Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

Logo

Blog banner image

Info Advantage Blog

Info Advantage has been serving the Upstate New York area since 1993 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

FBI Director Insists Government Can Access Any Private Record

FBI Director Insists Government Can Access Any Private Record

Does the U.S. Constitution allow the American government to access the electronic devices of its citizens? According to FBI Director James Comey’s statements at Symantec’s Annual Government Symposium, it certainly does.


This situation was birthed from the tussle between Apple and the Federal Bureau of Investigation after Apple refused to grant the FBI the information necessary to unlock an encrypted iPhone linked to a terror case. In the end, the FBI managed to unlock the device without assistance from Apple after threats of lawsuits and other unpleasantries were thrown around.

Reacting to this issue, as well as the trend towards more encryption in mobile devices causing complications during investigations, Comey clarified the bureau's stance on the privacy of the American citizen. Conceding that there is a reasonable expectation of privacy in houses, vehicles, and mobile devices, Comey asserts that there are other considerations to take into account to justify revoking that expectation, going on to say: “With good reason, the people of the United States--through judges and law enforcement--can invade our public spaces."

This statement, however, begs the question: how does a personal device really qualify as a public space? Again, according to Comey, it does in the U.S. “Even our memories are not absolutely private in the United States,” Comey said. “Even our memories are not absolutely private in the United States. Even our communications with our spouses, with our lawyers, with our clergy, with our medical professionals are not absolutely private. A judge in certain circumstances can order all of us to testify about what we saw or remembered or heard. There are really important constraints on that, but the general principle is one we’ve always accepted in the United States, and it’s been at the core of our country. There is no such thing as absolute privacy in America. There is no place outside of judicial authority.”

Comey also made a point of saying that, while the FBI has no business telling American citizens how to live and govern themselves, the tech companies have no business doing so either. This came as a direct response to the open letter many tech company higher-ups signed last April that demanded the US government end the mandates that would require access to encryption keys for the interests of law enforcement and national security.

Naturally, these Silicon Valley leaders don’t agree with Comey, and neither do all of his peers. Nuala O’Connor, who holds the titles of president and CEO of the Center for Democracy & Technology as well as the first Federal Chief Privacy Officer for Homeland Security, had little good to say about the ideas of her respected peer. According to O’Connor, “He could not be more wrong on encryption.”

What are your thoughts on Director Comey’s views? Do you think any government has the inherent right to access a digital device--arguably invading the privacy of the citizen--even if it's ultimately for the greater good? Share your thoughts in the comments, and be sure to keep checking back to Info Advantage’s blog.

0 Comments
Continue reading

Spam Company Accidently Leaks 1.37 Billion Email Addresses

Spam Company Accidently Leaks 1.37 Billion Email Addresses

A company known as River City Media (RCM) has accidently leaked the email addresses of 1.37 billion users due to the failure of setting up a password protection on their remote backup storage. In addition to email addresses, the database also included thousands of real names, IP addresses, and even physical addresses. In all, some 200GB of data had been exposed for several months, leaving it vulnerable to cyberattacks.

The leak was found by Chris Vickery, a security researcher for MacKeeper. In his blog post published on Monday, March 6, Vickery explains that MacKeeper worked closely with CSOOnline and Spamhaus after the discovery of the files in January. Vikery and his team were able to trace the files back to RCM, a notorious spam operation.

RCM masquerades as a legitimate marketing firm while, per their own documentation, being responsible for up to a billion daily email sends,” says Vickery.

Vickery believes the company was able to obtain the almost 1.4 billion email addresses through offers such as credit checks, sweepstakes, and education opportunities. There is also evidence that similar spam companies also contributed to the list. While some percentage of the user may have fallen for RCM’s spam offerings, Vickery also suggests that the company used a variety of more advanced techniques to lure users to give up their email address.

“One is called co-registration,” explains Vickery, “That’s when you click on the “Submit” or “I agree” box next to all the small text on a website. Without knowing it, you have potentially agreed your personal details can be shared with affiliates of the site.

The leak is blamed on a failed remote backup attempt, which left a ‘snapshot’ of the company data from January 2017 exposed to the internet. Anyone who found the data would be able to access internal chatlogs, emails, and the 200GB email collection RCM had acquired. According to Vickery, the failure was due to RCM failing to put a password up on their repository, leaving it poorly secured.

Since the release of the break, Spamhaus has blacklisted the entirety of RCM’s infrastructure. The research team working on the case have also reached out to law enforcement agencies about the data leakage and suspected illegal spamming.

Putting security and proper backup on the back burner can cause serious damage. Don't let your company fall pray to the thousands of threats that lurk just a click away. Contact Info Advantage today at (585)  254-8710 to speak to a technology consultant about your security and backup environment.

0 Comments
Continue reading

Highlights from SonicWall's 2017 Annual Threat Report

Highlights from SonicWall's 2017 Annual Threat Report

SonicWall recently released their 2017 Annual Threat Report, which takes a look into the technology security trends in the upcoming year. In the report, SonicWall carefully observes and analyses the technology threat landscape from the last year and uses it to predict how it will continue to change in the future. Here’s a brief summary of their most important findings for 2017, and what it means for modern business.

Point-Of-Sale Malware Declining

With the integration of chip-based POS systems, hackers are finding it more difficult to steal sensitive information through POS malware attacks. The chip readers allow the transaction to be approved by creating a unique code that cannot be used again, as opposed to the traditional magnetic strip that uses the same code each time it is swiped. Thanks to the integration of the chip-reader, along with stronger legal guidelines, SonicWall observed that the number of new POS malware has decreased by 88 percent since 2015.

Website Encryption on the Rise

As web traffic continues to grow exponentially, users want to ensure that their data is kept safe. Due to this, many websites are opting to use Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption to protect sensitive user data. SSL/TLS encryption is represented by a lock and HTTPS URL, rather than the standard HTTP URL. This ensures the user that their information is safe, and is only being sent to the intended recipient. SonicWall believes the trend towards SSL/TLS encryption is due in part to the growing trend of cloud applications. They expect the trend to continue into 2017, and believe that SSL/TLS traffic will account for 75 percent of online interactions by the year 2019.

 

Ransomware Becoming More Popular

Ransomware was by far the most popular security attack in the previous year, with an increase from 3.8 million attacks in 2015 to 638 million in 2016. According to SonicWall’s Global Response Intelligence Defense (GRID), $209 million in ransom had been paid by affected companies by the end of the first quarter. The growth was most likely driven by the increased access of ransomware as the ransomware-as-a-service (RaaS) industry expanded. This allowed individuals to purchase a ransomware pack without requiring the necessary coding skills needed to launch an attack. The most common attack is known as Locky, and is often attached to emails as disguised as a Microsoft Word invoice. As the RaaS industry continues to grow, SonicWall’s GRID suggests that all organizations backup their data continuously to a backup system that isn’t always online, or uses authentication.

 

Internet of Things Devices Compromised

The recent advances in technology have opened up the world to more and more connections to the Internet from more than just a computer, smartphone or tablet. These days, Internet of Things (IoT) devices can be anything from a camera or smart watch, to a smart car or home security system. Due to the wide-adaptation of IoT devices, many developers have felt the pressure to release their devices as soon as possible, which often means oversight in security. This made it easy for hackers to discover weaknesses in IoT devices, resulting in the launch of largest distributed denial-of-service (DDoS) attacks in history. The attack used thousands of IoT devices with weak passwords to launch an attack on hosting company OVH and DNS service provider Dyn. This resulted in the outages for well-known sites such as Airbnb, Netflix, Reddit, Twitter, and Spotify. To protect your IoT devices, SonicWall suggests that you ensure your devices are protected by next-generation firewalls, which scan for specific IoT malware. They also suggest you separate all IoT devices from the rest of your network, in case it becomes compromised.

 

Android Security Increased, But Still Vulnerable

During 2016, Google worked on new operating systems that would directly combat many of the security vulnerabilities found in Android devices. They added additional security features, including a new approach to permission granting, an increase of security patches, and a full-disk encryption of the device. However, these new strides in security have been met with hacker resistance as they find new ways to combat these security measures. This includes screen overlays, ad-fraud malware HummingBad, self-installing apps, and third-party adult-centric apps. SonicWall suggests that any Andriod device on a company network should keep the “install applications from unknown sources” un-check and make sure both “verify applications” options are checked. It is also advised that users enable the “remote wipe” option in the event that the device is compromised.

The best way to combat an attack is to stop it before it becomes a problem. Contact Info Advantage’s security professionals today at (585) 254-8710 to learn more about proactive ways to ensure the safety of your data. 

0 Comments
Continue reading

Fruitfly: The First Apple Malware of 2017

Fruitfly: The First Apple Malware of 2017

One of the major arguments for die-hard Apple fans is that their devices are nearly invulnerable to the attacks that work their way into other operating systems, such as malware or viruses. While it is true that Apple has a much lower rate of malware infections, this does not make it impenetrable, and hackers are constantly looking for new ways to extort data. One newly discovered malware, known as Fruitfly, takes advantage of an antiquated code that allows it to run undetected on macOS systems.

What is Fruitfly?

Fruitfly is a newly discovered type of malware recently found by the team at Malwarebytes. While relatively harmless, this malware is able to hide inside of OS X without alerting the user of its presence. The malware communicates with two command-and-control servers, which allows it to perform actions such as typing, webcam and screen capture, and even moving and clicking the mouse. It can also map other devices and try to connect with them.

Where did Fruitfly come from?

There is a bit of mystery surrounding the origins of Fruitfly. According to Malwarebytes, Fruitfly may have been hiding in a OS X for several years, as much of its code indicates that it was adapted from OS X to Yosemite, making it at least three years old. However, there are also lines of code that rely on pre-OS X systems, and some open-source ‘libjpeg’ code, which hasn’t been updated since 1998. So far, most of the discovered instances of Fruitfly have been found on machines at biomedical research institutions.

What can I do to protect my device?

Luckily, it seems that most of the Fruitfly attacks are targeted, making them a minor threat to an everyday user. However, Apple has yet to release a patch against Fruitfly, so users should take caution and keep an eye out for any updates they release in the near future. One of the best ways to ensure that your device stays infection-free is through constant monitoring of your network. Keep an eye out for any irregularities, and don’t let anything go unreported.

Worried that your network is in danger of malware infection? Not sure what to look for when monitoring your network? Contact Info Advantage today at (585) 254-8710 to talk to an IT professional about how to keep your devices safe from harmful attacks.

0 Comments
Continue reading

Cloudbleed: The Internet’s Newest Security Bug

Cloudbleed: The Internet’s Newest Security Bug

There are thousands of breaches of information every year, threatening our personal information and sensitive data. On Feb 23rd, news of a brand-new bug known as Cloudbleed dropped. This bug has affected thousands of sites, potentially leaking out the sensitive information of their users, according to a new report by CNET. Here is a quick guide to understanding exactly what Cloudbleed is, and how it may have affected you and your company.

What is Cloudbleed?

Cloudbleed is the name of the newest major security breach bug from an Internet security company known as Cloudflare. The issue arose when users entered their information onto secured “https” sites, such as a login page. Cloudflare’s service is meant to help securely move the information entered into the “https” sites between the user and the servers. Instead of deleting the information after it was used, the Cloudbleed bug caused Cloudflare’s security service to save potentially sensitive data, such as user credentials, photos, video frames, or even server and security information.

Who is affected by Cloudbleed?

There are currently around 3,400 websites believed to have been affected by the Cloudbleed bug, though the actual number could be much higher. The bug is believed to have started back as September, with the height of the problem occurring between February 13th to the 18th. Uber, Fitbit, and OKCupid are the main three that seemed to be directly affected by the bug. According to Cloudflare, the Cloudbleed bug is thought to have leaked information about “one in every 3,3000,000 HTTP requests” made through the service.

What can I Do Now?

As of now, Cloudbleed is no longer an active threat. Cloudflare was able to stop the bug just 44 minutes after it was discovered, and the problem was solved completely in 7 hours. While the impact is minimal and requires no immediate action, there are a few things individual users can do to keep themselves safe from potential data leakage.

It is recommended that you change your password on any account that uses Cloudflare. This includes sites such as OKCupid, Fitbit, and Medium are some of the most popular sites that are known to use Cloudfare’s services. If you are unsure whether or not a site you use was affected, there is now a webpage that tells you whether or not a site is infected

It is also recommended that you use a two-step authentication on any site or service that offers it. This will ensure that no one will be able to access your account, even if they are able to get your user credentials.

-

With thousands of security breaches per year, you can’t afford to wait for security. Contact Info Advantage today at (585) 254-8710 to speak to a technology professional about how to keep your data safe. 

0 Comments
Continue reading

How to Download Everything You’ve Posted to Facebook

How to Download Everything You’ve Posted to Facebook

If you’ve had your Facebook profile since the dawn of the social media age, chances are that it’s accumulated an immense amount of personal information. While you might have felt weird handing over all of this data to Facebook, the company has made it surprisingly easy to take it back; well, as much as you can, at least.


You can download your Facebook data to your device, but your reasoning for doing so could be anything. Maybe you want to have a backup copy of your data stored locally, or perhaps you’re working on a project, like a graduation collage that requires you to pull out every photo under the sun. Of course, the most likely reason that you’d want to do this is if you’re completely fed up with Facebook, and you want to close your account. Unless you download your data, all of your information would be lost, which means countless years of Facebook activity lost to the ages.

Regardless of your reason for downloading your data, Facebook makes it easy. Although, Facebook has no reason to really make downloading your data difficult, considering how they own pretty much anything that you upload anyway, whether you download it back or not. Is it too late to suggest discretion when choosing what you post on Facebook?

Anyway, to get started, log into Facebook and go to Settings. You’ll see Download a copy of your Facebook data right underneath General Account Settings. Click on it, and you’ll see Start My Archive.

This lets you select a place to store your information, like if you try to download something off of the Internet. You’re choosing a folder to download your Facebook data to, so make sure that it’s a secured folder since your Facebook data probably contains at least some sensitive information.

Granted, you might be wondering what kind of information is downloaded to your archive. Facebook explains: “This includes a lot of the same information available to you in your account and activity log, including your Timeline info, posts you have shared, messages, photos and more. Additionally, it includes information that is not available simply by logging into your account, like the ads you have clicked on, data like the IP addresses that are logged when you log into or out of Facebook, and more.”

Depending on how heavily you have used Facebook over the years, you might be looking at a rather large download. However, downloading all of your data in one sitting is probably going to be more valuable and convenient than going through each individual post and manually selecting what you’d like to download.

For more great tips and technology tricks, be sure to subscribe to Info Advantage’s blog.

0 Comments
Continue reading

Defining the Most Common Types of Malware

Defining the Most Common Types of Malware

Malware is a term that stands for ‘malicious software,’ and are created by hackers in order to get access to things they normally should not be able to. There are thousands of different malware programs floating around the internet, waiting for someone to mistakenly download it to wreak havoc on your computers. With so many different types of malware, it can get a little difficult to recognize malicious programs before it’s too late. Here are a few of the most popular types of malware you’ll want to look out for, and how they work to steal your valuable assets.

Adware

Adware, short for advertising-supported software, is a special type of malware that is meant to deliver advertisements where they normally wouldn’t appear. These types of malware are often attached to ‘free’ software or applications, and are most often used as a way to generate revenue.

 

Bot

These programs are created to automatically a specific operation automatically, such as collecting information. Hackers can install bots onto a network or personal device for DDoS attacks, use them as a form of adware, hide them in sites to collect data, or even distribute other types of malware when downloaded.

Spyware

This kind of program is able to track anything a user does on their device, including anything they enter into their computer. This can include things such a passwords, personal information, or even credit card numbers. In addition, many spyware programs have other uses, such as the ability to modify security setting or interrupting internet connections.

 

Ransomware

Ransomware is a type of malware that will lock a user out of their device or network until a transaction is completed. This is done either by encrypting the data stored on the device, or by shutting the system down entirely. Typically, these programs will ask a user to send hundreds of dollars in order to get their data back.

 

Rootkit

A rootkit is designed to remotely access a device or network without being detected by either the user or any security programs. These programs often activate during a time when the device is not being used, making it one of the hardest forms of malware to detect. Once inside, a rootkit can access files, change settings, steal information, or even hide other types of malware.

Trojan

One of the most well-known forms of malware, a Trojan malware disguise itself as a normal, safe file or program to try and trick users into downloading it. Once downloaded, the Trojan gives access to the affected user, allowing them to steal data, monitor activity, or install more malware.

 

Virus

Much like viruses in the human body, a computer virus is able to copy itself to other computers or systems, infecting them as they continue to spread. Typically, viruses attach to a program and will activate when the infected program is launched. However, they can also be spread by documents, script files, or any other file that is shared.

Worm

Worms are similar to a virus in that they can create copies of themselves to spread from device to device, infecting every one as it goes along. The major difference is that while a virus needs to be spread via a human or host program, a worm is able to self-replicate itself and spread on its own.

If you think your computer or network is infected with malware, your data can be at a severe risk. Contact Info Advantage today at (585) 254-8710 to speak to a technology professional about how you can fight back against malicious programs!

0 Comments
Continue reading

3 Social Engineering Scams You’ll Want to Keep an Eye Out For

3 Social Engineering Scams You’ll Want to Keep an Eye Out For

These days there are thousands of different cyber scams looking to steal money or information from unsuspecting internet users. While many of these attacks can be stopped with a strengthened and secure connection, there is another type of attack that relies more on tricking the users, rather than their network or personal device. These are known as social engineers, and they rely on exploiting the human psychology in order to obtain what they want. Here are three types of social engineering scams that you’ll want to be able to recognize.

Phishing

One of the most common types of hacking scams used today, phishing scams try to trick internet users to give up their personal information by posing as a reputable source. These often come up in the form of an email from a site that is easily recognizable, such as Facebook or Amazon. Typically, these emails state that there is a problem with a person’s account, and prompt them to fill out their personal information in order to resolve it. That’s why you should always double check the URL to make sure it is a verified site. Remember, a site will NEVER ask for your log in credentials through an email.

Pretexting

Pretexting is similar to phishing in that the hacker attempts to coerce information from a user by pretending to be someone they’re not. The main difference between the two types of scams is that where a phishing attack is meant to induce fear, a pretexting attack will instead attempt to create a false trust with the user. Hackers achieve this by posing as someone the user would trust, such as a government official or the police. They then ask for their personal information, often citing that they need to verify the user’s identity.

Quid Pro Quo

Hackers will often use what is known as a ‘quid pro quo’ attack where they promise a user some kind of good or service in exchange for their information. This is often presented as some sort of prize for a contest, and promises that you will receive the reward for free, as long as you provide them with a bit of personal information. For example, a hacker could promise free IT assistance to individual users and ask for them to give them their credentials in order to claim the service. They would then be able to steal valuable data or even download harmful malware directly onto their computers.

Even if you’re careful with your network, a professional hacker will stop at nothing to try and find a vulnerability they can exploit. Call Info Advantage at (585) 254-8710 today to learn more ways you can keep hackers at bay.

0 Comments
Continue reading

This Breakthrough By MIT Will Propel Artificial Intelligence to New Heights

This Breakthrough By MIT Will Propel Artificial Intelligence to New Heights

No security solution is perfect. Each one has its own set of pros and cons. For example, relying completely on an automated solution is thorough, but it will flag plenty of threats that aren’t really threats (aka, false positives). Meanwhile, a human overseeing security is great for spotting worrisome trends, but a human can’t possibly catch every single attack. With this dynamic in mind, a team of researchers from MIT has successfully blended the two.


The team, hailing from MIT’s Computer Science and Artificial Intelligence Laboratory, developed a security platform combining the strength of human involvement with the effectiveness of artificial intelligence. Given the name A.I.², this new platform is capable of detecting 85 percent of incoming attacks while reducing reported false positives by 20 percent.

How A.I.² combines AI and human involvement is actually quite genius. To begin, the “untrained” machine reports a sample set of results to a human expert. These results are informed by machine learning and are checked against the 200 most important problems. The human expert then checks over and corrects the machine’s work, with the intention of finding mistakes and false positives. Subsequently, the human-checked results are inputted to A.I.², the machine learns, and the next set of tests will have fewer errors. This process is then repeated with the security platform adapting each time to look for what its human teacher looks for.

In a paper presented at the IEEE International Conference on Big Data Security, research scientist Kalyan Veeramachianeni summarized, "You can think about the system as a virtual analyst. It continuously generates new models that it can refine in as little as a few hours, meaning it can improve its detection rates significantly and rapidly."

Of course, the precedent of effectiveness set here by combining human expertise and oversight with A.I. has far-reaching ramifications for other A.I. initiatives currently in development; initiatives that have both humanity’s best and worst interests in mind. Although, for now, those of us in the IT world are celebrating this A.I.-enabled technology for being one giant leap forward in security analysis accuracy.

It’s important to keep in mind that a platform like A.I.² is still years away from being available to the average business. Therefore, we recommend that you stay on top of your network security by following best practices, which combines automated software solutions and human vigilance in order to combat the latest threats. Info Advantage is standing by to assist you with all of your company’s network security needs. To equip your business with the most comprehensive IT security solutions on the market, call us today at (585) 254-8710.

0 Comments
Continue reading

3 Built-in Windows 10 Security Tools that Keep Hackers at Bay

3 Built-in Windows 10 Security Tools that Keep Hackers at Bay

Windows is perhaps the most widely-used computing tool in the workplace, and as such, it remains a huge target for hackers of all kinds. Criminals are always trying to uncover vulnerabilities in the operating system, but this time around, Microsoft has truly outdone themselves. Windows 10’s built-in security, according to hackers at the Black Hat conference in Las Vegas, allows for the most secure Windows operating system in several years.


It was expressed that, in comparison to its previous incarnations, Windows 10 is much more difficult to break into. That hasn’t stopped some hackers from trying, though. Among the Black Hat hackers at the convention were many who had tried to pinpoint potential outlets for malicious threats, and while they still managed to come up with a couple of solutions, it became clear that Windows 10 is much more challenging for hackers to infiltrate. Below are a few of the proposed attack models, and how Windows 10 challenges them.

Windows 10 Uses Built-In Anti-Malware Tools
Windows 10 uses what’s called the antimalware scan interface (AMSI), which is capable of identifying and capturing malicious scripts in memory. The idea is that applications can access this information, and any antivirus or antimalware program can process it. For example, Windows Defender and AVG use AMSI. The reason that this is such a huge problem for hackers is that many prefer to use script-based attacks. The kicker here is that while AMSI is a valuable tool to detect and prevent attacks, it requires secondary security protocol in order to be most effective. While it’s great for detecting scripts executed in PowerShell, since PowerShell records logs, it still requires someone to regularly monitor the logs in order for it to be most effective.

Active Directory
Active Directory is a crucial part of how Windows administration functions, and it’s useful for both managing workloads in the cloud, and controlling identity and authentication management on in-house networks. Microsoft Azure uses Active Directory, which can provide exceptional security for an Azure-based cloud computing platform. The problem that admins run into in most circumstances is that any user account can access Active Directory, unless the administrator removes those permissions. Therefore, it falls to your IT administrators to ensure that the credentials for your Active Directory authentication are secured, and to control user permissions to mitigate potential access to AD.

Virtualization
Virtualization-based security is a series of security features that are built into the hypervisor of Windows 10. In essence, Hyper-V can create a virtual machine that isn’t connected to the root partition. This virtual machine can then execute security commands as needed. The idea here is that Hyper-V creates a virtual machine that can’t be compromised, even if the root partition has been taken over. It’s a way of minimizing the extent of data breaches, should they happen in the first place. Of course, if the root contains credentials that allow hackers to access the virtual machine, it’s all over. Therefore, administrators need to take measures to ensure that hackers cannot access the VBS machine.

Of course, no matter how secure an OS is, hackers will always find a way to get in. One way or another, criminals who are determined to bypass defenses will create a way to do so. Microsoft patches known vulnerabilities as soon as they’re discovered to be active, so it comes down to outplaying the opponent. Hackers will inevitably find ways to crack Windows 10’s innate security, so it’s your responsibility to complement your OS’s security with your own solutions.

If you need assistance securing your Windows 10 devices, or any other workstations, servers, or network components, reach out to Info Advantage at (585) 254-8710.

0 Comments
Continue reading

Tips for Keeping Your Email Accounts Secure

Tips for Keeping Your Email Accounts Secure

Think about how many emails you write a day, transferring messages back and forth between coworkers, clients, partners, and anyone else you may need to share information with. Now, how many of them can you say for sure were secure and protected from the prying hands of a hacker? Many employees assume that their email is secure, and can become very comfortable with sending potentially sensitive information through their work email app. This misconception of safety can result in data leaks, unauthorized data access, and invasion of you company’s network. Here are a few tips to ensure that any and all emails being sent out are safe from unwanted intruders.

Encryption

One of the major issues with email is how it is delivered to the recipient. Even though the information might be protected by an internal server, once the email leaves that server it may be at risk while traveling the public internet. However, an encrypted email will be protected even after it leaves a secure network. Encryption works by allowing you to create an identity verification between sender and recipient. Those without an approved cipher will be unable to read the email, or know where the information is being sent from. This is one of the best ways to ensure that the only people who can access sensitive information are those who the data is intended for.

Separate Accounts

Typically, people tend to try and stick to one email account when signing up for new things. In many cases, employees may use their work email to sign up for personal accounts on the internet. As a result, their inboxes become flooded with marketing information from various websites and stores. Not only does this mean a likely increase in phishing or scamming attacks, but it also means that an attack on your email may put more than just an employee’s personal data in danger. By separating your email accounts, you will boost your security and be able to manage sensitive data much more carefully.

Stronger Passwords

While this may seem like a given, there are many email accounts that have surprisingly predictable passwords. This includes simple codes ‘123456,’ ‘qwerty,’ or even ‘password.’ Even if your password is a bit more secure, you may be surprised how easy it can be to guess the things you may think no one will know, such as a birthday or maiden name. Instead of making something easy to remember (and easy to guess,) try creating a password with a mixture of upper and lower case, letter, and symbols. Try to avoid using the exact same password for each account just in case. This will ensure your other accounts are safe if one gets hacked.

Watch Out for Email Phishing

Phishing is one of the most common types of scams, and are constantly improving in order to trick email users into giving up their personal information. A phishing scam is where a hacker sends a user an email claiming to be a representative from a well-known organization, such as Facebook or Amazon. Typically, they try to convince the user that there is an issue with the users account, and ask them to provide their login credentials to fix the issue. Remember, no company should ever ask for your password or any personal information, especially not through an unsecure email. Before responding to an email, make sure the sender is legitimate and not asking for anything that might put your information at risk.

 

Worried that your sensitive data might be leaked due to an unsecure network? Call Info Advantage at (585) 254-8710 to speak to a qualified security professional about how you can boost your email security.

0 Comments
Continue reading

Your Employees May Accidently Be Mishandling Your Company Data

Your Employees May Accidently Be Mishandling Your Company Data
While it’s good for a company to have trust in their employees, turning a blind eye to their practices may result in the mishandling of sensitive business data. According to a recent survey by MediaPro, nearly 90% of employees lack the proper security and privacy knowledge needed to successfully manage a business. A majority of employees see themselves as a novice when it comes to security issues, and are unsure of the proper way to identify and dispose of potential threats. What might cause an employee to mishandle a company’s information? Another study by CEB suggests that convenience might be a major cause. Roughly two thirds of the study participants admitted that they regularly send company data to personal email addresses so they may be able to work from home. While an email from work might seem like a secure connection, there are a multitude of different threats that can lurk outside your company’s network. Employee leniency of security issues may stem from a more wide-spread reliance on cloud-based solutions and mobile device use for work. Employees may believe that the software or device they are using is secure, when in reality there are plenty of opportunities to leak data. Something as simple as connecting to a public Wi-Fi on a mobile device could lead to major data loss. There are a few ways companies can help strengthen employee security protocol. Provide your employees with education on digital security and how to keep company data. Frequent surveillance of employee security practices can help find any potential areas of data leakage, and can help a company develop a comprehensive set of security protocols. If you are worried about whether or not your employees are keeping your data safe, contact Info Advantage today at (585) 254-8710 and let us help. Our qualified staff will survey your current security system and make suggestions based on your company’s needs and goals.
0 Comments
Continue reading

4 Tips to Protect Your Company Network From Hackers

4 Tips to Protect Your Company Network From Hackers

As a business owner in the age of technology, the idea of a hacker getting into your company data is a real threat. Hackers covet company information that they can use to extort money or resources out of business owners, or use to damage their business and reputation. With new methods being descovered every day, it can be overwhelming to find a way to combat cybercriminals looking to steal your data. Luckily, there are a few easy things any business owner can do to keep there data safe. Here are five tips you can use to keep your critical data out of a hackers hands.

Security Software

Securty software such as firewalls are your first and best defense against an attack. For smaller companies, software firewalls can help track and manage any threats that might make their way into your company's network. Larger networks can benefit from a widespread hardware firewall that runs with your server. Firewall hardware will add higher security to your network by controlling access to all computers in the network from a specific point. In addition to firewalls, there are a variety of security plug-ins you can run on your company's prefferred internet application. These tools can protect your network from malicious software lurking around the internet.

Frequent Data Backup

Backing up your data frequently is one of the best ways you can reduce the impact of a hacker attack. Businesses big or small should constantly back up their company data, along with the data of their clients, to ensure that nothing is lost should your network fall pray to malicious software. Check that all files saved onto your network are automatically saved to several locations. It is recommended that you keep a backup of your data both on and off-site, as on-site data can still be vulnerable if it is on your network. 

Encrypt Your Confidential Data

Encryption is a way for a user to store their data in an 'scrambled' form that makes it impossible to read by people who don't have access. Examples of encryption can be found on ecommerce sites that use online payment methods in order to prevent the leaking of credit card information. Encryption can be done on individual files, or across an entire drive. While encryption can slow down your data access, it ensures that anyone who managed to get their hands on your sensitive files will be unable to read them. It is recommended that you encrypt your most sensitive data, such as payment methods or client information.

Keep Up With Software Patches

In attempt to keep hackers from exploiting their products, software companies will often release new patches for their products. These patches update the software in order to do away with any vulnerabilities that a hacker could exploit. Anti-virus application developers also work dilligently to update their software any time a new virus is created. Check to make sure that your software is always up to date, and enable automatic updates when available. This will ensure that your data is protected with the latest security.

Even with these simple methods, the threat of data loss at the hands of a hacker is a real one. Info Advantage offers several solutions to ensure that your company and client data is completely secure and ready for a hacker attack. Contact us at (585) 254-8710 to learn more about how Info Advantage can take the burden of cybersecurity off your shoulders.

0 Comments
Continue reading

Safe Online Holiday Shopping Guide from the IT Experts

With the holidays fast approaching, many consumers have been turning to their mobile devices to handle all of their holiday purchases. Online shopping is a quick and easy way to get everything you need for the season, without the hassle of having to go to crowded stores. However, there are more than a few risks involved with making transactions over the world wide web. With so many data breaches in the news this past year, many holiday shoppers are weary of making any online purchases. In order to combat this, we asked IT experts about the best ways to ensure your personal data is kept safe from cybercriminals. Here are a few easy tips to make your holiday shopping a little easier and a whole lot safer.

 

Double Check Links and URLs

Just because a site looks like one that you recognize and trust doesn't mean it's legitimate. Cybercriminals will often purchase domain names that are similar to popular sites such as Ebay or Amazon to try and trick consumers into releasing their information to them instead of the genuine site. Before entering any login or payment information, double check that the website URL is correct. Even one misplaced period can bring you to a malicious site. A good indication that the site is legitimate is to look for the address that starts with HTTPS, as the S stands for a secure connection, meaning your information will be safe. 

 

Avoid Shopping on Public Wifi Networks

While public WiFi might be great for checking the news or your social media sites, it can pose a threat to your data security. Public WiFi can be accessed by any one at any time, making it a prime place for hackers to lurk in search of sensitve data to steal. Many public WiFi spots have minimal security, making it easy for information to be leaked out. Instead of risking your data, save the online shopping for an internet connection that is secure, such as your home network. Double check that your connection is secure at home as well, or you may risk accidently giving out your information.

 

Stick With One Payment Method

While it may be tempting to spread your holiday purchases out amoung several payment methods, each new method gives cybercriminals more access points to your personal data. Using a secure payment system, such as Paypal, can help manage these payment methods through a secure network. These services act as a middle-man between consumers and vendors, making sure that the transaction runs smoothly with a secured connection. If you do not want to use a service such as Paypal, it's advised that you keep all your spending on one card. This will isolate the risk of data loss to one account, making it easy to track. Choose an account with a good fraud system, and be sure to turn on account alerts to spot anything suspicious.

 

Make Sure Your Device is Up-to-Date

Cybercriminals will exploit any chance they get in order to steal your information, including vulnerabilities found in popular software applications. Keeping your computer and mobile device updated will ensure that your information is as secure as possible, as companys will often release what are known as patches. These patches are direct responses to any vulnerabilities or bugs that can be easily exploited by a hacker. Before making an online purchase, check to see that everything on your device has been updated to the latest version. This helps keep you safe from known security issues as they are discovered.

Online store fronts can make holiday shopping easy and quick, but it can also come with it's own issues. If you're worried about the potential leakage of personal or company information during the holidays, Info Advantage can help. Call us today at (585)254-8710 and let Info Advantage help keep your mind at ease this holiday season.

0 Comments
Continue reading

The Threat of Your Car Being Hacked is Becoming Increasingly Relevant

The Threat of Your Car Being Hacked is Becoming Increasingly Relevant

In response to the increasing danger of cyber attacks against computerized cars that are currently in production, Volkswagen has partnered up with three Israeli experts in cybersecurity to form a brand new cybersecurity company dedicated to designing solutions intended to protect such advanced cars and their passengers.


While ownership and investments made by each party have not been made public, the mission of Cymotive--as the new entity is called--is perfectly clear.

As Yuval Duskin, who formerly sat at the helm of the Israeli Security Services and now serves as Cymotive chairman, said: "Together with Volkswagen we are building a top-notch team of cyber security experts. We are aware of the significant technological challenges that will face us in the next years in dealing with the cyber security threats facing the connected car and the development of the autonomous car."

These cyber security threats are far too real. Features like Bluetooth connectivity and computerized dashboards have made modern automobiles tempting targets for tech-savvy criminals. Quite recently researchers discovered that an attacker armed with an inexpensive radio kit could clone their way into any wireless-entry-equipped Volkswagen, potentially opening any of the automobiles equipped with this feature sold since 2000--the number of potential cars at risk reaching into the millions.

Volkswagen, of course, is not the only car maker whose systems are under threat of attack. A few seasoned car hackers recently proved that--by attaching a laptop to the controller area network (or CAN bus) of a Jeep Cherokee--they could take full control of the vehicle’s brakes. Posting proof of their method in a YouTube video, the duo used a local attack but stated that with some more effort, a similar attack could be executed remotely.

However, after submitting their findings to Fiat Chrysler Automobiles (producer of the Jeep brand) the automotive manufacturer waved away the findings, questioning their validity and how appropriate it was for the hacking duo to share “how-to information” that could potentially put public safety in jeopardy. Fiat Chrysler Automobiles also declared that such an attack takes “extensive technical knowledge” and that any security flaws present in the demonstration had since been patched.

However, hackers of a more malicious nature are always seeking out new vulnerabilities that the manufacturers and programmers of whatever system (automotive, computing, or otherwise) may have overlooked. As a result, there is an ongoing (and most likely never ending) race between hackers and developers to come out on top… At least until the next revolutionary technology emerges and starts the race over.

Does the ability of computer hackers to infiltrate your car make you consider downgrading during your next automotive purchase? Let us know in the comments.

0 Comments
Continue reading

Sharing Your Netflix Password Now Makes You a Federal Criminal

Sharing Your Netflix Password Now Makes You a Federal Criminal

Sharing your Netflix password with a friend so they too can enjoy a vast catalogue of movies seems harmless enough. However, due to a recent ruling by judges of the Ninth Circuit of the United States Court of Appeals, this common action is now a federal crime.

0 Comments
Continue reading

4 Important Lessons Learned From Verizon’s Annual Security Report

4 Important Lessons Learned From Verizon’s Annual Security Report

Verizon has taken to publishing a compilation report analyzing data breach statistics with the help of industry partners, a report that is widely regarded as a must-read for the industry. A brief review of the latest edition’s executive summary revealed where information security vulnerabilities lie in industries worldwide and, even more helpfully, what shape those vulnerabilities took. The Data Breach Investigations Report, or DBIR, pulled no punches in outlining what kind of attacks happened in the past year, and how.


The DBIR has its own system of outlining breach types that divide events and incidents into nine categories. Information-based companies appeared predominantly in four of them, with helpful tricks to prevent such breaches from happening again.

Crimeware: Perhaps unsurprisingly, one of the industries crimeware targeted most was the information industry, with the DBIR citing a rise in ransomware (39 percent of all analyzed attacks in 2015 involved ransomware). While the scope the DBIR funnels under the Crimeware title is fairly large (“This covers any use of malware that doesn’t fall into a more specific pattern”), this by no means cheapens the risks - it arguably compounds them, as it only goes to show how many pieces of crimeware exist. To defend against them, the DBIR recommends frequent patches and backups as well as monitoring changes to configurations.

Web App Attacks: Considering that 95 percent of web app attacks were financially motivated in their reports, it’s no surprise that e-commerce platforms were among the most targeted by these intrusions. These attacks are often the result of a successful phishing campaign or the infiltration of a vulnerable site. The other side of web app attacks, content management system breaches, saw plenty of digital graffiti and the repurposing of infiltrated sites as phishing sites. To avoid this kind of breach, the DBIR again recommends timely patches to remove vulnerabilities, as well as utilizing two-factor authentication and input monitoring.

Cyber-espionage: Usually hunting for intellectual property, cyber-espionage attacks prefer sticking to tried-and-true methods of breaching networks, only utilizing more sophisticated methods if the simple ones don’t work. Therefore, at least in this case, basic protections may be enough to divert many of these attacks, and should not be bypassed in favor of more specialized protection. As far as avoiding issues further, keeping patches up-to-date and monitoring changes to configurations will help monumentally, as will isolating compromised devices and separating them from the rest of your network.

Miscellaneous Errors: This category took all of the “Whoops!” issues that lead to compromised security into one bundle to deal with them. While Verizon reports that 40 percent of them were caused by a server issue, many others were triggered by employee mistakes - a full 26 percent included sending a message filled with sensitive data to the wrong recipient. The DBIR suggests strengthened controls on your network as a possible way to keep away from errors, such as data loss prevention software to lock down sensitive info. Additionally, Verizon recommends thorough disposal procedures to any aged-out equipment, as well as to stay focused and learn from the mistakes from your past.

Helpful information, certainly, with all that and more being available for free download at the Verizon Enterprise webpage. But big picture - what takeaway can you not afford to leave on the table? Ultimately, an overwhelming percentage of incidents reported in the DBIR pointed blame, or at least prime responsibility, for many of the errors that led to security breaches to one thing: human error.

Between the willingness to exploit the natural fallacies of human nature by cyber criminals and the human tendency to make mistakes independently, human beings are placed solidly as the weakest link in any cyber security chain. So, if humans are the problem, what is the solution?

In short, vigilance. Strongly enforce best practices regarding security in the workplace, and follow them yourself as an example. Be aware of current trends in cyber security attacks, and prepare yourself and your company accordingly. Identify and install security measures that best fit your needs and abilities.

For help with any of this, be sure to call Info Advantage at (585) 254-8710 first. Our ranks of professionals are here to help you when you need guidance concerning your business’ security solutions. With Info Advantage, you have a much greater chance of being a success than being a statistic.

0 Comments
Continue reading

3 Common Threats You Need to Know About: Malware, Rootkits, and Trojans

3 Common Threats You Need to Know About: Malware, Rootkits, and Trojans

Security is one of the most important parts of running a business, especially today when organizations rely so heavily on their technology solutions. Some of the most dangerous threats lurk on a business’s network, watching and waiting for an opportunity to do some real damage. With the right preventative measures, your business can catch these threats in the act before they can accomplish their goals.


Defining Malware
Malware, or “malicious software,” is a blanket term for malicious code that’s designed to cause trouble for the machine that it infects. Malware can inject code into applications or execute viruses and trojans. One of the most common types of malware is called ransomware (perhaps you’ve heard of it), in which the files on a system are encrypted until a ransom is paid to the developer. Malware can have far-reaching and varied effects, so it’s best to keep such unpredictable threats off of your network in the first place.

Defining Rootkits
Just like malware, a rootkit is designed to install on a system. Unlike some types of malware, however, rootkits are designed to allow a hacker to gain control of the system while remaining undetected themselves. In particular, rootkits are dangerous due to their ability to subvert the software that’s supposed to find them, making it optimal to prevent rootkits from accessing your system in the first place.

Defining Trojans
In computing, a trojan is a malicious entity that allows a hacker access to a system through misleading the user. While the purpose can vary from data destruction to theft, trojans are often used to install backdoors and allow access to a system at a later date for the purpose of surveillance or espionage.

Preventative Security Measures
Just like how there are various types of threats, there are plenty of ways to keep your organization’s network safe from them. Here are just a few.

  • Firewall: Firewalls act as a bouncer for your network, keeping threats from entering or leaving your infrastructure. They work best when combined with other preventative measures, like antivirus, content filters, and spam blockers.
  • Antivirus: Antivirus solutions detect and eliminate threats that have made it past your firewall solution. Prompt detection is important, as viruses or malware that are left unchecked could cause untold troubles for your infrastructure.
  • Spam blocker: Threats often arrive in your email inbox as spam, and the unknowing employee could accidentally click a malicious link or reveal important credentials. A spam blocker eliminates the majority of spam so that it never even hits your inbox.
  • Content filter: A content filter is helpful for keeping your employees from accessing sites known to host malware, as well as inappropriate or time-wasting sites, like social media.

All of the above solutions can be found in what’s called a Unified Threat Management (UTM) solution, which is widely considered to be one of the most comprehensive and useful preventative measures to improve network security. To learn more about UTMs and other topics concerning network security, reach out to us at (585) 254-8710.

0 Comments
Continue reading

New Ransomware Presents Users With 2 Equally-Terrible Options

New Ransomware Presents Users With 2 Equally-Terrible Options

The Petya ransomware, a particularly vicious monster of a threat, has reared its ugly head once again, only this time, it’s not alone. Petya now comes bundled together with Mischa, yet another ransomware that works well alongside Petya. The ransomware is delivered via an inconspicuous email disguised as a job application, with a resume attached. Once the user downloads the file, Petya encrypts the files located on the device.


The original version of Petya had a signature attack that struck the master boot record, restricting access to it until a ransom was paid through a dark web payment portal. Of course, there was no guarantee that paying up would resolve the problem, so it was entirely possible that the ransomware could add insult to injury and not decrypt the files at all. Thankfully, Petya had a weakness, and professionals were able to exploit it and find a fix for the ransomware.

Not this time, though. Petya comes with Mischa, which is a more traditional ransomware that can be just as dangerous as its counterpart. Mischa blocks access to files until the user pays a ransom. The ransomware will then link to a Tor payment site that allows the user to pay up and decrypt their files. Mischa encrypts executable files, while leaving the Windows and browser folders untouched, which provides access to files containing payment instructions for the user.

Now, here’s the problem with this development. Petya could be prevented by refusing administrator access upon downloading the installer. Now, selecting “yes” will download Petya, while selecting “no” will install Mischa. Either way, you get a slap in the face.

Mischa’s payment site works in largely the same way as Petya’s. Once you input the authorization code provided by the ransomware, you need to purchase enough Bitcoins to pay for the ransom. The current exchange rate is approximately $875 per Bitcoin, so you might be shelling out some heavy-duty cash for this. Once the user has purchased enough Bitcoins, the malware will then provide the Bitcoin address where it must be sent.

Though researchers managed to find a way around Petya, no such workaround has been found for Mischa. This is a recurring theme for ransomware, which is often so difficult to remove, that it forces large enterprises to either restore a backup of their data, or pay the ransom, rather than lose access to their files completely. As with all cases of malware, we urge you to do your research, and contact Info Advantage at (585) 254-8710 before caving into hackers’ demands.

As with all threats that work, Petya and Mischa have plenty of copycats out there that attempt to replicate their success. Malwarebytes has identified another two-in-one ransomware called Satana that functions in a similar way, locking the master boot record and the complete file record. In comparison to Petya and Mischa, however, Satana will run both types of ransomware, rather than just install one or the other.

Malwarebytes reports that Satana is still in development and has flaws that can be exploited, but the thought of malware continuing to develop in this sense is a bit unnerving, especially for business owners that may not devote enough time and resources to security solutions. If your business is unsure of whether you can handle a ransomware infection, reach out to us at (585) 254-8710.

0 Comments
Continue reading

Alert: New Malware Infects Millions of Mobile Devices

Alert: New Malware Infects Millions of Mobile Devices

While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malware on a device, and can be found on over a million phones worldwide.


About Hummer
The Hummer malware family has increased over the past year. At its peak activity, Hummer infected nearly 1.4 million devices every day. It’s thought that Hummer originated in China, and it has been known to infect over 63,000 devices daily in China alone. Granted, the spread of infections has dramatically decreased, but this hasn’t stopped Hummer from infecting about 1,190,000 devices.

As reported by TechRepublic, here are the top five countries and the number of devices that are infected by the Hummer malware:

  • India: 154,248
  • Indonesia: 92,889
  • Turkey: 63,906
  • China: 63,285
  • Mexico: 59,192

What It Does
Hummer roots devices that it infects, which can unlock the operating system and allow for administrator privileges. Once it has infiltrated the device and unlocked it, Hummer will install malware, unwanted applications, games, pornographic applications, and other malicious and annoying programs. Since Hummer roots the device, your traditional antivirus and anti-malware programs aren’t going to be enough to get rid of it.

Yet, perhaps the most dangerous part of this malware is that you can’t uninstall the unwanted apps. Well… you can, but the trojan will just reinstall the apps, which is both frustrating and a terrible use of your mobile data. Cheetah Mobile ran a test on the Hummer trojan and came to some shocking results: "In several hours, the trojan accessed the network over 10,000 times and downloaded over 200 APKs, consuming 2 GB of network traffic." It’s clear that you don’t want this malware installed on your device, as it could jack up your phone bill and become an immense annoyance.

How to Fix It
To make matters worse, wiping your device won’t even be enough to get rid of the trojan. Cheetah Mobile claims that the factory reset won’t remove it. Users could also flash their device, but this can get complicated, and we don’t recommend doing so if you have no clue what you’re doing.

Hummer isn’t the first mobile malware, and it certainly won’t be the last. Users of smartphones have to be just as cautious and vigilant as desktop users. To learn more about mobile malware and other threats, reach out to us at (585) 254-8710.

0 Comments
Continue reading