Archive for the ‘Security and Compliance’ category

Another security breach affecting millions.

April 2nd, 2020

The personal information of as many as 5.2 million Marriott guests may have been illegally accessed online, in the hotel group’s second major data breach in less than two years. The firm revealed Tuesday that information may have included names, phone numbers, birthdays, loyalty information and room preferences.

Marriott spotted an ‘unexpected amount’ of guest information had been accessed at the end of February using login credentials of two employees at a franchised property. whose logins have since been disabled while the group assists authorities with their investigation to track down the digital thieves. ‘The company believes that this activity started in mid-January 2020,’ Marriott shared in a statement.

In November 2018, the firm announced that 500 million guests’ data may have been exposed in breaches of the system for its Starwood portfolio that began in 2014. The recent data breach, according to Marriott, did not seem to include credit card information, passport numbers or driver’s license information. it is is offering affected guests free enrollment in a personal information monitoring service for up to one year.

Synergy support during lockdown -IT continuity guidance

March 29th, 2020

Despite the necessary lockdown we are still providing support , as best we can using a range of technologies. Microsoft Teams is helping members of practice to collaborate and assist each other.

Other than for emergencies Site visits will cease for this week, however we will be available for screen sharing sessions and conference calls.

We understand these are difficult times. You may be faced with staff absence due to illness due difficulty with travel. Ensure there is a disaster recover/continuity plan in action. Intermittent social distancing approach might be the normal way we live for at least 12-18 months.

Cybercrime is also likely to increase with new scams.

Help us to help you.

Consider shift working or staggered hours or hybrid office and home working as means to social distancing.

What if your available staff was cut by 50% for two weeks, or by 25% for 2 months? Consider if your System Admin is not there and your staff are home working.?

Improve your defences: Get servers, desktops, etc cleaned up of old temp files, update key patches and antivirus, clean down log files, review back up strategy and what is the current state of backups e.g on user laptops.
Write-up a list of your critical business services and applications that are essential to keep your company operating. Record the supplier and what you understand about their availability for remote working, for example:
- Main telephone line
- Email
- Database Applications
- Specialist “Line of Business’ applications (e.g. accountancy, architectural, legal)
- File Share and Documents
-Printers and Copiers.
Do you need additional flash storage to move or to back up data?
Who can give us access rights to dial into your system when needed?.
Who can add and suspend users?
Who can check backups?
Who can check logs?
Are key passwords securely stored?
What will be your procedure for support when your staff work from home?
Can staff take laptops home?
How will they dial into your network?
Data privacy laws
What new tools do you need? e.g.
- remote dial in connectivity e.g. to access a file on a network store
- enhanced security -you may have reduced staff to deal with any attack
- monitoring software
- central mobile network management e.g.to patch a device without needing it to come back to office.

Identify home-workers who are already set-up to work from home
Your business will already have users who regularly work from home. They will have some kind of mobile computer device that can access business cloud services or have secure access (VPN) into the office network to access on-premise services. These individuals are invariably set and ready to work from home.

Identify users that may access some business services available when out of the office (e.g. email on smartphone). These users may access certain business services, such as email, on a smartphone or home PC (webmail). However, is this be enough for them to do their jobs effectively. Identify what services they would need access to be fully productive if they were forced to work from home.

Identify users that have never accessed business technology system from anywhere but at the place of work. These users will likely work from a desktop computer in the office. They also have no remote working facility and may not even have a smartphone or home computer that can access business systems. Confirm that your users have working broadband Internet connection at their home
- Don’t take for granted that your users have broadband Internet at their homes or can get access to a good-quality connection.
- Is it adequate to access your business’ cloud and office systems.
- Confirm that your existing remote-working technology has the capacity to accommodate all of your users working remotely at the same time
- Even if you have the capability for remote working for all of users, have they all worked remotely simultaneously and can your business IT infrastructure handle this?
-Do they need any extra training to work this way?

- Speak to your IT team to ensure the equipment and bandwidth can withstand your entire organisation working from home.
- Speak to your telecoms providers and determine whether you have a cloud-based system. – If you have a cloud-based telecoms system then the likelihood of being able to setup remote extensions to manage your calls is very likely. Alternatively, you should very easily be able to divert your numbers online (via a portal).

If you have a fixed-line system, ask your provider how long it will take to setup a divert at the local telephone exchange and what is the process.

How will you leave policy be affected?

- Will there be return flights?
– What if staff are returning from an infected area?
- how much leave can they bring forward to supervise children off school or care for a sick relative?
How much can they defer because they can;t travel?

Travel Policy?
Airports, railway stations and other busy hubs almost certainly carry a higher risk than working in the office.

It may be a good idea to reduce face to face meetings and use online services like Teams to reduce travel risks.

Medical
Be ready for a rush of insurance claims.

Remote and home working

March 25th, 2020

Remote work is ever more popular due to the rapid technological

Organizations that adopt this model must allow their resources to be accessed by employees remotely. I

Benefits of remote work opportunities
This model has opened a range of benefits for both employees and employers. This model provides a suitable work-life balance for employees. The productivity of the employees sometimes increases substantially when they can work within their comfort zone. and are not fatigued with rush hour traffic. Collaborative working is much easier for dispersed groups with solutions like Microsoft Teams.Teams has already sold more than 1 million licences this year, as the coronavirus makes remote working a necessity.

Enabling remote work options to employees, a business can reduce risk of virus spread and shut down offices or skeleton staff and save on infrastructure and utility expenses.

Employees save on commuting expenses and reduce exposure to the virus or risk of transmitting to others. With schools closed for an uncertain period, and flights to and from home countries curtailed, right now it a necessity for many to work from home

Challenges with working remotely
There are a few common concerns with remote work. One of the concerns is the difficulty in managing remote workers and their work, as without direct supervision.

Any communication or access issues to the company application tools and software for remote workers can cause a sense of isolation and frustration for the employees.

Data security is another area of concern when company mission-critical applications are hosted in the Cloud for remote access. In this regard, the virtualization of applications and desktop environments creates easier and safer ways of remote access without the chance of critical data being compromised. However, not every virtualization solution is feature-rich, cost-effective, and at the same time easy to install.

Parallels® Remote Application Server (RAS) is a cost-effective virtualization software solution to deliver mission-critical virtual applications and desktop environments to end-user devices anywhere in the world.

We offer a FAST TRACK package to enable you to deploy Parallels RAS and extend remote access to any users in your organization,to maintain business continuity. You can quickly:

- Utilize Remote PC functionality in Parallels RAS.

- Use Parallels RAS out-of-the-box with multi-cloud deployments to publish virtual apps and desktops, such as Microsoft Azure and Amazon Web Services (AWS).

- Leverage on-premises infrastructure to quickly publish applications and desktops using our RD Session Host configuration wizard.

- Intuitive and seamless user experience (UX) on any device, allowing employees to access their workspace from anywhere, on any device, anytime.

- Enhanced data security with tools to help your organization monitor and secure applications, desktops and data in multi-cloud environments.

- Scale your IT infrastructure on-demand - quickly adapt to continuous workplace changes and demands for new applications or desktop types.

Supports multi-cloud deployments by offering fast, scalable, and reliable access to corporate applications from virtually anywhere.

The FAST TRACK package:

- Will not auto-renew unless you want to extend its use
- Will auto-expire at the end of term

A best-in-class user experience on any device—including HTML5 browsers, iOS and Android—retains your workforce productivity even on the go.

Parallels Client provides a local workspace–like experience on any device, keeping employees' productivity high no matter the device they use. Enable employees on the move to use the native touch gestures they know—swipe, drag, tap to click, zoom—with any Windows application on their mobile devices.

Parallels HTML5 Client provides a rich workspace experience, including support for local peripherals and file drag-and-drop. Employees can continue working on active applications and desktops even when switching networks. The HTML5 Client can be customized to fit specific departments or user demands.

Parallels Client permits multiple applications to run on your device. Different files can be kept open, allowing you to switch between them on demand. Functionality such as copy and paste can be used, including native gestures like swiping left or right to switch between applications and files.

Parallels RAS enables printing from any device, utilizing local printers without any configuration needed. The universal printer driver receives the printing job, compresses it and sends it back to the local device. There is no need to install local printer drivers when using Parallels RAS Universal Printing.

href="http://www.synergy-software.com/blog/wp-content/uploads/2020/03/parallels1.png">

- 24/7 access to your applications and files. Because the unexpected happens all the time.

- One simple tap on your mobile device, and you’re connected reliably to your computer.

- Access it from any other computer through a browser and your secure Parallels account.

- Navigate your hard drive easily to find a file or photo, then copy or open it with a tap.

Test the seamless web access UX on our HTML5 Live Demo.

Contact us now for more information. 009714365589

COVID -19 – Synergy Software Systems

March 23rd, 2020

Its a difficult time for all.
We continue to provide the best support service we can taking into account the safety of our staff, compliance with local health and statutory authorities, and the impacts of travel disruption for consulting assignments outside the U.A,E, or those returning from holiday.

Where possible please engage with us by email and telephone rand fax rather than seek face to face meetings.’

In most case support cases can be dealt with by screen sharing internet sessions. Similarly for training or for virtual meetings.

Any meeting should involve minimal travel, meeting duration, and minimum number of people and ensure appropriate social distancing and dispensing with shaking hands.

Please note that our building management are no longer allowing visitors to our building.

You may find yourself short of staff due to absence, or staff who cannot return from holiday. Consider engaging us to provide a limited set of managed services for essential tasks that can be done remotely e.g checking backups are complete, managing log files, adding new users.

In Lombardy’s northeastern city of Bergamo, 134 family doctors out of 600 – or 22% – had fallen sick or were quarantined, Guido Marinoni, the head of the local association of general practitioners, said….
“…….like fighting a war with a toy gun. I hope the rest of Europe learn from the good things Italy did, but also from our mistakes.”

Dr Hugh Montgomery, chairman of intensive care medicine at University College London, explained why Covid-19 is so infectious and why it’s so important to stop it as early as possible.
“If I get normal flu, I am going to infect on average between 1.3 and 1.4 people. When those 1.3, 1.4 people gave it to the next lot, that is the second time it gets passed on. By the time that is happening 10 times, I’ve been responsible for about 14 cases of flu.

This coronavirus is very, very infectious, so every person passes it on to 3 others.Now that doesn’t sound like much of a difference, but if each of those three passes it to three, and that happens at 10 levels of contact then I have been responsible for infecting 59,000 people.”

Grim and terrifying news – that starkly exposes the seriousness of the problem we all face. A Frontline Doctor For The Mail On Sunday

https://www.msn.com/en-gb/health/medical/the-look-of-panic-among-medics-patients-failing-to-get-oxygen-in-their-lungs-and-dangerous-under-dressing-of-staff-frontline-nhs-doctor-reveals-how-coronavirus-has-unleashed-terror-in-hospital/ar-BB11w4yB

Stay safe.

U.A.E. National Nutrition Guidelines ask Synergy Software Systems

March 18th, 2020

Ministry of Health and Prevention (MoHaP) launched the National Nutrition Guidelines (to serve as a unified national reference on food and nutrition education in the UAE’s community and health institutions. The guideline aims to:

- improve the nutritional status of the UAE’s community and raise awareness about healthy eating behaviour and lifestyle-related diseases
- reduce the prevalence of chronic and malnutrition diseases such as:obesity, diabetes, hypertension, heart disease, anemia, osteoporosis and vitamin deficiency
- scale down non-communicable diseases and mortality rates
- encourage individuals to engage in physical activities for better health.

The guidelines consist of six guides. These are:

- to support and promote a healthy living system through healthy food and physical activity
- to maintain healthy food intake at all stages of life
- to reduce calories resulting from high sugar, saturated and trans fats and to reduce salt intake
- to eat variety of diet food and drinks that are rich in nutrients and high in nutritional intensity
- to adopt healthy food patterns
-to achieve food safety.

The National Nutrition Guidelines were developed in collaboration with the U.A.E’s Food Security Office, the World Health Organization (WHO), the Gulf Nutrition Committee and the local government bodies across the U.A.E.

If you are involved in food preparation and menu planning and need access to comprehensive nutritional databases and easy to use software then callus and ask about our Nutrition solution.

Counterstrike against Necurs, a massive botnet

March 12th, 2020

Microsoft and an international consortium of partners this week launched a counterstrike against Necurs, a massive botnet that Microsoft had been observing and analyzing for nearly eight years.

Botnets are packs of hundreds, thousands or millions of PCs, sometimes called zombies, that have been infected with malware and are under the command and control of malicious actors. Under-patched and out-of-support Windows 7 computer can be infected with a Trojan that enlists that computer in various nefarious schemes. The zombie PC’s owner may notice nothing at all, or sometimes suspect a decline in performance. According to Microsoft, Necurs has had a role in a lot of those nefarious schemes.

Believed to be controlled by criminals in Russia, the botnet is also thought to have been used directly by its owners, as well as rented out as a botnet-as-a-service fy. One of its highest-profile roles was aiding in distribution of the GameOver Zeus banking trojan.

In the years since it first came to the attention of security researchers in 2012, the network has infected as many as 9 million computers globally. It has left its nasty digital fingerprints on pump-and-dump stock scams, fake pharmaceutical spam, Russian dating scams, Internet-based computer attacks, credential theft schemes, data theft attempts, cryptomining and, of course, ransomware. While botnets can be a key component of distributed denial-of-service (DDoS) attacks and Necurs has DDoS capabilities, Microsoft says that particular use for the botnet has not been documented.

BitSight, a cyber risk management platform provider that worked closely with Microsoft on the Necurs problem. alleged “From 2016 to 2019, it was the most prominent method to deliver spam and malware by criminals and was responsible for 90% of the malware spread by email worldwide,”

Microsoft on March 5 got an order from the U.S. District Court for the Eastern District of New York to take over the systems inside the United States that are used by Necurs for malware distribution and computer infections.

Microsoft and its partners crafted a sophisticated response built on the technical specifics of the Necurs botnet. Having studied the algorithm that Necurs uses to generate new domains, Microsoft used its considerable technical resources to jump ahead of the botnet .e to accurately predict over six million unique domains that would be created in the next 25 months,”wrote Tom Burt, Microsoft corporate vice president for customer security and trust, in a blog post.

The main counterstrike was launched Tuesday from what a detailed New York Times account described as an “eerily empty Microsoft campus” due to most workers having been ordered home to prevent the spread of the coronavirus.

” “Microsoft is also taking the additional step of partnering with Internet Service Providers (ISPs) and others around the world to rid their customers’ computers of malware associated with the Necurs botnet.”

As a concrete step, Microsoft is pointing users to the Microsoft Safety Scanner to help wipe their computers of malware, including Necurs.

Microsoft executives were resigned that any drops in spam, malware and cyberattacks would be temporary at best. In the NYT article, executives described the effort — sadly and accurately — as a game of whack-a-mole.

Cybercriminals are distributing malware using fake security certificate update requests

March 6th, 2020

Cybercriminals are distributing malware using fake security certificate update requests displayed on previously compromised websites, attempting to infect potential victims with backdoors and Trojans using a malicious installer.

The attackers bait their targets with a “NET::ERR_CERT_OUT_OF_DATE” error message presented within an iframe displayed over the site’s actual contents and asking them to install a security certificate that to allow their connection to succeed.

Security certificates (also known as digital certificates or identity certificates) are issued by Certification Authorities (CAs) and used to encrypt the communication between a user’s browser and a website’s server.When digital certificates are out of date and not renewed, web browsers display a notification letting the users know of the decrease in the security of their connection to the website.
Malware campaign active for at least two months

Security researchers at Kaspersky found the earliest signs of this campaign dating from January 16, 2020, with various types of websites being compromised and used to deliver malware to victims, from auto part stores to the site of a zoo.

The alarming notification consists of an iframe — with contents loaded from the third-party resource ldfidfa[.]pw — overlaid on top of the original page, The URL bar still displays the legitimate address.”
The code injected by the operators behind this campaign as a jquery.js script overlays the malicious iframe with the exact same size as the compromised webpage.

The iframe content is loaded from the address https[:]//ldfidfa[.]pw//chrome.html. As a result, instead of the original page, the user sees a seemingly genuine banner urgently prompting to install a certificate update.
If the targets fall for the attackers’ tricks and click the “Install (Recommended)” button under the fake warning message, they will download a Certificate_Update_v02.2020.exe binary that will infect them with malware instead of solving the made-up security certificate error.

Kaspersky discovered while monitoring these attacks that the victims will get infected either with the Buerak Trojan downloader that will download and install more malware onto infected computers. The Mokes backdoor was also spread as a malicious payload during early-January and used by the attackers to download additional malware, to steal the victims’ user credentials, capture keystrokes, records ambient audio every 5 minutes, as well as take screenshots and intercept information entered in the web browser.

Internet Explorer 10 browser on both Windows Server 2012 and Windows Embedded 8 Standard support to end on 11 Feb 2020.

February 4th, 2020

Support for the Internet Explorer 10 browser on both Windows Server 2012 and Windows Embedded 8 Standard is due to end on Feb. 11, 2020.

That means the end of free patch support for IE 10,all updates, paid assisted support options, and technical content updates for Internet Explorer 10 will be discontinued though the browser will still continue to run.

That will make IE 10′s at risk and organizations using Windows Server 2012 or Windows Embedded 8 Standard should upgrade to Internet Explorer 11.

Microsoft will push down IE 11 via the Windows Update service as an “Important” update to Windows Server 2012 and Windows Embedded 8 Standard users. Important updates typically are automatically installed for organizations that use the Windows Update service without management controls. IE 11 also will arrive as an “Optional” update for those Windows users that use Window Server Update Services to manage Microsoft’s updates.

Enterprise Mode can emulate IE 10 behaviors within the IE 11 browser.

For Windows Server 2012 and Windows Embedded 8 Standard, the end of “extended support” dates will be Oct. 10, 2023 and July 11, 2023, respectively. Microsoft changed its browser support policy with effect from January 2016, and only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates.

IE 11 however was released on Nov. 13, 2013, which didn’t result in an end to IE 10 because the new policy took effect in, 2016. The IE 11 browser will be the last and the new Chromium-based Microsoft Edge browser should be compatible with all supported versions of Windows and macOS, which implies that the new Edge browser will run on the Windows Server 2012 and Windows Embedded 8 Standard OSes.

Currently Chromium Edge preview looks a promising ‘zippy’ new browser that seems to perform better than IE, Edge, Bing, or Chrome.

Dynamics 365 licenses enforcement

February 3rd, 2020

Dynamics 365 Finance and Operations is updating its license enforcement to prevent access to menu items for which users are not licensed.

Licenses are now defined for D365 Finance, Supply Chain, and Commerce (Retail). Microsoft will control these tools but will not turn these on by default.

Team Member Licensing + Enforcement
• Customer Service Team Member App Module – a new app module for Team Member users. This will enable access in line with Team Member usage rights for: creating cases, read / update the user’s own cases and search / view knowledge articles.
• Sales Team Member App Module – a further new module for Team Member licenses that will support: viewing customer details, viewing leads / opportunities on a customer record, create / view activities for customer record, or on related leads or opportunities.
• License Enforcement – license-based access will restrict Team Member users to new designated app modules for Customer Service Team Member, Sales Team Member and Project Resource Hub.
• From April 2020, Team Member licenses purchased after 1 October 2018 will no longer be able to access Customer Service Hub, Sales Hub or custom app modules. Prior to this, administrators can enable enforcement within their environments to preview the impact for end users.

Cybercrime – more than 50% of companies were phished in 2019

January 25th, 2020

According to a new report by Proofpoint, ore than half of organisations were successfully phished for valuable intel at least once last year, they state that almost nine in ten organisations worldwide (88 per cent) reported a spear-phishing attempt, while 86 per cent reported BEC attacks (Business Email Compromise).

The same percentage reported being attacked through social media, and 84 per cent were targeted through text and SMS messages.

There were also notable Voice phishing and USB attacks.

More than nine million suspicious emails were reported in 2019 – 67 per cent more compared to 2018.

Ask us about a full protection suite that has never been breached.

Operating system: Windows
Stand out features: Cloud-based scanning, secure shopping, game mode, 24/7 tech support, Firewall included, Realtime protection, expansive feature set.

A solution suited for an expert user, once this program is installed, it is very effective at virus detection, and then keeps them totally isolated with a feature called Auto Sandbox Technology.

The cloud based antivirus scanning detects the latest viruses from across the internet, and does not only rely on local virus signatures being up to date.

End of support deadlines -Microsoft

January 15th, 2020

Businesses running Microsoft’s business software are facing all sorts of end-of-support deadlines at the start of 2020.

Major premises-installed business products are falling out of “extended support” this year, which means they’ll no longer get patches, including security updates, from Microsoft. It’s considered potentially risky to continue to use such “unsupported software” after their end-of-support milestones.

IT pros may have already reacted to address many of these milestones, but some workloads remain as problems to address.
Crashing deadlines are very near this month for organizations using Windows 7 and Windows Server 2008, but other important milestones loom, as well.
Windows 7 Client and Server Deadlines – Jan. 14, 2020 end-of-support date for Windows 7. That support deadline also applies to Windows Server 2008/R2, Dynamics CRM 2015, Dynamics GP 2015 R2, Dynamics NAV 2015,Dynamics SL 2015.
Later this year Office 2016 , and Outlook 2016 versions will also go out of support.

SnapLogic iPaaS in the news

January 14th, 2020

Snaplogic is a low code integration platform that is particularly suited to hybrid integrations between cloud and on-premise software e.g. for BI, CPM or ecommerce or EDI . several interesting recent news posts:

• Information Age – Should you consider adopting a cloud data warehouse? Craig discusses data lake and data warehouse considerations with Information Age – https://www.information-age.com/should-you-consider-adopting-cloud-data-warehouse-123486561/ In the modern world of data lakes, CDOs and CIOs will face three major challenges: how to migrate their users, how to live with a hybrid infrastructure for a while and how to future-proof their data platform

• IT Brief Australia – How AI bias is holding back adoption – https://itbrief.com.au/story/snaplogic-how-ai-bias-is-holding-back-adoption Brad writes about combating AI bias to retain public trust and ensure AI initiatives advance responsibly.

• Digitalisation World – The Cost of Legacy Technology – https://digitalisationworld.com/blogs/55941/the-cost-of-legacy-technology Neerav explains the risks, and growing costs, of sticking with outdated legacy technologies. In recent times, lack of innovation and adoption of new technology has proven to be the downfall of some well-known high street names – for example, Thomas Cook has littered the headlines following its collapse. In an era when anyone can book their travel, accommodation and holiday entertainment from the comfort of their own home, travel companies can seriously damage themselves by ignoring this reality, failing to innovate and relying on legacy systems.

Businesses need to know the full extent to which using antiquated tech can cost them money and cause them damage. ………

Teams is coming to Office 365 ProPlus and 365 Business……..

January 11th, 2020

Microsoft will turn on Microsoft Teams for Office 365 ProPlus or Office 365 Business tenancies that follow the semiannual channel update model starting on Jan. 14, 2020. unless it’s blocked beforehand by IT pros. The “semiannual channel” refers to Microsoft biannual update model, where feature updates typically arrive in the spring and fall. Teams will get delivered to organizations using version 1908 or later of Office 365 ProPlus, Microsoft explained, so the version of the product matters.The Teams update process is different from the update process of other Office apps such as Excel or Word.

Organizations using Office 365 ProPlus or Office 365 Business also have an option to follow a monthly feature update model. Those subscribers already may have received Teams months ago, as Microsoft had kicked off Teams for subscribers using version 1906 of those productivity-suite products back on July 9.
Microsoft’s original plans to deliver Teams to Office 365 ProPlus and Office 365 Business subscribers were described back in June. At that time, Microsoft had explained that it was delivering Teams to Office 365 Business users even though they don’t have the use rights for Teams. The version of Teams that Office 365 Business users get is a free one-year trial version, which is called the “Microsoft Teams Commercial Cloud Trial.” Teams gets delivered to Office 365 Business users even if they did not request getting the trial.To block the arrival of Teams for these Office 365 products requires Group Policy settings or the Office Deployment Tool.

After Teams arrives, it’ll start getting feature and quality updates, which will arrive “approximately every two weeks,”

Be prepared for Potential Iranian Cyberattacks

January 10th, 2020

The drone attack as Suleimani was visiting Baghdad last week is widely expected to prompt counterattacks of some sort from Iran, with Iranian leaders vowing as much in recent days. One of the most rapid ways that Iran can respond is through attacks on computer systems of U.S. businesses and government agencies

The U.S. agency in charge of cybersecurity urges organizations in the United States to prepare for potential attacks from Iran in response to the American drone killing of General Qassim Suleimani.

The Cybersecurity and Infrastructure Security Agency (CISA) issued its warning, “Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad,” on Monday afternoon. CISA is a federal agency created in 2018 to coordinate with other government entities and the private sector on cybersecurity and critical infrastructure protection.

The drone attack as Suleimani was visiting Baghdad last week is widely expected to prompt counterattacks of some sort from Iran, with Iranian leaders vowing as much in recent days. One of the most rapid ways that Iran can respond is through attacks on computer systems of U.S. businesses and government agencies. However, proxy attack on perceived USA allies, or major USA technology firms also have to be considered.

A key feature in your defence is the way your anti malware software handles unknown files. All Ransomware/Malware starts as an unknown file. Older protection software uses a detect and remediate approach to stop it. Basically, a default ‘allow’ policy, because they let unknown files come into their system and then try to stop the effect. This is a problem because hackers make new malicious codes every single day, and rely on signature based detection methods.

We offer a solution with a default ‘Deny’ approach. Our auto-containment features is a patented and the one-and-only technology that renders malware useless and to date the Platform and Auto Containment.
has 0 breaches.

With growing and ever more sophisticated and expensive attacks, and increasingly stringent legislation such as GDPR with swinging data breach penalties, the risks of international war by cybercrime have gone up another notch.

If you need to boost your defences then contact us on 0097143365589

Facebook can track you when you opt out.

December 19th, 2019

In a letter US senatorsdated December 12 that was released Tuesday, Facebook explained how it is able to estimate users’ locations used to target ads even when they’ve chosen to reject location tracking through their smartphone’s operating system The letter was widely shared on social media Tuesday
The Facebook social network, which was responding to a request for information by two senators, contended that knowing a user’s whereabouts has benefits ranging from showing ads for nearby shops to fighting hackers and battling misinformation.Facebook said that clues for figuring out a user’s location include being tagged in a photo at a specific place or a check-in at a location such as at a restaurant during a dinner with friends.People may share an address for purchases at a shopping section at Facebook, or simply include it in their profile information.

Along with location information shared in posts by users, devices connecting to the internet are given IP addresses and a user’s whereabouts can then be noted.Those addresses include locations, albeit a bit imprecise when it comes to mobile devices linking through telecom services that might only note a town or city.Facebook said knowing a user’s general location helps it and other internet firms to protect accounts by detecting when suspicious login behavior occurs, such as by someone in South America when a user lives in Europe. IP addresses also help companies such as Facebook battle misinformation by showing the general origin of potentially nefarious activity, such as a stream of politically oriented posts which might be aimed at a particular country.

The California Consumer Privacy Act (CCPA) will give internet users the right to see what data big tech companies collect and with whom it is shared.

At the end of October Australia’s consumer watchdog sued Google on Tuesday alleging the technology giant broke consumer law by misleading Android users about how their location data was collected and used. The Australian Competition and Consumer Commission accused Google of collecting information on users’ whereabouts even after they had switched off the location setting.

An Associated Press investigation last year revealed that several Google apps and websites stored user location even if the user had turned off the Location History setting. To stop Google from saving these location markers, users had to turn off another setting, Web and App Activity. That setting, enabled by default, does not specifically reference location information.Google later clarified in a help page how the Location History works, but it didn’t change the location-tracking practice.

Huge tech companies are under increasing scrutiny over their data practices, following a series of privacy scandals at Facebook and new data-privacy rules in Europe. Critics say Google’s insistence on tracking its users’ locations stems from its drive to boost advertising revenue. It can charge advertisers more if they want to narrow ad delivery to people who’ve visited certain locations. The Australian commission began proceedings in the Federal Court of Australia alleging Google breached the law through a series of on-screen representations made as users set up Google accounts on their Android phones and tablets.

The AP investigation found that even with Location History turned off, Google stores user location when, for instance, the Google Maps app is opened, or when users conduct Google searches that aren’t related to location. Automated searches of the local weather on some Android phones also store the phone’s whereabouts.

Earlier, the business news site Quartz found that Google was tracking Android users by collecting the addresses of nearby cellphone towers even if all location services were off. Google changed the practice and insisted it never recorded the data anyway.