Small Business

Keyboard equipped with a red ransomware dollar button.
Keyboard equipped with a red ransomware dollar button.

There has been report of several companies becoming infected by the Crysis Ransomware and as such we have had a look into what it does and how it can be prevented.

History

First detected in February 2016, this virus has multiple methods of infection typically an email which has attachments using double extensions to make them appear non-executable.  Although it has been seen to also come through SPAM emails and compromised websites.  There has also been reports that it has been distributed to online locations and shared networks disguised as an installer for various legitimate programs.

Description

Crysis Ransomware itself is capable of encrypting over 185 file types across fixed, removable and networks drives and uses RSA and AES encryption, once infected it will also look to delete the computers shadow copies.  Whilst also creating copies of itself into the following locations.

  • %localappdata%\­%originalmalwarefilename%.exe
  • %windir%\­system32\­%originalmalwarefilename%.exe

The virus will then look to create/edit certain registry keys to ensure it is run on each system start.

  • [HKEY_LOCAL_MACHINE\­Software\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "%originalmalwarefilename%" = "%installpath%\­%originalmalwarefilename%.exe"
  • [HKEY_CURRENT_USER\­Software\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "%originalmalwarefilename%" = "%installpath%\­%originalmalwarefilename%.exe"

Finally after encryption there is a .txt file placed in the computers desktop folder, sometimes this accompanied by an image set as the desktop wallpaper.

  • %userprofile%\­Desktop\­How to decrypt your files.txt

There has also been reports of Crysis stealing data and credentials from the affected machines and passing these back to its Command and Control server.  This would then allow the computers and local networks that have been infected to become vulnerable to further attack if the credentials are not changed.

It has also been seen that Crysis will monitor and gather data gathered from IM applications, webcams, address books, clipboards and browsers prior to sending this to the C&C server with the windows variant stealing account and password credentials.

Prevention

To reduce the risk of infection we recommend the following

  • Ensure you are using an upto date AV product
  • Ensure any specific Ransomware prevention tools in the AV are used
  • Ensure you have a regular tested backup of the data
  • Educate users in the dangers of opening attachments from an unknown source

 

 

Bitdefender have updated their GravityZone cloud console with some new features over the weekend and here at Blue Solutions we are happy to guide you through these changes and how they will affect you and your customers.

Anti-Ransomware

The big news is that Bitdefender has now incorporated Anti Ransomware vaccine to all its cloud customers, and will be rolling this out through the on-premise version on Tuesday 27th Sep 2016.  This module is activated through the policy section  Antimalware --> On Access settings

Gravityzone Ransomware Vaccine Policy Setting
Gravityzone Ransomware Vaccine Policy Setting

By activating this module, machines will be protected from all currently known forms of Ransomware.

Other New Features

Update Rings - this feature allows Administrators of the program to  chose when in the validation cycle an update is received.

Anti-Exploit Techniques - a new set of powerful techniques which further enhances existing technologies to fight targeted attacks.  These are integrated into the existing Advanced Threat Control module.

Web Access Control Rules - The categories list has been updated with multiple new categories added.

Exchange Protection - This can now be enabled/disabled when editing a customer with a monthly license subscription.

 

The above features are now in place for all current users of Bitdefender Gravityzone in the cloud and will be rolled out to Bitdefender Gravityzone on-premise users from the 27th Sep 2016.

For more details on the above features and a look at the other features included please click here

logo     bs-logo

Blue Solutions GoTo logo

 

We are pleased to announce that we’ve expanded our team and have recently welcomed the following people to Blue Solutions:

  • Lee Walker has joined us as our LabTech Software Specialist. He is responsible for recruiting new LabTech Channel partners and managing the existing partners using the Remote Monitoring and Management solution.
  • Danni Sparkes has joined our team as a new Internal Sales Co-ordinator.  Her role will involve producing quotes for customers and responding to sales queries in a timely and effective manner.
  • Michael Smith and Zoe Hepper have both joined us as Business Development Executives, supporting new business revenue growth by recruiting new channel partners.

A big welcome to our new team members.

trend-micro

 

Originally published on the Trend Micro Blog

A recent Trend Micro report carried out by the Ponemon Institute uncovered an interesting new dynamic in the workplace. Increasing numbers of U.S. consumers are bringing wearable technology into the office.

This raises a difficult problem for enterprise IT managers keen on keeping IoT devices from swamping the workplace as the influx of BYOD devices did a few years ago. So what’s the best way to move forward?

Growth and risks

Let’s be clear, the use of IoT devices and wearables in the workplace is by no means soaring. According to our study – Privacy and Security in a Connected Life – just 25 percent of U.S. consumers said they even plan to use a fitness tracker. For Google Glass, this figure was an even lower 16 percent. Yet adoption is increasing, and as it does, these devices will inevitably find their way into the corporate world, just as the smartphone and tablet did before them. From smart watches to activity trackers and smart glasses, there’s a growing feeling that these devices can help our productivity and well-being. Given we spend the majority of our lives at work, it’s a no-brainer that employees will want to wear them in the office.

While they may support productivity, connected devices present risks for the IT department, especially those that could auto-sync corporate data, making them a potential target for hackers and thieves. Even data tracking the movements of mobile sales staff could tip off competitors about new leads. Many IT leaders will want to manage this risk by ensuring any workplace IoT devices are controlled with MDM, security tools and policies. However, according to our research, 50 percent of U.S. consumers do not believe their employer has the right to access personal data on their smart device, despite connecting to the corporate Wi-Fi.

Staff versus employer

This dilemma brings the usual arguments raised by BYOD, namely that sensitive corporate or customer data could be at risk if accessed or stored on an employee-owned device. Now if IT managers try to shackle devices with MDM or security tools, they could risk the wrath of users.

A recent court case highlights that such problems are no longer theoretical. A U.S. District Court in Texas heard the case of a staff member who sued his employer for loss under the Computer Fraud and Abuse Act. The former employee was forced to use his own iPhone for accessing customer emails at work since one was not provided. When he resigned, the company’s network administrator remotely wiped his phone, deleting not just work information, but also his personal data. In the end, the employer won, but it won’t be the last case of this kind as staff and their employers increasingly clash over BYOD.#
Best practice BYOD

So what can the under fire IT manager do to walk this fine line, protecting both enterprise data and staff expectations of personal privacy, while enabling staff productivity? Here are a few tips for starters:

  • If you haven’t already, classify enterprise data and perform a risk assessment to better understand what is at stake if it ends up in a competitor’s hands.
  • Find out how many personal smart devices are already being used at work.
  • Familiarize yourself with the operating systems, devices and security shortcomings of these devices.
  • Consider enforcing remote lock/wipe and password protection for all devices allowed to connect to the corporate network.
  • Utilize a ‘containerized’ security approach which keeps corporate and personal data separate on devices.
  • Apply policies so that the most sensitive corporate data is encrypted.
  • Assess any new IoT devices before they are allowed to connect to the network.

 

 

 

 

LabTech logo

 

Originally published on the LabTech Blog - Author Josh Preston

As an MSP, you have two choices. You can be your own boss, be passionate about the work you do and work hard for your success. Sound good? Option two is even better. With the right preparation and foundation, you can have a business that runs so smoothly and effortlessly that you can finally take a real vacation.

Running your business with an eye on growth means changing your mindset and your business focus. Continuous growth is the goal, since it means expanding profits and staying a step (or several) ahead of your competitors. The market changes fast, but the more proactive you can be, the more you’ll be able to offer your clients. The more they depend on your services, the faster you’ll see growth in your company and your bottom line.

Here are a few big game changers to help you jump start your business growth:

1. Stay Safe
Security continues to top the list of your clients’ biggest concerns, so find a strong security platform that keeps them protected without risk. Find the perfect balance between mitigating risk and hindering productivity.

2. User First
How many devices do you have? Chances are you’ve got more than one, and so does every end user you support. Enter the shift to by user management instead of by device. Make sure you’re staying ahead of the game by supporting multiple devices.

3. Connect Everything
Data, devices and people are quickly intertwining, giving MSPs the chance to offer a number of ‘smart’ devices and opportunities. The market opportunity for the Internet of Things (IoT) is huge, so watch this one grow in the next few years and see how you can get on the bandwagon.

4. One-Stop Access
In a nutshell, virtualization allows multiple operating systems to run on one physical piece of hardware. This cost-saving trend will easily catch clients’ attention, so be sure to stay informed of what it offers.

5. Keep Compliant
Regulation and compliance requirements are an important and challenging task for many organizations. Wrap your head around the details for a few relevant verticals, and start reaching out to offer this vital service to new and current compliance-reliant clients.

Keep a close eye on these trends as they come to life, and be ready to answer any questions your clients might have about them. The more you know, the faster you establish your place as a trusted advisor—and the more your clients will thank you.

Windows10

Article originally published on the Malwarebytes website

It’s that time again, a new operating system emerges from the Microsoft incubator! While many of you might not get to experience Windows 10 just yet or even in the foreseeable future, we want you to know that when you decide to use it, Malwarebytes has got your back.

The latest versions of our Malwarebytes products supports Windows 10! And that includes:

  • Malwarebytes Anti-Malware Free
  • Malwarebytes Anti-Malware Premium
  • Malwarebytes Anti-Exploit Free
  • Malwarebytes Anti-Exploit Premium
  • Malwarebytes Anti-Malware for Business
  • Malwarebytes Anti-Exploit for Business
  • Malwarebytes Anti-Malware Remediation Tool

So one of the first things you should do after setting up your new operating system is to download Malwarebytes Anti-Malware. Trust me, the cyber criminals won’t wait until everyone is comfortable with Windows 10 to start targeting folks using it.

To download the latest Malwarebytes Anti-Malware on your new Win 10 system, click here.

Find out more about Malwarebytes at www.bluesolutions.co.uk/malwarebytes/. Call our sales team today on 0118 9898 222 for a free trial or demo.

selective swip 1

 

 

 

 

Originally published by AppRiver

New Mobile Device Management (MDM) features are coming home to AppRiver Office 365 Plus, including the ability to selectively wipe mobile devices. Selective wipe of mobile units allows an administrator to revoke access to and delete corporate email that has been synced to a device, as well as specific data associated with Office 365 apps on the device, while retaining any unassociated personal data.

admin 1

Selective wipe will work across a diverse range of phones and tablets, including iOS, Android and Windows Phone devices and is included at no additional cost for all AppRiver Office 365 Plus plans. The addition of the selective wipe capability and MDM features listed below to the already robust Office 365 Plus arsenal ensures that your Office 365 experience remains easy, effective and affordable

mobile device management 1

Mobile Device Management options include:

Selective wipe

Ability to perform either a full remote wipe of a corporate smartphone or tablet or a selective wipe of Office 365 company data from an employee’s device while leaving any personal data in place.

Conditional access

Set up security policies to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and that are compliant with your IT policies.

Device management

Set and manage security policies, such as device-level pin lock and jailbreak or root detection, to help prevent unauthorized users from accessing corporate email and data on a lost or stolen device. 

Mobile Device Management Options introduced to AppRiver Office 365 Plus

Cloud-based management for devices that run on iOS (iPhone, iPad), Android and Windows Phone will be supported and the roll out for these capabilities will be completed in 4-6 weeks. All features will be included with all AppRiver Office 365 Plus and bundle licenses.

Contact our Sales Team today on  0118 9898 222 to find out more about Office 365

LabTech logo

 

 

 

Article by Josh Preston, Service Design Program Manager, LabTech Software

Now that you understand how switching from break-fix to managed services can flip the switch on your business success, you’re ready to start capitalizing on the benefits of managed services.

Your first step is to determine which services you’d like to provide as part of your managed services offering. A great source to help you make this decision is your existing customers. Here are a few ways to get better in tune with your market:

Ask Questions

Asking your existing customers about their specific pain points and what services they need will provide strong signals on what direction you should take. Start with a customer satisfaction survey about what services customers would like to see in the future or schedule a one-on-one meeting with some of your top clients.

Look at Recurring Trends

Check time logs and past billings to find trends in frequently requested tasks that can be included in your SLA. If you’re seeing recurring requests around patching, antivirus updates, malware removal or PC tune-ups, then you know just where to start.

Study the Market

Read up on market research to help identify key opportunity areas. Check out industry insight like CompTIA’s Trends in Managed Services report. A keen examination of industry data can shine a light on the most commonly outsourced IT services and can also help you understand what drives client decisions.

Check Out the Competition

Attend user groups and start interacting with your peers. When like-minded professionals come together in a non-competitive environment, you can discuss issues specific to your shared experiences. Participants can network and benefit from shared best practices.

Once you’ve got a handle on what your market needs most and you understand more about why businesses are outsourcing, you’ll be perfectly positioned to meet their specific needs. You can build out a plan for your managed services based on what will make you most valuable to your clients.

This is just step one in your transition to managed services. Join us next for a look at your next step, assessing your skills and filling in the gaps.

Want to know more about LabTech Software? Contact our Product Specialist Jonatan Bucko  on 0118 9898 210 for more information today.

 

LabTech logo

 

With LabTech Software's Autotask Plug-in 6.0 you can spend more time on your IT business and less time worrying about what your technology.

The Autotask Plug-in 6.0 for LabTech provides the deepest level of remote monitoring and management (RMM) integration with Autotask available on the market today. The plug-in provides seamless continuity to ensure productivity and enable worry-free automation.

Watch this video to find out more...

Got more questions about LabTech Software and Autotask? Contact our LabTech Product Specialist for more information 0118 9898 210

 

Malicious Web content can expose your company to higher costs, lower productivity and legal issues. AppRiver's SecureSurf can protect your network from Web-based malware and viruses, and shield your employees from offensive content. SecureSurf requires no onsite hardware or software and it won’t require constant attention from your IT staff .

This graphic is a quick snapshot of the top 10 categories blocked by SecureSurf. It highlights how this solution works everyday to help business owners keep their company safe from web-based viruses and protect employees from undesirable websites.

Take a look and see how AppRiver will protect your network.

Want to know more about AppRiver's email and web security procucts? Contact our Product Specialist Nicola Boswell for more information.

 

Top10Categ_blockedRevised