Peritech's-Blog

URGENT ALERT: INCREASING CRYPTOLOCKER TRAFFIC

Website Admin - Wednesday, June 18, 2014

URGENT ALERT: INCREASING CRYPTOLOCKER TRAFFIC

by: Ashley Dowdy


The Cryptolocker malware, also known as Ransom malware, is an especially destructive virus that encrypts all of your data.  For those that don’t know anything about it, it is malicious software that is usually passed around through infected email attachments, such as voicemail messages or faxes.  Once you download and open the infected attachment, it goes through your computer and encrypts ALL of your files.  Once the malware finishes, you will get a message on your computer informing you that your files have been encrypted.  Cyber criminals then force you to pay to get the data back, with no assurance they will actually follow through if you do. 

The Cryptolocker malware has been out for some time now, but emails infected with it seem to have increased lately.  This is just one important reason why you back up your files frequently and make sure if you data does become encrypted, that you do not overwrite your backup.  Since the spammers are constantly changing their messages, make sure you do not open unsolicited emails and download files without confirming their sources.  Keeping your anti-virus programs and anti-malware programs updated are other ways to protect yourself.

Microsoft Says That Windows 8.1 Will Not Be Supported

Website Admin - Friday, May 16, 2014

Will your Windows 8.1 be supported?  Will you be able to get the most current security patches, bug fixes, and new features?  Windows Vista, Windows 7, and Windows 8 are all supported and will continue to be supported.  However if you are not running the most current version of Windows 8.1, then your Windows will no longer be supported as of June 10th for personal users and August 12th for business users .

That sounds scarier than it is.  Microsoft released an update in April for Windows 8.1.  This update is going to be their base line for future updates.  If your Windows Updates are set to run and apply automatically, then you are in good shape.  If you prefer to manually run Windows Updates, then you may not be in good shape. 

If you are sitting there and wondering to yourself, am I up to date?  Simply go to the Start screen and look for the search button (the magnifying glass) in the top right corner.  If it is there, then you are running the current version and are ok.  If the search button isn’t there, then you will need to go to Windows Updates and run the update.  The specific update that you need is labeled KB 2919355.  Once that update is run and install, then your Windows 8.1 will be current and will stay support come June 10.

Dangerous Internet Explorer Vulnerability

Website Admin - Wednesday, April 30, 2014

     A new security vulnerability in Internet Explorer has been discovered.  It affects Internet Explorer versions 6 through 11.  It could lead to the complete compromise of an affected system. 

     The vulnerability, called CVE-2014-1776, has the ability to give hackers the same rights on the computer as the current user when the computer is infected.  So if the current user at the time of infection is an administrator, then the hacker will be also have the rights as an administrator on the infected computer.  At that point, the hacker will be able to install more malicious software on the computer.  They would also be able to add user accounts, remove user accounts, add unwanted files, change the contents of files, and even delete files from the infected computer.  Any computer that is still running Windows XP is especially vulnerable to this attack.  Support for Windows XP was discontinued by Microsoft earlier this month, so any fixes for this vulnerability will not include Windows XP. 

     The Department of Homeland Security is recommending that everyone should “consider employing an alternative Web browser until an official update is available.”  The United States Computer Emergency Readiness Team (US-CERT), a part of the Department of Homeland Security, is recommending that all users enable Microsoft EMET (Enhanced Mitigation Experience Toolkit).  It is a utility that helps prevent vulnerabilities from being successfully exploited.  It supports every Microsoft operating system from Windows 7 and up.  You can download it here.



Heartbleed Bug Breaks Worldwide Internet Security

Kevin Dowdy - Tuesday, April 15, 2014
A new bug puts trust on the Internet at risk on a significant scale. The bug, dubbed ‘Heartbleed’, is based on a fault in functionality in the widely used OpenSSL library. This library is extremely widely used from security vendors products to secure web browsing and even mobile banking applications. So what exactly does this bug do and why should you care?

When the bug is exploited, the attacker can retrieve memory (up to 64kb) from the remote system. This memory may contain usernames, passwords, keys, or other useful information that enables bigger attacks. There are all kinds of variations that might be possible based on the ability to read this memory. 64kb may not seem like a great deal of data, but of course the attacker can connect repeatedly and progressively collect more information. This is a serious problem. It is very difficult, if not impossible, to retrospectively identify if someone attacked your systems so it is better to play it safe. You should assume that your system has been compromised, and re-set your credentials as soon as possible. There are some services which allow you to check if a service is patched but in some cases, such as with mobile app implementations, it is not simple.

What should you do to protect your services?
1.  Check whether your website, apps, or any other product uses Open SSL and whether they are vulnerable to the attack.
2.  There is a neat site at http://filippo.io/Heartbleed/ where you can quickly run the check. Regenerate any private keys that your site uses once you have patched.
3.  Update Open SSL to the latest version, which fixes the defect. This is not an automatic process in many cases.
4.  Check the state of the your SSL configuration for your website and mail services.
5.  Call perITech Solutions to assist 502-882-5555 (local) or 855-202-8012 (toll free)


Think Your Idea Is Not Good Enough For Application Development?

LeighAnne Turner - Friday, February 07, 2014

Your Idea Not Good Enough For Application Development? by Khris Morrison


Got a great idea on a new business or product? Have you ever thought it would be nice if there was software to help you in the endless cycle of paperwork?  Or, have you said to yourself, "My staff would get more done if they did not have to track everything in Excel!"  You might even find yourself wishing for an app that gives real time updates on sales figures.  You are not alone.  In today's world of software development, those ideas and dreams can come true.

It's amazing how many times I hear about clients that actually use Microsoft Excel to maintain inventory, customer phone numbers and addresses for mailings, or to perform simple everyday tasks such as creating an invoice.  These clients may spend hours or even days performing these tasks that, with the right application, would take minutes.  These same clients are often reluctant to meet with a software developer because they think it would be too expensive to make their ideas a reality.

Carlos Santana once said, "Everything starts with an idea, with imagination."  Imagination and vision are vital to the success of a business if we don't let our minds get in the way.  A lot of people have great ideas but lack effort in making them reality.  Most of us have heard the story of Steve Jobs, who started out in his garage only to become the visonary and CEO behind Apple, Inc. And what about Michael Dell building PC's in his dorm room only to go on and build a multi billion-dollar company we know today as "Dell Computers"?  These men are no different than you and I but are set apart by the effort they put behind positioning their idea with the right resources to make it happen.

Cost should not be the only deciding factor in your pursuit of a great idea.  It's important to find a great company with honest and hard-working software engineers willing to take the time to listen to your ideas, understand your needs, be mindful of a budget, and capable of putting the right people in place.  You, as the client, should feel like no question is a bad one to ask.  It's about creating a partnership where the client, project manager and/or software engineer work toward a common goal together.  I've had the pleasure of working with clients who took a simple idea and grew it into something effective and they were proud of. This is the desired outcome and will be the end result  when a company uses best practice solutions and maintains integrity for their clients.

To find a company that you can trust, you need to ask yourself some very important questions.  "Does this company have experience in the field that I'm in? or "what is their customer base" or "What kind of reputation do they  have?"  It it's a mobile solution, you should ask yourself if your idea needs to run on mobile devices such as Apple's iPad and iPhone, Microsoft's Surface tablets or any other tablet running Windows 8?  Many software development companies are keen on developing mobile responsive applications (also known as mobile web applications) that can run on most devices. However, if you are considering a native application, which is built to only run on a specific mobile device, the software development company should be capable of developing that as well. For a successful outcome, it's about understanding the end result and working with the best team possible.

Next time, I will share my thoughts and go into detail about creating a mobile application and provide the pros and cons on building a Mobile Web app versus a Native app.  Stay Tuned!

How To Solve Big Problems with a Disaster Recovery Plan

LeighAnne Turner - Friday, January 24, 2014

How To Solve Big Problems with a Disaster Recovery Plan by Randy Jackson



I have consulted with many companies that thought that putting together a Disaster Recovery Plan (DRP) meant just backing up their data on some type of media. NOT TRUE!!! There are many different facets that make up a true disaster plan. Being knowledgeable of what goes into a DRP is extremely important. I hope to eventually provide a more comprehensive overview of all the various elements that contribute to a solid DRP but for now, let’s start with some of the more common ones.

 

Data retention is probably the most obvious and common that people start with. I suggest two types of data retention that need to be done. Onsite backup and offsite backup. Whether its tape media or USB hard drives, you should back up your data onsite for the fastest recovery of your data. You should also sign up for some type of online internet backup system for offsite recovery. Buildings can burn down, or tornadoes/hurricanes can wipe a building out in seconds. If that happens, your tape backup is gone along with your building. There are manufacturers that can provide you with a system that will back up your data onsite and push that data to their secure site. These devices are more expensive but are great for easy administrative use.

 

There are other things you should do to create a true DRP. You should have a team that is responsible for all of your records, numbers, addresses, etc. as well as, keeping them up to date. You should have a backup plan in place and in some type of manual format. You will need a phone tree and know of where and how your employees should meet should a true catastrophic disaster happen to your building. You should have Disaster Plan Insurance from your insurance company to help cover the cost to get a new/temporary site setup. You should also keep cash in a safe because if there was a wide area type of disaster, banks could potentially be down as well. Cash is king.

 

You should begin putting some thought into backup plans for things as simple as your phone circuits, internet, electric, and so on. The planning involved in a good DRP is just as important as the plan itself. Feel free to ask questions on other types of solutions I have provided for other companies. Not every company is the same, so not every DRP will be the same. 


How strong is YOUR Google-Fu?

LeighAnne Turner - Monday, January 13, 2014

How strong is your Google-Fu? By Noah Best



If you have a computer and you use the internet, you’ve more than likely used Google at some point. But did you know you likely aren’t using it as efficiently as you could be? A recent study on student research skills found that 75% of students couldn’t perform a ‘well-executed search’ on Google.

This Mashable article written by Josh Catone contains an infogram titled "Get More Out of Google" that offers you some neat tips on how to use Google more effectively as a precision search engine.  



How SMART are the goals you set?

LeighAnne Turner - Tuesday, January 07, 2014

How SMART are the goals you set?  By Pam Boyle


I have always found it interesting that a few of my friends, family and colleagues are very reluctant to set goals when it has been such a powerful tool in my life.  I found it so interesting that I decided to research it years ago and it began to really make sense.  I read an article about how many people interpret “goals” and a “wish list”.  A wish is often associated with something that requires a miraculous and divine intervention, genie in a bottle (or something to that affect) to become a reality.  The difference is control to make it happen versus waiting for it to happen to you.  Wishes, dreams and heartfelt desires can become a reality when turned into SMART goals.  Goals need to be SMART to be translated into realty…..

 

It may take longer to achieve than a miracle but when you achieve it ……..it is so much sweeter because you know that you can pick the next goal and achieve it again!  

Lessons From Southwest Airlines

LeighAnne Turner - Tuesday, December 24, 2013

Book Review  By LeighAnne Turner



I just finished reading a fantastic book that everyone in a position of leadership should consider investing time to read.  “Lessons In Loyalty: How Southwest Airlines Does It-An Insider’s View is written by former Southwest Airlines employee, Lorraine Grubbs-West. Southwest Airlines is considered one of the top 5 best companies to work for with an employee turnover rate of less than 10%! Through her years working in the Marketing department, Lorraine has gained an understanding of the inner methodology of Southwest Airlines and their success over the past 30 years.
 

What can you learn from a company that has been recognized for such excellent and consistent customer service?  It all starts with the inside of your organization and spreads outward to the public.  Employees want to learn and grow in their roles and not stagnate.  It is the responsibility of those in management and leadership roles to facilitate that growth. The result is a corporate ethos, like that of Southwest Airlines, that creates a culture of trust and cooperation. It is that cooperation and trust that manifests an attitude of hard work, effort and teamwork within the entire organization. The book is broken down into 9 Loyalty Lessons that are essential to a cohesive atmosphere.



  • Hire Attitude-Train Skills - The principle of hiring nice because you can’t train nice. This means choosing employees who can get along with others, who are respectful, want to be at their job and make efforts to innovate. These people should have values that match the organization.

 

  • Immerse everyone in the Culture Immediately - Establish an environment that enables employees to identify with the organization and makes them feel valued.

 

  • Keep ‘Em Learning- There should be professional development opportunities for all employees that has an emphasis on providing training opportunities that promotes the expertise and experience of the leaders.

 

  • People Give as Good as They Get - Cultivating an insight into the importance of finding value while recognizing and appreciating employees in a systemic manner.

 

  • Find the Kid in Everyone - Empowering employees to have fun while communicating with customers.

 

  • Do More with Less - Invest in keeping employees busy. Why? Because being busy contributes to people feeling needed and valued within the organization.

 

  • Luv ‘Em in the Tough Times – Take care of employees when they are personally going through difficult times.. We ALL hit those times where life just seems to beat you down. Build them up rather than tear them down.

 

  • Do What’s Right - Do the right thing even when it is not by the book.

 

  • Nurture the Corporate Family - Develop a sense of family and realize that people are a part of something much larger than themselves. This results in a team that will continually work together towards a focused goal.    



  • This was an excellent book written with a creative and unique perspective from someone who knows firsthand the inner workings of that organization. The 9 insights that are highlighted can be practical lessons for promoting a culture that encourages productivity, hard work and overall success.


Tis' The Season For Online Shopping

LeighAnne Turner - Wednesday, December 11, 2013

Online Shopping Safety   By Ashley Dowdy


With all of the hustle and bustle of the holidays, I am sure that most of us do some, if not all, of our shopping online.  While there are many benefits in doing so, we need to make sure we take proper safety measures so that important details such as our name,address and credit card information are not stolen.  By following these simple steps, you can protect your identity and your wallet.


Online Shopping Safety Tips