SpireTech Company News and Tips
Ubiquiti, a vendor best known for inexpensive and reliable Wi-Fi gear has been hacked. Rumor is that an employee’s LastPass credentials were stolen, which allowed hackers access to Ubiquiti’s entire infrastructure, including customer data, passwords, and so on. The IT community has been annoyed by the vendor’s evasiveness in its response.
While we use and recommend Ubiquiti Wi-Fi gear, we do not use their cloud-hosted wireless management servers, and do not store information on Ubiquiti servers, so we do not believe our clients are impacted.
For more information on the breach, see https://www.theverge.com/2021/3/31/22360409/ubiquiti-networking-data-breach-response-whistleblower-cybersecurity-incident
Our service desk spent an unusual amount of time last month troubleshooting internet connectivity related issues for clients. Typically, we’re looking at speed or downtime issues at an office that workers are trying to connect to over VPN to work remotely. Oftentimes, we’re spending a lot of time dealing with technical support at the various ISP’s around town – which has led us to have opinions on who is good and who is not in the Portland metro area. It is almost always the ISP’s problem, and certain ones have earned a well-deserved spot on our “bad” list for being time-wasters or just plain unreliable. Talk to us before you order internet, please.
What can we do to mitigate these speed or reliability issues? There are two things:
- If you are keeping your office long term and have a second ISP available in your area, we can look at redundant internet connections, combined with a Bigleaf appliance. Bigleaf is a local company in Beaverton that offers affordable appliances that handle redundancy and speed optimization automatically. This is also useful when you are using a phone system that relies on the internet to function, such as VoIP.
An update that Microsoft released in March caused issues for many users, ranging from printouts and PDF exports containing no text, jumbled text/graphics, applications freezing or giving errors, or even a full system crash (aka “blue screen”) when attempting to print. We quickly blocked it from being installed, but had to roll it back on many systems where it had already been deployed. The “fix” to the patch that was subsequently released also caused further issues. This is unfortunate, because the patch also contains important security fixes.
We believe that the next update that will be released in April will fix the bug but we are proceeding carefully. For further technical information, please see the following article: https://windowsreport.com/kb5000802-kb5000808-bsod/
We aren’t sure why this isn’t “Headline News”, but it should be: Due to a technical glitch or human error, Microsoft recently deleted files from some SharePoint online sites. Across our client base, one customer was affected – to the tune of approximately 300k files missing, scattered randomly about their file structure.
There were grumblings online about this happening to others: https://www.bleepingcomputer.com/news/microsoft/mysterious-bug-is-deleting-microsoft-teams-sharepoint-files/
Microsoft issued some advisories, but wasn’t fessing up to the cause, and technical support was extremely slow to assist or even acknowledge the situation. We believe the issue was related to an Azure AD authentication problem that happened around the same time – also plaguing lots of businesses – around March 15th, where people could not login to any Microsoft or other cloud services that depend on Azure AD for authentication.
So yes, this should underscore the message that you do need to backup your cloud storage using a service or specialized hardware. This would include all cloud vendors – not just Microsoft. As we all know and experience frequently, software bugs or human error can lead to data loss. Read more...
On Feb 25th, SpireTech turned 28 years of age. We were busy, so we didn’t actually take time to celebrate – but the fact that we’ve been in business longer than some of our employees have been alive is a testament to our fortitude. We’ve come a long way from how we started – which was installing and maintaining NetWare servers and CAD systems at Engineering firms. Our last “birthday party” that included clients was when we turned 20 – and we remember that day fondly, as well as many of the clients who attended, and are still with us today. We’ll plan another celebration when we turn 30 in 2023. Hopefully you’ll be there.
We’d like to take a moment to thank and express our appreciation to all of our long-term clients. You help provide stable employment to our technicians and their families. We are grateful for your loyalty, and will continue to earn your trust every day.
Our service desk always gets a lot of questions about whether or not an email is legitimate. If you suspect an email is not legitimate, it probably is not – usually your gut instinct is correct here. 95% of the time the email is not legitimate. You can refer to our earlier 3-minute instructional video on the subject here:
Some of the recent scams that we’ve seen are:
- Fake invoice emails, sometimes with attachments, sometimes claiming a bill is past due
- A real secure email (like you would get from a bank or secure email sending service) that contained spam inside it, sent from a hijacked account
- Fake docusign emails with an html attachment
Many of these emails are easily detected using the techniques outlined in our educational 3-minute video contained in the link above, which includes:
- Instructions on how to examine the sender email
- How to inspect links for validity
Spammers are lazy, and these simple techniques will allow you to hit the delete button on the majority of these emails. Please watch the video, and if you aren’t sure about an email, always send it to us for an opinion. Read more...
The “Valentines day weekend” Ice storm wreaked havoc on tens of thousands of people and businesses. We monitor client networks throughout the metro area, and many clients were without power and/or internet for periods of time.
Fortunately, our office and datacenter has redundant generators and redundant internet, so we were able to continue operations with minimal impact – even though most of our employees are working from home during Covid. Two employees were either without power and/or internet, but fortunately our “bench” is deep enough that impacts to customer service were negligible while helping clients get back online.
On Tuesday March 2nd, Microsoft announced a new zero-day vulnerability targeting Exchange email servers. M365 Exchange online is not affected. Microsoft quickly released out-of-band patches to address the vulnerability. Our NOC (Network Operations Center) immediately went into action, patching client’s exchange servers late into the evening.
For more information on the breaches, please see the following articles:
- Tech Community / MS Patch Response – Released: March 2021 Exchange Server Security Updates – Microsoft Tech Community
- MS Security Center Response – Multiple Security Updates Released for Exchange Server – Microsoft Security Response Center
Unfortunately, this information comes to light after the exploits have been observed in the wild by security researchers, as is often the case with these vulnerabilities. Our NOC has been examining systems looking for evidence of attack, and we believe that the attack is more widespread than Microsoft initially disclosed. We will be notifying any affected clients directly. Read more...