With the recent terror attacks in the UK and the very real chance of more terror attacks to come, everyone is looking for a way to make this stop. One of the ways to do this is the ban cryptography. Another, is to allow cryptography, but give the government a special key to unlock it. Both of these methods would allow all communication to be seen by the government, stopping the terrorists from communicating secretly. Many people see this as the software solution to the terrorist problem.
(more…)
So, You Think You Want SQL AlwaysOn Availability Groups?
When it comes to SQL Server high availability (HA) there are myriad options to choose from. Some have been around since the turn of the century, but there is a newer option, introduced in SQL 2012, that has been so hyped as to eclipse all the others: AlwaysOn Availability Groups (AGs). I recall the launch event and subsequent keynotes and sessions that touted it as even better than the greatest thing since sliced bread. But, as much as it does solve some erstwhile unsolved use case requirements, following the bread analogy, you will only get the sliced and toasty goodness if you have a master baker, Ginsu-certified slicers, and at least one beefeater on hand to test the bread at regular intervals. This may be absurd hyperbole, and is certainly an absurd analogy, but it’s worth considering the difficulty and expense of configuring SQL AGs.
(more…)
Primer on Containers
Containers are one of the biggest trends in both cloud and enterprise environments. So, what is a container exactly? At a very basic level it is a self-contained object that has all the files and configurations to run an application or workload. Many containers can run side by side on the same virtualization host running different apps but are completely separated from each other. Think of them as a mini operating system with only the absolute minimum required to do its job.
(more…)
A Look Back on the Google Phishing AttackA massive and unusually sophisticated phishing campaign took place a few weeks ago targeting users of Google’s Gmail service. I wanted to look back and provide some thoughts on the attack and provide some tips so you can be prepared for the next attack.
The attack began around 4 pm on May 3rd as Gmail users received an email with an invite to a Google Doc that appeared to be from a person they would know. Attempting to access the Doc would direct the user to authorize a fake Google app that was hosted on an actual Google page. Once the app was authorized, the attacker would then draw from the user’s contacts to send the offending email to even more people.
(more…)
3-2-1- Backup!
You may have heard about a 3-2-1 Backup rule before. It is considered a best practice method at a minimum for protecting your business’s data. It boils down to having three copies of your data; the original and two or more backups. The two backups should be on two different types of storage and one copy must be offsite. An example of this setup could be a snapshot on a SAN, a backup to a NAS and then sync that backup to a third party or a second office.
(more…)
Another day, Another Breach“Another day, another breach”. A colleague said that to me the other day in response to a database of 560 million passwords that surfaced online. This got me thinking about passwords again.
Every time I read a security blog or newspaper article about passwords, at some point they will ask the question. Are passwords dead? Meaning are we going to start using biometrics, heuristics, etc. instead of passwords. Nobody likes passwords. They are a pain to remember, and now people like me are telling you that you need a different one for every website!
Unfortunately, passwords are not going away. Biometrics is not a good alternative because you can’t change them. If someone gets your biometric data, then they have your password. Heuristics could be a good alternative but it isn’t ready for prime time yet to replace your password. So, if passwords are not going away, what should I do to keep myself safer? Well, there are several things you can do, and one of them you already know.
(more…)
WannaCry Post Mortem – Planning for the Next OneIt’s been a very rough couple of days in cyber security world. It does appear that WannaCry was as bad as the predictions thought. The revenue generated (yes the hackers refer to it as revenue) is still growing. Unfortunately, crime pays in this era of ransomware.
As I walked out of the office Friday night before I thought about our internal environment and I was not very stressed. It wasn’t because we are an IT services company and “everyone’s an IT guy”. It was because of the countermeasures which we already have in place. I’d like to detail those countermeasures so you can see what we do in an effort so that you can have a bit less stress on your Friday night.
(more…)
“WannaCry” – New Ransomware VirusUPDATE (11:00AM, 5/13/2017): In a surprising move, Microsoft has now released updates for their unsupported operating systems including Windows XP and Windows Server 2003.
The WannaCry ransomware is currently infecting many end users and business across the globe. This malware is using an exploit which was revealed by a group called the Shadow Brokers back in March of this year. Microsoft released a patch for this exploit, MS17-010, on March 13, 2017 It’s important to denote that WannaCry is simply a ransomware variant and its spreading via the exploit detailed in MS17-010. The characteristic that is causing WannaCry to spread is that once its installed on a workstation, it begins spreading quickly via the exploit in MS17-010 on March 13, 2017 across other machines on the network.
If you’ve been patching your systems the last couple of months for all of the workstations your chance of infection is low. If you have a Windows XP/2003 device, the recommendation is to shut it down or take it off any network connection it may have.
Intel vPRO Processor VulnerabilityAs many of you have heard, Intel recently released a bulletin on a critical escalation vulnerability (CVE-2017-5689), which was nicknamed “Silent Bob is Silent” by the researchers. The researchers claim it affects Intel vPro processors from 2010 till now. A majority of the systems were sold by Dell, Fujitsu, HP, Intel, and Lenovo. This chipset was made specifically for enterprise administrators to manage their servers, laptops, and desktops. That is the reason this vulnerability is so bad, as the vulnerability will have full control of the system without the Operating System knowing. Since this is a hardware vulnerability, it doesn’t matter what Operating System, if any, these machines are running. It does not affect Mac’s, even though Intel does supply Apple with chips, this vulnerability only affects Windows-based machines.
Inside Microsoft’s Sleeping Giant Part 1 of 4Azure Active Directory
I’ve been having a lot of discussions about Single Sign-on and Identity Management with co-workers and customers. The solutions out there are many and they are great, Duo and Okta to name a few. While those products are leaders, Microsoft has been quietly and consistently improving Azure Active Directory. Azure Active Directory is a BIG product that can do a whole lot. Since its so large, I wanted to break it down into a few consumable sections.