news

15 Oct 2018 - Microsoft co-founder Paul Allen dies of cancer at age 65

Microsoft Co-Founder Paul Allen died from complications of non-Hodgkin's lymphoma on Monday afternoon.
Allen's Vulcan Inc. announced that he died in Seattle at 65 years old.

Full article @ CNBC

10 Oct 2018 - Google kills off Google+

Google is pulling the plug on it's social network platform Google+ due to poor adoption and after a security beach which exposed up to 500,000 accounts.
Google+ was the IT giant's FaceBook alternative, which although had early adoption by some more technically savvy users, never made in-roads in to the general population.
Their decision to kill off the platform was crystallised after a data breach which dates back 2015, but was only discovered and addressed in March 2018. Google then failed to disclose this for a further 6 months.

More details @ ABC News

02 Oct 2018 - Major hosting announcement coming soon

We are in the process of a major revamp of our hosting business which will see us rolling out considerable plan upgrades free of charge to all our customers as well as offering a range of new products and services.
Full announcement coming soon..

12 Sep 2018 - Trend Micro apps on Mac accused of stealing data

Researchers claimed Trend Micro apps in the Mac App Store were stealing data. The company removed the offending features, but researchers are still not sold on Trend Micro's excuse.
According to researchers, multiple apps in the Mac App Store were stealing data, and Apple removed the offending apps from the store. But, now, Trend Micro is refuting the claims against its apps.
At least eight apps -- six Trend Micro apps and two published by a developer who goes by the name Yongming Zhang -- were found to be gathering data from user systems, including web browsing history, App Store browsing history and a list of installed apps.

Full article @ TechTarget

10 Sep 2018 - Microsoft offers alternate Windows 7 support arrangements

Following pressure from sysadmins, Microsoft has offered alternate Windows 7 support arrangements.

Microsoft are continuing with their plan of extended support — under which the OS receives security and reliability fixes until January 14, 2020. After this for Windows 7 Professional and Windows 7 Enterprise editions for customers using Volume Licensing there is now an option for extended support until January 2023 under a new paid program.

Microsoft are also modifying Windows 10 support arrangements to increase support for feature updates from 18 months to 24 months.

4IT Systems Ltd recommend all clients currently running Windows 7 should start planning for migrations to Windows 10 before the end of support. Free upgrades are still available from Microsoft using their MediaCreationTool

09 Sep 2018 - Targeted Extortion Spam

We’ve noticed a spate of targeted extortion spam emails. 4IT e-mail customers, so far, will have had all of these blocked by our Spam Experts filter.
These e-mails are initially alarming because the e-mail subject is a password that you have previously used on site somewhere, which has obviously been subsequently hacked.
The body of the e-mail is pretty generic and similar to previous extortion e-mails:-
“We know your password, We have evidence of you accessing porn, we have web camera recordings of you etc etc …
Pay us $5000 by bitcoin or we’ll tell everyone you know…”
These e-mails can be safely ignored but they do underline a security point that we have blogged about before :- See article 01 Oct 2016 - Yahoo hack, 500 million accounts stolen.
Users must accept that any site on which they have registered could be hacked, you should therefore use different passwords (randomly generated) on each site and make use of a password manager to remember these.

31 Aug 2018 - Rise of Business Email Compromise (BEC) scams

According to a Thursday report from Barracuda, cybercriminals are increasingly targetting business using BEC scams causing billions of dollars in fraud losses over the past few years.

The most common BEC attack involved the hacker trying to trick a recipient to do a wire transfer to a bank account owned by the attacker (47%). Other types of attacks included trying to get a recipient to click a malicious link (40%), establishing rapport with the victim (12%), and stealing PII like W2 forms (1%).

We've seen (and blogged) about these scams before and once again reiterate how important end user vigilance is.

Full article @ Techrepublic

28 Aug 2018 - Microsoft Launch Windows Server 2019 this Autumn

The latest version of Windows Server is nearly upon us.

If you'd like to see what new in this version check out the article on the Windows Server Blog

Everything you need to know about Windows Server 2019 " Part 1

Everything you need to know about Windows Server 2019 " Part 2

24 Aug 2018 - Windows Tip: Disable Automatic driver updates on Windows 10

Microsoft occasionally uses Windows Update to deliver updated drivers for devices, especially when those drivers have been shown to cause compatibility issues. In Windows 10, these updates are delivered alongside regular security and reliability fixes and are installed automatically.

 f you'd prefer to handle driver updates yourself, you can disable automatic driver updates in Windows 10. To turn on this setting in the Pro or Enterprise edition, open the Local Group Policy Editor (Gpedit.msc) and go to Computer Configuration > Administrative Templates > Windows Components > Windows Update. Double-click the Do Not Include Drivers With Windows Updates policy and set it to Enabled.

If you're working on a PC running Windows 10 Home, this isn't an option, because Group Policy is not supported. In that case, open Registry Editor and navigate to the key HKLMSoftwarePoliciesMicrosoftWindowsWindowsUpdate. Then add a new DWORD value, ExcludeWUDriversInQualityUpdate, and set it to 1.

Credit : Ed Bott @ Microsoft Weekly

24 Aug 2018 - Windows 10: Microsoft and Intel patch latest Spectre and Foreshadow CPU vulnerabilities

New Windows 10 updates contain Intel's latest microcode fixes for the recently discovered Spectre variant 3a and 4 vulnerabilities, as well as Foreshadow.

Microsoft has released out-of-bounds patches for Windows 10 to help protect against new Spectre and Foreshadow CPU attacks.

The Windows 10 updates, made available late on Monday, contain Intel's latest microcode fixes for the recently discovered Spectre variant 3a and 4 vulnerabilities, which affect many modern computer processors.

Full article @ Techrepublic

16 Aug 2018 - Another Intel chip flaw, Foreshadow, surfaces

Like the Spectre and Meltdown exploits earlier this year, the new L1TF / Foreshadow vulnerabilities allow for a form of speculative execution attack. Unlike those earlier exploits, these affect modern chips with SGX architecture extensions, designed to protect data and applications from interference.

The vulnerabilties allow data to be read from an area of fast memory known as the L1 cache, which is available to each processor core. An attacker could use the exploits to read any data held in the cache, including protected information belonging to the System Management Mode (SMM), the operating system's kernel, or to other virtual machines (VMs) running on third-party clouds.

Full Article @ TechRepublic

12 Aug 2018 - Enterprise Apple Mac's vulnerable fresh out of the box

A new report from Wired reveals a Mac bug allowing a common vulnerability that exploits DEP and MDM platforms.

Despite Apple's supply chain being among the most closely monitored and analyzed in the world, its devices are not immune to all potential hacks. According to a report from Wired, it's possible that a brand new Mac could be remotely compromised the first time it connects to Wi-Fi out of the box.

According to the report, when a Mac's serial number is enrolled in DEP and MDM, it will automatically run a series of checks—both with Apple's servers and the MDM vendor's servers. Researchers found the issue arises in one key step of the process.

The hacker, the report noted, could lurk between the MDM web server and the victim's device, allowing the hacker to replace the download manifest with a malicious one that forces the computer to install malware instead.

Full article @ TechTarget

24 Jul 2018 - Summer Office Holiday Closure

The office will be closed Wed 26th, Thurs 27th and Fri 28th July.

All e-mail will be answered as normal.

All support queries should be made by e-mail if possible or by using the alternate mobile number supprt clients already have.

26 Jun 2018 - Microsoft drops Windows 7 support for old CPUs

Microsoft abandons support for Windows 7 on Pentium III-era machines.

We expect this to have little or no impact for our clients as these processors are over 17 years old.

But clients should take this as a reminder that Windows 7 security updates would only continue to be issued until January 2020.

Clients still running Windows 7 now have 18 months to plan for rolling out Windows 10.

Full article @ ZDNet

25 Jun 2018 - Bitdefender scores full marks in independent Windows 10 test

Bitdefender has once again scored full marks for both protection and performance in the independent AV-TEST Institute tests.

For the protection of corporate networks, the laboratory of AV-TEST tested 16 solutions under Windows 10 in terms of their protection, performance and influence on usability.

Bitdefender has scored consistently well over the years, which further vindicates 4IT Systems decision to become a Bitdefender partner and to recommend this excellent security platform to our clients.

Full AV test article and results @ AV Test Website

20 Jun 2018 - EU follows US lead, bans Kaspersky

Following a vote by the European Parliament to implement a Kaspersky ban in the EU, Kaspersky announced it would halt ties with the No More Ransom project and Europol.

After the European Parliament voted to institute a Kaspersky ban on the use of its products in the European Union, Kaspersky Lab temporarily suspended its involvement with Europol and the No More Ransom project.

In a plenary session, the European Parliament voted on a cyberdefence strategy report written by Urmas Paet, the Estonian member of the European Parliament on the Committee on Foreign Affairs. The resolution included an amendment from the Polish MEP that "calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous [programs] and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab."

Full article @ TechTarget

12 Jun 2018 - FBI arrest 74 e-mail scammers. Recover $14 million

The US Justice Department on Monday announced the arrest of 74 individuals, including 42 in the US, for their involvement in e-mail scams designed to steal money and valuable information from both businesses and individuals.

In addition to the 42 in the US, the arrests included 29 in Nigeria, as well as three in Canada, Mauritius, and Poland. Federal authorities also seized nearly $2.4 million, and they disrupted and recovered approximately $14 million in fraudulent wire transfers.

Full article @ ZDNet

10 Jun 2018 - New Flash exploit bypasses browser, infects via Office documents instead

If you thought you were safe from malware spread via Adobe Flash think again, a new attack hides Flash scripts in Office files to download its payload.

A newly discovered Adobe Flash zero-day exploit is using Microsoft Office files to spread a stack-based buffer overflow attack, but with a twist: The malicious file doesn't contain any actual malware.

Discovered by 360 Core Security and security firm ICEBRG, this new Flash zero day was specifically found to be targeting users in the Middle East, with a potential focus on Qatar.

Malicious Office files aren't a new way to spread malware, but this particular attack has a trick up its sleeve: It remotely downloads the Shockwave Flash (SWF) file containing its payload once opened. That means the file itself doesn't contain any malware, making it easier to fly under the radar.

Adobe has released a patch to address the zero-day exploit, and those still using Flash are advised to update now.

Full article @ TechRepublic

 

4IT Comment:-

This exploit once again stresses the importance of NOT opening e-mail attachments from unknown OR unexpected sources. Office documents are a favourite method of delivery by the malware writers and we have seen a sharp spike in e-mails containing fake orders, invoices etc., inviting you to open the attached Word or Excel document.

Remember no matter how good your security systems are the weakest link in the chain is always the user.

10 Jun 2018 - VPNFilter router malware more serious than first thought

A new research report indicates the VPNFilter malware has a longer reach than first thought, and simply rebooting your router is not enough.

VPNFilter is a novel type of malware that infects a number of home and small business routers including those from Linksys, MikroTik, Netgear, TP-Link, ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE.

Official guidance from the FBI was to reboot your router to remove the infection, however after further investigation this may not be enough.

It is strongly recommended you check your device manufacturers website and install the latest firmware available. If you already have the latest firmware you should still reinstall it to ensure removal of any infection.

Full article @ TechRepublic

07 Jun 2018 - Power users rejoice! AMD/Intel bringing 20+ core processors

Good news for PC power users: AMD and Intel bringing 20+ cores to workstation CPUs

Announced at Computex 2018 in Taipei. Both Intel and AMD are placing a great deal of emphasis on a relatively recent category of CPUs that are architecturally more similar to lower-end server CPUs than high-end workstation CPUs. This design choice brings a double-digit core count to workstation CPUs, which has been rare to find for performance workstation/desktop systems until now.

AMD's second generation Ryzen Threadripper CPUs are "on track" for launch in Q3 2018. The new CPUs will feature either 24 or 32 cores, with two threads per core, for a total of 48 or 64 threads.

Intel's newest offering is a 28 Core i9 CPU (48 threads) running at 5 GHz.

Full article @ TechRepublic

Alternate article @ Computing Website

29 May 2018 - British hacker gets 10 years

'One man crime wave' hacker Grant West was sentenced to 10 years and eight months in prison on Friday for a crime spree that netted him millions from the sale of stolen data.

Twenty-six year old West from Sheerness in Kent had pleaded guilty to charges including conspiracy to commit fraud, computer misuse and drug offences on 2 May.

A prolific criminal, he hacked multiple firms including Asda, Ladbrokes, Barclays and BA, costing them hundreds of thousands of pounds.

He also used phishing emails to trick people into giving away their financial information. One such email, sent in 2015, purported to be a survey from Just Eat. It promised discount vouchers for those completing it. That email alone netted him £180,000, according to the Met Police.

A total of £84,000 was stolen from hacked Barclays accounts, costing the bank more than £300,000 to put right.

BA lost £400,000 as a result of West's hacking of accounts the Avios travel awards site.

West sold the information on Alpha Bay, the 'dark web' site that has since been taken down. The proceeds were converted into Bitcoin which he stashed in multiple accounts.

Full article @

29 May 2018 - Avast causing inaccessible desktop after Windows 10 1803 update

The Windows 10 April Update is causing more stress for users running AVAST, with many claiming their PCs were wiped clean after they hit OK on the update prompt.

The blank desktop issue has reached users across the world but does not appear to have affected a large number of users, according to the forums. If you have already installed the Windows 10 update and had no problems, you don't have to worry about the issue.

If you have Avast Antivirus, it may be prudent to delete it before installing the new Windows 10 update, as many users have reported losing access to all of their files after the installation.TechRepublic

25 May 2018 - US sites block EU users due to GDPR

A handful of top US news sites have chosen to block UK and EU users rather than deal with the EU's GDPR requirements.

Sites including USA Today, LA Times & Chicago Tribune have all decided to block rather and comply with GDPR.

Even non EU companies forced to comply with GDPR such as Facebook have taken measure to minimise their need for compliance. In Facebook's case, by quietly moving the data of 1.6bn users from their Irish data centre to a non-EU one.

The EU's threat to fine non EU companies with huge fines for non compliance has predictably lead to this result.

GDPR may yet prove to be a heavy handed and over-reaching piece regulation.

More info @ Evening Standard

25 May 2018 - Beware GDPR fraudsters phishing emails

GDPR fraudsters are conning people out of thousands a with wave of phishing emails.

ew data protection rules coming in on Friday have sparked a wave of fraudulent emails, the police's fraud arm has warned, with criminals posing as banks and companies to steal people's details.

Customers of one of Britain's biggest banks, Natwest, are among those being targeted with phishing scams in which they are told they must comply with so-called "GDPR" rules by handing over sensitive details, or face having their accounts deleted.

Full article @ Telegraph

23 May 2018 - Microsoft OneDrive preferred by business over Google Drive or Dropbox

Microsoft trumps Google, Dropbox in business cloud storage wars

A Spiceworks survey highlighted the overwhelming demand for better cloud security, and showed that most companies were turning to the tried and true option of Microsoft.

Full article @ TechRepublic

17 May 2018 - Opera Touch. The dream Android browser?

Opera Touch is a dream Android browser for users who are always on the go

If you're looking for an Android web browser that makes on-the-go browsing simple, Opera Touch might be just the ticket.

Designed for people who use their phone one handed, Opera has hit that particular nail square on its head. Opera Touch makes one-handed usage not only possible for all, but easy.

Upon launch you have easy access to the Keyboard/search bar, the Mic and a QR Code/Barcode scanner.

For those who frequently find themselves using their mobile devices with one hand, Opera Touch might well be the best laid out mobile browser for this purpose. Combine that with the Flow feature and Opera is seriously onto something. Give Opera Touch a go and see if it doesn't wind up your default Android browser.

Full article @ TechRepublic

17 May 2018 - Dire Linux vulnerability gives attackers root access

A flaw related to a NetworkManager integration script is trivially easy for attackers to leverage.

A command injection vulnerability has been discovered in the DHCP client included in Red Hat Enterprise Linux.

The proof-of-exploit code is small enough to fit in a tweet and Red Hat considers it a critical vulnerability.

This bug affects RHEL 6.x and 7x, as well as CentOS 6.x and 7.x, and Fedora 26, 27, 28, and Rawhide. Other operating systems built on top of Fedora/RHEL are likely to be affected, including HPE's ClearOS and Oracle Linux, as well as the recently-discontinued Korora Linux.

Full article @ TechRepiblic

11 May 2018 - Latest Windows 10 Patch (KB4103721) may cause boot-loop

The first cumulative patch for the Windows 10 April 2018 update is causing some PCs to enter a cycle of failed boots.

The bug in update KB4103721 may cause devices with Intel SSD 600p Series or Intel SSD Pro 6000p Series to repeatedly enter a UEFI screen after restart or stop working.

KB4103721 was designed to fix a number of issues that have arisen in the April 2018 update, but inadvertently caused a much more serious one.

If you have been affected with this please contact us for remedial action.

09 May 2018 - Windows 10 April update (v1803) is here

The next version of Windows 10 (v1803) has arrived. All Windows 10 users should start receiving upgrade notifications this week.

We have been testing the latest version for the past 3 weeks and have noticed no issues, however in a business scenario we recommend you be prudent, upgrade a single machine and test all your line of business applications before committing to upgrading the rest of your devices.

Of course if you need any assistance then please give us a call.

01 May 2018 - Windows 10 April 2018 Update - What to expect

Windows 10 is never finished, with Microsoft adding a bevvy of new features to the OS twice a year.

The latest bundle of improvements is almost here, with the April 2018 Update available to download from Monday 30 April. The update has arrived slightly later than anticipated, and with a different name than the expected "Spring Creators Update".

Windows 10 users can expect a smattering of improvements, the most interesting of which is Timeline, which allows users to easily jump back to what they were doing on a Windows 10 device at an earlier point, while IT admins and developers also get some smart upgrades to command line tools and Linux support.

Of course, not everyone will be thrilled to have a major update pushed upon them, even if it will be quicker to install than earlier releases, but there are ways to put off the upgrade.

Full article @ TechRepublic

Display Older News

Explore 4IT Systems Ltd