Blog

WiFi networks vulnerable – WPA2 security flaw KRACK discovered

“KRACK” security vulnerability discovered in WiFi Protected Access II (WPA2) security protocol

A security flaw has been discovered that could be used to hack into any device that uses WiFi, including smartphones, tablets, laptops desktop computers, laptops.  

Many modern Wireless networks use WiFi Protected Access II (WPA2) security protocol and security certification programs to secure the  wireless computer network.  WPA2 wireless protocol has a new security vulnerability called “KRACK”, which is short for Key Reinstallation Attacks.  This security flaw has been discovered by researchers at KU Leuven, a university in Flanders, Belgium

Attackers can use this to steal sensitive information that is sent over a WiFi network that uses WPA2, including credit card numbers, passwords and other sensitive information.  It may also be possible for an attacker to inject malicious information into the WiFi network which could include malicious ramsomeware and malware.  The attacker needs to be within Wireless range.  

The vulnerability is not per individual device but the actual WPA2 protocol, which means all devices that use WPA2 could be affected.  

What you should do about the WPA2 “KRACK” security flaw on your WiFi networks

KRACK does not use your WiFi password to get access to your network, so changing your WiFi password will not make you less vulnerable, although changing your password regularly is good practice.

Many WiFi product vendors will be releasing updated firmware and drivers for their products.  To protect yourself, we strongly recommend that you update your hardware as soon as an update is available.

For our clients who enjoy our Proactive Managed IT Support and Network Security services, we have details of all WiFi equipment and will continue to monitor when vendors release updates and will install them as soon as they become available.

The devices and hardware that will need to be updated, once patches are released, include the following:

  • Wireless Access Points (WAP) including Office and Home routers
  • Desktop workstations
  • Laptops/notebooks
  • Mobile phones
  • Tablets and e-readers that use WiFi
  • Home devices connected to WiFi including Apple TV, NEST, Amazon Echo and Google Home
  • Printers, both home and office, that use WiFi
  • Any other device that uses WiFi

Need more information about KRACK, below are some helpful links to give you more of an insight into the KRACK WPA2 Vulnerability.

Wordfence 

KRACKATTACKS

BleepingComputer has compiled a running list of vendors, that is being updated regularly, as more information on patches becomes available.

StaySmartOnline

At iT and Beyond, as part of the Proactive Managed IT Support we provide to keep our clients systems safe and secure, we regularly monitor security alerts from are security partners.

Contact Us if you need any assistance with your Network Security.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

IT Security Tips – RansomWare quiz

Sophos IT Security Tips RansomWare

One of our security partners Sophos, have some great IT Security Tips and have launched a Spot the Phish quiz to test your skills by spotting ransomware attempts.  There are some great prizes on offer.

Cybercriminals are often smarter than we think, and they’re using those skills effectively to make phishing emails harder and harder to spot.

 

Sophos RansomWare IT Security Tips – Spot the Phish RansomWare Phishing scam online quiz.

Sophos IT Security Tips RansomWare

 

Can you identify a phishing email from a legitimate one?

The new Sophos online Spot the Phish quiz, tests your skills to see how many fraudulent emails you can spot.

In this contest of speed and skill, correctly identify ransomware attempts from legitimate emails and be among the fastest participants and you’ll be eligible to win one of seven prizes: a 12” MacBook, three iPad Pros, or three iPhone 7s, complete with AirPods. But you better be quick as this is your final chance to play before this contest ends on the 20th of December 2016.

Don’t worry if you are not sure as there will be a chance to participate in the Sophos online phishing school to learn more.

This short Sophos video on our YouTube Channel also provides some great tips on IT Security:

Our Network Security solutions can show you how cost-effectively protect and maintain the security of your network, assets and data against external attack, providing you peace of mind.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Mobile Computing Amazon Go advanced shopping

Amazon Go Mobile Computing – a whole new way to shop, featuring the world’s most advanced shopping technology.

Mobile computing and our ability to harness its benefits to improve productivity has come a long way and continues to revolutionise business and every day activities.

Online retail giant Amazon, published this video on Monday 6 December, 2016 on their new physical store concept.

No lines, no checkout.  Shoppers simply use the Amazon Go app on their smartphone,  take the products they want, and go!   Just walk out, without getting arrested.  Technology detects your selected items and automatically charges your Amazon account when you leave the store.

Learn more at http://amazon.com/go and World Economic Forum article.

Our Mobile Computing services can show you how to take your business connectivity needs to the next level.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Award Winning IT Support systems for Small Business, Accounting Firms and Not-For-Profit organisations

Award winning IT Support Small Business Accounting firm NFP

Selecting IT Systems that are right for your business

As is the case for our small business, accounting firm or not-for-profit (NFP) clients, the IT Systems we choose, need to reduce our costs, increase our productivity, mitigate business risks and assist us to provide superior customer service to our clients.

At iT and Beyond Pty Ltd , we practice what we preach when it comes to selecting IT Support Systems, including strategic research, investment and ongoing development of breed-of-breed technology that provides automation throughout the entire delivery of Proactive IT Support services we provide.

Although the IT Support industry is spoilt for choice of IT Systems Management solutions and tools, careful cost-benefit evaluation and ongoing improvements are required to maximise investment benefits.  Some computer support tools are designed for specific tasks, whilst other solutions are feature rich and include components such as 24x7x365 Remote Monitoring & Management, Remote Control, Patch Management, Network Discovery & Performance, IT Automation, Backup and Disaster Recovery, Security, Professional Services Automation, Project Management and Customer Relationship Management.

After strategic research and testing of available solutions, we chose a unique IT Systems Management framework and online Client Support Portal that are both powered by leading global provider Kaseya and driven by Best Practice.

  • Kaseya Virtual System Administrator (VSA): Remote Monitoring & Management (RMM)
  • Kaseya Business Management Solution (BMS): Professional Services Automation (PSA) and Client Support Portal

Both IT Support systems are cloud based Software as a Service (SaaS) solutions.  They provide the flexibility needed to customise Proactive IT Support configurations for our small business, accounting firm or not-for-profit clients.  We continue to invest in ongoing development and improvements and their ability to help us prevent problems before our client’s notice them.

Kaseya’s solutions may not be the cheapest in the market, but as is the case with many IT Solutions, you get what you pay for.

Award Winning IT Support systems for Small Business, Accounting Firms and NFPs

Good to see Kaseya’s Virtual System Administrator (VSA) RMM solution has just won another industry award. See Kaseya’s recent blog post for more details.
Award Winning IT Support Small Business Accounting firm NFP

Click here to learn how iT and Beyond Pty Ltd can help you save on IT costs with our Proactive Managed IT Support Services for your business in Melbourne.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Malware called DressCode infects apps in app stores

Apps infected with Malware called DressCode

Apps infected with Malware called DressCode are reportedly on the rise from application stores.

Dresscode Malware enables attackers to use your Android device to launch attacks against another

person or organisation’s online services or gain access to corporate servers and information.

Reports from TrendLabs Security Intelligence  state that even games and themes maybe infected with DressCode.

Other  reports state that 400 compromised apps have been detected on Google Play and more than 3,000 have been detected overall. 

Keeping your device safe from Malware DressCode

One of our security partners Sophos  recommends to keep your device safe by installing

Sophos Security for Mobile which is specifically designed for Android which can help identify

malicious or potentially unwanted applications.

We can can also show you how cost-effectively protect and maintain the security of your network, 

assets and data against external attack, providing you peace of mind with our Network Security Solutions.

Google Play also have some tips on protecting against harmful apps and recommends you check the star 

ratings and reviews of an app and the number of times the app has been downloaded before deciding whether or not to proceed.

 

More information 

Stay Smart Online‘              ‘Sophos Security’

iTandBeyond are an SSO Partner & Sophos Silver Partner

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Be careful when installing Java Updates – more FoistWare

Be careful when installing Java updates - more FoistWare installed

Exercise Caution when installing Java Updates

Caution when installing Java Updates is required or you may be tricked into installing FoistWare.

What is FoistWare (also called CrapWare)?

Firstly, lets explain what we mean by FoistWare.  FoistWare is a tactic used by software developers to install additional software during the installation process, sometimes without the users knowledge or consent or with deceptive messages that trick the user into installing the additional software.
Often if you accept the default installation options, the unrelated third-party software is installed.
The FoistWare itself may be a legitimate program, though the manner in which it is installed makes it FoistWare.
The software developers try to make a quick buck by tricking users into installing software they don’t need, which can impact on system performance.
Some FoistWare applications are browser hijacks that modify your web browser’s settings without user’s permission, which can inject unwanted advertising, replace your existing home or search pages.

This tactic is sometimes used by Freeware software developers and has been used by Oracle for many years when installing updates to their popular Java software.

What is Java (by Oracle)?

Java is a programming language and computing platform used on many devices from laptops to datacenters, game consoles and mobile phones. Lots of applications and websites will not work unless you have Java installed.
For Australian Accounting firms and Businesses, one especially relevant application that needs Java is the Australian Government’s AUSkey secure login, used to access participating Government websites.

Oracle is at it again installing deceptive software with Java Updates

Java Updates have previously tricked users to install the Google Toolbar, Yahoo and Ask Toolbar and Search App.  Here’s one example of what users were prompted with when installing previous Java Updates:

Caution installing Java Updates - Previous Java Update defaulting to install Ask Search

Previous Java Update defaulting to install Ask Search

The latest Java updates now try to trick you into installing the Teoma Search App:

Caution installing Java Updates - Latest Java Update Install Offer Teoma Search App

Latest Java Update Install Offer Teoma Search App

Other vendors that have been purveyors of FoistWare include:

  • Adobe when you download Flash Player, included Google Toolbar for Internet Explorer or when you download Reader downloaded Google Chrome.
  • Skype

Our Recommendations for Caution installing Java Updates

It is important to install patches and updates for all software, including Java. If you don’t install the latest Java update, you may not be able to use your AUSkey to access Government websites.
When installing software, including updates, always review installation questions/options, rather than simply accepting the Defaults and clicking Next, Next, Next.

If you require any assistance with installing updates, removing any unwanted FoistWare inadvertently installed, or removing any browser hijacks, please Contact Us.

See the following articles for more information on Java Updates installing FoistWare:

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Can Small Businesses Afford Proactive Managed IT Support?

Can Small Businesses Afford Proactive Managed IT Support?

Affordable Small Business IT Support

When determining the affordability and Return on Investment (ROI) of engaging with Proactive Managed IT Support Providers, Small Business Owners often find themselves in a position of trying to balance a limited budget while making sure they have the proper tools to grow their business.  It is a challenge many business owners face, in that they recognise the need for additional products or services that will allow their business to continue to thrive.   However, funds may be in short supply to achieve these goals.

Faced with this challenge, many small business owners are forced to make difficult decisions as to where they can afford to spend money to improve their business.  One of the areas in which business owners are on the fence is whether or not hiring a Proactive Managed IT Support Services Provider is something they can afford.  In some cases the cost is not worth the benefits, however there are many situations where cutting costs will end up costing you more money in the long run.  Here are a few reasons why managed IT support service providers may be more affordable than the alternative.

Technology – In order to be competitive today, small businesses must remain up-to-speed with current technology.  The amount of money invested in this area can be quite large, making it necessary to ensure you have someone in your corner who can help manage and support the technology used in your business.  While the average person is becoming increasingly well versed in the use of basic technology, there remains a need for experts in the industry to ensure your business can stay up and running on a daily basis as well as in the event of a natural or man made emergency.

Internal IT Department – Larger corporations have the budget necessary to support an internal IT department that provides expertise and support of the technology used by the company. Small businesses do not have the same resources and often find themselves either without backup or paying a high price when they have to bring in an outside expert.

Services provided by Proactive Managed IT Support Providers, also known as Manged Service Providers (MSP’s) – When a small business enlists the help of a Proactive Managed IT Support Service Provider, they will agree to a Service Level Agreement (SLA) which covers specific services at a specific price.  This allows the the small business owner to see upfront what they are paying for and how it will work in the budget.

Depending on the business, these services can be customised to meet the specific needs of the client, making it possible to reduce costs in certain areas.  There are many reasons why a small business owner might feel Proactive Managed IT Support service providers are not something they can afford.  Unfortunately the services provided are often not realised until there is an emergency, where small business owners quickly discover the amount of money spent to “fix” a problem or recover from a disaster is much more expensive than planning for it in the first place.  In this case it is not a matter of if you can afford Proactive Managed IT Support services, rather if you can afford NOT to have them.

Click here to learn how iT and Beyond Pty Ltd can help you save on IT costs with our Proactive Managed IT Support Services for your business in Melbourne.

 

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

WARNING – new document virus threat in your Inbox

Warning Document virus threat in your Inbox

Another new Document based virus threat is doing the rounds via email.

Several clients in the last few days have reported receiving an email with a Word Document attachment, almost identical to the following email.  It is highly likely the Word document contains a new Virus, MalWare or Trojan Threat.

Check out our previous Blog article for more information on Document Based Malware on the Rise.

Our Business IT Solutions gurus have scanned the suspicious Word doc and although leading anti-virus solutions are not as yet detecting any Threats, telltale signs the email is bogus include:

  • Sender email address domain name (verizon.net) does not match the company name (Onto It Web Services)
  • Sender email address name (phys-mgmt) does not match the senders name (Leigh Wilson)
  • ABN is bogus an not listed on Australian Business Register
  • Very few accounting systems email invoices as Word docs, most are sent as PDFs
  • Highly irregular for the body of an email to be addressed to persons Full Name and Title.  It is interesting that the Full Name, Title, and matching email address have been harvested from somewhere.

Due to our suspicions, we submitted the Word doc to several leading anti-virus vendors for assessment.  In addition to reporting back to us, we also expect updates to their anti-virus definitions soon.

UPDATE: Symantec Security Response have responded to our file submission and confirmed:

  • Determination: New Threat
  • Submission Detail: This file is detected as W97M.Downloader (a Word macro trojan) with our existing Rapid Release definition set.  Protection is (now) available in Rapid Release definitions with a sequence number of 180266 or greater.

What should your virus strategy include for Document based threats?

As new threats are not immediately detected by anti-virus software, please continue to exercise caution when opening email attachments.  You are the first line of defence against Virus, Torjan, MalWare and other Threats.

Contact Us if you need any assistance with your anti-virus strategy or Network Security.


Email received with Word document virus threat attachment:

From: “Leigh Wilson” <phys-mgmt@verizon.net>
To:
Date: 31/08/2016 01:21 PM
Subject: iT and Beyond Pty Ltd; Neville, See and Remit – NET-30 01C956044

Dear Neville Rose,
CEO and Founder

I am getting in touch to let you know that we haven’t received deposit of AUD 1,402.00 from iT and Beyond Pty Ltd (), which appears unpaid.
Since you are our returning client, we are offering you 7 additional days to make the payment. Please check the inserted document for payment requisites.

Best Regards,
Leigh Wilson
Onto It Web Services | Accounts Department
A.B.N 29 740797125
Burke Road Camberwell Victoria 3124

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

CompTIA Dream IT Video Advancing Women in IT

CompTIA Dream IT Video – Advancing Women in Information Technology industry

Computing Technology Industry Association (CompTIA) is a global Information Technology Industry Trade Association and leading voice for the IT industry.  CompTIA has developed a portfolio of IT education, IT certification, IT advocacy and IT philanthropy that empower IT companies worldwide with knowledge and resources.  CompTIA’s Dream IT program is a global effort, led by CompTIA’s Advancing Women in IT (AWIT) Community, to impart the message that the IT industry is a great place for women.

Learn more about CompTIA’s Dream IT initiative in this informative, locally produced video, which interviews women in IT and showcases the diversity of roles in IT careers.

IT covers almost every industry, and does not mean a lifetime in a highly technical role.  Whether you are interested in Science, Technology, Engineering and Math (STEM) based subjects, are creative, or are business driven there is a role in IT for you.

CompTIA Dream IT Video Advancing Women in IT

 

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

IT Security Tips – Zepto Ransomware

IT Security Tip – Ransomeware is Growing – Zepto

Ransomeware is growing bigger as it is an easy way for cyber criminals to gain access to users personal data.  It’s not like your normal virus that gets installed via a software installation.  In most cases it is delivered via email with a document attached.  When a user opens this document a script is set in motion which downloads the ransomware then in turn infecting your data.  Zepto is not really any different to other ransomware its just like the Locky or Crypto Locker virus’s and they all want to achieve one thing, and that is getting you to pay a ransom to retrieve your data back.  

How it is delivered

Zepto is delivered via email with an ZIP archive file  and a DOCM file attached.   In the first case, opening up the ZIP archive will unpack a file with a .JS (JavaScript) extension. Opening the JavaScript file, however, runs the script program inside, which in turn downloads the ransomware as an EXE (Windows program) file, and runs it.

 

In the second case, the attachment is DOCM, so that double-clicking on the file opens it by default in Microsoft Word. But DOCM is short for “document with macros,” a special type of document that contains embedded scripts written in VBA (Visual Basic for Applications).

Macros inside a Word file don’t run by default (a security precaution introduced many years ago by Microsoft), but they do produce a prompt “Security Warning Macros have been disabled”

If this is enabled the JavaScript will download the ransomeware, run it and encrypt all of your files. The cyber criminals will have a copy of these decyption keys and offer to sell them back to you. They only use bitcoin as payment and normally around BTC-0.5 which is about $300.   So beware if you have an email message to lines of  ‘Attached, please find the documents you requested”  as it is most likely a fake!

More information can be obtained from our cyber security Partners Sophos and Symantec.

Our Network Security solutions can show you how cost-effectively protect and maintain the security of your network, assets and data against external attack, providing you peace of mind.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →
Page 1 of 3 123