508-909-5961 [email protected]

Beware of the Cloudbleed bug

Cloudflare, an internet security services company, found a major bug in its software that leaked sensitive data like cookies and passwords from client websites. Although investigation into the security flaw, also known as Cloudbleed, is still underway, early reports found that malicious hackers have not exploited this vulnerability.

The post Beware of the Cloudbleed bug appeared first on Complete Technology Resources, Inc..

16 Mar, 2017 / by Complete Technology Resources / in category
Beware of the Cloudbleed bug

Cloudflare, an internet security services company, found a major bug in its software that leaked sensitive data like cookies and passwords from client websites. Although investigation into the security flaw, also known as Cloudbleed, is still underway, early reports found that malicious hackers have not exploited this vulnerability. Even still, you should know what you’re up against.

What is Cloudbleed?
Although it’s technically similar to Heartbleed, a bug that compromised millions of websites and accounts, Cloudbleed is less severe. Google security researcher Tavis Ormandy discovered that several Cloudflare-hosted websites, including Fitbit, Uber, and OkCupid, were inadvertently leaking customer information and saving them within the source code.

For example, when a person visits a bugged Uber page, the website code could contain data and login credentials from another user who recently visited the page. The data may be hidden between several lines of code, but a skilled hacker can easily find it.

Exploiting it, however, is more difficult. The Cloudbleed bug collects random bits of data, which may or may not contain any sensitive information, making it a less attractive point of attack for cybercriminals. Over time, a cybercriminal may be able to compile enough information to exploit, but it doesn’t seem to be a viable option for targeted attacks.

The response
According to Cloudflare, Cloudbleed was triggered 1,240,00 times and found in 6,400 websites between September 22 and February 18. After the bug was discovered, the internet security company quickly alerted affected websites, fixed the code, removed cached pages from search engines, and monitored client websites for any strange website activity.

Cloudflare-hosted websites also checked what data was leaked and reassured customers that there was minimal impact to their private information.

What can you do?
While Cloudflare and other companies are telling everyone that the possibility of Cloudbleed attacks and password leaks is low, you should still ensure your account is safe.

Start by setting stronger passwords with a combination of letters, numbers, and symbols. Make sure to set unique passwords for every online service, especially for any of your accounts that use Cloudflare. Whenever possible, use two-factor verification to keep your account secure even if someone gets a hold of your password.

And, last but not least, contact us for any cybersecurity, cloud, and website issues. We aim to make your internet and cloud experience as safe as possible.

Published with permission from TechAdvisory.org. Source.

The post Beware of the Cloudbleed bug appeared first on Complete Technology Resources, Inc..

Read More

Which type of firewall is right for you?

Software solutions are almost always more user-friendly than hardware solutions. There’s no need to worry about cabling, firmware, and power consumption. But when it comes to firewalls, a software solution just can’t measure up to its hardware counterpart.

The post Which type of firewall is right for you? appeared first on Complete Technology Resources, Inc..

15 Mar, 2017 / by Complete Technology Resources / in Hardware category
Which type of firewall is right for you?

Software solutions are almost always more user-friendly than hardware solutions. There’s no need to worry about cabling, firmware, and power consumption. But when it comes to firewalls, a software solution just can’t measure up to its hardware counterpart. Make sure you have all the facts before deciding which is right for you.

Software firewalls

Calling a piece of software a “firewall” is a bit of an exaggeration. Installing it on a local hard drive is more like locks on a door than impenetrable walls. When data is scanned for threats by a software firewall, the information it contains has already been passed through your router, network switch, and finally your local hard drive.

Once the whole cycle has finished, software firewalls can prohibit risky activities based on blacklisted IP addresses, known malware definitions, and suspicious application requests.

Although these solutions do have value, they can’t guarantee that malware won’t spread to other systems before each packet of data can be scanned, unless they’re standing guard at your business’s gateway to the internet. And whenever the computer with the firewall is powered off, everything it protects is left unguarded.

Hardware firewalls

Because the drawbacks of a software-based firewall are centered around their inefficient network position, a hardware solution is the safer option. Hardware firewalls sit directly behind your router, so every single packet of data coming from the internet must pass through your gatekeeper before landing on any of your internal drives.

Most of these solutions include far more sophisticated controls than just web filtering and basic data scanning. Like most developments in the IT industry, newer hardware firewalls focus on “intelligent” functions that analyze huge datasets to recognize malware and cyberattacks based on irregular activities instead of relying solely on cataloged viruses and attack vectors.

Another benefit of hardware firewalls is that they’re always on. There’s no need to worry about whether the workstation hosting your solution will crash because these devices are built for 24/7 protection. The only downside to this type of solution is the level of monitoring and maintenance it requires. Hardware firewalls are extremely complex and managing them is no easy task.

“Cloud” firewalls

The most recent, and undoubtedly best, solution to network perimeter security are “cloud” firewalls. These are on-site pieces of hardware with software interfaces that can be managed remotely by certified security professionals.

This service model means that experts will monitor your network performance and security for anomalies while your team goes about its business as usual. No need for onsite tweaks and updates -- all of it can be done remotely.

You may hear a lot of experts telling you that the age of on-site hardware has passed and everything can be done in the cloud. Remote administration may be the next wave in network services, but the need for hardware will never go away. If you need someone to manage your physical devices, contact us today.

Published with permission from TechAdvisory.org. Source.

The post Which type of firewall is right for you? appeared first on Complete Technology Resources, Inc..

Read More

Is your Android smartphone a security risk?

Desktop and laptop users install security software updates and do everything they can to safeguard against cyber attacks. The same cannot be said of smartphone users. This is understandable because cyber threats on mobile phones are less visible... but that doesn’t mean they don’t happen.

The post Is your Android smartphone a security risk? appeared first on Complete Technology Resources, Inc..

14 Mar, 2017 / by Complete Technology Resources / in Security category
Is your Android smartphone a security risk?

Desktop and laptop users install security software updates and do everything they can to safeguard against cyber attacks. The same cannot be said of smartphone users. This is understandable because cyber threats on mobile phones are less visible... but that doesn’t mean they don’t happen. When you factor in smartphone users’ growing dependency on mobile computing, neglecting security for smaller devices is just plain irresponsible.

Mobile malware MO

Malware and other threats pose risks that are as harmful as those that infect desktops and laptops. Some of the threats include messing up your phone bill, ruining your mobile phone’s data, remotely locking and unlocking devices, intercepting messages, prompting fraudulent log-in commands, and sending fake notifications, among others.

Most malware comes from applications downloaded from third-party app stores. Once a phone is compromised, the hacker will have access to passwords, user accounts, and other sensitive personal data. Since some Android devices are linked, there is also more than a passing chance that bugs on one device find their way to linked devices.

Who is responsible?

The burden doesn’t fall solely on smartphone users; app stores such as Google Play Store are responsible, too. Some of the infected banking and weather forecast apps that were widely reported were downloaded from the Google Play Store. Aside from taking swift action against the apps, infected companies were urged to provide as much information and updates as possible regarding the malicious applications so they could be removed from the store to protect users.

Of course, Android users are responsible for their own safety, and there are several measures they can take to avoid becoming victims.

How to avoid being victimized by malware

Yes, the Google Play Store isn’t 100% secure, but downloading from the Google store and other more established app stores -- and not from little-known and less secure third-party stores -- reduces the probability of downloading malicious apps. In case an infected app makes its way to the store and gets thousands of downloads, Google is usually quick to remove the threatening app from their environment and block other malicious entities.

It also pays to read the user reviews. Despite app stores’ best efforts, the proliferation of apps in today’s marketplace makes it nearly impossible to prevent mobile malware from getting through to the store and, afterwards, users’ device.

If an app poses significant risks, someone is bound to post a review or a warning. Regularly updating your mobile device’s software also helps prevent attacks, as the latest software version often comes with stronger security patches or quick fixes.

Malware doesn’t discriminate. Regardless of your computing or communication device of choice, it will find a way to infect and destroy. Ascertain your business devices’ safety by consulting our security experts today.

Published with permission from TechAdvisory.org. Source.

The post Is your Android smartphone a security risk? appeared first on Complete Technology Resources, Inc..

Read More

A beginner’s guide to Snapchat for business

The 21st century is the age of social media, with a plethora of outlets available, users are spoilt for choice. Business owners are faced with the same dilemma, between Facebook, Instagram, Twitter, and about thirty more - which one should they invest in? It’s important that the platform is simple, interactive, and touches base with numerous users with every post.

The post A beginner’s guide to Snapchat for business appeared first on Complete Technology Resources, Inc..

13 Mar, 2017 / by Complete Technology Resources / in Social Media category
A beginner’s guide to Snapchat for business

The 21st century is the age of social media, with a plethora of outlets available, users are spoilt for choice. Business owners are faced with the same dilemma, between Facebook, Instagram, Twitter, and about thirty more - which one should they invest in? It’s important that the platform is simple, interactive, and touches base with numerous users with every post. And that's what Snapchat is.

Over 71 percent of Snapchat users are under 34 years old; as of 2015, the social network boasted over 100 million active users. It’s an ideal marketing option for businesses targeting a millennial audience. If you’re still unsure about Snapchat for your small business, consider these statistics:

    • 58 percent of college students are likely to purchase a product from coupons sent over Snapchat
    • 65 percent of Snapchat users contribute content on a daily basis
    • Only 1 percent of marketers are taking advantage of Snapchat, which means you can be an early adopter and gain a competitive advantage

Snapchat is a social media application that allows users to send pictures and videos - called “Snaps” - to others. The media sent can only be viewed for 10 seconds or less (you can specify the length), after which it disappears for good. You can add a Snap or multiple Snaps to create your own “story” which can be viewed by others for 24 hours.

The reason Snapchat is getting the attention of marketers is that it allows users to personally interact with brands. Instead of regular content, you audience gets a candid, behind-the-scenes look at your business. Also, by using Snapchat regularly, you’ll be able to keep your brand in the forefront of your audience’s mind. Then, when they’re making a purchasing decision between you and your competitors, they’ll choose you because of the relationship you’ve established with them. Now that you know what Snapchat is, the next step is to gain followers.

How to grow a following on Snapchat
Unlike other social networks like Twitter and Instagram, hashtags don’t suffice when you want to get your audience’s attention. They have to find and add you - not the other way around. Even if you want to add other users so they could add you back, you can’t base the search on vague terms -- you have to know their Snapchat username to add them. Basically, Snapchat has no native discovery features.

In order to gain followers on Snapchat, you’ll need to use your online presence as well as other social media sites to create awareness and entice others to follow you. Here are some easy methods to get the ball rolling:

    • The “Add Me URL” feature - share a custom URL on other social media platforms that allow other users to quickly add you as their Snapchat connections. To do so, replace “yourusername” in the following URL: https://www.snapchat.com/add/yourusername
    • Promote your username in your social media profiles - promote your Snapchat username by posting it in other profiles to encourage people to add you. You can also share your username in email signatures, blog posts, and even your company website.
    • Share relevant content - plan an interesting series of Snaps to share with your followers and post all the details on other social media accounts along with your username and/or QR code image, this gives followers an incentive to connect with your brand.
    • Snapcode image as your profile picture on other social networks - take a screenshot and crop your Snapchat QR code image (Snapcode) and set that as a profile picture on your other social media accounts. Anyone who points their Snapchat camera at the code will automatically add you to their friends list.

Snapchat is one of the newest social media outlets to date. If you start building your brand on it now, you’ll be taking a huge step ahead of your competitors - especially now that Snapchat is catching up to Facebook and other social media giants. If you would like to know more about what Snapchat can do for your small- and medium-sized business, feel free to give us a call!

Published with permission from TechAdvisory.org. Source.

The post A beginner’s guide to Snapchat for business appeared first on Complete Technology Resources, Inc..

Read More