Depending on how your Windows servers are configured, you may need to disable SSL v3.

Note that older versions of Internet Explorer may not have the TLS protocol enabled by default. If you disable SSL versions 2.0 and 3.0, the older versions of Internet Explorer will need to enable the TLS protocol before they can connect to your site.

For a Simpler Way to Disable the SSL v3 Protocol:

DigiCert is not responsible for any complications or problems if you decide to use this .zip file to disable the SSL v3 protocol on your server.

1. Log into your server as a user with Administrator privileges.
2. Download DisableSSL3.zip, extract the .zip file contents, and then double-click DisableSSL3.reg.
3. In the Registry Editor caution window, click Yes.
4. Restart server.

If you prefer to do it yourself, follow the steps in the instruction below.

Microsoft IIS: How to Disable the SSL v3 Protocol

1. Open the Registry Editor and run it as administrator.For example, in Windows 2012:
   1. On the Start screen type regedit.exe.
   2. Right-click on regedit.exe and click Run as administrator.
2. In the Registry Editor window, go to:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\
3. In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key.
4. Name the key, SSL 3.0.
5. In the navigation tree, right-click on the new SSL 3.0 key that you just created, and in the pop-up menu, click New > Key.
6. Name the key, Client.
7. In the navigation tree, right-click on the new SSL 3.0 key again, and in the pop-up menu, click New > Key.
8. Name the key, Server.
9. In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value.
10. Name the value DisabledByDefault.
11. In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value.
12. In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.
13. In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value.
14. Name the value Enabled.
15. In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value.
16. In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.
17. Restart your Windows server.You have successfully disabled the SSL v3 protocol.

For instructions about disabling browser support for the SSL v3 protocol, see Disabling Browser Support for the SSL 3.0.

Here are 10 places to take your phones so they can be refurbished, reused, or recycled and diverted from the landfill.

1. EcoATM

EcoATM is an automated kiosk that collects your unwanted cell phones and tablets and gives you cash for them. It’s made by the same people that make CoinStar, so you’ll find them by the checkout lines at various grocery store chains. It accepts devices from any era or in any condition, and offers anywhere between a few bucks to a few hundred dollars in return. EcoATM partners with R2 certified e-waste reclamation facilities to ensure they are recycled, or gives the phones a second life.

2. Eco-Cell

Eco-Cell is a Louisville, Kentucky-based e-waste recycling company. It partners with nonprofits and organizations such as the Jane Goodall Institute. Bins are located in coffee shops and other businesses around the country, where the collected phones are shipped to Eco-Cell in Louisville. If the phones are reusable, they resell them and pass some of the money back to the owner. If they are not reusable, the phones are recycled and the owner is paid the money for the value of the recycled materials.

3. Best Buy

Best Buy has recycling kiosks in their stores in the US, as well as recycling in-store for no charge to you. They typically limit it to three items per family, per day. From there, they work with recycling companies to make sure the phones and other electronics don’t end up in landfills.

4. Hope Phones

The Hope Phones campaign was started in 2009 by Medic Mobile, which works to advance health care in 16 countries by using mobile technology. Individuals, nonprofits, groups, or businesses can host a Hope Phones campaign to donate old phones. They are recycled and valued so the nonprofit can get new technology for the field. Most old models are valued at $5, but newer smartphones are regularly valued at $80, according to the website.

5. Cell Phones for Soldiers

Cell Phones for Soldiers is a nonprofit that works to provide cost-free communication services to active-duty military and veterans. New or gently used mobile phones are accepted and each device valued at $5 turns into 2.5 hours of free talk time for the soldiers.

6. Gazelle

Gazelle is one of the most popular trade-in options for old cell phones. The company is headquartered in Boston, with locations in Louisville, Kentucky and in Texas. Pick your brand, model, carrier, and plug in what kind of shape it’s in, then get an offer. Ship it for free, and receive a check or gift card to Amazon.com or PayPal after they check it out and make sure it’s worth what you say it is.

7. Call2Recycle

Call2Recyle  is a no-cost recycling program for batteries and cell phones in the US and Canada. It has collection boxes that can be placed anywhere, which have shipping permits so mailing them is easy. They also have bulk shipping if there is a large amount of recyclables.

8. Your carrier

AT&T has a trade-in program for unwanted phones and accessories regardless of manufacturer or carrier. The owner gets a “promotion card” which can then be used to take money off a new phone or other purchase. Make sure you erase all your information before you turn them in, though.

Verizon also offers a trade-in program where the owner can receive an electronic gift card once they send in the phone and have it appraised.

9. Local places

Your city undoubtedly has places to recycle old phones. Most local government websites, like New York’s, have directions of where to go to recycle phones. A lot of cities usually have nonprofits that donate old phones as well. The EPA also has an option to find out what electronics you can recycle with mail-in options.

10. Recycling for Charities

This nonprofit features one charity at a time, for which they donate money from recycling old phones. All makes and models are welcome at Recycling for Charities, and the phone condition is not an issue. They make an attempt to refurbish it first, then find recycling centers to ensure the materials won’t go into landfills if the phones cannot be reused.

These 10 services are well-researched and well-known options, but make sure to research on your own where your phone is going to make sure it is going to a certified e-waste recycler, so it doesn’t end up in a landfill despite your efforts.

Edit, work, create, and get more done from your iPad, for free

Four new, free apps are available on your iPad®. With both Microsoft OneDrive and Dropbox access, online storage—and access to your files—is always just a click away on your iPad. The new Microsoft Office apps give you the ability to flat out get more done.

• With the new Microsoft Word app, you can edit, create, and save your docs, wherever work takes you
• The new Excel app lets you analyze your data on the fly
• Build and deliver your presentations—right from your tablet or phone—with the new PowerPoint app
• The new Microsoft OneNote app helps you work collaboratively and stay organized on the go

With these apps, you can now access, edit, and save directly to your Dropbox account. You can even open and edit files that have already been saved in Dropbox.

Adding Dropbox is easy.  When you are in any of the new apps, follow these simple steps:

1. Tap on the arrow in the top left, then tap Open
2. Tap “Add a Place”
3. Select Dropbox

To get the Office apps for iPad®, open www.appstore.com/microsoftoffice from your iPad’s web browser.

Due to a critical security vulnerability with SSL 3.0  (an 18-year-old, outdated technology), we recommend disabling it on your server. We have instructions on how to do that in the Updating section but recommend reading the entire document to understand the scope of what this does.

What does POODLE do?
In short, it’s a way attackers can compromise SSL certificates if they’re on the same network as the target if (and only if) the server the target is communicating with supports SSL 3.0.

Google has a lot more detail on their security blog here.

Does POODLE affect my server/sites?
Because POODLE is a vulnerability in SSL technology, it only impacts sites using SSL certificates. If your server or your sites don’t use an SSL certificate, you don’t need to update your server. However, we recommend doing it now in case you do end up installing an SSL certificate at a later date.

Updating
How you update your server depends on whether your server uses a Linux® distribution or Windows® and if it uses cPanel.

cPanel

cPanel requires slightly different steps from any other control panel/operating system configuration.

To Configure cPanel to Prevent POODLE Vulnerability on HTTP

1. Log in to your cPanel (more info).
2. In the Service Configuration section, click Apache Configuration.
3. Click Include Editor.
4. In the Pre Main Include section, from the Select an Apache Version menu, select All Versions.
5. In the field that displays, type the following, depending on which version of CentOS you’re using:

If you encounter errors while applying this update, please review this forum post at cPanel that discusses potential fixes.

6. Click Update.

Preventing POODLE on Other Protocols (FTP, etc.)

Right now, only servers using RHEL can protect themselves against POODLE on non-HTTPS protocols. They can do this by updating the latest version of OpenSSL, and then implementing TLS_FALLBACK_SCSV.

Servers using CentOS do not yet have a known fix for the vulnerability on non-HTTPS protocols. However, we will update this article with those instructions as soon as we do.

Linux (Apache)

Modify your Apache configuration to include the following line:

SSLProtocol All -SSLv2 -SSLv3

For more information on how to do that, view Apache’s documentation.

Windows (IIS)

Modify your server’s registry (which removes access SSL 3.0 support from IIS) using Microsoft’s document here. You can jump down to the Disable SSL 3.0 in Windows section.

Check out a recently developed and designed website by South Jersey Techies Website Team for The Vendemmia Foundation in Philadelphia, PA.

Shop all the new products!

Save up to 10% on new purchases of $60 or more.

Visit: www.bigbeagle.com

Promo code: rs65214a. Offer expires Sunday, June 22, 2014.

On May 1, 2014 at 10AM, Microsoft has released a update for Internet Explorer versions 6 through 11 to fix the Remote Code Execution vulnerability.  This security hole was used in “limited, targeted attacks” and could grant the attacker the ability to steal personal/intellectual data and gain unauthorized access to personal computers.

Although Windows XP is no longer supported by Microsoft, a security update was also pushed to all XP machines to repair Internet Explorer versions 6 through 11.

“The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you haven’t enabled Automatic Update, now is the time.” said Dustin Childs Group Manager, Response Communications of Microsoft Trustworthy Computing.

For a list of all Microsoft Security Updates for this issues, please click here.

Install Security update for IE

1.  Click the Start button.

2.  Select Control Panel.

3.  Select Windows Update.

4.  Click “# import update(s) is available”.

5.  Verify that “Security Update for Internet Explorer # for Windows *” is selected to be installed.

3.  Click OK then click Install Updates.

For assistance applying Security Update for Internet Explorer

please contact us 856-745-9990 or click here.

IMPORTANT INFORMATION: US-CERT and UK security agencies warn users to stop using Internet Explorer because of the severity in this security hole that has been used in “limited, targeted attacks”.

United States Computer Emergency Readiness Team released an alert on April 28, 2014 regarding vulnerabilities in Microsoft’s Internet Explorer.  Internet Explorer versions 6 through 11 are susceptible to be victims of attacks to exploit the Remote Code Execution Vulnerability.

US-CERT Vulnerability Note VU#22292

Microsoft Security Advisory 2963983

Workarounds:

Basic protection includes the installation of Anti-malware software, enabling a Firewall and applying all Windows/Microsoft updates.  In addition to basic protection, we recommend taking extra preventative steps listed below.  It is not necessary to apply all of the following workarounds, apply one to help protect your system and data.

Enable Enhanced Protection Mode

1. Open IE 10 or IE 11.
2. Click the Tools menu and select Internet Options.
3. In the Internet Options window, click the Advanced tab.
4. Scroll down the list of options until you see the Security section, click the checkbox to Enable Enhanced Protected Mode.  For IE 11 in a 64-bit version of Windows, you also need to click the checkbox to “Enable 64-bit processes for Enhanced Protected Mode”.
5. Restart IE to force the new settings.

Change Access Control List and unregister VGX.DLL:

32-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

64-Bit Systems:

1. Open elevated Command Prompt (Run as Administrator)
2. Run the following command(s) separately:
   

   “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll” “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles(x86)%\Microsoft Shared\VGX\vgx.dll”

3. Click OK to close Dialog Box confirming un-registration has succeeded.

Windows XP and all other users.

For all user(s) that cannot follow recommendations from Microsoft are urged to use a different web browser.  For secure download(s) of Google Chrome or Mozilla Firefox, please follow the links provided.

For assistance with Changing IE Settings or Install a new Browser

 please contact us 856-745-9990 or click here.

Shop all the new products!

Save up to 15% new purchases of $75 or more.

Visit:  www.bigbeagle.com

Promo code:  rs45114a. Offer expires Sunday, April 27, 2014.

OneDrive (formerly “SkyDrive”) in an essential tool for the Office 365 package.  OneDrive provides safe data storage that can be easily accessed from virtually anywhere.  Although, this storage option is safe, it is not practical for business use.

OneDrive for Business (formerly “SkyDrive Pro”) offers a administrative controls with a content management platform. OneDrive for Business allow IT Administrators/Departments to control the intellectual property of their business(es).

Improved features for OneDrive for Business include a menu bar to easily access frequent tools and controls, search bar with type-ahead feature to quickly find files and many more.  Additional features such as, higher storage limits, encryption on stored data, data loss prevention features and many more will be released throughout 2014.

Currently, OneDrive for Business is included with Office 365 and SharePoint package plans.  Microsoft announced that as of April 1, 2014 OneDrive for Business, as well as other services/software, will be available as a standalone cloud service for $5 a month per user.

For assistance with Office 365, SharePoint or OneDrive for Business

 please contact us 856-745-9990 or click here.