The “Age of Graphene” is upon us, but are you ready? Graphene is a super-thin, super-strong substance that’s already revolutionizing the devices we use – from wearables to smartphones, sports equipment, and super-capacitors. Scientists and engineers have been studying its efficacy as a hardware component for 60 years. It has wide application, including as a rapid supercapacitor battery charger, which could replace lithium-ion batteries in smartphones and charge phones in 5 minutes. Graphene will also: Allow cars to gather and store the energy they produce while in motion Help us build better, stronger bicycles using graphene-nanoplatelets in resin Add strength to tennis racquets with graphene paint Cause light to be more “medically revealing” with graphene light sensors Be used in windows as light detection sensors Help with water, soil, and air purification Be used in hands-free systems in cars, and much more. Sensing the Future Graphene spectrometers placed in smartphones will be able to tell if a melon is ripe or whether the tires on your car are worn to the point of needing replacement. They would also be able to detect if there are harmful chemicals or additives in foods, or if a reportedly “real” product is actually fake. Having graphene spectrometers in phones could take place within the next two years, but likely only if a big tech component manufacturer gets on board with capital funding. Nevertheless, the revolutionary ideas keep rolling in, and sooner or later graphene-component devices, sensors, and objects of all kinds will be part of our world. Graphene Wearables Graphene is also slated to be part of not only wearable technology, but also the clothing we wear. Italian sportswear maker Colmar launched a full-bodied graphene swimming suit which will transfer heat from hot zones to colder ones, keeping the swimmer more comfortable and on an even temperature keel. Gloves fitted with graphene sensors will be super-responsive to temperature changes and motion, “programming” the special gloves to react accordingly. Paper wristbands with graphene print will act as tickets or other kind of tag, like those for hospitals or special events. Airports or busy train stations could use the graphene wristbands to keep track of passengers, or as the ticket itself. Tracking People and Products An Internet of Things-connected world will utilize the graphene components in places like stores, warehouses, and factories to keep track of stock. Same for livestock. At the risk of sounding Orwellian, they will also be used to track the movements, buying habits, and traffic flow of humans for security purposes. As long as the privilege isn’t abused, it appears graphene is poised to make our world much safer, by being able to reunite lost children with frantic parents, and generally account for those who would have gone missing in action with no recourse.

How Cloud Storage Pricing is Helping Companies Prosper Many small, medium, and larger businesses have migrated their IT networks in recent years to cloud-based computing options. This is for very good reasons – businesses utilizing cloud services gain a number of benefits, not the least of which is money saving via the assurance of adequate backup, disaster recovery, and business continuity. And, cloud computing is also helping in the cost-cutting department in a number of other ways, which we will examine. Perform a Data “House Cleaning” In order to cut cloud storage costs, you will want to perform an evaluation and data storage house cleaning, which focuses on: A by-department file storage allocation analysis Discovery of what types of files are being stored – is there any misuse of storage space? What is the by-file data access need, and are you spending more for fast retrieval than it’s actually using? Access Control and Data Retention You will also want to make sure your access groups are clearly defined, organized properly, and that permissions aren’t being granted to parties who have no inherent need for it. Studies show that companies polled in a recent study showed 62% of employees have access to data and saving to cloud storage which they should not. Another good tip is to archive the data you don’t need immediate access to; consolidate multiple files if you can do it, and have a deletion policy in effect that’s standardized, i.e. discard files after 5, 7, or 10 years of disuse, for instance. Cloud Pricing You can cherry-pick the particular features and applications you want in cloud storage and computing options. Understanding your needs, based on the above recommendations, will get you that much further down the road to common sense solutions for your cloud services needs, and thus, more savings in the short and long run. Act Now and Save More Cloud computing and storage costs are currently on the rise, due to the huge increase in demand, even though they can end up saving you money. Acting right now to secure your company cloud-based storage options will save you money in the long run, for multiple reasons. Waiting until disaster strikes via cost-cutting procrastination in the short-term will spell financial and data loss disaster down the road, should it strike. Ask the IT Experts If you are interested in upgrading your office IT network to cloud-based computing options, contact an IT professional today. {company} is the leader in providing managed IT services in {city}. Contact our expert IT staff at {phone} or send us an email at {email} if you have any questions or concerns regarding cloud computing services, and we will be happy to answer any and all your questions.

Google’s one-on-one video calling app, Google Duo, launched on Monday for both Android and iOS. The app is expected to be available worldwide in the next few days. The app boasts the ability to transition from cellular data to Wi-Fi, and high speed to low speed wireless connections seamlessly, promising to allow users to continue calls from location to location without interruption. Some loss of video quality may still occur at slower connection speeds. No account sign up is required to use Google Duo, and calls can be initiated with a single tap. All calls are encrypted end to end. For Android users, a feature called “Knock Knock” provides a preview of incoming calls, even if the app isn’t open on their device. This feature also provides a preview of outgoing calls. The preview feature only works for iOS users if the app is open, and only applies to incoming calls. Unlike Skype, Google Hangouts, or even Facebook Messenger, the app has no extra functions or features, serving strictly as a video calling application. Duo is currently only available on mobile phones, with Google electing to start small. Duo is a basic, straightforward app that is easy to learn and use, with more in common with FaceTime than Skype. But whereas FaceTime only works between Apple devices, Google Duo is compatible with any mobile platform. While video calling is fairly commonplace today, its generally not most people’s preferred method of communication. One of the biggest issues is the myriad of issues that arise when devices try to communicate via a video connection. There is a tendency for calls to not work well, or just not work at all because of compatibility challenges. Google Duo is attempting to address the latter issue. How successful they’ll be, and what kind of impact that will have on video calling as a whole, remains to be seen. Have questions about video conferencing applications for business? Contact {company} at {phone} or {email} for more information about the options available to you. We’re the trusted IT professionals for businesses in {area}.

You may have heard that 68 million Dropbox users were recently told by the company that they needed to change their passwords due to a general hack of their database. The hack occurred in 2012, but it was only after years of persistent rumors by Netizens and cybersecurity mavens that Dropbox finally came clean about the hack. Dropbox completed performing a forced password reset for 68 million people just last week. Dropbox is merely the latest Web-based startup or organization that has faced having many millions of their customers affected by a single data breach. 5GB of files were obtained by Motherboard via Leakbase, a data breach notification service. The hacked cache of files includes email addresses and hashed user passwords, but, interestingly, almost half (32 million) of the passwords are secured by bcrypt, a strong hashing function, leaving the rest hashed by the hashing algorithm known as SHA-1. Dropbox Speaks Head of Trust and Security for Dropbox Patrick Heim told the world that his company had successfully completed the password reset process, and all affected users of his popular service were covered. Says Heim, “We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.” No Illegal Access? According to a Dropbox spokesperson, the company has found no evidence that any Dropbox account was illegally accessed, although Tech News journal FossBytes reports that, “The Dropbox dump also hasn’t appeared on any major dark web marketplace” which sounds suspiciously like damning with faint praise for yet another outfit that has unwittingly exposed millions to an account and data breach – as well as a breach of inherent trust. Leave it to a third party (FossBytes) to take it upon themselves to advise Dropbox users to change their passwords immediately, and also choose strong passwords that are changed “from time to time,” a.k.a. every few months. This is probably a habit everyone should get into for any website containing personal data they can’t afford to have hacked. The Argument for Better Cloud Security The Dropbox debacle underlines the need for better cloud storage security, as that’s what type of platform Dropbox is and was at the time of the hack of their database in 2012. Some may argue that cloud security has advanced significantly in the intervening four years, but – has it advanced enough? The company claims that those passwords that were reset or accounts that were created after 2012 have no chance of being affected, but how can the Web-buying and online-using public be 100% secure in that notion? Lightning doesn’t often strike twice, that’s true. But, there are demonstrable patterns of malicious behavior by hackers, combined with a Web-using public that tends to let down its guard that should bring a rallying cry from IT experts and cybersecurity specialists everywhere: “Encrypt, reset, and be ever-vigilant out there.” Consult an IT Pro About Passwords and Data Encryption {company} is the leader in providing managed IT services in {city}. Contact our expert IT staff at {phone} or send us an email at {email} if you have any questions or concerns regarding data encryption, passwords, or protecting your valued data online, and we will be happy to answer any and all your questions.

After spending a half-decade operating undetected, an APT (advanced persistent threat) known as “ProjectSauron” has been uncovered by both Symantec and Kaspersky Labs. A group called “Strider” has been using Remsec, an advanced tool that appears to have been designed for spying. According to Symantec, the malware has been active since at least October 2011. Symantec became aware of ProjectSauron when their behavioural engineer detected the virus on a customer’s systems. Kaspersky’s software detected the malware in a Windows domain controller as an executable library registered as a Windows password filter. The spyware can deploy custom modules as required, and has a network monitor. Once it has infected a system, it can open backdoors, log keystrokes, and steal files. It is heavily encrypted, allowing it to avoid detection as it takes control, moving across the network and stealing data. As many of its functions are deployed over the network, it resides only in the computer’s memory, not on disk. This, along with the fact that several components are in the form of Binary Large Objects makes it extremely difficult for antivirus software to detect. So far, evidence of a ProjectSauron infection has been detected in 36 computers by Symatec, spanning seven separate organizations in Russia, China, Sweden, and Belgium, as well as individual’s PCs in Russia. Kaspersky has found more than 30 infections across Russia, Iran, and Rawanda, and suspects that Italy may also have been targeted. Both Symantec and Kaspersky have suggested that a nation-state may be behind this APT. Kaspersky has collected 28 domains and 11 IP addresses in the US and Europe that may be connected to ProjectSauron campaigns. While it appears that the spyware has gone dark, no one can confirm whether or not Strider’s efforts have ceased. If Strider is in fact a nation-state attacker, these infections will likely continue to crop up. The fact that ProjectSauron operates by mimicking a password filter module is yet another indication that it may be time for technology users worldwide to move away from relying on passwords, favoring instead biometrics and other more sophisticated security measures. Need more information on how to best protect your data, devices and business against malware? Contact {company} at {phone} or {email} with your questions. We’re the trusted IT professionals.

There is no doubt that the internet has made doing business across the street or across the world easier. Borders and barriers don’t exist for the most part (except in certain totalitarian countries). You can reach customers around the world 24/7. Now that the internet is firmly entrenched as a major tool for business for communications, marketing, data storage and information sharing; risk is involved with usage, and criminals seem to always be a step ahead of virus and malware protection using a basic online protection source. So, let’s take a look at some of the most popular ways that small- and medium-sized businesses are hacked and how your business can protect itself from them. Popular Hacker Schemes Literally hundreds, if not thousands, of schemes exist for stealing data such as personal financial information (PFI) and personal identifying information (PII). In addition to stealing your data, a newer scam has come into play against businesses of all sizes called ransomware. Let’s get started. Phishing Scams Email phishing has been around as long as email has, but phishing expeditions have migrated from exclusively attacking individuals to include businesses too. The most common ways that this type of scam works is that you receive an enticing email with an attachment to open. These emails are sent out by the thousands from criminals that want to access your stored data so they can use any PPI and PPF you have about your customers. Generally, the email looks legitimate, has no grammatical errors, and often includes the legitimate logo of the company for which the email purports to come. Industry experts have estimated that only 0.4 percent of people receiving these fake emails fall for the criminal’s ploy. Sure, it doesn’t sound like a high risk, but it is extremely powerful for criminals who send out hundreds of thousands of these emails; with just a 0.4 percent response rate, they have entrapped data from 400 businesses. Buffer Overflow This scheme works when a black hat hacker responds to an online form. The hacker inputs more data than your business system can handle; included in the excess data is code that is complex and designed to: Steal your data; Cause harm to your system; or Provide the hacker with a backdoor into your network Ransomware Attacks First used against individual computer owners, ransomware also has become a huge income source for the black hat gangs. They gain access to your system by sending a member of your company an email that offers a free download or newsletter. People that open this kind of email also open the floodgates for cybercriminals to take control of your system. Another point of entry is from an infected website offering downloads. Once your system is breached, all your data is encrypted, and to get it back, you must pay a ransom. Prevention of Cyberattacks You can do a lot to prevent cyberattacks from succeeding. Following are some tips to help your business stay secure. When individual passwords are needed, have employees create random passwords, including upper and lower case letters, numbers and some symbols. Never use an actual word as programs can easily hack them. The longer the password, the more secure it is. Educate employees at all levels of your organization about the dangers of opening emails from strangers or downloading items from unknown sources on the internet. Invest in the best antivirus and anti-malware protection available. Patch all software as soon as a patch arrives. Update software too when updates become available. Consider using an outside managed services security provider to help keep your system safe and secure. {company} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at {phone} or send us an email at {email} for more information.

If you’re currently unfamiliar with the concept of ransomware, consider yourself lucky – it is by far one of the most dangerous threats that Internet users and businesses all over the world face today. Ransomware viruses actually encrypt either certain files on a user’s hard drive or the entire drive, completely blocking access unless the victim pays a “ransom” to their attacker. The amount of the ransom tends to increase as time goes on, giving people an incentive to pay sooner rather than later – especially if they find themselves unable to fix the issue on their own. Should you become the victim of a ransomware attack, knowing how to identify the particular strain you’ve been hit with is one of the most important parts of being able to fix this problem once and for all. Cerber One of the most common types of ransomware that Internet users face today is called Cerber, officially classified as RANSOM_CERBER.A. What makes Cerber unique is that it actually has a voice feature that reads the on-screen ransom note out loud, as opposed to other strains that make the user read it as plain text. Cerber is also unique because it doesn’t encrypt an entire hard drive, just files it believes will be particularly valuable to the victim. These include files with extensions like DOC, DOCX, PDF, MP3, MOV, MP4, JPG, JPEG and more. CryptXXX CryptXXX, officially classified as RANSOM_WALTRIX.C, is another common type of ransomware that is regularly updated to make it more difficult for experts to combat. Not only does CryptXXX encrypt a user’s hard drive, but it is unique in that it actually has the ability to lock a user out of their hard drive altogether. When the user boots their affected computer, they are greeted by a screen that prevents their operating system’s desktop from loading at all. Jigsaw Jigsaw, officially known as RANSOM_JIGSAW.I, is certainly one of the more colorful types of ransomware in existence. In addition to display a message indicating that all photos, videos, documents and other files on a hard drive have been encrypted, Jigsaw displays a graphic of the main villain from the “Saw” series of movies – also appropriately called Jigsaw. Jigsaw also has a built-in timer that counts down the seconds until the ransom is increased, instilling a sense of urgency in the owners of infected computers. Mircop Mircop, also officially classified as RANSOM_MIRCOP.A, uses a particularly unique tactic to scare its victims into paying as much money as possible for the ransom. When the ransom note is displayed on an infected computer, it also displays an image of a hooded figure in a Guy Fawkes mask – similar to the imagery used by the hacker group Anonymous. Even though there is no confirmation that Mircop is affiliated with that group, the implication is there and people tend to react accordingly. Most interestingly is the fact that in June of 2016, the Mircop strain demanded one of the biggest ransoms for any ransomware attack seen at any point up until now. The ransom note on one victim’s computer demanded 48.48 Bitcoins, which roughly translated to $32,239 at then-current exchange rates.

How to back up Hyper-V to Amazon. Public clouds have quickly become an incredibly cost effective option when it comes to backup storage. One of the more widely known public cloud services on the market is Amazon Web Services (AWS), which is commonly used as an alternative data center more than an off-site option. So given the large amounts of Hyper-V and Windows Server operating in Amazon Web Services, many have decided that it may be a good option for backing up data and workloads. This process can be a bit confusing, so we’re going to explain how businesses back up their information through Amazon Web Services and how the process works with Hyper-V. Here’s a look at how to back up Hyper-V to Amazon. How to Back Up Hyper-V to Amazon When backing up Hyper-V to Amazon Web Services, you’ll have to log in to AWS and select the Storage Gateway option from the Services menu. This will direct you to the Getting Started section, with the Amazon Web Services Gateway screen. From here, you’ll want to click the “Deploy a New Gateway” link — located in the Navigation pane — and your browser will then open the Activate Gateway wizard and Setup. The wizard will then open its first screen, which will ask you how you want to run your gateway. A series of options will appear, and you need to select the Gateway Virtual Tape Library option and click on Continue. You’ll receive a warning message that will indicate that you’re configuring your gateway as a VM. It should be mentioned that Amazon Web Services operates with Hyper-V 2008 R2 (and higher) and VMware ESXi 4.1 (and higher). Other qualifications/requirements that AWS needs for maximum performance are: 4 or 8 virtual CPUs. 75 GB worth of storage. 7.5 GB of RAM. Importing Hyper-V to Amazon The next step in the process is importing Hyper-V to Amazon Web Services. For starters, you’re going to want to open the Hyper-V Manager and select the Import Virtual Machine command, found in the Actions pane. Windows will then open the Import Virtual Machine Wizard, which is when you’ll need to click Next to bypass the Wizard’s welcome screen. From here, you’ll be prompted to specify the folder containing the VM you would like to import, and you’ll want to select the VM that has been downloaded. For this process to work, you need to decompress the .ZIP file and copy the contents to another location, which would be AWS-Storage-Gateway-HyperV-2012AWS-Storage-Gateway. After that, click Next, which will then prompt you to select the VM you’d like to import. You’ll want to select your Amazon Web Services link and then select the type of import it falls under. Once you find the option that works best for your environment, you’ll want to click Next and specify the virtual switch that the gateway VM should use. After you’ve accomplished this, click on Next and then click on Finish to complete the process. Applying Security, Cached Storage, Upload Buffers, and More Amazon Web Services offers a wide range of capabilities that you can easily customize to suit your needs. Whether you want to apply the security you need to protect your data, create an upload buffer, or create cached storage, Amazon Web Services can handle it all and cater to the needs of your business. So in consideration of the information above, backing up Hyper-V to Amazon Web Services is possible without too much confusion on your end. But if you’re still having trouble with the process, {company} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more information.

Not so long ago, if your organization had a robust security suite that included a firewall and antivirus, you could feel reasonably secure. The antivirus vendors spent a lot of time and manpower keeping up with the software code, or “signatures,” that identified malicious code trying to enter your network. As long as your IT group kept the signatures updated according to the vendor’s recommendations, and your firewall access parameters were fairly stiff, you were doing just about all you could do–or needed to do. We are constantly learning new ways to defend against exploits, because the exploiters never stop learning new ways to try and gain access to our resources. With the latest wave of threats, however, it is no longer safe to leave cyber security entirely up to your IT/IS team. Your office staff, and, in fact, everyone who uses a networked computer, needs to be trained on the latest wave of serious threats. Everyone who uses a networked computer will be a weak link in the chain, until they accept and internalize their role in protecting the infrastructure. That’s the bad news. The good news is that the training need not be extensive nor expensive. One of the most prevalent new exploits is entering networks entirely invited by an email recipient. A user on your network gets an email with an attachment labeled “Order Update List for June 2016” (this is a fictitious example). The user, who normally wouldn’t receive such a document, opens the attachment out of curiosity. The attachment has a malicious payload embedded in it that –BOOM–is now on your network. What would a criminal hope to achieve on your network? Data–lots of it–is stored on your servers. Names, birth dates, Social Security numbers, business account information, every piece of data you store has a value to you, or you wouldn’t store it. It also has value outside of your perimeters. Stolen data is a lucrative operation, and these programs may provide access to it. Alternatively, these payloads can contain an encryption program that will start encrypting the files on the computer on which it is run. It also moves out to mapped network drives and starts encrypting files on your server shares. It only takes one of these to bring your organization to a grinding halt. If your IT/IS team hasn’t been diligent on backups, and/or doesn’t know how to restore from the backups, your data is held for ransom by this crypto-malware until you pay the ransom. As unsettling as that is, your users can be quickly trained not to open mail attachments if they don’t understand why they received them. Even expected attachments, if received out of cycle, should be considered suspect. The recipient should call the sender and ask for an explanation. Macros can be helpful in calculating financial transactions, but documents you receive from external sources should not contain macros. Ask senders to send a version of the document with only the data, not the macros. Every business is fighting the same battle against cyber criminals, and we all have to cooperate and work together. On the sending end, your staff should not be sending documents containing macros outside of the network. If you are sending something out of cycle, be proactive in providing an explanation. Do you need some more information on this topic? {company} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more information.

While Apple malware isn’t unheard of, it is less often found in the wild. The illusion of perfect security entertained by many Apple users gets easily shattered when a new bug appears on the horizon. Eleanor is the latest of these OS-specific malware applications; it opens a backdoor into the computer it infects, allowing total control of the system through a hidden Tor service, a PasteBin client and a PHP Web Service. These three elements allow the attacker to gain access to the entire system and even use it without alerting the user to his presence. How Does Eleanor Propagate? Eleanor, apparently so-named by its creators, installs itself on its victims’ computers through an otherwise inoffensive application, EasyDoc Converter. This application, available through MacUpdate, converts Apple file formats to Microsoft Word formats. However, at the same time, it installs a backdoor for cybercriminals to access the computer. What About Apple App Certification? Apple users know that the company certifies every application available on its App Store. Apple is known to reject apps that don’t meet its high standards, and definitely wouldn’t allow such a disruptive piece of malware through its fingers. EasyDoc Converter, however, is not certified with Apple. Mac OS X will show this to any user who attempts to install it, requiring the user to bypass this measure of protection by enabling the installation of unsigned third-party applications. Not every unsigned app is malicious, but every malicious app is unsigned. As a result, while you may breeze through the warning pop-ups that occur when downloading and installing an application off the internet, you may want to double check those and make sure you’re only installing signed apps downloaded from the Apple App Store. Enable GateKeeper On Your Mac Another measure of protection that you should verify on your mac is called Gatekeeper. To enable this application, go to System Preferences and click on the Security & Privacy pane. From there, you should see whether Gatekeeper is enabled or disabled. Earlier versions of Mac OS X do not use Gatekeeper, but have similar settings available on the same page. However, one of the best ways to protect your computer from malware is by keeping it updated. If you are not using the latest Mac OS X, you should download it and install it on your system. Also, make sure all of your applications are up to date as well. You may not have caught Eleanor, but you could easily catch the next one that comes around. {company} is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more information.