Last week, Cisco released a high-importance alert for their customers who use its Adaptive Security Appliance (ASA) software urging them to patch a critical-level bug that could be easily exploited. This vulnerability affects the VPN feature of the software, and exploiting it could allow a hacker to force a reload of the system, or even remotely take control. ?An attacker could exploit this vulnerability by sending a crafted XML packet to a vulnerable interface on an affected system,? Cisco explains in their warning. ?An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, cause a reload of the affected device or stop processing of incoming VPN authentication requests.? If left unpatched, any devices configured with Cisco?s WebVPN software, including security applications and firewalls, could be easily bypassed by a malicious party. Due to the severity of the vulnerability Cisco has given the issue a Common Vulnerability Scoring System a Critical rating of 10 out of 10. The following are the vulnerable products identified by Cisco: 3000 Series Industrial Security Appliance (ISA) ASA 5500 Series Adaptive Security Appliances ASA 5500-X Series Next-Generation Firewalls ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers ASA 1000V Cloud Firewall Adaptive Security Virtual Appliance (ASAv) Firepower 2100 Series Security Appliance Firepower 4110 Security Appliance Firepower 4120 Security Appliance Firepower 4140 Security Appliance Firepower 4150 Security Appliance Firepower 9300 ASA Security Module Firepower Threat Defense Software (FTD) FTD Virtual Cisco notes that only those ASA devices that have the WebVPN feature enabled are vulnerable, but encourage all their users to patch their systems as soon as possible. As of now, Cisco says they are not aware of any attacks that have taken advantage of this vulnerability. Cedric Halbronn from the NCC group explained how he was able to exploit the flaw at last weekend?s Recon Brussels conference. He detailed their use of a fuzzer, a software testing technique that injects random, invalid data into a program to see how it withstands it. The fuzzer allowed Halbronn and his team to discover and exploit the bug. An initial patch was released at the same time as Cisco?s initial announcement of the vulnerability. A second, more complete version was released on February 5th. ?After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available.? To make sure all of your Cisco software are up-to-date, contact the Cisco Technical Assistance Center or call Info Advantage at (585) 254-8710 to talk to a specialist.
You?ve heard it said that it?s a best security practice to routinely change your passwords. The idea here is that, if a password were stolen, then it would lose its value when the user goes to change it. While this sounds like solid logic, new research shows that it may actually be better NOT to change your passwords. This may be a hard pill to swallow for IT administrators who have always required users to change their passwords every few months or so. However, seeing as this practice could make accounts less secure, it?s worth considering. The idea behind this theory is that, whenever a user goes to change their password, they?re often rushed or annoyed and end up creating a new password that?s less secure. The Washington Post puts it like this: ?Forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.? Think about it, how often have you changed your password, only to change it from a complex password to one that?s easier to remember? Or, have you ever kept the same password and just added a number at the end of your new password? This covert move will do little to deter a hacker. Carnegie Mellon University researched this topic and found that users who felt annoyed by having to change their password created new passwords that were 46 percent less secure. Plus, let?s consider the hypothetical situation of a hacker actually stealing your password. Truth be told, once they?ve gotten a hold of your login credentials, they?ll try to exploit the password as soon as they can. If they?re successful, they?ll pose as you and change the account?s password, thus locking you out of it. In an all-too-common situation like this, the fact that you?re scheduled to change your password at the end of the month won?t change anything. Additionally, ZDNet points out yet another way that regularly changing passwords can make matters worse: ?Regularly changed passwords are more likely to be written down or forgotten.? Basically, having a password written down on a scrap piece of paper is a bad security move because it adds another way for the credentials to be lost or stolen. Whether you do or don?t ask employees to change their passwords is your prerogative. However, moving forward it would be in everybody?s best interest to focus on additional ways to secure your network, instead of relying solely on passwords. This can be done by implementing multi-factor authentication, which can include SMS messaging, phone calls, emails, and even biometrics with passwords. With additional security measures like these in place, it won?t matter much if a hacker stole your password because they would need additional forms of identification to make it work. To maximize your company?s network security efforts, contact Info Advantage at (585) 254-8710.
It?s every business owner?s worst nightmare: one mistake, and all of their data is wiped out. This very situation happened recently to a hosting provider, and his story serves as a cautionary tale in regard to data storage best practices. Hosting provider Marco Marsala was brought under fire after he posted on a server forum seeking advice for dealing with a catastrophic error he made while trying to erase a few files. Stating that he had utilized the ?rm -rf? command with undefined variables, he had inadvertently destroyed all data on the computer. What?s worse, his backups were mounted to the computers and were wiped as well. This is actually a similar blunder that Pixar experienced, almost deleting Toy Story 2 prior to its release. As a result, everything Marsala had for his company was destroyed (including the websites he had created and hosted for his 1,535 customers) with no backups surviving to restore from. Needless to say, the responses from other users on the forum were decidedly negative – a few dismissed the possibility of his company surviving the error, and others questioned his abilities as a programmer. One poster recommended Marsala seek legal counsel rather than technical advice, as he predicted that Marsala was ?going out of business.? There was a consensus on the feed that the best chance for any data recovery was to recruit the help of a data recovery firm. Fortunately for Marsala, such a data recovery company was able to recover his files and his biggest hit was financial–both from the recovery company?s fees and from the reduced income due to the loss of business he suffered. By neglecting to follow best practices in regard to backups, Marsala essentially invited this disaster to strike. Following basic best practices would have mitigated much, if not all, of Marsala?s problem. What happened to his data is exactly the reason that all data backups should be kept offline, isolated from the original file on a separate system. Without such measures in place your data is subject to not only human error, as was the case here, but also other dangers. Fire, electrical surges, accidental equipment damage, theft, all of these events have the potential to jeopardize data that?s critical to your business. Are your data backups as secure as they should be? Do you even have a backup and disaster recovery solution put into place? Be certain by calling Info Advantage at (585) 254-8710. Our experts can advise you on what your business needs to survive the worst disasters, and assure that you and your clients? information are prepared for anything.
The pre-installed software that comes with an operation system go by a variety of different names; bloatware, third-party applications, junkware, trialware. Not only can these programs slow down your computer and take up space, but there may be other hidden risks to bloatware. Google?s Project Zero researcher Tavis Ormandy recently found that a common bloatware password management app known as Keeper had came pre-installed with some versions of Windows 10. When it became compromised, Keeper?s browser extension was allowing websites to veiw user login credentials. While this only affected users that activated the plugin during the initial setup process, or manually activated it in their browser, there was plenty of damage that could be done. In response to Ormandy?s report, the Keeper team released a new version that fixes the security vulnerability, therefore addressing the issue once the software is up to date. Although the issue was patched in a week, thousands of these third-party applications are added to laptops every day. This incident again highlights just how cautious individuals and businesses need to be in finding security vulnerabilities when purchasing computer hardware. Why unwanted bloatware needs to go Computer manufacturers make money installing third-party software along with Windows to laptops and PCs. Vendors pay to have their bloatware ? such as trial versions of antivirus programs, video games, and browser toolbars ? installed on new computers in hopes that people will purchase the full programs. In reality, bloatware slows down your computer, takes up disk space, and sometimes puts you at risk. Thankfully, Microsoft has included an easy way to get rid of bloatware in Windows 10. Click the start menu, then the gear icon in the bottom right In the settings window, select Update & Security On the left-hand side, click Recovery Select ?Learn how to start fresh with a clean installation of Windows? and follow the instructions. Bloatware not only clutters your PCs and laptops, but it can leave your business vulnerable to compromise as well. Don?t make this security mistake; learn more about protecting your computers from bloatware, and save yourself from tons of headaches down the line. Call our team of IT experts today!
Social media may be a great way to connect with other professionals and communicate with your friends, but it can be dangerous if you have poor posting habits. Before you share something, think twice about whether it contains any sensitive information that could be risky to yourself and your business. We?ve put together a list of easy ways that you can mitigate the risks associated with oversharing your personal information on the Internet: Mind what you post: You need to understand that there is some information that?s not supposed to be shared on the Internet. A fairly obvious example of this is personal information like Social Security numbers; if someone shared their Social Security number online, and a fraudster got ahold of it, they could easily steal the identity and perform who knows what with it. Other information that shouldn?t be shared includes birthdays, home addresses, phone numbers, and so on. Even something as simple as your dog?s name could be used to crack a potential security question for an online banking account. Basically, you should keep your personal life off the Internet; otherwise, you?re inviting disaster.n Side note: You may trust your privacy settings and your contacts, but you should still be conservative about posting your agenda and your physical address online. Never announce when your home will be empty on social media. Doing so could lead to uninvited guests while you?re vacationing in Tahiti. n Limit your employment details: Sites like LinkedIn can help you work on your professional networking, but they also provide identity thieves with a treasure trove of personal information. Unless you?re actively seeking employment, it?s a good idea to include only information that?s absolutely necessary. It should be just enough to get people to view your profile, and information on how they can get in touch with you. Take advantage of privacy settings to maximize your personal security. Perform an online audit: The Internet is a huge place. Your information could be, quite literally, in a thousand different locations. Friends and contacts of yours could post information about where you are and what you?re doing. Plus, information could exist outside the realm of your social media accounts, lingering in online databases, waiting to be picked up by hackers or other thieves. Perform a social media audit: This is often called a ?friend purge,? where you go through your social media contacts and remove those whom you have fallen out of contact with, or those who you simply don?t know. Ask yourself if you would let your social media contacts into your home, or share intimate details about your life with them. Chances are that the majority of them don?t need access to your full account and information. Social media can be a great way to connect with people, but you need to take your personal security into your own hands. If you don?t, who will? For more information about how to stay safe online, keep tabs on our blog; or, call Info Advantage at (585) 254-8710.