In October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this – CryptoWall – has been released and is beginning to infect users.

What is Crypto malware?

Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:

• Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
• CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn’t paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
• Payment servers can’t be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:

• Don’t open any suspicious attachments – Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
• Don’t open emails from unknown sources – Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don’t have an account with or bills from a utilities company you don’t use. Chances are high that they contain some form of malware.

This is your chance to stock up on everything you need.  Save 15% on new web products. Offer expires November 30, 2014 at midnight (Mountain Time).

Please Visit BigBeagle.com.

Depending on how your Windows servers are configured, you may need to disable SSL v3.

Note that older versions of Internet Explorer may not have the TLS protocol enabled by default. If you disable SSL versions 2.0 and 3.0, the older versions of Internet Explorer will need to enable the TLS protocol before they can connect to your site.

For a Simpler Way to Disable the SSL v3 Protocol:

DigiCert is not responsible for any complications or problems if you decide to use this .zip file to disable the SSL v3 protocol on your server.

1. Log into your server as a user with Administrator privileges.
2. Download DisableSSL3.zip, extract the .zip file contents, and then double-click DisableSSL3.reg.
3. In the Registry Editor caution window, click Yes.
4. Restart server.

If you prefer to do it yourself, follow the steps in the instruction below.

Microsoft IIS: How to Disable the SSL v3 Protocol

1. Open the Registry Editor and run it as administrator.For example, in Windows 2012:
   1. On the Start screen type regedit.exe.
   2. Right-click on regedit.exe and click Run as administrator.
2. In the Registry Editor window, go to:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\
3. In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key.
4. Name the key, SSL 3.0.
5. In the navigation tree, right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key.
6. Name the key, Client.
7. In the navigation tree, right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key.
8. Name the key, Server.
9. In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value.
10. Name the value DisabledByDefault.
11. In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.
12. In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.
13. In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value.
14. Name the value Enabled.
15. In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.
16. In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.
17. Restart your Windows server.You have successfully disabled the SSL v3 protocol.

For instructions about disabling browser support for the SSL v3 protocol, see Disabling Browser Support for the SSL 3.0.

Here are 10 places to take your phones so they can be refurbished, reused, or recycled and diverted from the landfill.

1. EcoATM

EcoATM is an automated kiosk that collects your unwanted cell phones and tablets and gives you cash for them. It’s made by the same people that make CoinStar, so you’ll find them by the checkout lines at various grocery store chains. It accepts devices from any era or in any condition, and offers anywhere between a few bucks to a few hundred dollars in return. EcoATM partners with R2 certified e-waste reclamation facilities to ensure they are recycled, or gives the phones a second life.

2. Eco-Cell

Eco-Cell is a Louisville, Kentucky-based e-waste recycling company. It partners with nonprofits and organizations such as the Jane Goodall Institute. Bins are located in coffee shops and other businesses around the country, where the collected phones are shipped to Eco-Cell in Louisville. If the phones are reusable, they resell them and pass some of the money back to the owner. If they are not reusable, the phones are recycled and the owner is paid the money for the value of the recycled materials.

3. Best Buy

Best Buy has recycling kiosks in their stores in the US, as well as recycling in-store for no charge to you. They typically limit it to three items per family, per day. From there, they work with recycling companies to make sure the phones and other electronics don’t end up in landfills.

4. Hope Phones

The Hope Phones campaign was started in 2009 by Medic Mobile, which works to advance health care in 16 countries by using mobile technology. Individuals, nonprofits, groups, or businesses can host a Hope Phones campaign to donate old phones. They are recycled and valued so the nonprofit can get new technology for the field. Most old models are valued at $5, but newer smartphones are regularly valued at $80, according to the website.

5. Cell Phones for Soldiers

Cell Phones for Soldiers is a nonprofit that works to provide cost-free communication services to active-duty military and veterans. New or gently used mobile phones are accepted and each device valued at $5 turns into 2.5 hours of free talk time for the soldiers.

6. Gazelle

Gazelle is one of the most popular trade-in options for old cell phones. The company is headquartered in Boston, with locations in Louisville, Kentucky and in Texas. Pick your brand, model, carrier, and plug in what kind of shape it’s in, then get an offer. Ship it for free, and receive a check or gift card to Amazon.com or PayPal after they check it out and make sure it’s worth what you say it is.

7. Call2Recycle

Call2Recyle  is a no-cost recycling program for batteries and cell phones in the US and Canada. It has collection boxes that can be placed anywhere, which have shipping permits so mailing them is easy. They also have bulk shipping if there is a large amount of recyclables.

8. Your carrier

AT&T has a trade-in program for unwanted phones and accessories regardless of manufacturer or carrier. The owner gets a “promotion card” which can then be used to take money off a new phone or other purchase. Make sure you erase all your information before you turn them in, though.

Verizon also offers a trade-in program where the owner can receive an electronic gift card once they send in the phone and have it appraised.

9. Local places

Your city undoubtedly has places to recycle old phones. Most local government websites, like New York’s, have directions of where to go to recycle phones. A lot of cities usually have nonprofits that donate old phones as well. The EPA also has an option to find out what electronics you can recycle with mail-in options.

10. Recycling for Charities

This nonprofit features one charity at a time, for which they donate money from recycling old phones. All makes and models are welcome at Recycling for Charities, and the phone condition is not an issue. They make an attempt to refurbish it first, then find recycling centers to ensure the materials won’t go into landfills if the phones cannot be reused.

These 10 services are well-researched and well-known options, but make sure to research on your own where your phone is going to make sure it is going to a certified e-waste recycler, so it doesn’t end up in a landfill despite your efforts.

Edit, work, create, and get more done from your iPad, for free

Four new, free apps are available on your iPad®. With both Microsoft OneDrive and Dropbox access, online storage—and access to your files—is always just a click away on your iPad. The new Microsoft Office apps give you the ability to flat out get more done.

• With the new Microsoft Word app, you can edit, create, and save your docs, wherever work takes you
• The new Excel app lets you analyze your data on the fly
• Build and deliver your presentations—right from your tablet or phone—with the new PowerPoint app
• The new Microsoft OneNote app helps you work collaboratively and stay organized on the go

With these apps, you can now access, edit, and save directly to your Dropbox account. You can even open and edit files that have already been saved in Dropbox.

Adding Dropbox is easy.  When you are in any of the new apps, follow these simple steps:

1. Tap on the arrow in the top left, then tap Open
2. Tap “Add a Place”
3. Select Dropbox

To get the Office apps for iPad®, open www.appstore.com/microsoftoffice from your iPad’s web browser.

Due to a critical security vulnerability with SSL 3.0  (an 18-year-old, outdated technology), we recommend disabling it on your server. We have instructions on how to do that in the Updating section but recommend reading the entire document to understand the scope of what this does.

What does POODLE do?
In short, it’s a way attackers can compromise SSL certificates if they’re on the same network as the target if (and only if) the server the target is communicating with supports SSL 3.0.

Google has a lot more detail on their security blog here.

Does POODLE affect my server/sites?
Because POODLE is a vulnerability in SSL technology, it only impacts sites using SSL certificates. If your server or your sites don’t use an SSL certificate, you don’t need to update your server. However, we recommend doing it now in case you do end up installing an SSL certificate at a later date.

Updating
How you update your server depends on whether your server uses a Linux® distribution or Windows® and if it uses cPanel.

cPanel

cPanel requires slightly different steps from any other control panel/operating system configuration.

To Configure cPanel to Prevent POODLE Vulnerability on HTTP

1. Log in to your cPanel (more info).
2. In the Service Configuration section, click Apache Configuration.
3. Click Include Editor.
4. In the Pre Main Include section, from the Select an Apache Version menu, select All Versions.
5. In the field that displays, type the following, depending on which version of CentOS you’re using:

If you encounter errors while applying this update, please review this forum post at cPanel that discusses potential fixes.

6. Click Update.

Preventing POODLE on Other Protocols (FTP, etc.)

Right now, only servers using RHEL can protect themselves against POODLE on non-HTTPS protocols. They can do this by updating the latest version of OpenSSL, and then implementing TLS_FALLBACK_SCSV.

Servers using CentOS do not yet have a known fix for the vulnerability on non-HTTPS protocols. However, we will update this article with those instructions as soon as we do.

Linux (Apache)

Modify your Apache configuration to include the following line:

SSLProtocol All -SSLv2 -SSLv3

For more information on how to do that, view Apache’s documentation.

Windows (IIS)

Modify your server’s registry (which removes access SSL 3.0 support from IIS) using Microsoft’s document here. You can jump down to the Disable SSL 3.0 in Windows section.

Check out a recently developed and designed website by South Jersey Techies Website Team for The Vendemmia Foundation in Philadelphia, PA.

Shop all the new products!

Save up to 10% on new purchases of $60 or more.

Visit: www.bigbeagle.com

Promo code: rs65214a. Offer expires Sunday, June 22, 2014.

On May 1, 2014 at 10AM, Microsoft has released a update for Internet Explorer versions 6 through 11 to fix the Remote Code Execution vulnerability.  This security hole was used in “limited, targeted attacks” and could grant the attacker the ability to steal personal/intellectual data and gain unauthorized access to personal computers.

Although Windows XP is no longer supported by Microsoft, a security update was also pushed to all XP machines to repair Internet Explorer versions 6 through 11.

“The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you haven’t enabled Automatic Update, now is the time.” said Dustin Childs Group Manager, Response Communications of Microsoft Trustworthy Computing.

For a list of all Microsoft Security Updates for this issues, please click here.

Install Security update for IE

1.  Click the Start button.

2.  Select Control Panel.

3.  Select Windows Update.

4.  Click “# import update(s) is available”.

5.  Verify that “Security Update for Internet Explorer # for Windows *” is selected to be installed.

3.  Click OK then click Install Updates.

For assistance applying Security Update for Internet Explorer

please contact us 856-745-9990 or click here.

IMPORTANT INFORMATION: US-CERT and UK security agencies warn users to stop using Internet Explorer because of the severity in this security hole that has been used in “limited, targeted attacks”.

United States Computer Emergency Readiness Team released an alert on April 28, 2014 regarding vulnerabilities in Microsoft’s Internet Explorer.  Internet Explorer versions 6 through 11 are susceptible to be victims of attacks to exploit the Remote Code Execution Vulnerability.

US-CERT Vulnerability Note VU#22292

Microsoft Security Advisory 2963983

Workarounds:

Basic protection includes the installation of Anti-malware software, enabling a Firewall and applying all Windows/Microsoft updates.  In addition to basic protection, we recommend taking extra preventative steps listed below.  It is not necessary to apply all of the following workarounds, apply one to help protect your system and data.

Enable Enhanced Protection Mode

1. Open IE 10 or IE 11.
2. Click the Tools menu and select Internet Options.
3. In the Internet Options window, click the Advanced tab.
4. Scroll down the list of options until you see the Security section, click the checkbox to Enable Enhanced Protected Mode.  For IE 11 in a 64-bit version of Windows, you also need to click the checkbox to “Enable 64-bit processes for Enhanced Protected Mode”.
5. Restart IE to force the new settings.

Change Access Control List and unregister VGX.DLL:

32-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

64-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command(s) separately:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll” “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles(x86)%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

Windows XP and all other users.

For all user(s) that cannot follow recommendations from Microsoft are urged to use a different web browser.  For secure download(s) of Google Chrome or Mozilla Firefox, please follow the links provided.

For assistance with Changing IE Settings or Install a new Browser

 please contact us 856-745-9990 or click here.