A new, Locky-type ransomware is currently infecting tens of thousands of computers worldwide. It uses the same code from the 2016 version to encrypt users’ files and it looks poised to cause another massive cyber emergency. Here’s everything we know so far.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Once encryption is completed, the user receives instructions to download the Tor browser so they can access the “dark web” for details on how to pay the ransom. To retrieve their encrypted files, users will be asked to pay from 0.5-1 Bitcoin.

What you need to do

This ransomware variant builds on the strengths of previous Trojans. In fact, the original Locky strain made it easy for cyber criminals to develop a formidable ransomware that could evade existing cyber security solutions. This is why adopting a “deny all” security stance, whereby all files are considered unsafe until proven otherwise, is the best way to avoid infection.

Here are other tips to avoid infection:

  • Don’t open unsolicited attachments in suspicious emails. Alert your IT staff, and most importantly disallow macros in Microsoft Office unless they’ve been verified by your IT team.
  • Performing regular backups guarantees you never have to pay cyber criminals a ransom. If all other security measures fail, you can always rely on your backups, which protect your business not just from cyber crime-related disasters, but also from natural and other unforeseen system failures.
  • Train your staff to identify online scams like phishing. This and other similar ransomware strains take advantage of users’ lack of cyber security training.
  • Update your operating systems as soon as updates become available to reduce, or eliminate, the chances of your system’s vulnerabilities being exploited.

Even with a trained staff and the latest protections installed, your IT infrastructure may still have unidentified security holes. Cyber security experts can better evaluate your entire infrastructure and recommend the necessary patches for your business’s specific threats. To secure your systems, get in touch with our experts now.

Published with permission from TechAdvisory.org. Source.

Success is not just about putting in the hours, but also being adaptive and investing in the right tools to improve outputs. Keeping work confined to the office might have been adequate years ago, but not anymore. Today’s workforce is now more mobile than ever, which is why businesses are turning to remote access solutions. Amazon AppStream 2.0 is one such solution that has quickly gained traction, find out why.

What is it?

Initially released in 2013, Amazon AppStream was created as a platform for remote access to digital resources to help businesses streamline the costly process of managing apps on-premises. Simply put, it streams desktop apps to users across various devices via a browser.

Today, Amazon AppStream 2.0 has been updated with major improvements thanks to user feedback. Now, you can stream desktop applications from Amazon Web Services to any device running a web browser compatible with HTML 5.

What can you do with Amazon AppStream 2.0?

You can run desktop applications on any device, including Windows, Linux, Macs, and Chromebooks. Amazon AppStream 2.0 features multiple streaming options, including the General Purpose, Compute Optimized, and Memory Optimized.

Everything is fully managed by Amazon and all your applications and data will be kept on Amazon Web Services. This means you can expect robust security like network firewalls, web application firewalls, secure streaming gateway, encryption in transit across all services, and the ability to isolate your applications for secure delivery.

You’ll always have access to the latest version of your applications and minimize the risk of compromising confidential data if your device gets lost or stolen, as data is stored on Amazon’s cloud infrastructure.

What other benefits are there?

Apart from mobile access to documents and applications, you’ll appreciate the simple user interface that allows you to upload files to a session, access and edit them, and download them when you’re done.

What’s more, Amazon AppStream 2.0 uses NICE DCV for high-performance streaming. This ensures secure and fast access to applications since NICE DCV automatically adjusts to network conditions.

Amazon AppStream 2.0 also supports delivery of high performance graphics applications from Amazon Web Services. This allows you to stream powerful graphics applications to a web browser on any desktop.

Last but not least, this remote access solution lets you scale up or down as needed and pay only for the streaming instances you use, and a small monthly fee per authorized user. There’s no upfront capital or premises infrastructure maintenance costs.

If your business mainly consists of a remote workforce or is planning to adopt  remote work policies, Amazon AppStream 2.0 is one solid option. For other tips on how small- and- medium-sized businesses can leverage technology to improve efficiency and lower costs, give us a call and we’ll be happy to advise.

Published with permission from TechAdvisory.org. Source.

What do you call someone who hunts for security gaps in computer hardware and software? A hacker, right? What about someone who takes their findings to vendors to help them improve the quality of their products? There is more than one type of hacker, and understanding the difference is important.

A complicated history

Since all the way back in the 1950s, the term hacker has been vaguely defined. As computers and the people who worked with them became more accessible, the word was used to describe someone who explored the details and limits of technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were being caught breaking into government computer systems. Partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cyber security consulting businesses. So what should you call someone who uses their knowledge for good?

“White hat” hackers

Sometimes referred to as ethical hackers, or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the operating system on his computer, he finally released Linux, a secure open-source operating system.

“Black hat” hackers

Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns solely for causing damage. This may be anything from financial harm in the form of ransomware to digital vandalism.

Albert Gonzalez is one of the many poster children for black hat hacking. In 2005, he organized a group of individuals to compromise poorly secured wireless networks and steal information. He is most famous for stealing over 90 million credit and debit card numbers from TJ Maxx over the course of two years.

“Gray hat” hackers

Whether someone is a security specialist or a cyber criminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hand at both white hat and black hat hacking.

Today, there are quite a few headlines making the rounds describing Marcus Hutchins as a gray hat hacker. Hutchins became an overnight superstar earlier this year when he poked and prodded the WannaCry ransomware until he found a way to stop it.

During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He has been arrested and branded a “gray hat” hacker.

The world of cyber security is far more complicated than the stylized hacking in Hollywood movies. Internet-based warfare is not as simple as good guys vs. bad guys, and it certainly doesn’t give small businesses a pass. If you need a team of experienced professionals to help you tackle the complexities of modern cyber security, call us today.

Published with permission from TechAdvisory.org. Source.

Building a rapport with customers has never been easier with customer relationship management (CRM) software. You can track contact information, buying preferences, and sales patterns. It’s a must-have for all sales and marketing teams. But if this is the first time you’re using CRM software, try adopting the following best practices.

Always update customer information
A CRM system is only effective when the data it provides is current. If the customer’s address, company name, or preferred method of contact has changed, your staff should be recording this information immediately so your sales and marketing teams are always equipped with the right information.

Use purchasing history for upselling opportunities
It’s easier to sell to existing customers than acquiring new ones. Boost your sales performance by analyzing your existing clients’ purchasing history and designing promotions or events designed just for them. For example, if they recently purchased a razor from your online store, you can program your CRM to recommend related products like shaving cream or aftershave. Not only does this widen your profit margins, it also makes customers’ lives a lot easier and promotes repeat business.

Automate processes
Take advantage of the workflow automation features in CRM apps to eliminate time-consuming and repetitive tasks. For instance, when a new lead is added to your CRM (via newsletter subscriptions or website visits), the CRM can be programmed to send follow-up emails, offer promotions, and other interactions to keep your business at the forefront of their attention. This saves you from writing the same canned responses while also making sure that you’re engaging your clients throughout the entire sales process.

Learn from analytics
CRM also makes it possible to analyze customer trends and behavior. If you noticed a spike in demand for certain products and services during the holidays, be more aggressive in pushing them out next year. If certain email campaigns were more successful than others (e.g., higher open rates, click-through-rates, and potential customers), understand what elements were responsible for that success and try to replicate them the next time you send a newsletter.

Customer data should also be used to shape sales and marketing tactics. A salesperson that already knows the client’s name, locations, and preferences can deliver more personal sales pitches and has a better chance of closing a deal. The point is this: If you’re not learning from your data, your business growth will be limited.

Integrate CRM with other business software
Tying CRM software to other programs makes it even more powerful. Integration with accounting software combines customer and financial data, eliminating redundant manual data entry and providing more insightful reports. When used alongside a VoIP system, your staff will get relevant customer information from multiple databases displayed on one screen when they’re about to make a call.

Get some CRM support
Last but not least, work with a CRM provider that offers 24/7 support. Ideally, they should be keeping your data safe, updating your software regularly, and advising you on how to use complex CRM features.

This may seem like a lot, but the important thing to remember is that just like every technology investment, CRM requires active participation from executives, managers, and frontline staff. If you need more advice on keeping customers happy or want to know what technologies can add value to your business, call us today.

Published with permission from TechAdvisory.org. Source.

When social media is used correctly, marketers can better understand their target audience and thus create better content and deliver it more effectively. This is vital since you’ll be able to send customers tailor-made content that helps increase conversion rates and sales revenue. Grow your business with social media with these four steps:

Identify what’s trending on social media
From global events like the WannaCry and Petya ransomware attacks to the Super Bowl halftime show that took the internet by storm, content marketers need to know what consumers are talking about on social media.

For example, when Steve Harvey read the wrong name at Miss Universe in 2016, Burger King wasted no time tweeting a picture with the caption: “At BK, everyone gets to keep their crown.” This clever and timely message resulted in almost 100,000 retweets, likes, and replies.

Knowing what’s trending helps marketers fine-tune content to ensure better engagement and higher conversion rates. And it can even help establish relevance in larger conversations and engage new groups of potential customers.

Understand what’s happening locally and globally
Content marketers should stay on top of what’s happening on both a global and local scale, and then share what they’ve learned with their teams. For instance, children’s clothing companies can combine the latest trend with the back-to-school season to attract more students and parents.

Leverage user-generated content
According to a recent Bazaarvoice report, shoppers who interact with consumer-generated content are 97 percent more likely to make a purchase than shoppers who don’t. Customer-generated content helps drive awareness among non-customers who may be persuaded by positive and authentic customers’ experience. Social data derived from user-generated content also helps marketers address content pain points.

Incorporate social data into your marketing strategy
Put the social media data you’ve gathered to good use by integrating them into your current marketing strategy. They immediately provide a better understanding of the customer and highlight the type of content audiences are currently engaging with. This can be used to help develop and execute better content and marketing campaigns.

Social media has changed the way small- and medium-sized businesses operate. In order to get ahead of your competitors, it’s imperative that you understand how to leverage it to your business’s advantage. Feel free to contact us about what we can do to help.

Published with permission from TechAdvisory.org. Source.