Posted by on

We remain very concerned about recent security issues related to work from home, including: 

  • Proper anti-virus and anti-malware software installed on home systems 
  • Patch management and updates of home systems 
  • VPN’s allowing additional paths for intruders or malware into networks 
  • Weak passwords 

We encourage our clients to take steps to mitigate these risks including: 

  • Set up Multi-factor authentication on company accounts 
  • Request SpireTech manage employee-owned computers during this crisis for only $30/mo 
  • Install proper anti-virus on unmanaged endpoints (included above) 
  • Upgrade to Microsoft 365 Business Premium, which includes intelligent security, bring-your-own device management solutions such as Microsoft Intune and EMS, and can mitigate risks related to access to corporate data outside the firewall.

Please schedule an advisory call with your Technical Client Manager if you’d like advice on how to improve security in your current WFH situation.  Read more...


Posted by on

SpireTech has been monitoring developments relative to security questions being raised about Kaspersky Anti-Virus software, including the US federal government’s restrictions for federal agencies announced on September 13, 2017.  SpireTech is currently investigating the best alternative options in consultation with both our peers and software suppliers.

While respecting the geopolitical issues impacting this product, from a technical standpoint Kaspersky Anti-Virus has been continuing to provide security updates and patches. Once we have determined available alternatives we will inform all clients to inquire whether their organization wishes to change antivirus vendors.

Please contact us with any questions you might have in the meantime.  Read more...


Posted by on

used with permission from Norton by Symantec
By Kevin Haley, Director, Symantec Security Response

ransomware_adviceI despise all forms of bullying. Perhaps the one I hate most of all is where the bully takes a personal item, snatching it from you, and refuses to give it back. It’s dangled right in front of you, but held just out of reach. You’ll only get it back after doing whatever the bully wants.

Ransomware is an on-line form of the bully’s game of keep-away. Here, the bully gets on your computer and takes your personal files -words documents, photos, financial information, all the things you care about. Those files are still on your computer, dangling in from of you, but they are encrypted now, useless to you. In order to get them unencrypted, you’ll need to pay the bully 300-500 dollars.

This is the fastest growing crime on the Internet. It grew by 4500% in 2014, and shows no signs of stopping, its just too profitable for the bullies.  Read more...


Posted by on

We’ve had the privilege over the last couple of months to attend a couple of IT and tech industry conferences.  The NSA, FBI, and Homeland Security had speakers at these conferences and they are sending a message:  US Businesses are the target of sophisticated international cyber-crime rings.

Cyber-crime is a booming business

The presentations included details of how these criminals operate, mug shots, methods of intrusion, possible techniques to thwart their attacks, and the ever-present message: as IT professionals and business owners, we must be more vigilant. This isn’t about the big headline-grabbing intrusions we’ve heard about on the news, there are thousands of intrusions we don’t hear about occurring every day.

Typical Anti-virus software isn’t enough

Signature-based scanners, like used with anti-virus software, are easily circumvented. While it is recommended that we use commercial software, it is becoming evident that network-level (i.e. at the firewall) based scanners must also be employed.  While most firewall-based scanning techniques involve scanning inbound traffic, a particularly useful technique is to monitor outbound traffic and external DNS queries.  Read more...


Posted by on

used with permission from Microsoft at Work

avoidhackersWhether at work, home, or mobile, keeping your computer and other devices secure is important. There are any number of threats to security on the web, but keeping your personal and work data safe is relatively easy. It may take a few minutes to get things set up, but after that, things mostly take care of themselves and you can sit back, relax, and enjoy worry-free computer time.

Passwords

How many different passwords do you have? If the answer is “one” or “a few,” then you run the risk of all your password-protected accounts being compromised as soon as one of them is. A leak from one site means every other site with that same password is at risk. If you use that same password for your email accounts, hackers could take that over, too, which would leave you locked out of your account and unable to change any of your passwords once you realize it’s been compromised.  Read more...


Posted by on

Researchers at AVG got an interesting visitor while analyzing a virus. The virus programmer popped in for a chat.

In the AVG labs, they had installed a virus (that impostors itself as an instructional video for the new video game, Diablo 3) to take a look at what it does and see how it works. While doing so, the virus programmer used a chat built into the virus to peek his head in at what they were doing. “What are you doing? Are you researching my trojan?” was written in Chinese in a window that popped up in the middle of the screen. The back doors installed by the virus included the ability to see their screen, monitor keyboard and mouse input; even the ability to turn on and view any attached web-cam. After some banter, the remote hacker shut down the virtual machine to punctuate the end of the conversation.  Read more...


Posted by on

Security researchers are trying to get the word out to mac users that the cat is out of the bag: Mac users need to be concerned with viruses as much as anyone else. April saw the largest saturation of mac virus activity ever witnessed, infecting an estimated 600,000 machines within a few days of its initial detection. Apple has attempted to roll out updates and educate users to try and halt its spread but, as of this writing, the exploit is still vulnerable to infection by a new variant. The number of new infections has gone down but researchers say they can’t be entirely sure their detection methods can accurately measure it. Companies like Symantec and Kaspersky are actively working on combating the storm.

It’s a common fallacy that macs can’t get infected with viruses. More accurately, macs get infected with viruses that are left fallow because they are designed to affect windows machines; this doesn’t stop infected macs from spreading infection, via infected files, to windows machines.  Read more...