepower 4140 Security Appliance Firepower 4150 Security Appliance Firepower 9300 ASA Security Module Firepower Threat Defense Software (FTD) FTD Virtual
Cisco has released new software updates February 5th, 2018 that address this vulnerability. The only method of eliminating this threat is by applying a patch to the affected devices. In order to download the patch, Cisco states, "Customers may only install and expect support for software versions and feature sets for which they have purchased a license....Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades."
If one of your devices is listed and you are a Managed Services client, LeeShanok will be contacting you in the near future to update your software. If you are not a Managed Services client, we can still help evaluate and patch your vulnerabilities. Contact us to schedule service.
LeeShanok takes IT security seriously and it is our duty to inform our clients about potential threats and vulnerabilities that can affect your business. LeeShanok is monitoring the current status of available updates and will continue to inform its clients of any new information. If you have any questions or need assistance with checking and updating your devices, please don't hesitate to contact us.
LeeShanok has been nominated for a second time to be part of the Cisco Small Business Executive Advisory Board (SBEE). Cisco executives and senior management teams will meet with board members to encourage quality, interactive dialogue on the development of small business products, solutions, services, marketing programs, tool and initiatives.
The cornerstone of the SBEE is the opportunity to influence Cisco’s overall strategy and future direction in the small business segment.
“This is a great opportunity to partner with Cisco Systems, a leader in the technology industry, in support of providing new technologies that makes sense to small businesses. Being part of SBEE is a great opportunity to allow us to be the spokesmen on the technology needs for small businesses to Cisco”, LeeShanok said.
About LeeShanok LeeShanok Network Solutions has provided professional IT consulting services in Arizona since 1997.
About Cisco Cisco (NASDAQ: CSCO) is the worldwide leader in networking that transforms how people connect, communicate and collaborate.
For more information, media contact: [Eric LeeShanok, LeeShanok Network Solutions (520) 888-9122, firstname.lastname@example.org]
The PCI Security Standards Council maintains and promotes security standards for the Payment Card Industry, providing tools to assess, train and certify companies involved in eCommerce. Credentialing of vendors help industries like Property Management reduce exposure by identifying PCI Compliant vendors. Don't worry, your selection of LeeShanok Network Solutions was a wise move, as we are PCI compliant and a member in good standing of The Compliance Depot.
On June 30, 2018, the eCommerce industry will say goodbye to SSL and early versions of TLS, and so should you.
SSL and TLS are cryptographic protocols used to create secure communications between two systems, authenticating them, and protecting the confidentiality and integrity of data passing between. SSL and early versions of TLS have vulnerabilites that cannot be patched and put organizations at risk of being breached.
Here is what you can do:
1. Attend a webinar to better understand the issue and recommendation, and if it affects your firm and payment card transactions - https://info.pcisecuritystandards.org/webinar-migrating-from-ssl-early-tls-video-2018 2. Enlist the help of your IT services vendor. If you are a Managed-IT client of LeeShanok, we've got you covered. If not, we can help you evaluate exposure and guide your conversion. 3. Migrate your devices to TLS 1.2, configure it securely, and keep it updated.
Contact us to discuss your situation, exposure and migration
We hope 2018 is shaping up to be both prosperous and predictable for you and your company. There are many potential barriers to company success, and CyberCrime continues to derail the best laid plans. Phishing attacks continue to be the top method for hackers to gain unauthorized access to sensitive data. And End-user Security Awareness Training leads the pack in effective defenses. Many compliance and regulatory requirements require evidence for auditors to review.
Today's workers need to be exposed to realistic scenarios that require they look, recognize and decide without introducing infection into their organization. Some worker's require accountability to their email and surfing behaviors, otherwise they tend to click on anything.
Ever wonder about the Top 10 Global Phishing Email Subject Lines? Click Here
LeeShanok Network Solutions has evaluated and partnered with the best and brightest Security Awareness Training platform available today.
The methodology is simple:
A typical Security Awareness Training will include:
1. Baseline Testing - assesses "Phish-prone" users through simulated phishing attacks.
2. Train Your Users - workshops, interactive modules, videos, games, posters and newsletters.
3. Phishing Your Users - best in class, automated simulated attacks using huge library of phishing templates with unlimited usage
4. See the Results - enterprise-strength reporting, shoring stats and graphs for both training and phishing, ready for management to make decisions.
5. Targeting Weakness - The analysis includes training reports for all users, categorized lists of "clickers" who failed simulated attacks, who repeat steps 2-4, as well as individual user "report cards" with their open and click history.
The combination of web-based training and frequent simulated phishing attacks really works.
This is a new offering, and we are excited for you to benefit as we have. Feel free to contact us to discuss the process and your particular needs.
LeeShanok Network Solutions will be hosting a booth at the Arizona Multihousing Association Phoenix Trade Show May 10, 2018.
You know the proverbial "lump in the throat", a common reaction among ethical rational people when viewing this latest attack on innocent human life.
Some of the recently discovered scams will strum your heartstrings into picking links or downloading flyers for...
- Blood drives
- Gun control
- Exclusive videos
- Donations to charities
- Contributions to the families of victims
Our anti-phishing partner, KnowBe4.com, recommends each of us communicate with friends and family to be especially careful following sensational events (good and bad) with lots of news coverage.
Here's a tip we all should practice. When you receive an email, tweet, text message, phone call, or letter that you did not ask for, do not click on any links or buttons and do not call phone numbers in the message. Instead, open a web browser to a search field, and search for the organization. Then from their legitimate website, gather the email address or phone number and contact them directly. You can then safely pick most links with confidence, and gain legitimate access to resources without risk of infection or exploit.
For charitible donations, use the same technique by contacting the organization directly rather than through a link in an email or message. For blood drives, contact your local Red Cross directly rather than through any messaged link or downloaded flyer.
And if you are not sure, contact the experts at LeeShanok Network Solutions, and we will evaluate the situation and ensure your network remains safe.
Tips for Staying Safe
- Updates should come from an official manufacturer's website
- View emails from recognized senders only
- Verify the source before opening or downloading any files
- Check for grammatical errors or unusual information in emails
- Ensure that spam filters and antivirus are active and updated
LeeShanok takes IT security seriously and it is our duty to inform our clients about potential threats and vulnerabilities that can affect your business.
LeeShanok is continually on the watch for such threats and advises when a threat needs more than the usual caution and action is recommended. Cyber threats continually evolve and attacks are ongoing towards businesses and consumers. At this time, we would like to advise you about some of the current security threats that may require action on your part.
Spectre and Meltdown
As you may have heard, there are two new vulnerabilities called Spectre and Meltdown. These flaws in modern processors will potentially allow an attack on nearly every computer in the world which includes hypervisors, tablets, phones and laptops. An attacker could gain access to private information such as passwords and encryption keys from the memory of the exploited device.
How to Protect Yourself and Your Organization
Since discovery of these vulnerabilities, product vendors have started to release patches that will mitigate these issues. Here is some information for your particular product:
- Microsoft: Released a number of updates depending on your operating system. Run Windows update and install all appropriate patches. More updates are coming in the near future.
- Google: Chrome OS was patched December 15th.
- Apple: Released patches to the macOS on December 6th.
- Linux: Testing and releasing patches currently depending on variant.
- All other products: Perform updates on your hypervisors, tablets and cellular phones. Vendors will continue to send out patches for their products.
If you are a Hosted or Managed IT client, we are taking proactive steps to assess the immediate impact and we will reach out if there are any necessary actions needed.
Feel free to contact us to discuss your situation.