by Felicien | Apr 21, 2022 | Education
Can Ransomware Spread Through WiFi?
Ransomware has been a menace to businesses large and small for years, and the problem is only getting worse. One of the most insidious aspects of ransomware is its ability to spread through wifi networks, infecting multiple computers and devices.
This can cause severe disruptions to business operations, as employees are unable to access their files or applications. In some cases, ransomware can even render entire networks unusable. While there are steps that businesses can take to protect themselves from these attacks, such as implementing robust security measures and backing up data, the best defense is often proactive detection and response.
By ensuring that their networks are constantly monitored for suspicious activity, businesses can reduce the chances of being hit by a ransomware attack.
How Does Ransomware Spread Through A Network?
The increase in ransomware attacks is a serious concern for businesses of all sizes. Ransomware is a type of malware that encrypts a victim’s files and demands a ransom be paid in order to decrypt them. Attackers are constantly finding new ways to spread ransomware, and the amount of ransom demanded has been increasing.
This has led to businesses losing access to critical data and facing significant financial losses. The best way to protect yourself from ransomware is to have a good backup strategy in place. This will ensure that you can recover your data if you do become a victim of an attack. You should also make sure that your security software is up to date, and that you only download apps and software from trusted sources.
By taking these precautions, you can help to protect your business from the growing threat of ransomware attacks.
Who Does Ransomware Typically Target?
Despite ransomware becoming more prevalent in society, many people are still unaware of what it is and how it works. Ransomware is a type of malware that encrypts a victim’s files and holds them for ransom.
The attackers usually demand a ransom in cryptocurrency, which is difficult to trace. In some cases, the attackers will release the victim’s files after the ransom is paid; however, there is no guarantee that the files will be released or that they will be decrypted correctly.
Many times, the victims of ransomware attacks are left with no choice but to pay the ransom or lose their data forever.
Recently, ransomware has been used to target critical infrastructure, such as the Colonial Pipeline attack in 2021. This attack disrupted the flow of oil across the eastern United States. Cybercriminals have also started to target supply chains, such as when remote management software vendor Kaseya fell victim to the REvil ransomware.
These attacks have highlighted the need for organizations to be prepared for a ransomware attack and have a plan in place to respond quickly.
Securing Your Wireless Network From Spreading Ransomware
Business wireless networks are becoming increasingly popular as more and more people connect their devices to the internet. However, as the number of devices connected to the internet grows, so does the risk of cyberattacks.
One way to protect your business network from intrusion is to keep your wifi access password protected. Many routers come with a default password that is easy to guess, so it’s important to change it to something that is unique and difficult to crack.
In addition, it’s also a good idea to enable encryption on your router. This will make it more difficult for hackers to access your data. Finally, be sure to keep your router and firmware up-to-date with the latest security patches.
By following these simple steps, you can help protect your business’s wireless network from cyber threats and the spread of ransomware.
by Felicien | Apr 11, 2022 | Education
Network Equipment Shortages
The current state of microchips for network equipment is difficult at best, depending on a supply chain that can cross over 70 international borders and 31,000 miles before reaching its end destination, with processes in Texas, Michigan, Malaysia, Germany, and China before landing at the port in California for distribution. The many limitations in travel and supply chain staffing brought about by the COVID-19 pandemic have made what was already a just-in-time supply chain into a mess, one that’s expected to continue for the foreseeable future. With chip supply shortages contributing to lead times as far out as 400 days for your networking equipment, price increases due to inflation, and missed shipping dates, how will your company keep up?
In a recent report titled “What Are My Options for Dealing With Long Lead Times on Network Equipment?” Gartner mentioned, “We expect lead times to remain high through early 2023, at which point we expect slow incremental improvement over the course of months.” This leaves many companies scrambling to get their network hardware in place, with the report citing five ways to increase capability, but only one of which puts more hardware into your servers, while one is a touch on the sneaky side.
1) Optimize your existing hardware
Many company switches are operated at less than 75% port capacity, according to the report by Gartner, with campus and enterprise switches often underutilized so that rapid growth or cable simplification can be achieved. “We estimate at least 25% of campus and data center ports are unused, and likely more. Thus, reducing excess capacity via consolidating connectivity can readily free up 10% to 15% of switches for most enterprises, while leaving room for growth.” By using existing hardware effectively, you won’t have the option for growth in the future, but it may get you past the worst of the shortages and delays. It will require changes and recalling of the network, along with downtime and labor.
2) Move to the cloud
When you switch your network to the cloud, your hosting or cloud provider will have to come up with the network hardware, but because the hardware is often shared among many companies, there’s a lower overall demand for chips. This allows you to avoid having to purchase new data-center switches and similar equipment. In the report,
The solution to everything: Move to the cloud. Enterprises can avoid buying data-center switches and other hardware if they move workloads to hosting providers or public cloud providers. The report also recommended putting x86 servers in place instead of network appliances that have low interface counts, including routers, firewalls, and load balancers.
3) Move to the front
Vendors often prioritize customers that give them larger opportunities for revenue or loss of revenue, so consider competition at the vendor level. Threaten to take your business somewhere else and see if they’ll come around. As a new customer, make sure your vendors know that you represent significant future income. As the report states, “Vendors are prioritizing customers that represent larger revenue opportunities and/or create the risk of revenue loss.” This allows you to avoid having to wait in line for a first-in, first-out order approach and may get you what you need.
4) Consider certified refurbished equipment
What happens to relatively new equipment that isn’t used for very long? It’s refurbished and resold. Though it’s not brand new, the recertification process still provides you with some protection in terms of a warranty or similar benefits. This can include equipment from top brands including Cisco and HPE Aruba. Though the equipment maybe a little older, the lead time is often only days to weeks versus months to over a year.
5) Wear it out
Many companies will change out hardware well before the end of its useful life by months to years. Just because you have a switch that is approaching the end of its warranty doesn’t mean it will immediately break down. Instead of automatically retiring it, try negotiating with your vendor to get an extended service contract to get more use out of existing assets.
These five solutions provide you with a range of options you may not have considered.
by Felicien | Mar 22, 2022 | Education
Slack vs. Microsoft Teams
Chat-based collaboration has been around for several years, but with the sudden impact at the beginning of the COVID-19 pandemic, Slack and Microsoft Teams both quickly rose to the forefront. But which one is better for your business? Whichever option you choose, you’re still the winner, because two great collaboration platforms provide you with the features you want. Here’s a six-category comparison to help you through the process.
Business Tech Blog: Slack vs. Teams
Interface and Usability
Appearance: For customization, go with Slack for a ton of options.
Navigation/Dashboard: Slack focuses on work channels to separate projects, teams or topics. Teams focuses on the people being brought into the collaboration.
In-App Help: Teams features Help icons at the bottom of the sidebar, including training, topics, and what’s new links, allowing you to browse or search. Slack’s in-app chatbot is super easy to use for fast answers.
Chat: Teams will provide an experience closer to a word processor, with additional colors, fonts, and similar options.
Video and Voice Conference: Slack integrates well with Zoom, Webex and others. Teams build in videoconferencing but can use other options.
Notification Control: Teams provides many notification options, while Slack provides superior Do Not Disturb controls.
Integrations
Microsoft 365/Office 365: Not surprisingly, being a Microsoft product, Teams is better at integrating the business productivity suite, along with integration to SharePoint and OneDrive. Slack also integrates, but not as far as Teams does.
Google Workspace: If you use Google-based options, such as Google Calendar, Gmail, and Google Drive, you’ll want to stick with Slack, because Teams doesn’t even try it.
Salesforce: Salesforce bought Slack in July 2021, allowing easy integration. View Slack messages tied to specific Salesforce records and Salesforce alerts on Slack channels. Teams integrates with it, but not as deeply.
Overall: Slack offers significantly more third-party app integrations, currently tying into over 2,400 apps versus Teams’ 700, with both apps providing the option to build customized apps and integrations, with Slack having about 935,000 customized apps.
Additional Noteworthy Features
Shared Channels: Slack Channels makes it easy to connect your workspace to a partner’s workspace, improving collaboration. Teams provides guest access for outside parties.
Scaling: Slack supports unlimited users and channels, with over 100,000 users per channel. Teams allow unlimited users, up to 25,000 participants per team, 200 channels per team, and 5,000 users per channel.
Translation: Teams offers onboard message translation in 36 different languages. Again, Slack uses app integrations such as the Rosetta Translator bot.
Mobile and Web Apps
In this category, Slack and Teams were very even, with similar functionality, features and usability.
Security, Compliance and Enterprise Management
Security: Both have similar layers and degrees of protection overall. However, integrations in Slack could open new vulnerabilities.
Encryption: Both apps encrypt data while in transit as well as in storage. A wide range of capabilities and apps keep your data secure.
Enterprise Key Management: Teams offers this to a certain extent, but Slack’s Enterprise Key Management lets you create encryption keys for messages and files.
Plans and Pricing
Free Options: Both apps provide free plans, but Teams is more generous, with unlimited meetings, messages, and search, up to 500 users, 2GB storage per user, 10GB shared storage, one-on-one chat, screen sharing, unlimited integrations, and encryption, while Slack has up to 10,000 messages, 10 integrations, one-on-one video calls, and two-factor authentication.
Slack Plans: Pro plan starts at $6.67/user/month and steps up to $12.50/user/month for Business+, with both billed annually. Enterprise Grid plan pricing requires contacting Slack sales. Paid plans provide unlimited access, messages, and much more.
Teams Plans: There are many plans for Teams, ranging from $5/user/month to $57/user/month, while adding more capability, such as scheduled meetings, recording, security, admin, and compliance features.
In Conclusion
Overall, Slack and Teams offer many of the same features. Consider what features you need and which option delivers those features best. If you do a great deal of Microsoft 365 work, consider giving Teams a long trial before switching. If, on the other hand, you tend to avoid vendor lock-in issues, are avidly using Salesforce, or use Google Workspace, give Slack a shot and see how well it will work for your enterprise.
by Felicien | Mar 6, 2022 | Education
Do Microsoft Teams Attacks Prove Need for Innovative Cybersecurity Awareness Training?
Although hackers select email as their preferred delivery method upwards of 92 percent of the time, a recent Microsoft Teams exploitation emerged as a significant threat. Do these stunning Trojan attacks on businesses require a rethinking of cybersecurity awareness training?
With more than 270 million monthly users collaborating on the platform, Microsoft Teams ranks among the high-value targets. This holds true for relatively unskilled hackers and advanced persistent threat (APT) actors who possess the knowledge, tools, and funding to abuse the even heightened cybersecurity defenses. In January, a report by researchers at Avanan surfaced that indicates thousands of malicious files circulated Microsoft Team chat spaces.
“By attaching the file to a Teams attack, hackers have found a new way to target millions of users easily. They can steal Microsoft 365 credentials from a previous phishing campaign, giving them carte blanche access to Teams and the rest of the Office suite,” Avanan reportedly stated. “Given that hackers are quite adept at compromising Microsoft 365 accounts using traditional email phishing methods, they’ve learned that the same credentials work for Teams.”
Cybersecurity experts have issued alerts to check laptops, desktops, and other devices synced with business networks to run enterprise-level antivirus scams immediately. It’s also crucial to search devices for Trojans named User Centric, UserCentric, or UserCentric.exe. These were among the initial monikers APTs gave the Trojan files. However, cybersecurity experts believe hackers have renamed the malware.
Microsoft Teams Malware Poses Substantial Risk
What makes the Teams malware attack particularly dangerous stems from workplace comfort. Business leaders who invest in cybersecurity awareness training help employees identify email phishing scams. Even more sophisticated spear-phishing schemes are usually spotted because workforces possess the knowledge to identify telltale signs. But workforces grow increasingly relaxed on platforms such as Teams and Slack, among others.
“Most employees have been trained to second-guess identities in email, but few know how to make sure that the name and photo they see in a Teams conversation are real,” Avanan officials reportedly stated. “This attack demonstrates that hackers are beginning to understand and better utilize Teams as a potential attack vector.”
Relatively unskilled hackers will continue to send out tens of thousands of bulk emails, hoping an uneducated user will make a mistake. Fortunately, many industry leaders have already invested in cybersecurity awareness training that turned their workers into a hardened frontline of defense. But for cybercriminal adept a problem-solving, Teams was worth their time and energy to infiltrate. This highlights the international chess match played between digital thieves and cybersecurity professionals.
How are Hackers Manipulating Teams?
Everyday people generally believe that platforms such as Teams are safe. With this comfort in mind, it’s inconceivable that seemingly valid massages have been laced with malware. Unfortunately, that’s precisely the vulnerability that now exists on these once trustworthy platforms. These rank among the latest methods cybercriminals leveraged on teams.
Compromise one organization and monitor inter-organizational communication.
Compromise an email address that can access Teams.
Use phishing schemes to steal Microsoft 365 credentials.
When someone clicks on the malicious file transmitted on the platform, it automatically downloads. The Trojan installs into the system and allows digital thieves to administer and control the network or device. Unlike ransomware attacks, APTs could hide in a system and pilfer off valued digital assets until detected and expelled.
“Compounding this problem is the fact that default Teams protections are lacking, as scanning for malicious links and files is limited. Further, many email security solutions do not offer robust protection for Teams,” Avanan reportedly stated. “Hackers, who can access Teams accounts via East-West attacks, or by leveraging the credentials they harvest in other phishing attacks, have carte blanche to launch attacks against millions of unsuspecting users.”
How Can Business Leaders Defend Against Teams Trojan Attacks?
Devices and networks often demonstrate signs they’ve been infected by a Trojan. Sluggishness, frequent crashes, excessive pop-ups, or random programs running could be the result of a Trojan.
It’s essential to contact a third-party cybersecurity professional if you believe your business network has been compromised. Finding and removing a Trojan requires in-depth knowledge and experience. People who try a DIY approach risk triggering unidentified files and potentially damaging the network. In some cases, organizations believe they have eliminated the threat, only to later discover it was embedded in other devices, documents, or electronic messages.
Industry leaders would be well-served to consider having a full review of their systems conducted. Even if this Trojan hasn’t infiltrated your network yet, enhanced cybersecurity awareness training regarding Teams and other platforms empowers your staff to repel malware attacks.
by Felicien | Feb 28, 2022 | Education
Updates To Microsoft 365 and Microsoft Office 365
Are you a Microsoft 365 or Office 365 subscriber? Then, you’ll have access to the latest security patches, bug fixes, and software features. However, it might be challenging to monitor the changes in every update and know when to expect them. Here is information about the most recent updates to Office 365/Microsoft 365 for Windows.
Version 2201 (Build 14827.20192)
Released on February 8, 2022, this build fixes multiple bugs while offering security updates for Excel, Visio, and the Office suite. With this build, people can now save files in Project. IT teams should look out for this security update. Be sure to apply the update when reports about problematic issues indicate that everything is well.
Version 2201 (Build 14827.20158)
Microsoft released this update on January 26, 2022. The build comprises multiple features, including new Cortana features for Teams, simplified scrolling through large Excel spreadsheets, and enhanced address book searches for MS Outlook. The fixes resolved the Access bug that prevented the Insights add-in from working intermittently.
The update also resolved an Outlook bug that resulted in unresponsive applications after loading contact cards. This build also ensures that “Repeat style” in Word will repeat the style rather than apply “Normal.”
Version 2212 (Build 14729.20248)
Released on January 11, 2022, this build ensures that Excel shapes and form controls can now call VBA macros. The build also comes with security updates covering Microsoft Office Remote Code Execution Vulnerabilities. Like other security updates, IT teams need to apply the update once they ascertain that there are no problematic issues with the build.
Version 2112 (Build 14729.20194)
This January 4, 2022 update offers multiple new features, including a team update that lets you “raise your hand” without interrupting the conversation. The build also includes a new feature that allows you to only track your Word charges when collaborating. You will also get access to an enhanced way of searching for Outlook’s calendar.
The MS update also fixes multiple bugs. First, the update resolved a bug in Outlook that created garbled text when users exported contacts to a CSV. Also, users no longer have to deal with applications closing unexpectedly in Access when making a connection to a Jet or Access database with multiple threads.
Version 2111 (Build 14701.20262)
Microsoft released this build on December 16, 2021, to fix two bugs. One bug fix applied to the whole Office suite as it involved refreshing elements that have text. The other bug was an Access bug that hindered multiple users from accessing a database on a network file share.
Version 2111 (Build 14701.20248)
On December 14, 2021, MS released a build to fix multiple bugs, including one in Outlook, where the teaching tips about Office’s new look were absent. This build also fixed a bug in Excel, where opening an XLSM file in the SpreadsheetCompare tool resulted in sluggish responses.
Users also got access to multiple security updates for Excel and the MS Office suite.
Version 2111 (Build 14701.20226)
Microsoft dedicated this build to resolving common bugs. Released on December 3, 2021, the update fixed different bugs, including an Excel bug where newly created PivotTables lost custom settings whenever users changed the data source range. Users can now click on all pop-UI elements in PowerPoint and Word with the update. This update also resolves a bug in the Project where specific projects closed unexpectedly when users loaded customized reports.
Version 2210 (Build 14527.20312)
Released on December 1, 2021, version 2110 offers viable solutions for multiple bugs. The update resolved a bug that prevented users from inserting signatures into forwards, replies, and new email conversations. Besides, this upgrade ensures that all R64 users can select a theme picker under Word’s Options menu.
Version 2110 (Build 14527.20226)
Microsoft Teams users are the greatest beneficiaries of this update that MS released on October 25, 2021. With this update, users can now leverage the Q&A application available on Teams. Also, the update lets users create Live Transcripts for web users on the platform. Besides, people can use Team’s desktop app to join other cloud meetings anonymously.
The upgrade’s capability also extended to MS Office. This build addressed an issue on Outlook where sync failures occurred whenever someone generated a preview.
All these upgrades have one thing in common – Microsoft designed them to ease operations on Office 365 and Microsoft 365. Upgrade your tools regularly to leverage all these upgrade benefits.
by Felicien | Feb 19, 2022 | Education
What Is Google Assistant?
Have you ever told a friend or coworker: “I could really use a personal assistant!” Or perhaps muttered the same words under your breath while tackling a particularly prickly list of to-dos?
If so, your next line (thought silently, regretfully) was probably: “Like I could ever have my own assistant …” Alas … you may be in luck.
Google Assistant, like Siri (Apple) and Alexa (Amazon), is a personal assistant — albeit virtual — who can help you tackle nearly any task that doesn’t require getting in the car and going somewhere.
If you’re new to Google Assistant and would like to learn more about how it can make your life easier by helping you in various ways at home and at work, this article is for you. But before we learn the specifics, let’s learn a bit more about this brilliant innovation in software.
What Is Google Assistant?
Google Assistant is a voice-commanded virtual assistant that works with most Google devices. According to the app description on Google Play, Google Assistant “ is an easy way to use your phone and apps, hands-free … It can help you set reminders and alarms, manage your schedule, look up answers, navigate and control smart home devices while away from home, and much more.”
How Can Google Assistant Help Make Your Life Easier?
Check out these 6 ways Google Assistant can streamline and enhance your life — both at home and at work.
1. It makes phone calls a breeze.
Ever lamented the disappearance of the operator? Just dial zero and you get an actual person who can look up a phone number for you, right? Well, the operator is back with Google Assistant.
The next time you need to call a company, business, organization, as long as it’s listed online and can be found via Google, just get Google Assistant on the line and say the entity you’re trying to call.
2. Texts are simpler too.
What about hands-free texting? Yep, Google Assistant does that. You may be driving, cooking, or in the middle of something else — simply ask Google Assistant to read back or draft a text message.
3. It can set reminders.
What’s your first instinct when someone tells you, “Hey, don’t forget to _____!” naturally, you want to write it down somewhere or scramble for your agenda before you forget what you have to remember.
This is where Google Assistant is exceptionally useful. Whether it’s an appointment on Thursday at 4 PM or a meeting every Monday at 9 AM, just tell Google Assistant to, “Remind me to ____” and say the event or reminder and the date, time, and frequency.
4. It can streamline your home life.
Google Assistant can even make your boring regular home into a smart home! Sit on your couch and ask Google about the weather, tell it to play music, or give it a task like turning on the lights. Just remember you may need Google compatible devices (speakers, lights, etc.).
5. It can keep you up to date on the news.
Just ask Google Assistant a question related to current events, and you’ll get instant results. Say, “How’s Apple’s stock doing?” “What’s happening today in Chicago?” or “Who won last night’s Tigers game?”
6. It can make reminders based on location.
Remember how well Google Assistant was at setting up your calendar and reminding you of things? It gets even better. The next time you randomly think of something you need to add to your grocery list, for example, just tell Google.
Google Assistant can remind you of things based on location. Let’s say you remember that you want to buy bananas at the store, and you plan on stopping there after work. Just say, “Remind me to buy bananas when I get to Rick’s Grocer.”
Do You Have the Right Device for Google Assistant?
As a final note, remember that only compatible devices work with Google Assistant. In other words, just because a device you own was made by Google or operates with Google search doesn’t always mean you can use this feature. Most Android and Chromecast devices, Lenovo Smart Display and other smart TVs, Nest Hub, and related devices can be used. They must have updated software, however, and Google Assistant must be downloaded (as an app) and enabled in the settings as well.