Cyber Security
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.wired.co.uk/
During 2020, institutions of all kinds were forced to adapt to a dynamic world where the usual projections and five-year marketing plans did not apply. Economic reports show marked GDP reductions of greater than 20 per cent in many countries, with a continued decline into 2021. Businesses and workplaces will increasingly turn to models of work in dynamic fields – such as cybersecurity – to make them more resilient.
Organisations that emerge out of the pandemic and the ensuing economic turmoil will have spent 2020 continually adapting to previously unimagined circumstances. This is a very familiar environment for people working in security, and particularly cybersecurity because quite often we don’t know what the next couple of hours will look like. Businesses of all kinds will discover the need to adopt fluid models and frameworks developed in a dynamic field and use them to redirect money, personnel and resources rapidly.
Typically, most businesses rely on static, predictive data analysis for growth and sustainability. The study insights and information from the previous few weeks and base predictions on them. However, these statistics can be rendered virtually useless within the next hour. Instead, businesses must start using data as they get it, proactively seeking out problems that could pose danger – just as cybersecurity specialists do.
Many cybersecurity frameworks can be modified to suit businesses more broadly. One example is data orchestration – where information that has been siloed in various parts of an organisation is collated and made available for rapid analysis.
Another is the concept of common vulnerability exposures (CVEs). This is a standardised identifier for known vulnerabilities, such as a weakness in a certain kind of encryption or exposure such as a large data breach in the last two years. Lists of these are available for any organisation looking to improve its cybersecurity. A version of this approach for other industries – known issues with certain suppliers, for example – could be used to make all kinds of firms more resilient.
In cybersecurity, we often take a three-pronged approach: detect what the potential threat is; take immediate action to protect information; and establish long-term defences to systems, such as new kinds of encryption. Businesses will find that adopting these processes and tools – especially their emphasis on the early detection of potential threats and the sharing of information when necessary – will help future-proof operations.
Early adopters will be the winners here. Workplaces and organisations that embrace the reality of a dynamic environment, rather than yearning for static working and legacy business models, will outperform their competitors. In 2021, companies and institutions that adopt principles such as data orchestration and CVEs, will find they’re in a better position to survive.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.wired.co.uk/
Microsoft is preparing to quarantine malicious versions of the SolarWinds Orion application used in recent nation state attacks, in a move that may crash systems.
The computing giant had previously released detections to alert customers of its Windows Defender security product if they were running the malicious updates. Although it was recommended that such customers isolate and investigate any such devices, the decision was down to them.
However, in an update yesterday Microsoft effectively said it was taking the decision out of the hands of its customers.
“Starting on Wednesday, December 16 at 8:00 AM PST, Microsoft Defender Antivirus will begin blocking the known malicious SolarWinds binaries,” it said.
“This will quarantine the binary even if the process is running. We also realize this is a server product running in customer environments, so it may not be simple to remove the product from service.”
Over the weekend reports emerged that a previous attack on FireEye was part of a much larger Russian intelligence plot to steal sensitive information from US government and countless other unnamed organizations.
The vector was Orion updates which the attackers managed to seed with malicious binaries used to install the Sunburst (aka Solarigate) backdoor malware. SolarWinds confirmed to the SEC that 18,000 customers were affected.
However, as the product performs crucial network management operations, Microsoft’s decision could theoretically cause some disruption.
“It is important to understand that these binaries represent a significant threat to customer environments,” it argued. “Customers should consider any device with the binary as compromised and should already be investigating devices with this alert.”
Microsoft urged victim organizations to immediately isolate affected devices, identify accounts used on the device and assume they have been compromised, reset passwords, look for lateral movement tools and more.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.infosecurity-magazine.com/
Twitter has been fined over half a million dollars for violating European Union data protection laws in the first EU-wide privacy case.
The EU’s chief data watchdog today announced that it has issued an administrative fine of 450,000 euros ($547,000) to the social media titan for being too slow to notify Android phone users located across the EU of a data breach that threatened their privacy.
A further finding of the investigation into the breach by Ireland’s Data Protection Commission (DPC) was that Twitter failed to adequately document the security incident.
The DPC’s investigation into the incident commenced in January 2019 following receipt of a breach notification from Twitter. On Tuesday, the DPC stated that Twitter “infringed Article 33(1) and 33(5) of the General Data Protection Regulation (GDPR) in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach.”
Under EU data protection rules, it is a requirement to report a breach within 72 hours of discovery.
The commission described the not insignificant financial penalty levied on the American company as “an effective, proportionate and dissuasive measure.”
According to the Binding Decision of the Board, the data breach arose from a bug in Twitter’s design that caused the protected tweets of Android device users to become unprotected without their consent if users changed the email address associated with their Twitter account.
The bug, which affected 88,726 EU and EEA users between September 2017 and January 2019, was traced back to a code change made on November 4, 2014. It was discovered on December 26, 2018, by the external contractor managing Twitter’s bug bounty program.
Referencing the significance of the Twitter inquiry, the DPC stated: “The draft decision in this inquiry, having been submitted to other Concerned Supervisory Authorities under Article 60 of the GDPR in May of this year, was the first one to go through the Article 65 (‘dispute resolution’) process since the introduction of the GDPR and was the first Draft Decision in a ‘big tech’ case on which all EU supervisory authorities were consulted as Concerned Supervisory Authorities.”
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.infosecurity-magazine.com/
Did you find a seemingly normal USB stick on the ground outside your work? How about in the lobby, where the public can come and go as they please? Did you find something that doesn’t seem to be your company’s preferred brand of USB stick, or even not branded at all? Is it strangely heavy for a typical USB stick?
DON’T plug it in. Here are some reasons why.
As it’s now 2020 and WannaCry has made the news more than once, you’ve probably heard of ransomware, a type of malware that encrypts files, and threatens to destroy them if money is not sent to the hacker.
USB sticks are one of many ways this virus finds itself into your most important files, pictures, and documents, and it’s notoriously difficult to get rid of. In the time it takes to discover it and attempt to neutralize it, the hacker can simply *poof* the files away if they realize you’re not going to pay.
And deleting them isn’t the only way they can cause pain. Copying the files somewhere and then releasing them online can be disastrous for certain industries and businesses, even worse than just destroying the files, and the hackers know that.
Do NOT plug strange USB sticks into your device. Even if it looks like someone from your office might have dropped it, if you don’t recognize it? Don’t plug it in. Keep it on your desk or turn it in to the IT department and wait for them to come looking for it.
If the ultimate goal of the USB isn’t money, malware is another widely used way to completely wreck a computer. Sometimes malware is aiming to destroy a business’s computer network, or looking to steal secrets without ransom, or infect other computers on the network and eventually break them all at once. This is where something like AI-driven antivirus comes in handy: if something is propagating very quickly across all the devices on a network, and it’s not officially licensed, and it’s bringing a bunch of .exe stuff with it – antiviruses designed around behavior and not fingerprinting will take notice. They aren’t impenetrable, but it takes more to get around them than it does to get around a classic antivirus.
Again, don’t fall victim to Social Engineering and plug in a USB you found on the floor.
If you thought your anti-virus was enough to stop something nasty from creeping in on a USB, you’d be wrong. There’s more than one way to go about breaking a machine.
A USB killer is a device meant to cause harm to the device’s hardware. Essentially, it takes charge from the computer with a capacitor and then redirects it back. “How much damage could the power flowing to the USB port actually cause?”, you may ask. USB killers aren’t simply redirecting the energy back into the computer at a one-unit-in one-unit-out basis. Instead, they use a capacitor. A capacitor behaves kind of like a balloon rubbed on a carpet: it stores charge in a ‘field’ (the balloon in that example) passively. It doesn’t really matter how much power is leaving the USB port, as long as there is power – when the capacitor gets to its limit, it discharges back into the computer, like the static shock you’d get from the doorknob after scooting across the carpet in socks, but many times larger. Up to 215 volts larger, according to Hackaday.
USB killers are becoming rarer, but they aren’t extinct.
So why would someone want to use a USB killer or destructive malware, instead of using ransomware or straight file-stealing?
There are a lot of answers.
Some people just want to break expensive things, and don’t care what that is. Some people are looking to slow down business opponents or gauge weaknesses within the organization. Sometimes something expensive or hard to replace is stored on the computer, and the hacker wants it gone. Sometimes it can even boil down into terrorism, depending on the industry.
The long and the short of it is that you shouldn’t plug in a USB if you don’t definitely recognize it as yours.
Sources: https://resources.infosecinstitute.com/topic/usb-killer-how-to-protect-your-devices/
Report finds many attacks focus on companies least impacted by COVID-19 outbreak
Web application attacks have increased by over 800%, according to the State of the Web Security for H1 2020 report.
Published by CDN and cloud security provider CDNetworks, the report found that during the first half of this year, web application attacks, which use malformed requests or injected payloads to steal data, modify data or obtain privileges illicitly, increased nine times relative to H1 2019.
CDNetworks saw and blocked over 4.2 billion web application attacks during H1 2020.
The statistic show that web application attacks in the public sector surpassed attacks in retail venues, making the public sector the single most attacked industry during this period
“In fact, over 1 billion of the web attacks were targeted toward the public sector, which accounts for 26% of total attacks,” the report says. “Equally disturbing is the fact that with artificial intelligence (AI) becoming a vital part of cybersecurity, hackers are now using machine learning to detect and crack vulnerabilities in networks and systems.”
The company collected anonymized data from its clients and said the statistics showed enterprises are “experiencing challenging times in their attempts to defend against cyber attacks and protect their online assets.”
The report also found that DDoS attack incidents saw over a 147% year-on-year growth as of H1 2020. This increase peaked in February and March and remained at elevated levels. Similarly, attack peaks more than doubled in H1 2019 compared to H1 2020. The study found the most prevalent DDoS attacks were SYN flood at 53% and UDP flood at 35%. ACK flood and ICMP flood attacks were significantly lower at 8% and 4%, respectively
According to the report, bot attacks nearly doubled in 2020 with 10.38 billion bot attacks blocked by the firm. CDNetworks said this figure was 97% higher than H1 2019. On average, CDNetworks blocked 660 bot attack incidents, nearly doubling H1 2019.
Bot attacks relate directly to economic trends. In previous years, bot attacks focused on tourism and related industries, such as transportation and hospitality. But COVID-19’s impact on tourism and hospitality, online services, e-commerce and gaming are now bot attacks’ primary targets.
The report added that hackers are extremely sensitive to industry transformations and switch their attack tools and methods to keep pace with these changes.
“Nowhere is this more evident than with the Covid pandemic, where a decline in the tourism industry has prompted attackers to move toward exploiting online learning, telecommuting, and other businesses that are flourishing during the current pandemic,” the report’s authors said.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.itpro.co.uk
Whether or not you made the journey back to the office during the relative relaxation of restrictions during the summer months, we’re all working from home again now.
The difference between the last lockdown and this one is that this time we know the drill. Charities have had time to find out what works for them and what doesn’t and to build digital processes with an eye towards longer-term sustainability.
According to a recent survey, more than 74% of organisations are planning to permanently shift to a more remote way of working, with 83% of employees stating that they would like to continue to work from home at least occasionally.
It’s arrived sooner than many of us hoped, but we now have the opportunity to fine-tune our digital systems, and to make sure that our operations are optimised for maximum efficiency.
Microsoft Teams has been a constant companion for many of us during 2020. As organisations prepare to move services back online, at least for the remainder of the month, we examine how charities can get the most out of their subscription. If you’re new to the platform, you can learn the basics here, before coming back to learn about these more advanced features.
Teams is a great way to stay in touch with your colleagues. But if you’re part of a larger organisation, or even just one with a lot of group chats, the incessant pinging can get to you.
If you come back to your laptop after lunch to find you’re swamped with notifications, it can be stressful having to sort through them all and worrying you might have missed something vital.
Luckily, Teams comes equipped with a solution: an array of fully-integrated bots!
The handy little helpers can help automate a number of simple tasks, saving you time and cutting down on admin. Check out this list of some of the most popular bots to get you started. Or, if you’re in the market for something a little more bespoke, Microsoft offers guidance on setting up your own.
One of Teams’ most appealing features is the quick and easy file-sharing.
But if you and your colleagues are sending files back and forth all day, it can be easy to lose track of who, what, where and when (and maybe even why).
Not to worry – locating any missing files is simple. In any conversation or channel, you have two options. You can click the ‘files’ tab to see a dropdown list of files shared in that channel. Alternatively, you can enter a keyword in the search field, and find select files quickly.
Searching private channels can be a bit more complex. Because each private channel has its own SharePoint, separate from the parent team site, files shared a private channel are managed independently.
Teams doesn’t support this manner of content search for a single channel. This means that the whole parent team must be searched. To perform a content search of a private channel, search across the team, the site collection associated with the private channel (to include files), and mailboxes of private channel members (to include messages).
This can be a tricky process. Luckily, Microsoft offers clear and actionable guidance on the subject.
Because so many Teams users find the platform intuitive and simple to grasp, we can often use it very casually. It is common to disclose important information with colleagues over Teams. We can do so safe in the knowledge that Microsoft’s market-leading security is keeping sensitive data safe.
But any security system is only as strong as its weakest link. A lost or stolen device can lead to a data breach with serious consequences.
Think for a moment about the messages you have sent via Teams over the past few days. Consider any personal or sensitive conversations you might have had, as well as any vital organisational files you might have shared. Would you feel comfortable with this information finding its way into the hands of cyber criminals?
If not, then you might want to take advantage of Microsoft 365’s security features – specifically, Mobile Device Management (MDM) and Multi-Factor Authentication (MFA).
Microsoft 365 offers a simple MDM system. This allows admins to create and deploy a number of security policies to help secure your data from threats. For example, you can set a policy so that a device will lock after a set time of inactivity, or after multiple sign-in failures.
Microsoft 365 also offers the capability to remotely wipe corporate data from a device. This has both its pluses and its minuses. It will ensure the security of your data. However, it is best used as a last resort, as this action will wipe everything on the device.
For more advanced MDM functionality, Microsoft Intune Device Management Platform offers enterprise level security.
Together Mode is a popular recent additions to Teams’ features. You may have seen it across various social media platforms or in memes over the last few months.
This virtual filter can give the appearance of your team all being in a room together. The feature connects meeting attendees by bringing their video feeds together in one space. It does this by embedding visuals from separate cameras into a shared environment. This is an alternative to the grid layout that places camera feeds side-by-side.
With teams working for extensive period of time, digital solutions like this can help to boost morale and keep up camaraderie.
There are further upgrades you can make to Microsoft Teams to boost functionality and improve communications.
One of these is Teams Voice. This innovative new product from voluntary sector communications experts, Class Networks, lets organisations make and receive external calls through Microsoft Teams. This solution can take the place of their existing phone system, saving charities time and money.
By combining their telephony system with Microsoft Teams, Teams Voice represents a simple option and provides key benefits.
The first of these benefits is reduced cost. Leveraging the resources you’re already using on the Microsoft platform keeps costs to a minimum. This is because you’re not paying for anything extra like line rentals, SIP trunk rentals, cloud user licensing or phone handsets. Instead, Teams Voice makes the most of the Office 365 licensing and devices your charity is already paying for.
Teams Voice also allows charities to control costs by providing a calling plan for Microsoft Teams users to make unlimited phone calls to and from any local, national and mobile number.
Charities can benefit from a unified platform for all their internal and external communications. This means that means video meetings, instant messaging, file sharing and collaboration – with calls to and from people outside the organisation seamlessly included – can all be done through a single platform.
Users can make calls from any device or location with no specialist equipment needed. You can choose to use headsets or go hands-free, from the app, browser or a mobile device. This makes it a lot more convenient for users working from home or remote locations.
Charities don’t need to worry about keeping in touch with existing contacts, as users retain their existing numbers and can use all the traditional telephone functionality such ase ring groups, queues, auto attendants and voicemail. All of this can be managed through Microsoft Teams.
There are no additional user accounts with more passwords to manage, because staff simply use their existing user accounts in Microsoft Teams, putting you in control of security and saving time.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://charitydigital.org.uk/
As companies acclimate to remote working, it’s more important than ever to have functional, well-integrated software that can help co-workers connect with each other and share information — without needing to call a meeting.
Enter Microsoft Teams. Like other workplace integration programs, such as Slack, Teams allows you to easily communicate with your co-workers in one secure window.
Teams, slated to replace Skype for Business by July 2021, is able to do a lot of things that its competitors can’t thanks to its ability to easily integrate with Office 365. So on top of chatting with co-workers and creating chat rooms for smaller groups, you can also use a number of helpful Office applications, like Outlook, OneNote, and Excel.
Here’s an overview of how Microsoft Teams works.
What you need to know about Microsoft Teams
When you create a new Team and add members, they are all automatically added to the “General” channel. From there, you can create new channels for smaller teams or groups, which essentially function as different group chats or conversations.
For example, while your General channel might include everyone in your company, you might also create specific channels for different departments, like marketing, accounting, sales, etc. You could also make a single team for one department, if it’s a larger one, and divide that team into subsections from there. You’re free to organize your workplace however you choose.
These conversations will function as the main method of communication — though you can also message other team members privately at any time. Conversations are easily searchable, and you can even tag specific people if there’s a message you need them to pay attention to.
Within these conversations, you can easily schedule and carry out group calls with your team or channel — so now those midday meetings and end-of-week get-togethers can also happen right in the workspace app.
Microsoft Teams works with other Microsoft and third-party apps
Creating a new Team also creates a corresponding Planner, SharePoint, Office 365 group, and shared OneNote. All of these additional programs can be accessed directly from the Teams window and allow you to work on shared documents and projects simultaneously, without the need to send files back and forth.
These integrated workspaces appear as tabs in the Teams window. The three tabs that thereby default are Conversations, Files, and Notes. Files is a tab where you can open any Microsoft 365 file that you’ve shared in the workspace, so you don’t have to keep switching between windows whenever you want to work on a different project. Notes is a tab where your whole Team can keep running notes, for whatever purposes they deem necessary.
In addition to these integrated Microsoft programs, Teams also lets you add new tabs integrating other third-party software, like Asana or Soapbox. Even if your workplace doesn’t exclusively use Microsoft products for organization, you can still keep everything in one neat, convenient window.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.businessinsider.com
Low code app development will be available in Microsoft Teams meetings
Microsoft Teams users will now have access to low code tools through the new Power Apps and Power Virtual Agents apps, the company has said. The coronavirus pandemic has created a situation where individuals are no longer asking, “What is Teams?” and are instead continually looking for the platform to deliver new features.
The added functionality comes with more people working remotely and, as a result, requiring easy access to resources natively within the Teams app.
Businesses will soon be able to collaborate on app development and instantly share their creations with the rest of their organization through the Teams app store.
“The new Power Apps app for Teams allows users to build and deploy custom apps without leaving Teams,” a Microsoft blog explained. “With the simple, embedded graphical app studio, it’s never been easier to build low code apps for teams. You can also harness immediate value from built-in teams app templates like the great ideas or inspections apps, which can be deployed in one click and customized easily.”
I’ve got the power
Using the Power Platform, Microsoft wants customers to build Teams apps that are specific to their business. With the new platform, anyone can build apps, workflows and chatbots regardless of their coding experience.
In addition to Power Apps and Power Virtual Agents, Microsoft has also launched Dataverse for Teams, a new relational datastore that will provide the key business data that organizations need to build new low code apps.
Microsoft knows that it has a battle on its hands to come out on top in the video conference space. Although Teams has seen its user figures rise dramatically since the start of the coronavirus pandemic, so too have its rivals. The addition of native low code app development could provide a key differentiating factor.
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.techradar.com
With the COVID-19 pandemic showing no signs of abating, migration to the cloud is expected to accelerate as enterprises choose to let someone else worry about their server gear.
In its global IT outlook for 2021 and beyond, IDC predicts the continued migration of enterprise IT equipment out of on-premises data centers and into data centers operated by cloud service providers (such as AWS and Microsoft) and colocation specialists (such as Equinix and Digital Realty).
The research firm expects that by the end of 2021, 80% of enterprises will put a mechanism in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic. CIOs must accelerate the transition to a cloud-centric IT model to maintain competitive parity and to make the organization more digitally resilient, the firm said.
“The COVID-19 pandemic highlighted that the ability to rapidly adapt and respond to unplanned/foreseen business disruptions will be a clearer determiner of success in our increasingly digitalized economy,” said Rick Villars, IDC group vice president for worldwide research, in a statement. “A large percentage of a future enterprise’s revenue depends upon the responsiveness, scalability, and resiliency of its infrastructure, applications, and data resources.”
In this new normal, the most important thing enterprises can do is seek opportunities to leverage new technologies to take advantage of competitive/industry disruptions and extend capabilities for business acceleration.
Additional IDC predictions include:
In the ever-changing, technology-centric world we live in, it’s vital to have an I.T. solution source you can count on. At Elixis Technology, it is our mission to help businesses — big and small — produce the results their customers demand, with technology that actually works.
.
News Source: https://www.networkworld.com/