All posts by GreenPages Blog

Grim ‘Reaper’ Botnet Could Come for Your Candy

'Reaper' Botnet

 

By Tony Ramsey, Practice Manager, Networking & Security

IoT devices and gadgets which are the primary target of the ‘Reaper’ botnet present a new attack vector and easy-to-exploit vulnerabilities. These vulnerabilities. coupled with the number of IoT devices, have certainly helped the ‘Reaper’ botnet reach the critical mass needed to deliver a massive DDoS attack or a crippling payload to its victims. But don’t fret, it hasn’t done so yet. When compared to the Mirai botnet attack last year, the good news is that security experts are more prepared for it. 

The major concern is the sheer number of infected devices and their combined computing power harnessed by botnet controllers through injection of malicious code that has the potential to cause massive problems.  

The numbers provided by 360 Netlab are impressive:

Infected bots connected to one controller: About 28,000 infected devices

Number of devices vulnerable to ‘Reaper’ botnet: As far as two million

It’s important to note, however, that this botnet has already lost the element of surprise. The ‘Reaper’ botnet controllers and some of its code are now known to the internet security community. Its method of infection: exploiting known vulnerabilities and its propagation between devices are also being analyzed.

Therefore, it is no longer a question of detection but prevention.  

This is certainly the time for device vendors to provide security patches for hardware and software platforms to address the specific exploitable vulnerabilities.

There’s much anxiety in the internet security community since we’ve not yet seen any attacks or malicious activity and the Reaper botnet still seems to be in the expansion phase; its intention for a concerted malicious attack is yet unknown, but we know that its potential magnitude of damage is quite large. 

Some of the infected networked devices are mainly for home and SOHO use, so education and awareness is needed by consumers who aren’t necessarily accustomed to applying security patches and in-depth configurations for threat mitigation.

‘Reaper’ Botnet Update:

The original claim in the security world that this is one of the largest botnet infections ever has been significantly reduced. As of today, the prediction is that the ‘Reaper’ botnet isn’t as far reaching as expected, but it could change at any moment. The question is, will the ‘Reaper’ botnet cause more widespread damage than the infamous Mirai?

 

On Being Named a VMware vExpert

By Chris Williams, Solutions Architect

I love learning new things.  I also love sharing the knowledge that I have out to folks who are interested in it. That’s why I started this blog. That’s why I help to run VTUGAWS-PUG and host/present for vBrownBag. This is on top of my full time role at GreenPages 🙂 It’s a labor of love and for the most part people don’t know how much time one has to put in on the back end to make something look pretty enough to see the light of day.

How I see every 1st draft I create

The vExpert program is a great recognition of those of us who, in addition to having a full-time day job, also enjoy spending time giving back to the community. vExperts come in all shapes and sizes:  bloggers, presenters, evangelists, user group leaders, podcasters, etc… Simply going through the roster of current vExperts will give you an amazing research base from which to pull knowledge in the future. Every year when the new VMware vExpert Awards are announced, I go through the list and add any new vExperts who are relevant to my particular areas. I am honored to be a part of a community of folks whose articles I’ve been using for years to help me do my job 🙂

Now I’ve been bestowed an even bigger honor in being chosen, among the ranks of the existing vExperts, as deserving of the vExpert Cloud designation. Thanks and congratulations to all who received the award and the team in VMware who makes all of this happen!

Congrats to our very own Chris Williams for his vExpert Cloud designation!

Tech News Recap for the Week of 10/23/17

If you had a busy week and need to catch up, here’s a tech news recap of articles you may have missed for the week of 10/23/2017!

Crucial strategies for strengthening network security. How digital transformation is reshaping the IT budget. Why network nerds are excited about SD-WAN. Microsoft Azure gets the managed Kubernetes services. Cisco scoops up BroadSoft, boosts communications tools portfolio. Bad Rabbit ransomware emerges and more top news this week you may have missed! Remember, to stay up-to-date on the latest tech news throughout the week, follow @GreenPagesIT on Twitter.

Tech News Recap

Featured

IT Operations

  • How digital transformation is reshaping the IT budget: The journey of 3 CIOs
  • Why network nerds are so excited about SD-WAN
  • GE adds edge analytics, AI capabilities to Predix industrial IoT suite
  • Solve the mystery of VDI licenses
  • How virtualization continues to redefine IT by extending beyond VMs
  • Field of digital dreams: Why MLB is betting its future on big data, Wi-Fi, apps, and AR

[Interested in learning more about SD-WAN? DownloadWhat to Look For When Considering an SD-WAN Solution.]

Microsoft

Dell

Cisco

  • Cisco scoops up BroadSoft for $1.9 billion to boost communications tools portfolio
  • Cisco, Google partner to simplify hybrid cloud deployments
  • Cisco rolls out new storage networking telemetry capabilities

HPE

IBM 

Cloud

  • Fidelity Investment’s key to hybrid cloud: Application flexibility
  • Trusting the cloud? Trust yourself more

Security

Thanks for checking out our tech news recap!

By Jake Cryan, Digital Marketing Specialist

While you’re here, check out this white paper on how to rethink your IT security, especially when it comes to financial services.

Eight Crucial Strategies for Strengthening Network Security

strengthening network security Strengthening Network Security

Strengthening network security is vital to your organization. Check out the tips below to ensure you are well protected.

Leave no host forgotten, know your hosts (all of them)

Any and every device capable of wired or wireless access with an IP address should be known in your environment. This goes beyond desktops, laptops, servers, printers, IP phones, and mobile devices. The “Internet of Things” presents a larger potential footprint of hosts including environmental monitoring and control devices, security cameras, and even things like vending machines. IoT devices all run operating systems that have the potential to be compromised by hackers and used as a platform for performing reconnaissance of your network for more valuable assets. Ensure inventory lists are valid by performing routing network scans to identify unknown devices.

Understand your users’ behavior

Knowing the culture and habits of users, like when and where they work, is important for establishing baseline behavior patterns. Also, the types of work they do online such as researching, downloading software, and uploading files will vary greatly by industry. For example, users at a law firm are not going to have the same internet usage behavior as users at a software development company. Even within an organization, there will be differences between administrative and technical engineering user behavior. Knowing the behavior of your users will make it easier to identify what is normal versus abnormal network traffic.

Understand what talks to what and why

The network traffic patterns in your organization should represent the usage of critical business applications that users need to do their job. Understanding these traffic flows is critical to building effective security policies for ACLs, stateful firewall policies, and deep packet inspection rules on network security devices. This applies to traffic within your internal private networks, what is allowed in from the outside, and especially the type of traffic allowed to leave your organization.

Control what is running on your hosts

The more applications and services running on a host, the more potential for exposure to software vulnerabilities.  Software updates are important for bug fixes and new features but security related fixes to applications are critical. Limit the types of applications users may install to reputable software vendors that take security updates seriously. Staying current with operating system security updates is even more important. Situations when legacy applications require older EOL operating systems to run on your network should be monitored very closely and if possible should be segmented to dedicated VLANs.

Know your data & control your data

Understand the data that is critical to your business and classify that data into different levels of sensitivity. You must ensure that encryption is used when transmitting highly sensitive data across the network as well as limit access to sensitive data to only those who require it. It is important to implement effective logging on all devices that store and transmit sensitive data and perform routine checks of your backup solutions to ensure the integrity of critical data backups.

Monitor and control your perimeter (egress too!!)

The network perimeter of your organization includes Internet and WAN connections but also wireless access points. All three of these perimeter pathways need to be protected with the highest levels of access restrictions.  Next-generation security appliances should be deployed on all perimeter segments to provide deep packet inspection, content filtering, and malicious URL inspection. Centralized logging of network and security devices using a security information event management (SIEM) solution is vital for analysis and correlation of logging data.

Train your users: they are your weakest link and your best defense

Deliver routine end-user security awareness training to keep users up to date on ways to recognize suspicious email content and websites. Perform routine experimental phishing campaigns to determine how well users are able to identify suspicious emails. Review policies with users on how to manage sensitive data. Make sure users are aware of non-technical methods used by hackers such as social engineering tactics to extract information about your organization.

Implement strong authentication controls

Use multifactor authentication for wireless and VPN remote access whenever possible. Restrict the usage of local user accounts and require complex passwords that must be changed regularly. Implement 802.1x security on wireless LANs as well as wired network connections that are accessible to common areas in your facility.

Utilizing the tips above can go a long way in strengthening network security, reach out to your account manager or contact us to find out more about strategies to strengthen your network.

By Kevin Dresser, Solutions Architect

Tech News Recap for the Week of 10/16/17

If you had a busy week and need to catch up, here’s a tech news recap of articles you may have missed for the week of 10/16/2017!

KRACK and Adobe Flash vulnerabilities, what to do. Cloud computing market projected to reach $411B by 2020. Dell bets big on IoT. Hybrid cloud strategies growing. 5 cloud computing trends to prepare for in 2018 and more top news this week you may have missed! Remember, to stay up-to-date on the latest tech news throughout the week, follow @GreenPagesIT on Twitter.

Tech News Recap

Featured

IT Operations

[Interested in learning more about SD-WAN? DownloadWhat to Look For When Considering an SD-WAN Solution.]

Microsoft

  • Microsoft shows off its Fluent Design changes to Windows 10
  • Microsoft‘s new Android invasion has started
  • Microsoft claims another cloud win as Symantec moves onto Azure
  • Microsoft shuts down Krack with sneaky Windows update
  • Microsoft to expand Azure Government Secret cloud option for handling classified data
  • Microsoft hits back at Google’s approach to security patches

Dell

  • Dell makes a big bet on IoT

VMware

Trend Micro

  • With the products, ecosystem, & strategy to become an enterprise security leader, Trend Micro is ready to move up

Cisco

IBM 

  • IBM launches two new services to help businesses move to cloud computing
  • IBM rocks the cloud: Purists moan but customers love big blue’s $15.8-Billion dollar cloud business

Cloud

Security

Thanks for checking out our tech news recap!

By Jake Cryan, Digital Marketing Specialist

While you’re here, check out this white paper on how to rethink your IT security, especially when it comes to financial services.

KRACK & Adobe Flash Vulnerabilities: How to Protect Now & Prevent Later

Security VulnerabiilityAs you may know, there were multiple major security vulnerabilities announced yesterday. One specifically related to the WPA2 WiFi Security Protocol dubbed “KRACK” and another related to Adobe Flash. What happened and how can you protect your environment from the KRACK & Adobe Flash vulnerabilities? Below is what we shared with our current Managed Services customers, but even if you work with another provider or handle all of your IT system monitoring and management yourself, this may be helpful toward further understanding your risks and how to protect your environment.

WPA2 “KRACK” Vulnerability


What is it?: A critical vulnerability in the WiFi Protected Access II (WPA2) protocol which could allow someone within range of your wireless network to gain unauthorized access to traffic over that connection. 

This vulnerability applies to any device that utilizes the WPA2 protocol to establish secure connections, including Wireless Access Points, Endpoints (laptops, desktops), and Mobile Devices.

Microsoft has already released a patch and it is included in the October Security Rollup. For customers currently enrolled in our desktop patching program, this roll-up has been approved for immediate install. For customers enrolled in our Server patching program, we will apply the October Security Rollup per the normal patching schedule as servers typically will not have WiFi enabled. 

Further – some recommendations for your end users:

  • Avoid public WiFi (such as coffee shops, hotels, etc.)
  • When connected to WiFi, try to limit browsing to HTTPS sites
  • Consider using a VPN which will encrypt traffic end-to-end

While patching your endpoints will substantially mitigate the vulnerability, GreenPages will be watching for upcoming available patches and updates for the network devices in your environment in the coming days and weeks and will work with you to apply those expeditiously.

More specific details on this WiFi vulnerability can be found here.

Adobe Flash Vulnerability:

Adobe released a security update for a vulnerability that was recently discovered that could lead to remote code execution. 

  • If you are currently enrolled in a 3rd party patching program that includes Adobe Flash, we have already approved this patch for deployment to your environment.
  • If you are not enrolled, due to the risk potential for this vulnerability, it is highly recommended that you apply this patch to all devices in your environment. 

The Adobe Flash Security Bulletin can be found here.  

We’ll be writing a follow-up post next week about the KRACK & Adobe Flash vulnerabilities once the dust has settled to see how the industry has reacted and responded to these vulnerabilities so please check back then.

To learn more about GreenPages Server, Desktop, 3rd Party Patching, and Managed Services Programs, please call 800-989-2989 and we can set up a call to discuss.

By:

Jay Keating, VP Cloud & Managed Services
Aaron Boissonnault, Director, Hybrid Cloud Operations
Steve Stein, Director, Client Services

Tech News Recap for the Week of 10/09/17

If you had a busy week and need to catch up, here’s a tech news recap of articles you may have missed for the week of 10/09/2017!

Achieving hyper-flexibility by migrating your network to AWS & Azure. Networking trends of 2017. Building a modern help desk. How Azure Stack helps deliver intelligent cloud and edge computing. and more top news this week you may have missed! Remember, to stay up-to-date on the latest tech news throughout the week, follow @GreenPagesIT on Twitter.

Tech News RecapTransform IT Security

Featured

IT Operations

[Interested in learning more about SD-WAN? DownloadWhat to Look For When Considering an SD-WAN Solution.]

Microsoft

  • How Azure Stack helps Microsoft deliver the promise of intelligent cloud and edge
  • What’s new in Microsoft Visual Studio Code 1.17
  • Microsoft is banking on social platforms for VR adoption
  • Microsoft: We’ll have two-thirds of Office users in the cloud by fiscal 2019
  • Microsoft just ended support for Office 2007 and Outlook 2007
  • What is Windows 10 Fall Creators update? Everything you need to know about Microsoft’s big upgrade

AWS

  • GE solidifies commitment to AWS for IT apps

Dell

  • Dell launches $1B IoT division to mold a world of smarter cities

Liquidware 

  • 10 ways FlexApp has raised the bar for layering

VMware

  • VMware Fusion 10 updates Mac virtualization app, adds High Sierra support and Pro features

Citrix

  • How using Citrix XenApp in the cloud helped Nudie Jeans extend access to application across continents

Cloud

Security

By Jake Cryan, Digital Marketing Specialist

While you’re here, check out this white paper on how to rethink your IT security, especially when it comes to financial services.

Migrating Your Network to AWS & Azure to Achieve Hyper-Flexibility

What to Consider When Migrating Your Network

Network Consultant, Bobby Mazzotti, discusses how to migrate Layer 2 MPLS Networks to AWS & Azure and by moving away from traditional networks, you can achieve hyper-flexibility in your network. He also discusses what you need to consider first when migrating your network. The Azure vs AWS showdown has been going on for some time now. There’s no easy answer, so always take the time to figure out which is best for you!

Contact your account manager or reach out to us and set up a meeting to discuss your AWS/Azure migration initiatives.

By Jake Cryan, Digital Marketing Specialist

Tech News Recap for the Week of 10/02/17

If you had a busy week and need to catch up, here’s a tech news recap of articles you may have missed for the week of 10/02/2017!

New update on Yahoo data breach, now it’s every single Yahoo account. Three questions to ask about hybrid cloud. What visibility really means in IT. New Windows 10 security features and how to use them. How AWS saves their customers lots of money and more top news this week you may have missed! Remember, to stay up-to-date on the latest tech news throughout the week, follow @GreenPagesIT on Twitter.

Also, Cisco Connect is in Tampa, FL in just a few days! We hope to see you there! Register here.

Tech News RecapTransform IT Security

Featured

  • How to build a modern 24/7 help desk [infographic]

IT Operations

  • The changing role of Modern IT: How one solutions provider has evolved
  • What’s new in MySQL 8.0 Database
  • Keeping IT real: What visibility really means
  • Virtualization and IoT made for one another, but performance monitoring still essential
  • NetApp HCI launches at subdued user show

[Interested in learning more about SD-WAN? DownloadWhat to Look For When Considering an SD-WAN Solution.]

Microsoft

AWS

  • Amazon AWS saved its customers $500M by alerting them when they’re overpaying

Cisco

Cloud

Security

By Jake Cryan, Digital Marketing Specialist

While you’re here, check out this white paper on how to rethink your IT security, especially when it comes to financial services.

Transform IT Security

 

 

How to Build a Modern 24/7 Help Desk

Check out the infographic below to learn how GreenPages’ Help Desk helped a customer drastically improve service desk support while saving 30%. Learn how we can help you lower cost, reduce risk, and increase services efficiency. 

If you’d like to decrease time to resolution, measure service improvement, build a first-class knowledgebase, and leverage support communities, listen to this recent presentation from Jay Keating, SVP of Cloud and Managed Services, and Steven White, Director of Customer Service.

GreenPages Help Desk

 

By Jake Cryan, Digital Marketing Specialist