Windows Server 2008 – End of Life

by
Good Morning,

Please note that Windows Server 2008 is nearing its End Of Service Life! Customers still running Windows Server 2008 after end of support will face a number of challenges: increased threat of cybercrime, loss of support for popular applications, rising costs and limited options for Cloud computing.

What does End of Life mean?

Almost all Microsoft products have a support lifecycle during which Microsoft provides new features, bug fixes, security fixes, and so on. The end of this lifecycle is known as the product’s End of Life. When Windows Server 20018 reaches its End of Life before the end of this year, Microsoft will no longer provide:

1. Technical support for issues
2. Bug fixes for issues that are discovered
3. Security fixes for vulnerabilities that are discovered

Advisory: Windows Server 2008 will reach End of Service Life (EoSL) officially ends on January 14th 2020. However we recommend transition to Windows Server 2016 or Windows Server 2019 to ensure ongoing support and avoid disruption to your business prior to thisdate. 

We strongly encourage that you upgrade as soon as possibleto avoid any down time. Please contact us to assist with your transition.  Our support team will be glad to help out!

Bad Rabbit – New Ransomware Virus

by
Organizations in Russia, Ukraine and a few hours later also the U.S. are under siege from Bad Rabbit, a new strain of ransomware with similarities to NotPetya.
The outbreak started Tuesday and froze computer systems in several European countries, and began spreading to the U.S., the latest in a series of attacks.
Department of Homeland Security’s Computer Emergency Readiness Team issued an alert saying it had received “multiple reports” of infections.

Russia’s Interfax news agency reported on Twitter that the outbreak shut down some of its servers, forcing Interfax to rely on its Facebook account to deliver news.

Bad Rabbit Starts With Social Engineering

The outbreak appears to have started via files on hacked Russian media websites, using the popular social engineering trick of pretending to be an Adobe Flash installer. The ransomware demands a payment of 0.05 bitcoin, or about $275, from its victim, though it isn’t clear whether paying the ransom unlocks a computer’s files. You have just 40 hours to pay.

Bad Rabbit shares some of the same code as the Petya virus that caused major disruptions to global corporations in June this year, said Liam O’Murchu, a researcher with the antivirus vendor Symantec Corp.
Based on analysis by ESET, Emsisoft, and Fox-IT, Bad Rabbit uses Mimikatz to extract credentials from the local computer’s memory, and along with a list of hard-coded credentials, it tries to access servers and workstations on the same network via SMB and WebDAV.

The hardcoded creds are hidden inside the code and include predictable usernames such asrootguest and administrator, and passwords straight out of a worst passwords list. (Note To Self: all user passwords need to be strong, step all employees through a strong password training module ASAP.)

As for Bad Rabbit, the ransomware is a so-called disk coder, similar to Petya and NotPetya. Bad Rabbit first encrypts files on the user’s computer and then replaces the MBR (Master Boot Record).

Ouch, that basically bricks the workstation. 

Courtesy of KnowB4

Contact us today to review your passwords and to ensure your systems are secure.

Equifax Hack

by

Equifax, the credit reporting giant, announced Thursday that they were hacked sometime between mid-May and July of this year. The breach exposed the information of an ‘unknown’ number of people living in Canada and the UK. They have yet to reveal how many Canadians had their personal information hacked over the Spring and Summer.
Hackers were able to get names, SIN’s, birth dates, addresses, credit card information and some driver license numbers. That is enough information to fill out a mortgage application or get a credit card for example.
Equifax said it will send direct mail notices to consumers that were impacted. They have also established a website where people can check if their personal information was stolen.
If you find your information has been compromised, there are a few things you can do to protect yourself from identity theft;

  • Monitor your Equifax score
  • Watch your credit inquiry (anytime a potential lender checks your credit i.e. credit card company)
  • Freeze your credit reports (this restricts access to your credit report)
  • If your SIN was stolen, file a police report
  • Check your credit card statements
  • Alerts banks and strengthen your passwords

Although they haven’t released the number of Canadians affected, they did state that nearly 143 million people were affected in the US.

Here is a fresh-from-the-press Current Events template to safeguard against inevitable Equifax-themed phishing campaigns by the bad guys: (courtesy of KnowBe4)

WannaCry Ransomware – How to protect yourself

by
Specifically, on May 12, 2017 a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware began spreading widely impacting a large number of organizations, particularly in Europe.

You should be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on Web links.

If you have seen nonstandard activity and believe you may be at risk, please contact us.

In light of these recent attacks, we now recommend a policy to install all critical and security updates automatically on all stations and that we create a policy on your servers to enforce that immediately.  We’re also recommending that we remove administrator rights on all stations going forward so as to introduce one more hurdle so that spyware and malware cannot run on their computers.

In the meantime, a few things you can do to mitigate your exposure and risk:

  • Make sure your operating system’s security patches are current. If you are on Windows 10 these security patches by default are downloaded and installed automatically. If you are on an older version of Windows you may have reset the defaults to less than fully automatic.
  • Make sure you have a current antivirus / internet security / total security package that is working. That means it is getting the security signatures from the software supplier whether it is Microsoft, Kaspersky, Norton/Symantec, AVG, Panda, TrendMicro, Eset, CheckPoint, Avira (to name a few) or any other package you have installed.
  • Do backups of your data / Do backups of your data / Do backups of your data……we cannot repeat this enough. There are both free and paid for backup software. Use whatever you prefer. But do regular backups.  An integratal part of the backup process is testing your backup. The backup is useless if you have done a weekly backup for years and then the one time you need it, it doesn’t work.
  • Make a system image every few months. A system image is a snapshot of absolutely everything on your hard drive at a moment in time.  Backups are of data only. Images include the operating system, all your software and all your data. In the event if a critical failure the normal restore procedure would be to restore the latest image which might be a month or more old and then restore the data from the last backup. This procedure keeps the losses to a minimum.
Don’t wait for a disaster. Put the steps in place now to protect yourself. For a business that means minimizing business interruptions. For home users it means not losing precious photos that you have had for many years. Be prepared.
We can assist you in setting up your security software, configuring backups and creating a system image.

www.infotechmontreal.com

GET IN TOUCH

514-634-4636

INFO@INFOTECHMONTREAL.COM

Info-Tech Montreal
3767 Boulevard Thimens #270,
Saint-Laurent, Québec
H4R 1W4

PROUD MEMBER OF

 

IT SERVICES

IT CONSULTING
MANAGED IT SERVICES
SERVER MANAGEMENT
CLOUD SOLUTIONS

IT SECURITY

CYBERSECURITY
REMOTE MONITORING & MANAGEMENT
BUSINESS CONTINUITY & DISASTER RECOVERY

ADDITIONAL INFO

ABOUT US
CONTACT US
IT ASSESSMENT
SECURITY AUDIT
RESOURCES
BLOG
RECEIVE OUR WEEKLY TECH TIPS

Call Now Button