Blog

Author Archive

SonicWALL Releases new Content Filtering Service

SYGNET has standardized on SonicWALL firewalls to protect our client’s networks for years. One of the capabilities we have relied on to provide extra security for the network and risk control regarding employee surfing, is the Internet Content Filtering Service (CFS). We configure the CFS on our client networks to block access to hacking websites, and other undesirable categories such as proxy avoidance. This helps boost the security of the network as a whole. Further to that, some of our clients want to block employee access to sites categorized as Pornography, Violence/Hate/Racism, Gambling, and others. We have had good success with the SonicWALL CFS in the past, and now they have released version 4.0 in the latest updates to their firewalls. This update, which is free to clients with active support, will allow for more granularity in the filtering policies, and more options on the actions to take within the policies. This combined with faster performance should increase our client’s satisfaction with this great service from SonicWALL.

SYGNET will be rolling out CFS 4.0 to Active Network Management service clients in October and November of this year.

This is what Proactive Managed Services looks like.

 

Posted in: Information Security, Proactive Managed Services

Leave a Comment (0) →

Users Should Upgrade Apple iPhones and iPads to 9.3.5 Immediately

SYGNET is advising clients inform their end users to upgrade their Apple iOS devices (iPhones and iPads) to the latest release which is 9.3.5 as soon as possible. This update was released late last week.

The reason for this recommendation is the potential for the spread of a particularly nefarious piece of malware named Pegasus. There is significant media coverage of this exploit for users who wish to know more about the specifics, however we agree with Apple’s recommendation to install this update quickly.

SYGNET has tested the update internally, and so far has not come across any major issues. There are also no wide spread reports of problems with the update from the media. That being said, we recommend users to consider the timing of their updating to avoid major inconvenience in the event of a problem (ie. do not update your device right before travelling).

The following is a link to instructions on how to initiate an update on an iOS device.
https://support.apple.com/en-ca/HT204204

This is what Proactive Managed Services looks like.

Posted in: Proactive Managed Services, Security Response

Leave a Comment (0) →

Good Article on why 3rd Party Patching Matters

SYGNET has always regarded timely patching and updating of systems as a serious part of overall security. So often we read of data breaches where hackers took advantage or one or several known vulnerabilities in the target systems that could have been blocked through proactive patching. There are some hacks that take advantage of unknown vulnerabilities, however those are actually the minority. Most people of familiar with the need to patch their Operating System, such as Microsoft Windows or Apple Mac, however it is just as important to consider other commonly attacked software. Hackers tend to focus where they get the most bang for their effort, hence they will target common 3rd Party Software, such as Adobe Reader, Adobe Flash, Java, and VLC Player. A good article covering 3rd Party Software can be seen here. SYGNET’s Active Network Management service covers the patching of all the software mentioned in this article. Further to that, SYGNET will help clients by uninstalling software they do not need, thereby reducing the possibility of attack.

This is what Proactive Managed Services looks like.

Posted in: Information Security, Proactive Managed Services, Security Response

Leave a Comment (0) →

Good Article on the Potential Security Risks from Free Software Bundles

There is a good article here that outlines the potential security risks from free software downloads or bundles. There is some great free software available over the Internet, and there are numerous titles we recommend to clients. However, users need to be careful on what titles they select, and where they download them from. Per the article, a poor download choice can leave a system or network with unintended security vulnerabilities. Companies should encourage their users to seek advise from IT in vetting new software they are interested in. Further to that, IT should configure systems to block the installation of unapproved software. SYGNET’s Active Network Management service provides controls for software control and deployment.

Posted in: Information Security, Proactive Managed Services

Leave a Comment (0) →

Symantec.Cloud Server Agent Update

On July 21st, 2016, Symantec released an update for Symantec.Cloud Endpoint Protection server agents in response to a discovered vulnerability detailed here. For the server version of the agents, manual intervention was required to complete the agent update successfully. SYGNET has completed the manged rolled out this update to all client servers as of today. Our clients feel safer knowing important vulnerabilities are quickly patched.

This is what Proactive Managed Services looks like.

Posted in: Proactive Managed Services, Security Response

Leave a Comment (0) →

HP Notebook Computer Battery Safety Recall and Replacement Program

On June 14th, 2016, HP Inc. initiated a recall affecting Notebook batteries, the details of which can be found here.

Thanks to SYGNET’s Asset Management capabilities included with our Active Network Management service, we were able to quickly identify any potential client Notebooks covered by the recall. Fortunately, none of our clients were affected by this particular recall. However they all feel safer knowing none of their staff are using Notebooks with batteries that could pose a safety risk.

This is what Proactive Managed Services looks like.

 

Posted in: Proactive Managed Services

Leave a Comment (0) →

Interesting Article on How Much Money Hackers Make

Over the years, clients have asked us why Hackers do what they do. In the early years of computers and networks, they mostly did it for notoriety or personal interest, though some wanted to uncover Government or Corporate malfeasance. Initially there was not much focus on financially benefiting from hacking. That all changed with the growing popularity of the Internet and eCommerce, leading to a rise in hacking for financial benefit. The Business Insider has a really interesting article on how much money Hackers make here.

Posted in: Information Security

Leave a Comment (0) →

Canadian Anti-Fraud Centre

Canadian companies and citizens should bookmark the webpage for the Canadian Anti-Fraud Centre (CAFC). This website is maintained by the Government of Canada to provide companies and citizens with information on current frauds and scams. The site has numerous tips on how to avoid becoming a victim, and has instructions to report suspected fraud. SYGNET came across the website while assisting a client in reporting attempted fraud that was perpetrated against them.

 

Posted in: Information Security, Security Response, Tech Tips for Business Owners

Leave a Comment (0) →

Executives in Asian Luxury Hotels Fall Prey to Cyberespionage

This article featured on the Globe and Mail website should be an eye opener to all executives not to blindly trust the networks they come across in their travels. It also highlights the importance of maintaining the security posture of the laptops and mobile devices that are used outside of the office.

Posted in: Information Security, Tech Tips for Business Owners

Leave a Comment (0) →

POODLE SSLv3 Vulnerability

With the release last week of information pertaining to a potential information disclosure vulnerability in numerous systems that use SSL version 3 encryption, we have started to implement changes to client systems to mitigate the associated risk. We recommend clients familiarize themselves with the POODLE SSLv3 vulnerability by reading the excellent Wired.com article that can be seen at http://www.wired.com/2014/10/poodle-explained/.

SSL encryption can be used to secure data connections between systems across the Internet, and on internal networks as well. Its most common usage scenario is to encrypt web browser connections to servers across the Internet. Though encrypted connections are mainly referred to general terms, there are in fact numerous protocols and cyphers that are supported by the various Operating Systems in use today. Naturally, newer Operation Systems can use more recent and therefore stronger encryption protocols than their older counterparts.

The vulnerability disclosed last week was around SSL 3.0, which was a very popular encryption protocol that has widespread Operating System support (Windows, MACs, and Linux etc.). Though it has been surpassed in recent years by newer and stronger encryption techniques, most systems left it enabled to support older systems. A vulnerability in SSL 3.0 has been demonstrated that would possibly allow an attacker to compromise communications protected by this protocol. It does not provide a direct method for an attacker to gain control of any systems. However an attacker may be able to collect credentials for use in subsequent attacks by eavesdropping on SSL 3.0 communications they are able to compromise with this vulnerability. There is no planned “patch” for this vulnerability so the recommendation is simply to disable its use, both on servers and client systems.

SYGNET will be disabling SSL 2.0 (in the event it is still enabled) and SSL 3.0 from all servers as soon as possible. Clients are warned that there could be some disruption to Line of Business applications and websites that may rely on these specific versions of SSL. It is quite difficult to make this determination in advance, therefore, SYGNET recommends proceeding with the changes since they can be reversed relatively easily should a particular application require either of these specific protocols.

SYGNET will also be disabling SSL 2.0 and SSL 3.0 in the browser settings of Microsoft Internet Explorer for domain joined systems via Group Policy. We will also provide instructions to users on how they can manually make this change for browsers other than Microsoft Internet Explorer and for standalone systems not controlled by domain Group Policy.

Further to the measures mentioned above, clients running a current SonicWALL firewall with Security Services enabled have been protected since October 15th, 2014 when the detection signatures were released.

We will of course provide updates regarding the POODLE vulnerability should additional information become available.

Regards, Cameron Gracie.

 

Posted in: Security Response, Tech Tips for Business Owners

Leave a Comment (0) →