avoiding-internet-scams1-caution-laptop

Staying safe online this Summer

With the summer holidays just around the corner, children are looking forward to having more free time.

For some, this will be spent using the internet to keep in touch with friends, catch up with the latest apps and online trends, and playing their favourite games.

For parents, it’s a great chance to sit down with your children and visit their favourite sites and games together, so you can keep in touch with their online lives, and show them you are interested. It’s a good opportunity to have positive conversations about the internet, so that if anything happened online that worried or upset your children later on, they would feel more confident in confiding in you.

Keeping in touch online

During the Summer holidays, young people may want to keep in touch with their friends through social networking sites or games. It’s a good time to ask them about what sites they use, and remind them you have to be at least 13 to use most social networks. Encourage your children to use the privacy tools on the services they use, so that the content they post is only available to people they know and trust in real life.

Managing online friendships

The holidays are also a good opportunity to talk to your children about their online friendships and encourage them to be good online friends. It’s also important to remind young people that even if you have been chatting to a friendly person on a site or in a game for a while, if you only know them from being online they are still a stranger and you should not give out your personal details to them. If you are worried about an adult pressuring your child online, you should contact the Police and report it to CEOP

 Sharing those holiday snaps

Some children may want to share photos and videos of what they are getting up to in their summer holidays online. Talk to your children about what types of photos are appropriate to share, and who they are okay to share with. Photos can hold clues that give away personal information. For example, if you share a selfie of you and friends, are there any landmarks or street signs that give away your location?

Finding a balance

Without the structure of the school day, children may spend a lot of their time on the internet. The internet is a fun place to be, and children may find it hard to manage their time between being online and offline. Talk to them about how important it is to spot the signs that they have been online for too long. For example, they might get tired eyes, a headache, interrupted sleep or mood swings. Setting a time limit can be helpful, but remember to set it before they start playing a game or chatting online, so they get less frustrated when it’s time to stop. Offer some alternative activities to being online, and remind them the summer holidays are also a time to enjoy being outside and having a rest.

Enjoy the summer holidays!

Reblog from UK Safer Internet Centre – “Staying safe online this summer” posted 12th July 2016

5

Ben Whittle’s latest Uber Computer Update

1

Ben has finally finished the fabrication and painting of most of the panels and has assembled the desk for cable routing and testing. There is still a lot of wiring to be done, and while it isn’t particularly complex it has been very time consuming. As you can see below the loom for the SSD activity indicator strip is now complete and in place.

2.png

Ben has also completed the wiring for the Asus ROG panel, intake fans and lighting. In order to test these systems Ben has removed the motherboard and drives from his existing system and mounted them in the desk. This has enabled him to test the front mounted USB ports and audio jacks, power switch, cooling fan speed control, SSD indicator strip, etc…

3.png

So far everything is working as expected, Ben is particularly pleased with the lighting and is looking forward to seeing the painting lit up in the right hand side. He is currently unsure what to do with the legs, the original plan was always to paint them black as with the rest of the desk. A few people have said they like them as they are, as a compromise Ben is considering staining them to try to match the finish of the M-Audio studio monitors which will sit either side of the screen.

4

Ben will give this a try first and see how it looks as it is much easier to paint black over varnish than sanding off black paint. Thankfully the colour of the lighting is much easier to change:

5

It is looking ok from the front but there is still much work to be done, still many cables to make, terminate and route. The rear panel still needs to be cut out and painted, then it will be on to mounting the exhaust fans and rear connectors. Currently it is just a mess of wires, pipes and components:

6

Ben is hoping to have the panel and cabling complete in August, then the construction will be complete and he’ll be ordering the components and testing. More updates to follow soon.

AAEAAQAAAAAAAAUUAAAAJDA3NjU4ODlhLTgxZmQtNDBiMC04NDg0LTNkY2RjNWE1MWQ3MA

The Questions you are Probably Asking Yourself Around Sandbox Technology

In the continuing arms race between cyber criminals and the organisations whose data they covet, we continue to see new, ever more sophisticated, tools being deployed both sides.

Lately, attacks called advanced persistent threats (APT) which were originally used only against very large organisations have become more common and are now being used against smaller companies, such as schools, either to attack the smaller entity itself or as a stepping stone to other larger targets.

Small and midsized businesses such as schools are on the radar of attackers, who actually see them as low hanging fruits because many of them lack the resources, the security and the multi-layer defence programs to help protect themselves. 42% of small businesses report being a victim of cyber-attacks and the majority of the companies hacked were hacked twice or more.

Growing Awareness

On a positive note, we are seeing a rise in security awareness driven by the increased coverage of cyber threats in the mainstream media. This has helped many organisations improve their security posture: Employees see news about cyber-attacks and develop more awareness of security risks and so are less likely to engage in risky online behaviour; senior management understand the risks more clearly so IT departments find it easier to obtain the budget required to strengthen and improve their defences.

Demand for Comprehensive Next-Generation Security Solutions

IT teams in organisations of all sizes now understand that sophisticated cyber-attacks can use unknown malware that can evade traditional gateway and endpoint protection. This is why many organisations are considering new solutions to combat this problem. Additionally, there’s a lot of hype encouraging you to buy additional next generation solutions to deal with these unknown threats.

However, often these technologies are too complex and expensive for many businesses to consider. Many of the complex security solutions used by larger enterprise require multiple dedicated devices which are resource and maintenance intensive. They also tend to have low accuracy; this means a skilled team is required to analyse the results. Buying more solutions from multiple vendors that don’t talk to one another isn’t a recipe for a manageable threat defence.

New Age Threats Need Next Level Security – Sandbox

One technology, that’s had more than its fair share of hype, is the sandbox.

The questions you are probably asking yourself around sandbox technology are:

What is a sandbox?

A sandbox is an isolated, safe environment, which imitates an entire computer system. In the sandbox, suspicious programs can be executed to monitor their behaviour and understand their intended purpose, without endangering an organisation’s network.

Do I really need a sandbox?

Organisations need a range of security technologies to protect them from threats both known and unknown. It’s likely you’ll already have deployed Secure Email Gateway, Secure Web Gateway, UTM or Next Generation Firewall at your internet gateway, as well as endpoint protection to your desktops and servers.
Even vendors that only supply standalone sandbox technology would never suggest that their product provides a complete defence against advanced persistent threats. They acknowledge that many security layers are essential to protect against these threats. What a sandbox does provide, is your own dedicated environment to analyse, understand and take action, on the threats to your organisation that haven’t been detected by this stack of conventional security measures. Sophisticated targeted malware, designed to evade detection, will be detected and blocked when detonated in your sandbox.

Why don’t my conventional defences protect me from these APTs?

Basic signature-based antivirus will protect you against known malware. But signature-based antivirus is reactive and increasingly outpaced by today’s attackers. Most leading security vendors us a range of approaches such as malicious traffic detection capabilities and emulation to supplement signature-based detection. However, if your data or credentials are valuable enough to the attacker, they will have spent time discovering what type of security you are using and tested their unique malware to ensure that it will evade detection by your defences.

Surely this kind of technology is only for larger organisations?

An attack on Target Stores, a large US retailer, resulted in 40 million credit card numbers stolen. This had an enormous impact on trust in the Target brand and led to the company spending a significant amount of money on breach-related expenses, like providing monitoring services to protect customers from fraud. Target is certainly a large organisation, but what’s important to consider is that the attackers stole the credentials of Target’s air conditioning contractor. This small supplier was seen as a soft target and an easier route into the larger business. So organisations of all sizes should consider sandbox technology; a targeted attack could cost you your key customers and is one factor in the statistic that 60% of small firms go out of business within six months of a data breach.

Another point solution? That sounds expensive.

Sandbox can be expensive, no doubt. But there are ways of reducing your costs. In their research note on network sandboxing Gartner recommends:

“If your organisation is budget-constrained or looking for a quick path to add sandboxing, first evaluate adding sandboxing as a feature from one of your current security vendors.”

Your existing UTM, Firewall, Secure Web Gateway or Email Gateway may have sandboxing-as-a-feature options available.

With the introduction of cloud computing, the way processing power and storage is delivered and priced has changed. Companies now have access to greater processing power at affordable prices. This has driven a revolution in what can and can’t be delivered as a service.

Sandboxes have proven very effective in identifying and stopping APTs by creating a full working environment for the malware to operate in and making it hard for it to identify that it is being analysed. Previously, such a complex solution had to run on dedicated hardware and have a team of analysts to decipher the results limiting it to large enterprises and malware research labs.

By moving sandboxing to the cloud, the reduction in cost means security vendors can apply more processing power and share resources across multiple customers. It also means companies no longer have to rely on in-house expertise as their vendors or partner can provide the analysts from a central location. This reduces the costs to such a level that all organisations can afford sandboxing.

It sounds complicated – do I have the resources to try and deploy this?

When you begin to trial solutions, consider solutions that are easy to try and deploy. Cloud- based solutions can be rapidly deployed giving you instant results without the need to deploy hardware or upgrade appliances.

Sophos Sandstorm

Sophos Sandstorm is an advanced persistent threat (APT) and zero-day malware defence solution that complements Sophos security products. It quickly and accurately detects, blocks, and responds to evasive threats that other solutions miss, by using powerful, cloud-based, next generation sandbox technology.

For more information about Sophos Sandstorm visit: http://virtuetechnologies.co.uk/solutions/security/Sandstorm
56acd1e3c4eca2fea403c90579965c68-700x

Stay Protected Against Ransomware – Best practices to apply immediately

The following recommended measures should always be taken into account:

Backup regularly and keep a recent backup copy off-site.

There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

Don’t enable marcos in document attachments received via email.

Microsoft deliberately turned off auto-execution of marcos by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn marcos back on, so don’t do it!

Be cautious about unsolicited attachments.

The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s the one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.

Don’t give yourself more login power than you need.

Most importantly, don’t stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other “regular work” activities while you have administrator rights.

Consider installing the Microsoft Office viewers.

These viewer applications let you see what documents look like without opening them in Word or Excel itself. In particular, the viewer software doesn’t support marcos at all, so you can’t enable marcos by mistake!

Patch early, patch often.

Malware that doesn’t come in via document marcos often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit.

Keep informed about new security features added to your school applications.

For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet” which helps protect you from external malicious content without stopping you using macros internally.

Open .JS files with Notepad by default.

This helps protect against JavaScript borne malware by enabling you to identify the file type and spot suspicious files.

Show files with their extensions.

Malware authors increasingly try to disguise the actual file extension to trick you into opening them. Avoid this by displaying files with their extensions at all times.

Join us for an informative webinar to learn about ransomware threats and how schools such as yours can stay secure against them. The webinar ‘How to Protect Against Locky and Friends’ is taking place on Thursday 23rd June 2016 – 12:00pm – 1:00pm BST. Register here: https://attendee.gotowebinar.com/register/4345127391462205699

TeslaCrypt ransomware gang reveals master key to decrypt files

Articles about ransomware often don’t make terribly happy reading, especially if you’ve gone looking for the article because you’re looking at a “pay page”. That’s the message you see from most ransomware after it has scrambled your data, when the crooks make absolutely sure you know how to go about buying your data back.

Occasionally, the malware attacks everything. That happened with ransomware called Petya that scrambled the low-level index of your C:drive so you couldn’t boot at all, let alone use a browser or copy-and-paste text, or even take a screenshot.

You had to find another computer to get online, and manually type in a long, alphanumeric personal decryption code that Petya displayed:

uilfyug

But most ransomware is much more commercially savvy than that, and goes to great lengths to ensure that your operating system and all your applications are left well alone. That leaves you free to get online, follow instructions, and send money to the criminals.

To leave you in doubt what to do next, some ransomware event changes your wallpaper so that the how-to-play details are permanently in your face:

jjduySo we were surprised and delighted in equal measure to read that security researchers over at ESET had reached out to the crooks behind TeslaCrypt…

…asked them for the private key used in the operation…

…and received the reply, “Project closed, master key for decrypt XXX…XXX,[…] we are sorry.”

We weren’t inclined to believe that the crooks really were sorry, but it seems that the master key was genuine.

Most ransomware uses what’s called a hybrid cryptosystem, in which files are scrambled with a regular symmetric encryption algorithm such as AES, which is fast and straightforward.

Each computer, or more commonly each file, uses a unique, randomly chosen key that is never saved on disk, so it can’t be recovered directly. Instead, the file encryption key is then itself encrypted using a public key for which only the crooks have the corresponding private key. (Public-private encryption, known as public key cryptography, relies on two related keys: one that locks data, and another that unlocks it. You can’t use mathematics to figure out the private key from the public key because they have to be generated as a pair. In other words, the public key means that other people can scramble data that only you can decrypt.)

Usually, the crooks never part with the private key – they just use it to decrypt the unique AES key or keys needed to unlock your computer.

Because your key is unique, it only works on your files, so you can’t use it to help out other victims. In other words, the announcement by the Teslacrypt gang that they’ve revealed their business secret is unusual. Indeed, various public tools have already been created to use the Teslacrypt master key to unscramble locked files for free.

Result!

Of course, only vistims who have been hit recently and haven’t yet paid up, or victims who backed up their already-encrypted data just in case, will get much use out of the master key at this stage.

Why did the crooks do it?

That really is the million pound question, and we shall probably only ever be able to guess at the answer:

We can think of the following possibilities:

  • The crooks are genuinely sorry, and have retired in a fit of conscience.
  • The crooks were hacked by another gang, who spilled the master key to ruin their rivals’ business.
  • The crooks have switched their time and effort to newer ransomware.
  • The crooks have made so much money that they want to retire in a media-friendly way before they get caught.

What do you think?

TrilbyTV_rlogo_480

Introducing Trilby TV Digital Signage

We had some interesting partners attend our 10 Year Anniversary Event on May 6th. We thought we would share one of them with you in a little more detail.

Trilby TV is our new digital signage partner who specialises in schools. They were formed by some passionate educators that wanted to bring schools signage back to life in an “easy to use” and controlled environment.

The concept is pretty simple….

 

ttvcrUpload

Use the iPad app, Chrome app or website to upload your video and select a category.

 

ttvappcrpApprove

Get the video approved for playback, all it takes is one tap from a moderator who could be a teacher or student.

 

ttvplaycropPlayback

Your video will playback on your digital signage. Simply install the player app on your PC, Chromebit, iPad, or AppleTV. And that’s it! – your students work can bring the school signage back to life and even be accessed by parents from home.

 

If you would like to arrange a demonstration or free trial to show you how good it really is, please contact us today on 01695731233 or email toby.wilkinson@virtuetechnologies.co.uk

Ben Whittle’s Latest Uber Computer Update

The Project is finally starting to take shape as Ben has now attached the legs and started to paint some of the panels, it is actually starting to look a bit like a desk.

1

The legs are simply attached to the side of the chassis with four 2.5″ screws per corner placed so the heads won’t be visible, and to provide a good level of structural integrity.

2

The aluminium control panel that Ben designed and had Seattle Based company DataPro manufacture has arrived and Ben has cut out a space in the front of the and situated the components. The silver touch sensitive power switch will be sprayed black to match the panel and different mounting screws will be used, but the photo below gives an idea of the finished product.

3
Mounting the UPS display and controls was a bit of a challenge. As the board was only ever designed to be mounted inside the APC UPS it was removed from, the control panel had to be designed around it to a certain extent. For the buttons to work correctly the display board placement had to be very precise. To achieve this Ben took all of the relevant measurements and ordered stand-off screws of a particular size and cut out an aluminium mounting bracket to support the display from behind.

4

Having finished work on the base panel which will sit under the glass, Ben has started sanding and painting. The finish is coming out exactly as he had hoped for, matt black but with grain of the wood visible through the paint.

5

We should start to get a much better impression of how the finished product will look as more panels are finished and painted, but painting is a slow process. Ben is applying three coats of paint to each panel, each requiring 16 hours drying time between coats. As the desk is made up of 21 individually cut panels there is a fair bit left to go.

As the base panel was drying, Ben set to work on making the wiring loom for the cooling system. This comprises of thirteen 120mm fans, an 80mm fan, water pump and temperature sensors. The part Ben has made so far is just to monitor and control the intake fans at the front of the desk, and at the rear mounted 480mm radiator. The custom wiring loom was necessary due to the bespoke design of the chassis, Ben needed to monitor and control banks of fans in different locations in order for the system to regulate temperature and noise efficiently.

The loom itself is fairly simple, there is a single 12 volt line leading directly back to the PSU to power all the fans. Each fan header takes power from this line all the way down the loom, one fan in each bank is used as a master which will report its speed reading back to the PC. All fans in each bank will receive the same PWM control signal from the motherboard.

There will be a total of four banks to control, front intake, rear radiator intake, rear left and right exhaust. The loom will ultimately allow these thirteen fans to be effectively controlled with four fan headers. With some strategically placed temperature sensors and tweaking the fan speed/temperature curves on the Asus thermal management software, the goal is to have the system virtually silent when not under load, and very well cooled when running the most demanding applications (by which of course Ben means games):)

Making the loom itself is quite time consuming, the individual cables needs to be cut to size, pulled through the braided sheath and then the connectors need to be crimped and the end.

8

With the first section of the loom completed, Ben has tested with the front intake fans and found it works perfectly. It also looks quite neat as the spacing between the fan headers was designed so that the connectors could be tucked between the fans getting rid of messy trailing wires.

9
Stay tuned for more Uber Computer updates