fbpx
Open post

Cisco has a severe VPN bug, Patch immediately!

This just in, Cisco, the “worldwide leader in IT and networking”  has a severe but, that has been rated a “10 out of 10” by a security researcher.

The bug has to do with Cisco’s ASA software (Adaptive security Appliance). This bug is identified as a severe double-free vulnerability that is located in the Secure Sockets Layer VPN.  The danger in this vulnerability of the VPN service, is that an unauthenticated person may gain access via remote, and gain the ability to reload an affected system, or remotely execute code.

Furthering the potential danger, if an unauthenticated person were to use a specially crafted XML packet, they could gain complete control of the affected system. This information is all from Cisco’s advisory which is now lighting up the net.

As for the rating that is applied with this bug, which is identified as “CVE-2018-010”, there is a scoring system that indicates the vulnerability level of such bugs, and it was indicated that this specific bug rates a full 10 out of 10 on the scoring system.

Cisco want’s to stress that the bug is only exploitable if the ASA devices have the webvpn  feature enabled. Users may check this setting and ensure it is disabled by following the command-line interface instructions that is being provided by Cisco. Those commands can be found here.

The following is a list of known vulnerable technology:

  • 3000 Series industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches
  • Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • ASA Virtual appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Securtity Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

The bug is also known to apply to Cisco’s first remote access supported VPN, FTD 6.22 which was released last September. Versions before FTD 6.22 are not vulnerable.

You can check which versions you have through the instructions provided by Cisco here.

As of right now there are no known attacks involving this vulnerability, however Cisco is expecting reports of abusing this vulnerability.

Go check your systems and patch what you can. Stay vigilant in your defenses and don’t open any phishing emails!

 

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

Open post

The state of our technology

As time goes by so too does the improvements in technology. I’m certain most of you have heard or noticed that technology skyrocketed upward through our lives. The technological advancements made in the past ten years alone have been profound, grand achievements that show a promising, yet possible terrifying future for the world.

We often see technology news and technology articles that tend to be counter parts. News headlines like “Technology will surpass the human race” and Technology will save the human race” are both in abundance.  These titles stem from the varying paths that are making headway in this technological boom.

On one hand we have advancements like robotics technology which could completely replace the need for human manufacturing jobs. This is both a blessing and a curse, for workers aren’t working in jobs that are hazardous to their health, however they won’t be working anymore at all. There are a wide range of people who have only known the work grind in manufacturing jobs, and without them, those people are basically starting from the beginning.

On the other hand we have technology that is integrating Eco friendly methods and sometimes completely self sustaining methods to technology. Most noticeably technology that involves the production of power. Many a places across the globe have turned off their nuclear plants or coal plants and switched to forms of power that do not have ill affects towards the earth and it’s inhabitants.

There are many many many more examples for both sides and will continue to be until the end of mankind. This is why there is such a stark difference between the idea of technology and it’s evolution. People have very little basis of security in relation to technology, we just can’t keep up. For example, society has only recently in the last couple years accepted the idea of video games as a normal part of entertainment. Scientific studies on their affects on people in both long term and short term only recently been making headway, but now virtual reality gear has broke into society and new branches of study groups are being formed to take a look at the psychological affects that are present when using such technology. Video games are the least prominent example where technology is eclipsing the speed at which humans can keep up.

In our recent article we covered some development of a program created to prevent and locate hackers before harm can be accomplished in a network. There are so many technological advancements being made each day, the standards are rising more and more and becoming more and more complex in some areas and more accessible in others.

The best thing we can do is pay attention to these developments and understand how each of these break through’s will affect our daily lives. Technology is a beautifully scary area, but ultimately we will decide what becomes the prominent path it takes.

 

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

Open post

Hackers, and their modern day affect

The government has always had a side of it that is less than reputable, usually when it involves the interference of other countries and governments under the guise of “for our own good”. However as of late, it seems the government isn’t what we need to worry about when it comes to interference in others’ business. Hackers are taking the lead when it comes to invading others business, via the internet and the tools associated with that technology.

Hackers have been making headlines almost everyday this year thus far for their interference in things from hospital functioning to government elections. Hackers are becoming a force of their own, almost like a rampaging, no law country, doing what they feel like, when they feel like it. At times, hackers can be great vigilantes that help shine the spotlight that is the worlds population onto topics that have been hiding in the dark, forcing a necessary change. However as of late, it seems countries have begun recruiting this form of technological tool and using it as another means of persuasion and confusion.

Hackers are now being used by governments and country leaders to disrupt events like the Winter Olympics, and elections. A recent example is the hacking of a former sheriff’s Twitter account, to cause havoc and persuade people to see the former sheriff in a different, not so great light.

Former sheriff  David Clarke, a known right-wing, has become the target of Turkish hackers, attempting to smear Clarke’s name for decisions he has backed. Clarke is a known supporter of Donald Drumpf. It seems the hackers, known as “Ayyildiz Tim” which translates to “Star and Crescent team”, an obvious connection to the Turkish flag, use the hacked accounts they get, to send direct messages to Drumpf, which seem to hold Islamic sentiments and support for the Turkish president Erdogan. This comes as a surprise seeing as Drumpf has recently declared that Jerusalem is the capital of Israel, a large disrespect to those of the Islamic faith.

This very instance of hackers using technology to influence or bend people to their will or persuasion is truly a terrifying idea, but makes you question in what way this differs from the governments past actions.

No matter your view on the issue, what im sure everyone can agree on, is the displeasing realization that your account on any site or program has been altered and is being used by an outside party! Ensure your online security is strong and secure! Give Re2tech a call and let us help you learn about your network and the possible vulnerabilities that are present! Don’t wait until your hit by hackers and ransomware and make the next hacking news article!

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

 

 

Open post

Googles discovered CPU vulnerabilities, and how it can affect you

Google is a forerunner in the online world for many aspects, but one of the main focuses of Google is security. Google has a “Project Zero” team dedicated to researching vulnerabilities their customers may be facing while also doing their best to provide solutions to the problems.

Last year the Project Zero team had come across a security flaw due to something called “speculative execution”, which is described as a technique used by most modern processors (CPUs) to optimize performance.

This security flaw is seen as a more serious flaw, due to it’s capabilities for leaking vulnerable information to an unknown party. Malicious persons may take advantage of the said vulnerability in the speculative execution process to read system memory that should otherwise be inaccessible. This may lead to the exposure of information such as passwords, encryption keys, or even sensitive information that is present in open applications. It was also noted that a virtual machine attacked through the vulnerabilities of speculative execution could also lead to access of physical memory in the host machine, further enhancing the dangers.

The affected CPUs are rather wide, but include AMD, ARM and Intel, as well as devices and OS running on those CPUs. Google has stated that the research team has updated their systems to defend against the speculative execution attacks, and cooperated with hardware and software manufacturers across the industry to protect a more broad range of technology and people. This cooperation has lead to mitigation of the affected from this form of attack.

Google has released a list of products and machines that have the mitigation and protection in place, the following are secured from the speculative execution attacks.

  • Android- Those with the latest security update are secure. Nexus and Pixel devices are also secure with the latest security update.
  • Google apps/ G Suite- no action needed
  • Google Chrome- There may be some necessary actions required on the users end. A link to the page is here
  • Google Cloud Platform- Google App engine is secure.
    Google Compute Engine: additional action required here
    Google Kubernetes Engine: additional action required here
    Google Cloud Dataflow: additional action required here
    Google Cloud Dataproc: additional action required here
  • All other Google Cloud products have been cleared and are secured.
  • Google Home/Chromecast -no action needed
  • Google Wifi/OnHub – no action needed

Google has stated that in order to take advantage of this new method of attack that uses speculative execution, the attacker must first run malicious code on the system they targeted.

Google has stated that there are three variants of the attack, which cant be mitigated with one method, but needs a specific method for all three attack variant. Some vendors have patches for one or two of the attack variants, and Google is working with them to ensure all three get mitigated over time.

It is good to know Google is helping to spread the necessary information for others to protect themselves against such a potentially dangerous attack! As for other means of protection, why not give us a call at Re2tech! We will ensure a strong security for your network and help teach you about your own system along the way! We make I.T. happen!

Keep up to date on your technology and it’s vulnerabilities and solutions with RE2Tech. We make I.T. easy!

Have you taken precautions? Is your sensitive information at risk?

Give us a call or send us an email for all your I.T needs! We at Re2tech make I.T. happen!

Phone: 952-223-4422

helpdesk@re2tech.com

 

Open post

Smartphones with breach options, new option discovered

Smartphones are the present and the future, there is no doubt about that. They offer an immense control in a life and helps people stay up to date on what people are eating and how close WW3 is. It’s no surprise this is also the same device that is the target of hackers and the like, who want to steal information and jump start their own lives off of someone else’s.

Recently a study from NTU (Nanyang Technoloical University, Singapore) discovered a new method to which hackers may abuse in order to gain access to our little rectangular life box’s. The new access method actually involves your phones pin code.

There has been many vulnerabilities with smartphones since they have been released, involving things like the accelerometer, gyroscope, and proximity sensors. However through each vulnerability we have always come up with a means of patching said vulnerability. Well now we have another to patch involving the pin code. This was discovered through the experimentation with six different smartphone sensors and state-of-the-art machine learning, and deep learning algorithms. Through this experimentation the researchers from NTU has had a 99.5% accuracy within a three attempt confines, and the type of smartphones involved were using the Android operating system. The researchers used the 50 most common PIN numbers to experiment in this process.

Before this method came to be, the dominant phone hacking technique only had a 74% chance of success, while that is still very large, this new method is much more alarming. NTU’s technique can be used to guess all 10,000 possible combinations in a four-digit PIN.

The means by which the researchers came across this method is quit astounding actually. What was studied was the orientation, the light variation across the screen, and which thumb pressed the pin numbers. This led to the realization of variables that the phone is exposed to while someone enters specific numbers, allowing the deep thinking algorithm to narrow the possibility in pin combination and have a much easier time at assessing the correct possible combination. It is also worth mentioning that the technology used has a means of increasing it’s success rate with more exposure to possible pins and means of them being entered.

While this discovery may be frightening, it also means we have a way to understand it’s method and develop some manner to combat it, preventing hackers to use and abuse this information. Researchers at the University think that access to phones sensors and sensor information is too large of a risk and should be on lock-down in devices to prevent this method of access from ever becoming an issue.

Technology sure can be daunting, but with every virus there is a cure, with every method there is an equally effective anti-method. Let’s be sure to continue our cautiousness with our sensitive information and stay up to date on their strengths and weaknesses! That’s all for today, be sure to call for e-mail use for any questions or installations! Here at Re2tech, we make I.T. happen!

Open post

Forever 21…for the hackers with new credit card information

Hello all! We hope everyone had a nice relaxing holiday before the new year was rang in! Unfortunately during the holiday rest, someone got a little too relaxed. The known clothing company “Forever 21” was a victim of another security breach for the 2017 year.

The popular clothing store had apparently been hit with malware at some of their store locations, causing customers who paid with credit card in store, to have their information exposed to those hackers who installed the malware.

The company has made a statement addressing the issue, and reminding customers to constantly keep track of their card purchases and report any suspicious charges as soon as they see something to mitigate chances of their accounts being drained.

From the investigations findings, it was reported that the malware was installed and activated somewhere between April 3rd and Nov. 18th of 2017. There has been no number confirmation as of yet on the amount of people affected by this breach. It was noted that those who paid with card over Forever 21’s website are not affected, for the malware did not have any grasp on those lines of payment.

Forever 21 has a phone number to call that will answer questions about the breach.

Forever 21’s security breach hotline:

1-855-560-4992 Monday through Friday  between 8a.m. to 6p.m. P.S.T.

There we have it, another last security breach for 2017 before the new year could ring in. Hopefully this will be the last attack that will be revealed involving the 2017 year, for there have already been far too many!

Stay vigilant and informed, and as always if you need any IT help whether it be questions or installations, be sure to contact us and we will see that your network becomes secure and your insecurities are no more!

Open post

Cloud security going into 2018

The cloud is becoming more and more preferred as times goes by. Data and applications are streaming to it at a faster rate every hour, and more people are deciding to turn to cloud services on a daily. There is no question as to why this is happening, the cloud services are extremely convenient and offer functionality that you cant find anywhere else! In saying that, this also means cloud services are under a watchful eye by everyone, even the nefarious types.

Threats to the cloud

Generally when we have something good, people like to mess it up. The cloud is no different, there are people who have already interfered with the cloud and it’s services to steal data for very selfish and rather rude reasons. 2018 will be no exception to this, for there are quit a few issues with the newly born service that can easily be manipulated. Despite popular belief, cloud services and their security are not in the hands of the service provider, rather the customer. Knowing that, we should evaluate the potential risks with cloud technology and understand the vulnerabilities of the information stored on the cloud.

  • Data breaches– This can occur in multiple ways, ranging from intent to steal information on the cloud, human error, vulnerabilities in applications relating to the cloud, or just poor security understanding and practices.
  • Insufficient identity, credentials, and access management– Persons with ill intent may gain access to cloud stored information and cause all sorts of trouble due to a lack of credential security, which would enable unauthorized access to your data.
  • Insecure interfaces and application programming interfaces– Cloud technology providers expose UI’s and API’s that customers may use to manage their cloud experience. This is both great and bad, for this means the protection you could have is in your hands, and were you to become accessed by some unwanted party, they now have full access to your cloud security, and the providers of that cloud will have little to no feasible way to rescue you. There is a lacking of accidental and malicious attempts of policy circumventing.
  • System vulnerabilities– This is the big contender that has gained spotlight this last year for cloud tech. These are exploitable bugs in the program that allow malicious actions to gain access to a system and steal data, taking control of the system, or disrupting service operations.  Vulnerabilities within the components of the operating system put security of all the services and data at significant risk. Because the cloud has systems from various organizations placed close to each other, if the cloud is breached, that means those other systems are now vulnerable as well.

The cloud is a fantastic service that will no doubt lead to other great systems and functionality in the world, however right now while it is still young, it has quit a few quirks to work out before it can be considered a fully safe and developed system. Now that doesn’t mean don’t use the cloud, it means be mindful of what you put on there, and the risks that are present in the technology your using.

Open post

2018 predictions: Healthcare security breach

As we all have become aware, 2017 was a free for all when it comes to security breaches.  There were countless phishing scams, ransomware, state-sponsored attacks and new forms of attacks that all made headlines and shook us to our boots. However 2018 means a new year and a new us! Right? Well we hope so, but thus far the the outlook isn’t in our favor.

Recently a VP at Tripwire gave his predictions for 2018 and our security in the online world. The prediction does not bring bright bearings, in fact it seems 2018 may be quit ill.

The Tripwire VP predicts that healthcare security will be breached, due to the ever growing vulnerability in medical devices and electronic healthcare records. 2018 is expected to have hospitals, insurers and healthcare manufacturers in the sights of hackers  and cybercriminals.

It is expected that the healthcare industry is not prepared for the kinds of attacks that may come, with things like the WannaCry incident and the UK NHS.  Not all ransomware is noisy and boisterous which is where the real danger may lie for the healthcare industry.

In relation to the healthcare being a target for 2018, there is also a lot of talk about the cloud, and it’s  potential security abuse over the horizon in 2018. It should come to no surprise that since cloud technology is still pretty new, that defending the cloud is still a process in the works. We should not be taken by surprise when there is another cloud data management leak, and should be cautious until they have developed a stronger, more prominent protection for cloud storage. There is talk of security becoming up to date near the end of 2018 for this form of technology, but until then we may see leaks of credentials and misconfigurations, as well as other exploited vulnerabilities.

Let’s all learn from the mistakes of not only ourselves, but each others, and make 2018 predictions like this nothing but a false alarm! If you need help with your online presence, give us at Re2tech a call and lets discuss your security options and optimizations! 

Open post

2018 security expenses expected to rise in response to 2017

2017 was full of news on companies and corporations that had security breaches, and the effects on the masses that would follow because of them. Because of this hard pressed security year, it is expected that in 2018, the total expenses on security spending will rise, by about an estimated 8%.

A research firm known as Gartner took data from 2017’s data breaches and calculated in the response from similar companies and corporations, to derive an expected shift in security spending, as well as the changing views on cyber security.

In 2017 it was estimated that the total spending on security measures summed up to about $89.1 billion. The $89 billion expense resulted from the events of the previous year that spurred people to take cyber security more serious and treat it as an actual threat. The same reasoning is behind the estimated spending for 2018, which is at $96.3 billion. This increase comes at no surprise in response to the overwhelming coverage of security breaches all over the world, and these breaches are estimated to affect the three years following the event. So moving into 2019 we can already estimate a larger security spending sum.

Gartner uses multiple factors under the umbrella of cyber security to make these estimations more accurate. The several sub sections of cyber security involve the following:

-Identity Access Management

-Infrastructure Protection

-Network Security Equipment

-Security Services

-Consumer Security Software

It was made clear by Gartner that out of all these sub sections, the section that would be most invested in this coming year would be Security Services, priced at $57.7 billion which is an increase from last this years $53 billion. The other sub sections of security spending is also estimated to increase this coming year, just not as largely as Security Services.

Gartner also says that the spending will continue to go up from here in the next few years, with more than 60% investing in data loss prevention, protection and encryption tools. Currently spending is at about 35% for protection tools, so there is an obvious large spike in response to recent events around the world with enterprises and their security.

Let’s buckle up and get ready for an interesting new year! Before the new year rolls in, why not be the first to pave the path of a more secure cyber presence and let us at Re2tech work to hatch down your vulnerable information and close any back doors in your network!

Posts navigation

1 2 3
Scroll to top