Ticketfly, the California-based ticketing service owned by Eventbrite, hit the headlines in late May, 2018 for shutting itself down in a move to protect user data following a perceived “cyber incident.”

There’s no denying, this must have been tremendously inconvenient to eventgoers who, as part of the security breach, were treated to the message: “Your Security Down im Not Sorry,” in place of the usual login interface on the Ticketfly homepage.

Alongside this message was an image of the Guy Fawkes Anonymous and a Yandex email address belonging to the hacker; neither was of much help to the users.

The hacker had defaced the ticketing website with a picture of the V for Vendetta character plus a claim of responsibility that read: “Ticketfly HacKeD By IsHaKdZ.” This left the company with little choice but to take the site offline and throw itself into damage control.

Ticketfly went on to investigate the incident with the help of third-party forensic cybersecurity experts. The exact extent of the attack and the types of data that the hackers accessed remains yet to be established.

Reports emerged that the Eventbrite-owned ticketing company was supplying venues with lists of ticket buyers, who were required to carry their photo IDs and a printout of their tickets (for those who had the tickets) to the show(s).

The outage was, however, definitely going to present a more serious challenge to those who had bought tickets for an approaching show and didn’t already have the tickets.

The affected ticket buyers would have to sit tight; the company would give them more information as it became available.

Fast Forward To Date

The date is June 2, 2018 – Ticketfly just resumed its normal ticketing operations. Details emerge that the company has been the target of a malicious cyberattack that has led to the compromise of up to 27 million user accounts hosted on its servers.

This is the official communication from the company itself. It clears the air on the earlier reports going around speculating that about 26 million user accounts have been compromised from the Ticketfly attack.

The company, which handles ticket distribution for events like Riot Fest, Celebrate Brooklyn, and a series of venues across Canada and the US, has since confirmed that there was indeed a cyberattack that compromised some event venue and customer data.

It is relieved to confirm, however, that the breached data is limited to people’s names, email addresses, physical addresses, and phone numbers connected to the approximated 27 million Ticketfly accounts. More sensitive information including payment and login data such as credit card numbers and passwords were thankfully not part of the stolen data.

As part of the leak, the compromised names, email addresses, phone numbers, and home addresses were posted on a public server – with some reports indicating that the hacker intended to make public even more data should his demands fail to be met.

Too Early To Celebrate?

The question that now lingers in the minds of many is with regards to the nature of the data that is still in the hands of the hacker who has threatened to release this data to the public.

These threats cannot be taken lightly by any chance. There are reports indicating that the hacker had notified Ticketfly of a security fault ahead of the “cyber incident,” asking the company for a one bitcoin ransom in exchange for repairing the fault. Apparently, Ticketfly did not take the deal, leading to the eventual uploading of the data to the public server. The current value of one Bitcoin is $8,095.

Like any users involved in a major data breach, the primary fear for the victims in this Ticketfly data breach is the idea that the hackers could impersonate them in various instances of identity fraud or consider using their information to access their financial records.

This kind of fear may be unfounded as Troy Hunt, the guy who owns and runs the website named, Have I Been Pwned, feels that this breach is not as ominous as most, given the fact that the perpetrator apparently did not get his hands on people’s passwords or payment information.

The Have I Been Pwned website allows people to check whether their email addresses have been compromised in incidents of data breaches. If your info is included on a public server somewhere, you can find out at this site.

Wrap Up

Right now, it remains to be seen whether the dark hours have passed for Ticketfly or if there are still enough vulnerabilities for the attacker to exploit. By now, there’s no doubt that Ticketfly has improved their security to ensure that all credit card information and user logins are stored in an encrypted database that is cordoned off.

The Microsoft Inspire 2018 partner conference is now behind us, but the new dawn that it marked for the company’s cloud computing service, Azure, has just begun.

Of course, there was a lot that transpired from this partner conference, especially the new opportunities, resources, and incentives that are now available for partners.

In this write-up however, we focus on the wide range of updates – not in all of Microsoft’s partner programs and products that span Microsoft 365, Dynamics 365 and other business apps, but its cloud computing service known as Azure.

Here’s a roundup of the tech giant’s biggest updates and additions to Azure from the Inspire 2018 conference.

New Cloud Apps And Technologies

The number of cloud apps and technologies that are available through Azure just multiplied. The first amazing addition to this channel is the Azure Data Box Disk, an SSD-disk based version of the Azure Data Box appliance rolled out in 2017.

With the Azure Data Box Disk, businesses can move data into Azure with much ease regardless of where the data lives. The new offering allows for the transfer of up to 35 terabytes of data from multiple remote locations such as offices or branches – whether on a recurrent basis or once.

The other interesting Azure addition from Microsoft Inspire 2018 is Azure Virtual WAN, a networking service that provides users (businesses) with automated, optimized branch-to-branch connectivity through Azure using last mile internet. It also allows businesses to build a spoke-hub network in Azure that can route traffic to virtual appliances such as Azure network security services and firewalls.

The Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. The Firewall-as-a-Service (FWaaS) is highly available and fully functional, with unrestricted cloud scalability.

The high availability being built-in means that there are no additional load balancers, nor anything that requires configuring. The unrestricted cloud scalability, on the other hand, means that your Azure Firewall can scale up as much as needed to accommodate fluctuating network traffic flows. Ultimately, you won’t need to budget for any peak traffic – which translates to significant cost savings.

Microsoft Is Expanding Private Offers In The Azure Marketplace

As part of Microsoft’s 2019 development plans for its partner network, the company is expanding its private offers in the Azure marketplace. This means that partners will be able to deliver a better buying experience to their customers by confidentially sharing with them solutions that meet their unique buying needs. This way, Microsoft partners are getting a new means to boost their sales with the corporation.

With the private offer feature, partners are also able to offer discounts to select customers on the Azure channel, rather than having to put up with the standard pricing approach, which can be less appealing.

Vetted & Approved By Microsoft: Azure Expert Managed Service Providers

Microsoft just took its Azure Expert Managed Service Provider program, started as a pilot program at the beginning of the year, to another level. The Azure Expert MSP program is a brand-new platform designed to help those select partners who have demonstrated the greatest level of skill and capabilities with regards to delivering consistent managed services on Azure. This helps them to stand out from the pack.

For a partner to join the new Azure MSP group, they have to be carefully vetted by Microsoft. One of the key qualifications for entering the program is to obtain references from multiple customers and pass a rigorous two-day third-party audit, which is repeated every year.

The idea, according to Microsoft, is to ensure that partners in the Azure Expert Managed Service Provider program are prepared to facilitate customer migrations to the cloud and help them with their cloud projects.

Azure IoT Central Gets New Updates

Azure IoT Central, Microsoft’s Software-as-a-Service IoT (internet of things) solution experienced nothing short of a facelift. These updates are introducing support for the business analytics service, Power BI, and task automation tool Microsoft Flow, as a way to make visualization of real-time intelligence possible.

Additionally, partners on the Cloud Solution Provider program are now able to include management and provisioning of Azure IoT Central applications in their subscription offerings.

Customers seeking to migrate their Windows Server and SQL Server 2008/2008 R2 workloads to Azure have also been assured of a time extension and free security updates even as Microsoft is winding down its support for the former.

Beyond Microsoft Gold: New Apps And Infrastructure For Azure

As part of its mission to boost profitability for partners, Microsoft is launching advanced specializations going beyond Microsoft Gold competencies to help partners with differentiation.

Apps and Infrastructure will include SAP on Azure, cloud migration, Azure Stack, Linux on Azure, backup & disaster recovery, as well as high-performance computing and networking.

Conclusion

Microsoft is clearly pushing positive outcomes on its partner network. And judging from the revelations from the Inspire 2018 conference, the company is determined to see this network prosper. They’re making the most of the opportunities that have since come to light and forging ahead for a brighter future.

Physical face-to-face meetings are on a sharp decline and this decline is attributed to a corresponding rapid growth of video conferencing technology. The last few years have seen immense development in telecommunications, especially on the teleconferencing front.

First, watch the funny video below that pokes fun at conference calls in real life.  Enjoy!

With company staff becoming increasingly remote and many employees opting to work at home, conference calls are the best shot at enhancing collaboration between workers. Physical meetings take time, effort, and money to set up, yet they are often marred with distractions. On the other hand, conference calls are very efficient when setting up properly.

Video Conferencing Can Get Messy If Not Properly Set Up

Despite the outstanding benefits of conference calls, many companies are still reluctant to embrace them and they have valid reasons for their reservations. Being part of an improperly set up conference call can be an awful experience, which might give your company staff a negative impression of conference calls (More so if you are trying it out for the first time).

The PTZ Pro 2

If you’ve ever been part of one before or hosted one, you know how disorderly they might get. That’s where PTZ PRO 2 comes in handy. It’s a conferencing camera built to optimize all aspects of a conference call. PTZ PRO 2 is a solution which enhances the quality of both video and audio to give your conference calls dignity.

What’s PTZ Pro 2 All About?

The PTZ Pro 2 is a state-of-the-art camera technology which has brought new enhancements to video conference calls. The technology was developed with conferencing calls in mind. The camera has a 10X high definition optical zoom with a 2,600 pan and 1,300 tilt.

If you are looking for camera technology with top-notch optics to transmit videos in real time and create the experience of sharing a room with your colleagues, then this might be the perfect fit.

Its adjustable camera controls are efficient and offer more convenience for conference call organizers. The remote control gives the host more functionalities to control the cameras even if they are thousands of miles away. Other impressive enhancements that come with the PTZ Pro 2 include a sharp video resolution, colorful reproduction of images, and a high optical accuracy.

In a nutshell, PTZ Pro 2 is about ease of use and capturing the motion in high definition using better controls.

The PTZ Pro 2 is the ideal camera for large meeting rooms and auditoriums. The lens has a wide field of view, a sharp focus for detailed images, and the camera is free to pan and tilt. The powerful 10x zoom lens has an autofocus which delivers astounding image clarity to participants of the meeting regardless of the distance.

Like other Logitech cameras, the PTZ works for both small and large group meetings. It is compatible with many types of video conferencing software so you don’t have to worry about application compatibility. There’s a good chance that every video conferencing app you’ve used before will work well with the PTZ Pro 2.

Easy To Use

The USB plug-and-play connectivity makes the device so easy to set up and use, you’ll be amazed. All you need to do is connect it to the meeting room computer through a USB port and you will be good to go. PTZ Pro 2 is compatible with most conferencing call software on Macs and Windows devices.

Remote Control

You can operate the PTZ Pro 2 when near it or thousands of miles away. When near the camera, you can use a hand-held remote to tilt, pan, and zoom. The hand-held remote control works if you are operating the camera while in the meeting room. If you have to control it when thousands of miles away, all you need is a downloadable remote control application. The application will give you all the functionalities that the hand-held remote does.

High-Grade Premium Camera Lens

PTZ Pro 2 is decked out with a premium camera lens. Here is what’s special about this lens; it gives you crystal clear images with colorful rendition, sharpness, balanced brightness, and it maintains clarity even when the lens is zoomed in.

You Get To Choose From Different Mounting Options

Unlike many video conferencing cameras, the PTZ Pro 2 gives you multiple mounting options to choose from. It comes with mounting hardware for table top and for wall mounting. For additional flexibility, you have the option of mounting the camera on a tripod thread.

Certified For Business

Not all video conferencing cameras are certified for business. Cameras certified for business have many functionalities which make them ideal for professional purposes. The PTZ 2 camera is certified for use with a number of types of video conferencing software like Skype for Business, Broadsoft, LifeSize Cloud, Vidyo, Zoom, Cisco WebEx, and BlueJeans.

When looking to buy a camera with high definition video and clear audio, the PTZ Pro 2 is worth considering.

What is SNMP?

If you are a new network professional in the field of Information Technology, SNMP is an acronym you will come across often. Or you may have heard of it at some point during IT training. SNMP means “Simple Network Management Protocol.” It is an application layer protocol integrated with an internet protocol suite to help with the management of online communication protocols.

SNMP was first used in the late 80’s, a time when companies were investing heavily in internet networks. SNMP effectively aids the monitoring of network infrastructures such as data stations, printers, servers, hubs, routers, WINS, and host configurations.

Today, it is still one of the most widely used layer protocols for simple networks. Many networking specialists love it because it offers a consistent and reliable way of monitoring many devices on a network simultaneously. It also allows for sharing of information between the components of the network even if the devices run on different operating systems.

Why is SNMP important?

Network management protocols like SNMP have made identification and management of network devices easy and convenient. The protocol keeps track of changes in the network and relays the status of all network devices in real time.

SNMP architecture

As the name hints, SNMP has a simple architecture which is based on the client’s server technology. Basically, the server is the network manager; it measures different variables and processes data relayed from different devices on the internet network. Client devices on SNMP networks are referred to as “Agents.” The agents are either computing devices or peripheral devices connected directly or indirectly to the network. They include computers, phones, printers, and network switches, among other devices.

SNMP data Hierarchy

Even though the SNMP network protocol is based on a simple architecture, its philosophy of data hierarchy is a little complicated or at least will seem complex if you are not familiar with it. Fortunately, the data hierarchy is easy to understand once you grasp the concept behind it.

The SNMP data hierarchy works on a tree-shaped format whereby the branches at different heights represent data available for managers at different management levels to collect. These branches are referred to as Management Information Bases (MIBs) and every level represent of MIBs embodies a group device or peripheral device components. Each MIB is identified using either a unique number or a string. The numbers and strings work on the same concept as hostnames or IP addresses and can be interchanged.

All the management information bases have one or multiple nodes. These nodes represent the devices or device components on the MIB. The nodes are marked using Object identifiers (or simply OIDs) which are also denoted using either numbers or strings.

Using the numbers and strings, managers can troubleshoot or run a query on an agent and to find out the status of network devices in real time. For instance, if a manager needs to know the status of an interface, he will start by querying the MIB then narrow down to the OID value which represents the operational status of the interface.

Are the OIDs important?

MIBs and OIDs are data hierarchies on SNMP systems. They may seem confusing at first but there are many advantages to them. The most outstanding advantage is that you can pull down the exact information you need without necessarily sending explicit requests to the client device to collect it. This significantly reduces pressure on network resources and ensures that all data pertaining to the status of the network is readily available to managers on request.

The architecture is also easy to understand, flexible and can incorporate many devices at different parts of the network. The simplicity makes it possible to pull up large chunks of data from the devices quickly without jamming the network system. The data is usually available in its simplest form and in real time, which makes decision making easy and fast.

Versions of SNMP

SNMP has undergone numerous developments over the years. With every new version comes more features and functionalities than the previous version. In addition, each version has different network protocols so you have to be keen on a version that will serve your network management needs best.

One remarkable attribute that makes a big difference between the versions is the security feature. Various network systems have different security requirements, so you must find a version that best serves your unique needs. Below is a highlight of the versions:

• SNMPv1─The very first version of SNMP. Has very weak security properties. Still widely used today, especially by companies which have not updated their SNMPs to more recent versions.
• SNMPv2- First used in 1993. It had more enhanced security features compared to SNMPv1.
• SNMPv3-Released in 1998. It is the most recent version and most secure version.

SNMP Wrap Up

Simple Network Management Protocol (SNMP) offers easier identification and management of network devices. It makes real-time monitoring of the status of your network accurate and dependable. It also makes the management of online communication protocols possible. SNMP evolves and develops with every new version to deliver better features and functionalities.

With the escalating cyber threats that affect the U.S. Government, the U.S. Department of Commerce issued a Defense Federal Acquisition Regulation Supplement (DFARS) to safeguard the U.S. Department of Defense’s (DoD) unclassified information. The regulation now requires all aerospace and defense companies to be compliant.

Roadmap to DFARS Compliance

In order to be considered DFARS compliant, organizations need to pass a readiness assessment according to the NIST SP 800-171 guidelines.

On average, it will take an organization about six to ten months to become compliant, depending on the organization’s current security status and the available resources they have at their disposal.

Planning is the key to ensure success in your DFARS compliance expedition. It is essential to treat this as a major project, with the mindset of having the needed resources and funding set ahead of time. Many companies hire specialists and consultants and this can really expedite the process, plus it can help an organization to avoid common errors.

Let’s look at an action plan or roadmap to guarantee your cloud environment is safe and compliant according to the DFARS mandate.

Step 1: Calculate Your Organization’s Applicability

Key Question: How can your organization stay relevant?

Using the controls listed in NIST SP 800-171, document the gaps between your current position and the expected end goal.

To ensure your organization is applicable, check off these essentials for Step 1:

• Review all contracts to pinpoint important DFARS clauses and provisions.
• Review DFARS to determine the type of CDI or CUI (see Clause 252.204-7012) that applies.
• Check your applicability with the Contracting Officer as needed.
• Define what systems, processes, programs, applications, hardware, software, people, etc. fall under the scope of your NIST 800-171 compliance.

Step 2: Build a Remedial Plan to Safeguard against Non-Compliance

Key Question: What is your current Security Status?

In order to stay NIST SP 800-171 compliant, make sure you can put a check next to these measures:

• Conduct a control gap analysis against NIST SP 800-171.
• Develop solutions for the identified defects that you find.
• Meet with your subcontractors and other business partners to make sure you are both on track and in step for compliance.

Step 3: Implement Your Remediation Plan to Ensure Compliance

Key Question: Have you developed a plan of action to track your progress?

Developing a system security plan will give you the peace of mind in knowing that you are going to be compliant. You won’t have to worry about fines and penalties.

• Develop or revise controls as needed to remedy the control gaps with NIST SP 800-171.
• Organize your validation testing after remediation is completed to confirm controls are designed and operating effectively (You then need to make sure you have the agreement of your Contracting Officer).

Step 4: Continuously Monitor and Follow-Up

Key Question: How do you maintain constant monitoring to ensure compliance?

Establishing a plan to effectively monitor your compliance can be achieved by doing the following:

• Use tools, templates, reports, and metrics to develop an ever-flowing monitoring program.
• For accountability, organize monitoring activities and provide status updates to significant investors on your performance and progress.

Conclusion:

To Be DFARS Compliant, it is important to remember to set controls in place for current systems and data, while remembering the need to cover new systems and data as they are created. If you fail to keep this in mind, you will assuredly find yourself falling short of compliance.

There is a propensity within organizations to place an emphasis on the controls during the implementation phase, but once the system is up and running, they tend to take their foot off the gas and eyes off the road. Sustaining constant compliance is a never-ending process. You must continuously make sure that new data and systems are effectively classified and that the correct controls are applied. Once DFARS is running and business returns to normal, a high level of attentiveness must be maintained to guarantee the safety and compliance of your organization.

Microsoft’s New Surface Go Tablet: Will It Stand the Test of Time?

The latest new tablet being released by Microsoft is the Surface Go. So, what does it have that older predecessor’s lack? Though it does share some commonalities with its Big Brother, the Surface Pro, there are a few major differences. Let’s take a look at those and see whether the new Surface Go tablet will be a winner or a loser with users. After all, the users are the ones who decide whether a new tablet will make it in the big leagues or be thrown out with the trash by next year.

One: The Price

If you’re a struggling student on a tight budget, then the Surface Go might be just what you’ve been searching for. It has many of the cool features of the Surface Pro without the hefty price tag. For instance, the latest version of the Surface Pro has an Intel Core m3 processor, 5GB of ram and 128GB SSD. It is ultra-lite but has a battery that can last all day. It transforms from a tablet to a laptop by opening the built-in kickstand, then adding Microsoft’s Signature Cover built especially for the Surface Pro. However, at around $799, it’s hardly budget-friendly.

You can get the new Surface Go for about half that much and it will include many of the features above. At around $399, this tablet computer is perfect for most tasks. It performs like a laptop and features a stunning touchscreen. You can enjoy most of the perks of a Surface Pro at half the cost. It can run all your favorite programs or play your favorite games. It’s small, lightweight, and affordable: a triple hitter. The low price will make it very attractive to anyone on a budget.

Two: Display & Processor

With a 10-inch PixelSense display, the Surface Go is a bit smaller than the Surface 3, but it still offers pretty good screen resolution. At 1,800 x 1,200 pixels, the Go gives you 217 PPI (pixels per inch), which is actually higher (201 PPI) than the Surface Laptop, but lower than the Surface Pro (267 PPI).

Microsoft is betting on the 10-inch size of the Surface Go and its smaller price tag to make it highly sought by students everywhere.

The processor on the Surface Go features the Intel Pentium Gold 4415Y chip. Although it is much slower than Intel’s Core i5 and Core i7, this is one of the major reasons for the smaller price tag. Since processors are usually one of the priciest components of most computers, Microsoft was able to slash the price of the Surface Go by installing this slower processor. Though it may be a big tradeoff, many users will be willing to overlook slow processor speed for the lower price to get such a charming tablet computer.

Three: Keyboard & Pen

The keyboard on the Surface Go has keys the same size as the Surface Pro so it won’t be hard to make the switch for typing enthusiasts. The Go tablet also features 2-in-1 keyboard functionality. You can connect to a Type Cover keyboard (sold separately). In addition to the standard version, users can pay a little extra for a keyboard with the Signature Type Cover with Alcantara fabric. The Surface Pen (digital stylus) works the same as the Surface Pro and is sold separately.

Four: Size

With computers, size does matter. Though we might all love a big 17.3 inch screen when viewing our favorite Pinterest projects, those big bulky laptops are not made for a busy lifestyle. The Surface Go is being advertised by Microsoft as the smallest, lightest Surface computer ever made. It weighs only 1.15 pounds and is a mere 10 inches across. It should fit easily into any bag. You can carry it all day and barely know it’s there.

Five: Battery Life

More and more users are looking closely at the battery life of smart phones and computers. There are even new gadgets on the market that promise to extend the battery life of your device. The Lenovo Yoga 920 tops the list with over 22 hours of battery life. However, the price is well above $1,400 for this powerful perk. If you’re talking about tablet computers in the $400 range, then Microsoft’s promise of 9 hours of battery life with the Surface Go seems like a bargain. The Surface Pro only offers 13.5 hours of battery life and it’s twice the price. Nine hours seems like plenty of time to find a power outlet and recharge.

Wrap Up

The Surface Go will be available in August of 2018, but you can expect a backorder from the get-go. Many schools and students are lining up to take advantage of the attractive, low-priced Go tablet. Since it’s made by Microsoft, there’s a very good chance that it may well be every student’s favorite tablet computer by next year. And, it should wind up on a number of Christmas lists this year.

Security for your automobile is so important today due to the current rise in car theft. It is necessary to protect your transportation from this threat.  Your car represents a hefty financial investment, not to mention that it provides transportation for your whole family.

However, many people take auto security for granted. If you’ve ever had your car stolen, then you understand how traumatic it can be. This article will help you better understand how to perform some basic safety precautions to keep your car safe. Many insurance companies offer lower rates if you install extra protection to keep your car safe from thieves. Sit down and relax, so that you can learn how Fob systems work.

How Key Fobs Work

The main Fob systems include electronic devices. These devices function by reading a key Fob when placed in close proximity. If the key Fob is authorized, the reader sends a signal to the door and the user can gain access. Key Fob entry systems offer greater ease of use, enhanced security, and more control.

Once the key Fob is within short range to the access device reader, the system opens the car door to permit entrance only for the owner. The Fob has a special recognition number and the right-to-use system can be programmed to limit or block entry at any time. The biggest advantage of key Fobs and keyless access in general is that a Fob can be instantly blocked in case it’s stolen or lost.

Because of the uniqueness of each car’s key Fob, billions of codes are created so that each one is exclusive.  But hackers have ways of intercepting the wireless signal and then narrowing down the numerical combinations. Within minutes, a hacker’s computer program can figure out the code to unlock your car. This poses a challenge to the security of everyone’s automobile.

Why You Should Wrap Your Keys In Aluminum Foil

Unlocking your car wirelessly is a convenient technology, but it comes with limitations. Thugs have come up with easy ways to intercept the FOBs signal and seize it, locking out alarm signals. The unique key Fob code is sent to the car’s security system using a computer chip. The car has a chip that uses the same algorithm in order to generate codes. Once the codes match, then the car doors open.

Car thieves have figured out how to hack the access codes of your Fob even if it’s not in the car. By capturing and manipulating signals from Fob keys, they can steal your car in just minutes. They use products that assist in intensifying the signal from the key Fob and this allows the car to be stolen effortlessly.

One simple solution to preventing a car thief from stealing this information is to wrap your key Fob in aluminum foil when the key Fob is not in use. The foil blocks the signal, preventing thugs from being able to decode it. Though this is pretty low-tech, it does work and it isn’t hard or expensive to do. Just a bit inconvenient.

How Criminals Attack

Criminals have come up with a way of detecting key Fob signals from a distance of 300 feet away using an amplifier. Signal theft is becoming a much larger problem that even experts can’t deal with. High-powered RFID readers make it all possible. This technology is relatively inexpensive and very accessible to thieves.

Steps To Stop Car Thieves

It is possible to block these amplified signals from reaching your key Fob. One method involves buying a signal-blocking purse or wallet to hold your keys. While this is a simple remedy, it’s important to make sure your keys are properly stored so signal blocking works all the time and correctly. If you can’t afford a purse or wallet with this technology, then try lining your purse with aluminum foil. You can also line only the pouch that holds your keys with foil. Many people keep their keys in the same pocket or area of their purse, so just line that specific area with the foil and remember to place the key Fob there when not in use.

Wrap Up

These days, it’s important to make sure you’re doing everything possible to keep your home and car safe. Though there are many new types of security systems to use, it can be expensive or difficult to install and use them. If your budget won’t allow it, look for easy, low-cost ways like using aluminum foil to protect your key Fob. Make it as hard as possible for thieves to steal from you. They’re often lazy folks who are searching for the easiest targets, so each layer of protection you add, makes you less of a target for car thieves.

Are you using an iPhone or iPad?  It may be worth it to hold off a few days before hitting that update button.

Why?

Reports are surfacing that after updating to #IOS 11.4.1 there are issues with app updates. The App store shows many apps that need to be updated, but when you press ‘update‘ or ‘update all’ the apps updates are failing.

Click Here To Learn More

We recommended holding off until Apple fixes these update issues.

Have any questions regarding the recent iPhone/iPad update?  We welcome you to reach out to us at {phone} or {email}.

Password-Stealing Malware

The acquisition of user IDs has become much easier for cybercriminals in the globalization era. A variety of methods can be used to steal passwords, including spyware, keyloggers, and phishing attacks. This can lead to the total loss of essential data held in company or private databases. Most of the methods used by these cyber criminals involve the use of malware that has been designed to steal user credentials. Based on the objectives of a particular cybercriminal, a variety of malware methods are applied to fulfill those goals.

A significant proportion of methods used to steal user credentials consider the use of malware. Additionally, phishing attacks use malicious attacks through communication channels such as emails where malware-loaded websites are disguised as genuine ones to trap unsuspecting users. Other types of attacks include spyware and keylogging which, for a variety of incidences, has been observed to continually grow in both complexity and frequency of attacks.

Signs of a Malware Infected PC

One of the diagnosis methods of identifying whether a computer is infected with a virus is through the observation of random pop-ups and significantly increased booting time. Instances like these are associated with spyware configured to steal essential data from users without them noticing.

The objective of using spyware on user PCs is to ensure that information stored in browsers and other sensitive areas is well camouflaged. This includes communication channels such as email. Cyber crooks will attempt to acquire your passwords without you noticing that anything is wrong. Though this seems like a flawed technique that wouldn’t work all the time, the truth is that it works exceptionally well. For instance, 158 million social security numbers were stolen in 2017. That doesn’t include all the other types of records and data stolen from individuals and companies.

Malware Injection Technique

For reliable security dodging methods, process injection is a method of integrating malware and lifeless adversary strategy in trade-crafting accounting for the integration of custom codes within the address bars of other processes. The variety of injection techniques includes the following methods.

Portable Executable Injection

Shellcodes and Create Remote Threads are among strategies used in malware injection where malicious codes are copied into accessible active processes commanding them to execute as the originals. Through this strategy of attack, the malware does not require writing malicious code on a disk. Instead, it does so by calling Write Process Memory on the host procedure. The impact of this procedure is that the injected code copies its PE to another process with an unidentifiable base address commanding it to re-compute the original addresses of its PE.

Process Hollowing

Process hollowing is a technique that malware applies to take into account the mapping or hollowing out of the primary code from within the memory of the target’s procedure while overwriting the memory target process with an executable malicious code. The function of the malware is to create a new process designed to host the malicious code presenting it in a hanging form awaiting for the Resume Thread Function to be called in order to execute.

This process leads to the switching of the original file contents with the malicious payload. Processes used for mapping the memory include two API examples, the ZwUnmap and the NtUnmap Views of Section. In order to succeed in assigning new memory for the malware, this procedure takes advantage of the malware’s unmapping of the memory and proceeds to execute the loader, VirtualAllocEx that facilitates the application of the malware to the Write Process Memory on the identified vulnerable target.

Classic DLL Injection Through Create Remote Thread And Load Library

This technique is among the most popular method used in malware injection into other processes. By commanding the implicit address space to process the malware code using the dynamic-bond library, the approach facilitates the creation of Remote Threads in the target process through process loading.

The primary objective of the malware is to target a process for injection. This procedure is generally performed through a search of the processes to call a trio of APIs that include CreateToolHelp32Snapshot, Process32 1st, and 2nd. The specific functions of each of these APIs include the cataloging of heaps and returning a snapshot, retrieval of the first process, and the iteration through the previous two processes respectively. After successfully allocating the target process, the malware is able to execute through Open Process calling.

Conclusion

This article reported on a number of techniques used by malware attackers in concealing unauthenticated activities in other processes. Two procedures are observed to facilitate the functionality of malware and include open injection of a shellcode on another processor or the command of other processes to load malicious libraries on behalf of the malware. Cyber thieves are constantly updating their attack procedures to stay one step ahead of IT professionals. That makes locating and eliminating malware threats a full-time job.

If there is a product that has proven itself worthy of Microsoft’s pride, then it is Dynamics 365, the company’s cloud-based combination ERP (enterprise resource planning) and CRM (customer relationship management) enterprise system.

It turns out that Dynamics 365 recorded a growth of 65 percent during the first three quarters of Microsoft’s 2018 financial year. This growth momentum makes the cloud-based product one of Microsoft’s fastest-growing businesses, outpacing even the celebrated Office 365.

Microsoft announced this development at the Inspire 2018 partner conference, where its channel leadership outlined the key opportunities for partners and the tech giant’s investment plans for the coming fiscal year.

Microsoft boasts a vast network of partners comprised of hundreds of thousands of innovators who drive positive and global impact. The Microsoft partner ecosystem builds everything Microsoft – from gaming experiences to business line applications to industry-specific solutions on the company’s cloud environment, Dynamics 365.

Through a series of announcements at the Inspire 2018, Microsoft made it clear that the coming months are going to be a time for acceleration, hinting that there’s no time like the present for partners to seize the opportunities occasioned by Dynamics 365.

Here’s a rundown of the key takeaways from the Microsoft Inspire 2018 partner conference.

Microsoft to provide partners with free training

In the coming year, Microsoft is seeking to provide members of its vast partner network with free training opportunities to assist them with getting involved in the cloud-based Dynamics 365 and multiple other business apps such as Power BI business analytics service.

Microsoft partners will now be able to access the company’s Dynamics online learning environment free of charge. Partners previously had to pay a fee to access this service.

Dynamics learning is a mammoth suite of self-service sales and technical resources, which are extremely essential to the partners’ innovation processes. Microsoft is also launching a four-day boot camp training for its partners involved in a FastTrack engagement solution architecture – to be attended in person.

The best opportunity for launching a new practice with Microsoft: Dynamics 365 

At Inspire 2018, the executive vice president of Microsoft’s Worldwide Commercial Business organization, Judson Althoff, was not slow to pinpoint Dynamics 365 as the ideal product area for any partner or innovator who wishes to launch a new practice with the company.

According to him, Dynamics 365 presents a surging opportunity that would suit anyone who wishes to start a new line of products and services from Microsoft. He was keen to encourage partners to invest in the Dynamics 365 business, noting that it is currently unmatched by any business in the multinational tech company’s portfolio. That automatically makes it great for entrepreneurs who wish to build a thriving business in the near future.

Partner capability indicator – for data-driven business decisions

This is a new offering available to partners within the Partner Contribution page. It is designed to empower partners to be able to make more informed business decisions based on actual data. The offering is replete with metrics that show the users (partners) their successes, their customers’ accomplishments, as well as areas that could use some more attention.

Through the partner capability indicator, people can also see how they’re doing compared to other partners and use this information to inform the planning of new, richer business goals.

Overall, the offering is designed to ultimately help partners with tracking their success and improving their business decision-making. They will be able to see the overall health of their system following the implementation of the offering, across all Microsoft business lines.

More incentives for every new customer acquisition and cloud usage

Microsoft partners have always enjoyed alluring incentives from the company. Following the Inspire 2018, these incentives are either doubling in figures or multiplying with significant margins.

In the coming business year, new customer acquisition for business applications will now allow partners to earn incentives in the range of 10 to 50 percent more than what they’ve been earning in the past.

Additionally, users will now earn double the incentive package for cloud usage and adoption of business app seats. This, according to Microsoft, will likely place it above its competitors’ rates. This incentive is intended to ensure that the company not only promotes the buying of new seats, but also the rewarding process of turning those seats into active ones. The incentives are also meant to encourage the expansion of seats beyond the initial seat count.

Incentives for co-selling solutions

Microsoft has been offering special incentives for its salespeople involved in co-selling solutions from Azure partners for a year now. Going forward, the company is rolling out the co-selling incentives to Dynamics 365 as well.

Through these co-selling incentives, the company’s salespeople that co-sell with an ISV partner will receive a 2-times multiplier in quota retirement.

Wrap up

Whether Dynamics 365 is going to maintain the pace or accelerate further remains to be seen. However, it’s clear that Microsoft partners are the biggest winners from the Inspire 2018 announcements.