secure data center

Zero-Day vulnerability in iTunes and iCloud Apps on Windows PCs allowed ransomware to be installed

/in /by

A vulnerability in the Bonjour component in both iTunes and iCloud for Windows was exploited to install malicious applications.  Apple has released a patch update for iTunes 12.10.1 and iCloud 7.14, so PC users should check that they have both updates installed.

The worst part of this issue is that no anti-virus will catch it since the actions being done, were being done by a signed Apple application, and therefore flagged as ok.   In addition, uninstalling via the iTunes uninstaller doesn’t automatically remove Bonjour, leaving your PC vulnerable even if you have uninstalled the application.

The primary vehicle for the ransomware exploit is called BitPaymer.

This is a good reminder that updating third-party applications is a critical component of a broad based security posture.

 

 

Windows 7 end of support January 20th, 2020

/in , /by

Yes, another article on the end of support for Windows 7.

We’re now in June, and there is limited time to plan your workstation upgrades and work with your software vendors to upgrade your servers to 2016 or 2019 server.

Workstation Roll outs:  If your business is still running Windows 7, now, really, now is the time to start placing those orders for new equipment.

The old way was to have your own image, to write over the OEM image on the new desktop or laptop.

  • 10-30 users – just plan on manual deployment
  • 30-500 users, and an Office 365 Azure Active Directory Premium customer- you might benefit from Microsoft Autopilot.
    • Cloud based
    • Zero Touch
      • After profile configuration
    • Direct shipment from Manufacture (Acer, Dell, HP, Lenovo, Panasonic, Microsoft Surface and Toshiba)

What Microsoft has done, it really cool and helps companies simplify the roll-out of new devices, no matter what network they connect to.

You have granular control of what the end user sees when they first logon to the device.

  • End-user license agreement (EULA): (Windows 10, version 1709 or later) Choose if you want to show the EULA to users.
  • Privacy settings: Choose if you want to show privacy settings to users.
  • Hide change account options (requires Windows 10, version 1809 or later)
  • User account type: Choose the user’s account type (Administrator or Standard user).
  • Allow White Glove OOBE
  • Apply device name template: Choose Yes to create a template to use when naming a device during enrollment. Names must be 15 characters or less, and can have letters, numbers, and hyphens. Names can’t be all numbers. Use the %SERIAL% macro to add a hardware-specific serial number. Or, use the %RAND:x% macro to add a random string of numbers, where x equals the number of digits to add.
  • Language (Region)*: Choose the language to use for the device. This option is only available if you chose Self-deploying for Deployment mode.
  • Automatically configure keyboard*: If a Language (Region) is selected, choose Yes to skip the keyboard selection page. This option is only available if you chose Self-deploying for Deployment mode.

So, if you are a corporate customer, with Office 365  work with your solution provider to add Office 365 Azure Active Directory Premium services to simplify your Windows 10 deployment options.

network security experts

Is your business paying attention to cyber-security?

/in /by

There are many resources available to help your IT team or outsourced partner meet some of the basic policies to protect your business: A network with a firewall, encrypting data, cyber-security insurance and a next generation AI endpoint protection.

But despite these options, over a third of organizations still admit they are unprepared for cyber attacks, according to the eSecurity Planet’s 2019 State of IT Security survey.

Some questions to ask your IT service provider:

  • Do we perform penetration testing?
  • Do we perform phishing email response testing and education?
  • Do we perform threat hunting? (are we already compromised?)
  • How often to we review our cyber-security preparedness?
  • How quickly could we recover critical data from a backup in case of crypto virus?

But you may be thinking, I’m a small business and not a target for any cyber security issues.   Unfortunately, especially with phishing, your data might be a target due to the lack of formal education to help your users make good decisions when they receive a phishing email.

It is also a good idea to have  a professional IT consultant review your Microsoft Office 365 tenant for security best practices.