Author: Patrick Enlow

EFS Network Management is a small business that provides expert IT support and application development services to our small business clients that cannot afford to have a full time IT staff member. EFS Network Management was founded in 1989 in Columbus, Ohio by Patrick Enlow. The company provided database development, application integrations, network documentation, network and telecommunication management support.
August 2016 Apple IOS Security Update

August 2016 Apple IOS Security Update

The Department of Homeland Security’s division of US-CERT (United States Computer Emergency Readiness Team) has released a security vulnerability notice for Apple’s IOS. 

This vulnerability may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch (5th generation) and later.

EFS Network Management encourages users and administrators to check the DHS US-CERT Security Bulletin on Apple IOS Security Update for August 2016  or Apple’s IOS Security Update 9.3.4.

DHS-US-CERT

 

EFS Network Management recommends users and administrators to apply the necessary updates.

If issues arise after applying the updates, please open a EFS Network Management Support Request We will take a look at the issue or you can contact us for help.

Symantec releases the Latest Intelligence report for July 2016

Symantec releases the Latest Intelligence report for July 2016

Symantec released the latest Intelligence report for July 2016 stating a major increase in email phishing attacks on the manufacturing industry from June.

The Neutrino toolkit attacks doubled from 10.7 in June to 21.5% in July.

This report is an analysis of cyber security threats, trends, and insights about malware, spam, and other potentially harmful business risks.

EFS Network Management encourages administrators and users to check the Symantec’s Latest Intelligence Report for July 2016.

Spam has increased from 52.7% in June to 53.2% in July.

Manual Sharing scams has increased slightly but is up to a whooping 83 percent of Mobile and Social Media scams. Fake offers were down to 11.85%. Like Jacking was down at 3.09%. Fakes Apps was up to 1.61%. FakePlugin was up a bot to 0.02% to round out the top five for social media.

If you need tech support with a security issue please open a EFS Network Management Support Request and we will take a look at the issue or you can contact us for help.

Security Now 571: Phishing & Filtering

Security Now 571: Phishing & Filtering

Steve Gibson of GRC discusses the latest in security issues with LastPass vulnerabilities, new wireless keyboard headaches, deprecating SMS as a second authentication factor, obtaining Windows 10 for free after July, the pervasive problem with website spoofing, and the power and application of multi-interface packet filtering.

Details of this episode with links and additional information can be found in the Security Now # 571 show notes. A transcript and audio versions of the show are also available.

We are on the eve of DEF CON 24, Aug 4-7, 2016, which is a black hat, white hat and grey hat hacker convention in Las Vegas. It has been traditional that during the conference and after a conference a number of new exploits are revealed. It is important that users and administrators update their systems to the current known security patches to mitigate issues that may come from new exploits.

EFS Network Management encourages administrators and users to check the latest video podcast of Security Now.

If you need tech support with a security issue please open a EFS Network Management Support Request and we will take a look at the issue or you can contact us for help.

EFS Network Management Bi-Weekly Antivirus Review

Bi-Weekly Antivirus Review

EFS Network Management encourages users and administrators to check your antivirus software for desktops and servers.

The antivirus software should be reviewed bi-weekly for known security issues and known stability issues. Your antivirus software should be checked to ensure that it is functioning correctly. We tend to get complacent and not think to check our antivirus software.

Sometimes the software may stop getting its daily updates for various reasons. The antivirus software might be expired and it needs to be renewed with the vendor. A firewall setting may have been enabled and now the firewall is blocking the updates. It could be the desktop firewall or the network firewall. A group policy might have been enabled that blocks the updates, by accident. Malware maybe blocking the updates. A new security update might have broken the antivirus updates software. The service could have been disabled during a troubleshooting session and never turned back on. The antivirus software might have been uninstalled to address an issue and the antivirus software never got re-installed. The antivirus software may no longer be compatible with the current version of software that your are running.

There are many more reasons why the antivirus software may not be working. So it is very important to check that it is working and that it is up to date.

  • Check the antivirus definition files and they should be within a few days of the current date.
  • Check the last time that the operating system had a full virus scan.
  • Check the antivirus history files and logs.
  • Check the antivirus quarantine and delete all files if they are not critical.
  • Check the antivirus expiration date, if the one being used is not a free version.
  • Check the antivirus exclusion paths and make sure that they are not excluding critical systems.
  • Check the antivirus software for services that may not be working, especially if you are running an antivirus/malware suite.
  • Search the web or Youtube on “How to’s” for your version of antivirus software” make sure the information is coming from a reputable source. This will empower you with working knowledge of your antivirus software.
  • If it has been a while since your last deep scan, update your antivirus software, boot into safe mode for Windows computers and run a full system scan.
  • If you suspect you have malware, then a bootable antivirus software may be needed in order to deal with the malware.
  • While checking for antivirus, check for the last good backup of the operating system and create recovery disks or jump drives if you do not have them.

If issues do arise from checking your antivirus or you need assistance please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.

EFS Network Management - July 25th Weekly DHS US-CERT Security Summary

July 25th Weekly DHS US-CERT Security Summary

The Department of Homeland Security’s division of US-CERT (United States Computer Emergency Readiness Team) has released the latest weekly security notices for software that has new known security issues. SB16-214: Vulnerability Summary for the Week of July 25, 2016 listed all the details.

EFS Network Management encourages users and administrators to check the DHS US-Cert Security Bulletin for software vulnerabilities that might affect their business.

dhs

The security bulletin this week’s covers the following software: Cisco, PHP, Google Chrome, CA eHealth, apache, siemens software and many other products.

It is important to check this list of products to decide if your organization is using them. If so, please update the affected software to address known security issues. These security vulnerabilities may allow remote code execution with full system privileges.

Please expect that there maybe issues with the updates. There are no known issues at the release of this security notice from DHS US-CERT.

If issues do arise, please reboot the system to see if it will self-heal and recover. If it does not recover please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.