Friday
Nov302018

Naked Security Post: Huge Marriott breach puts 500 million victims at risk

by 

Marriott has today revealed that its Starwood guest reservation database has been subject to unauthorised access “since 2014”. The scope of the data breach is huge, covering nearly five years and approximately 500 million guests.

The company has created a website to deal with the breach at info.starwoodhotels.com (note that at the time of writing it redirects to answers.kroll.com).

Who’s affected?

The company warns that if you made a reservation at one of its Starwood brands in the last five years then you are at risk:

If you made a reservation on or before September 10, 2018 at a Starwood property, information you provided may have been involved.

According to Marriott, its Starwood brands include: Starwood branded timeshare properties, W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.

What data is at risk?

It seems that different guests may be subject to different levels of exposure, according to how much data they shared. Until you have successfully confirmed your level of exposure with Marriott, you should assume the worst.

Information put at risk by the breach includes “some combination of” name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, communication preferences, payment card numbers and payment card expiration dates.

Although payment card numbers were encrypted, thieves may have stolen the information required to decrypt them.

What happened?

Marriott has not revealed what events or security failures occurred (it may not yet know), but it has released some details about how it discovered the breach.

The company says that on 8 September 2018 it was alerted to an unauthorised attempt to access the Starwood guest reservation database. Security experts called in to deal with the incident revealed that unauthorised access to the Starwood network started as far back as 2014, two years prior to Marriott’s acquisition of Starwood.

On 19 November 2018, Marriott learned that a recent attempt to encrypt and exfiltrate data from the network had included data from the Starwood guest reservation database.

As you can see from what Marriott has revealed so far, it can be difficult for everyone concerned to tell the difference between data that has been put at risk and data that has actually been stolen.

Until they can confirm otherwise, victims would be prudent to assume they amount to the same thing.

Thursday
Nov082018

The New and Improved Root Cause Analysis in Intercept X

There are a lot of interesting things happening with Sophos Security Products these days. With the recent release of Intercept X with EDR you have even more information for forensic analysis of malware attacks.

To get the best results from your installation you need to have a Sophos XG Firewall, Sophos Central Enpoint and Intercept X.  Here is a case study some of the improvements in Root Cause Analysis in Intercept X.

Click Here

Thursday
Nov082018

ZDNet Reports: Windows 10 activation bug baffles, angers users

 

Another instance where Microsoft has a reported issue with a release that can have devastating results if you update with it.

Microsoft is working on a reported problem with their Windows 10 Pro system deactivating their license.

Microsoft states:

"Microsoft has just released an Emerging issue announcement about current activation issue related to Pro edition recently. This happens in Japan, Korea, America and many other countries," wrote the support agent.

"I am very sorry to inform you that there is a temporary issue with Microsoft's activation server at the moment and some customers might experience this issue where Windows is displayed as not activated. Our engineers are working tirelessly to resolve this issue and it is expected to be corrected within one to two business days, Daniel."

To see more on this issue: Click Here

Thursday
May312018

Action required: Security upgrade needed for uninterrupted QuickBooks services

Intuit QuickBooks

Effective June 1, 2018, all services within QuickBooks Desktop will need to meet updated system requirements. These industry standard security requirements will provide greater security and stability with TLS 1.2, an internet security protocol. To learn more about TLS 1.2, click here.

How does this impact you?
If these requirements are not met, services impacted include, but are not limited to the following:

  • Connected services such as Payroll, Payments, Online Banking, etc.
  • QuickBooks Desktop activation on a new computer
  • Password reset tool
  • Services that require Intuit account credentials such as My apps, secure webmail, contributed reports, etc.
  • Intuit Data Protect (IDP)
  • Ordering checks and supplies

What do you need to do?
Please take the following steps by May 31, 2018 to ensure uninterrupted QuickBooks services:

  1. Make sure the QuickBooks Desktop version you are using is updated to the latest release.
  2. Run the TLS 1.2 Readiness tool from this QuickBooks article on the computer where QuickBooks is installed to confirm your system readiness for TLS 1.2.
  3. If the TLS 1.2 Readiness tool indicates failure, you should review the details here to take the necessary steps.

For additional information, please see this QuickBooks article.

Thank you for being a valued QuickBooks Desktop customer.

Sincerely,

The QuickBooks Desktop Team

Wednesday
Apr112018

Sophos Ranked #1 in Malware Detection

MRG Effitas conducted a commissioned test comparing endpoint protection products’ ability to detect malware and potentially unwanted applications. Six different vendors, including Sophos, were reviewed in the test. This report will serve as an excellent proof point for Sophos. Some highlights of the report include:

Sophos ranked #1 at detecting malware. Sophos had an automatic block rate of 99.19% and a miss rate of 0.81%, half as much as next competitor. The percent of samples missed was over 11 times smaller than the average of the other vendors included in the study.

Sophos ranked #1 at detecting potentially unwanted applications (PUAs). Sophos detected 100% of the PUAs in the test, which is important as the sample contained a high number of cryptominers (aka coinminers) that are used in cryptojacking. Comparatively, four of the six vendors tested missed between 47% and 69% of PUAs.

Sophos’ false positive rate according to MRG Effitas was 0.05%, which is even more impressive when considering the corresponding best-in-class detection rates of in-the-wild malware and potentially unwanted applications.

You can read the report here.

You can download the report here.

Tuesday
Apr102018

Announcing Sophos Mobile 8.1 With Office 365 App Management

Hot on the heels of Sophos Mobile 8, we are pleased to announce that Sophos Mobile 8.1 is now available. New capabilities include support for devices running iOS 11.3, plus management and configuration of Office 365 applications on enrolled iOS and Android devices.

The new functionality means that admins can now use Sophos Mobile to manage and configure Office 365 apps on mobile devices. Admins will save time by using a single console, making policy creation and distribution very simple in the Sophos Mobile admin interface.

Office 365 app management features are available in both Sophos Central and when installed on premises. Customers will need an Office 365 license, but no other separate Microsoft license is required to enable app management.

Sophos Mobile 8.1 is available now for installation on the customer’s own premises with management in Sophos Central following on April 24, 2018.

To learn more as well as to find Sophos Mobile sales resources, please visit the Sophos Mobile product page.

Thursday
Apr052018

Exciting Upcoming Changes from PAconnect!

Over the last six months we have will been working very hard in creating better integration of all our administrative systems. If you have received a recent bill from us you'll see that it has changed from a tool system listing to a single system listing so that you are being billed just from our service management product.

The next part of her integration provides automated reporting of all the services that you currently have with us so that with a much quicker turnaround time on audit control of those services being billed to you. By integrating these two parts of our systems reporting, we are insuring a more accurate report to you on what you have been receiving as a service from us.

Another change that you will see is that your service billings will be billed separately from your discounted service contract. These are going to be two separate processes and will come to you as separate invoices. If you have quarterly or annual billings those also come under separate invoices as well. This should provide a much simpler method for you to track what services you are being billed for and when to expect the billings to occur.

We look forward to answering any questions that you might have discussing these changes.  will

Thursday
Apr052018

Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

Sophos

Technical Alert

Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

Date issued: 2018-03-26

Sophos has released a security update to Sophos Mobile and Sophos Mobile Control installed on premises. Customers running Sophos Mobile managed in Sophos Central or the hosted Sophos Mobile as a Service are not affected by this issue.

This update fixes a security bypass bug that could allow an unauthenticated user to access the administration console or the self-service portal.

This vulnerability was responsibly disclosed to Sophos on 2018-03-21. We are not aware of any attempts to exploit this bug in the wild.

We have assessed this update as critical and therefore advise you to install the update as soon as possible.

If you have Sophos Mobile or Sophos Mobile Control version 6.0 or later, please login to the Sophos License Portal, download the security patch for your version and apply immediately.

If you have Sophos Mobile Control 5.1 or earlier, you need to upgrade to the current version. For more information please read the article https://community.sophos.com/kb/128031.

For more information, please read this knowledge base article on our support site: https://community.sophos.com/kb/131867.

Note: We would like to make you aware of a vulnerability affecting Sophos Mobile customers running the product installed on premises. Customers running Sophos Mobile managed in Sophos Central or the hosted Sophos Mobile as a Service are not affected by this issue. We will send the following email to all affected customers indicating any required actions. Please don’t hesitate to reach out to your account or support representative if you have additional questions.

Monday
Jan152018

PR: Sophos Mobile 8 Launch Update

Timeline:

January 17, 2018 – Sophos Mobile as a server (SMaaS) upgrade to version 8

January 17, 2018 – Sophos Mobile 8 for installation on premises generally available to download

February 13, 2018 – Sophos Mobile 8 available in Sophos Central

February 26, 2018 – Announcement and public launch at Mobile World Congress 2018

Wednesday
Dec272017

Happy Holidays from Sophos

Thursday
Dec142017

Lenovo Deal that you should take advantage of…

I just picked up the 8 inch Lenovo Yoga Tab 3 8 . It is selling right now on Lenovo’s site they are selling for $139.39 and I can’t imagine them being around for long at this price. While is isn’t running the most current version of Android, it does have a lot of features that make it quite desirable. While I wish the screen was larger the 8 inch is bright and the unit feels good in your hand when you hold it especially when you have it in portrait mode.

It has a Qualcomm Snapdragon APQ8009 processor, comes with android 5.1 installed, the speaker is quite loud so there isn’t a problem hearing it. The battery life is quite impressive up to 20 hours of usage time. It has a SD Card slot that allows you to expand it up to 128GB’s. There is an 8MP integrated camera, only has  80d.11b/g/n WiFi and Bluetooth 4.0.

The unit is very comparable to Amazon Tablets in size and so far as I have seen is working well with of the apps that I have thrown at it. I basically purchased it to replace the TV that I have under the counter in the kitchen, I am thinking that it is going to fail sometime in the near feature and this will be a good replacement for that unit as well as being able to carry it around as desired.

So, I have it all set up with my wife’s favorite apps and I hope that she will enjoy it.

Wednesday
Dec132017

Need to check the calendar? Here’s a quick method of doing so in Windows 10.

IF you don’t have Outlook open and you don’t want to wait for it to open up then here is a quick and easy method of gaining access to your calendar information.

Windows 10 has added a easy method of checking what you have on your calendar by clicking on the date/time on your task bar. Look on the left had side of the taskbar and you will see something that should like the image below.

If you click with the left mouse button on the date/time you will see a pop-up calendar highlighting today’s date with your current appointments listed. See image to the left.

When you click on different dates, that date’s appointments will appear in the list at the bottom of the screen. You can use the up and down arrows to change the month.

To jump quickly to another month or year click on the Month/Year heading and a pop-up will be displayed for quickly moving to the year and month you want to work in. That displays a list of months for the current year. Use the up and down arrows to change years or click the year heading to jump to a list of all years in the current decade.

To quickly jump back to the current date click on the date line above the calendar and below the time display and you will instantly move back to the current date.

(Windows tip of the Week idea from Ed Bott of Microsoft Weekly)

Friday
Nov172017

Quick demo showing how you can initially setup your account that has been created with auto change password and how to install your Office Suite Desktop Software.

Thursday
Oct262017

Sorry if you missed the Sophos Rise Over Ransomeware event yesterday

There was a good turnout yesterday at the Cranberry/Pittsburgh event. Sophos presented a lot of good information to everyone that attended about the state of the Sophos products and the story behind the Synchronized Security Solution.

Wednesday
Oct252017

Sophos Launches New XG Firewall Version, Adds New Application Visibility And Deployment Options

This is a great article from CRN on the new release of the version 17 SFOS operating system. One of Sophos PAC members had quote in it which is sums up the positive direction that Sophos is taking towards their Synchronized Security capabilities for your network. Good job SAM! It is good to get the word out about one of the best good news stories in the security industry and the major reason for looking at Sophos then any other solution.

If you are not aware of the Sophos Synchronized Security Story you may want to take a look at the video below. Each new version of SFOS and the Sophos Central Products bring your network more security with each new component that you add to it.

See a quick video below to get a better view of what I am talking about:

Tuesday
Oct242017

Rocketbook by Everlast

Ok, I bit, but I love it! There are quite a few options out there for digitizing your handwritten notes but this seems to be very functional in how I use it. So here is the concept. The ring bound notebook contains pages that have a slick surface that allows you write on it with a gel pen (Pilot Frixion) and gives you the ability to erase the ink by using the rubber tip on the top of the pen or taking a wet paper towel and wiping the page clean. This of course makes the pages reusable. Now the how do you digitize it?

There is a Rocketbook App available that you program to process the page by taking a picture of the page. Wait, before you take that picture you need to have programmed your App to how you want it to work with the image. There are six icons on the bottom of each page. Place an X over the icon or icons that you want to choose. These icons represent your workflow for storing your captured page to different cloud locations like:

You set up the icons in the app with the pointer to the cloud applications/locations that you want your digitized pages to go. For example:

I use OneNote a lot so you can see that I have mine programmed to post pages to different OneNote notebook locations. Remember that once the images are there, you can move them very easily if you need to. The App currently support Box, Dropbox, Google Drive, Evernote, iCloud, OneNote, Slack, and email. The program supports both PNG and PDF formats.

While OneNote has the ability to convert “Ink” to text it does not have the ability to convert these digitized images. This would really be a neat feature if it were available.

The app even gives you the ability to bundle scans into one PDF if you would like. You can do this if you the following criteria are met:

  • Send as PDF is ON
  • Auto-send is OFF
  • The scanned pages are adjacent to each other and have the same symbol marked. For example, you can bundle pages 1 to 5 with the Diamond symbol marked.

I just like the thought of the number of trees I will be saving by not using paper anymore for capturing my handwritten notes. I get to keep using my writing skills and extend my ability to capture my thoughts into the applications that I can access from any device. Let me know what you think!

Tuesday
Oct242017

SnagIt 2018 is now available

Overview Video:

Upgrade Video:

Monday
Oct232017

What’s new in the Windows 10 Fall Creators Update

This Week on Windows is all about the brand new Windows 10 Fall Creators Update, including interviews for the new Photos experience, the Mixed Reality Viewer, Mixed Reality head-mounted-displays, a rundown of new gaming features, and much, much more. Check out more about the Windows 10 Fall Creators update at https://blogs.windows.com/windowsexpe...

Friday
Oct202017

LinkedIn Learning

So… Microsoft is now using LinkedIn for creating a method of delivering training on their products. I just went through looking at some of the new features in Outlook that were just released and though their notification link it with  a tab to access one month of free access to LinkedIn Learning. According to the site they have over 4000 training videos on various subjects (see image below). This is probably a direct off-shoot of LinkedIn’s purchase of Lynda.com. The courses that are available on Lynda are also available on LinkedIn Learning so from that standpoint they are the same. However, the main difference is the platform that the courses are delivered on – LinkedIn Learning is built on the LinkedIn platform which provides the learner with additional value in the form of recommendations that are personalized for you based on your profile, your professional network, the company you work for, etc.

There is also better integration on the platform with the content itself so when you learn new skills from taking a course, you have the option to easily add those skills to your profile.

LinkedIn Learning Subscription

LinkedIn Learning is available as a Premium subscription and costs $29.99 a month for a monthly subscription, plus taxes. Annual subscriptions cost $299.88 per year, plus taxes.

Learn more about the benefits of a LinkedIn Learning subscription and payment plans.

Note: If you have signed up for the one month free trial, your billed subscription will begin automatically at the end of the trial period. Learn more about LinkedIn Premium account free trials.

Friday
Oct202017

Get the Windows 10–Fall Creators Update

Download the Windows 10—Fall Creators Update SDK today. Want to learn more about what’s in it? Get the overview by watching the Windows Developer Day keynote and dive deeper with over 18 sessions on Windows 10 features and capabilities here.

And don’t forget to enter an epic sweepstakes with amazing prizes. When you submit or update a Windows Store app targeting Windows 10—Fall Creators Update (build 16299), you’ll have a chance to win one of five prize packages—each valued at over $8,000 USD.* You’ll receive one entry for each app or game you create or update that meets the criteria.

*No Purchase Necessary. Open only to Universal Windows Apps developers 18+. Sweepstakes ends November 17, 2017. For details, see Official Rules.