Malware Targeting Windows 10 Upgrade

Hello All –

In an effort to continually keep our customers educated on new and emerging computer threats, we are sharing the latest information we’ve received about new malware that is targeting soon-to-be Windows 10 users.

Please be watchful for an email purporting to be from Microsoft with an attachment; the email verbiage claims to include an installer granting users “quick” access to the new Microsoft OS.  The attached executable file is malware similar to the Cryptolocker virus – “ransomware” that encrypts your files, locking the owner out.

As always, if you are suspicious of an email attachment, please forward the email to JENLOR’s service group at service@jenlor.com.  If you have immediate questions, please call service at:

412-220-9330 x 2.

Please forward this communication to your end users – your best defense is education. 

Ransomware

We’ve seen a resurgence of “Ransomware” type viruses – like CryptoLocker. Unfortunately, it’s not just JENLOR who has seen this increase.

The link attached below is from a government article with some new data on Ransomware viruses and some suggestions to help avoid falling prey to these nuisances.   Here’s a summary of some best practices to protect your users:

-Always use antivirus software and a firewall:  It is important to use software and firewalls from a reputable source.  It is also important to maintain both of these through automatic updates.

-Enable popup blockers:  Popups are used by criminals to spread malicious software.  To avoid clicks on or within popups, it’s best to prevent them from appearing in the first place.

-Backups:  If you backup and maintain offline copies of your data, Ransomware scams will have limited impact.

-BE SKEPTICAL:  DON’T CLICK ON ANY EMAILS, FILES OR ATTACHMENTS YOU DON’T RECOGNIZE AND AVOID ANY SUSPICIOUS WEBSITES ALTOGETHER.  
Please share this In the Loop with ALL of your users. Education is your best defense against these debilitating viruses.

SPAM

Since coming on board with JENLOR, one of the more frequent discussions that I have with our customers is finding a way to more effectively filter SPAM from their employee’s email. In general, we have seen an increase in SPAM in the last year and as such, it’s important to find an effective SPAM management tool. Because we have seen and experienced an increase in unwanted emails, and because our customers have asked for better SPAM solutions, JENLOR is now partnering with Barracuda to manage SPAM effectively. With a long-standing heritage in spam protection, Barracuda Networks has been and continues to be an industry leader in identifying and blocking spam. Barracuda provides a comprehensive set of security layers that helps to ensure that organizations remain productive in the face of continually evolving threats.

JENLOR offers (3) different options for our customers to partner with Barracuda to manage SPAM:

  • A physical Barracuda device, resident on a customer’s network
  • A virtual Barracuda device, hosted on a customer’s virtual environment
  • OR a JENLOR fully-managed Email Security program, powered by Barracuda on the backend

Which option is best for your organization? It depends. We would be happy to discuss which of these (3) options would work best in your environment. We do know that across the board, we’ve seen a higher level of efficacy with Barracuda powering the email filtering. And with new threats and content coming at your organization every day, it makes sense to invest in a more robust, effective tool to help your users stay productive. If you do have questions OR concerns about SPAM, please reach out. We want to help and support all of your IT requirements.

Don’t Save Corporate Data On Your Workstations

One of the main advantages of having a corporate server environment is the ability to store ALL of your data in one place. Typically, servers are redundant, monitored 24×7, patched regularly, and backup up both locally and offsite. For these reasons, your data is much safer in a server environment than on an individual workstation. It never makes sense to backup corporate data to your individual workstation in a corporate environment. The risks of losing this data are too great.
Bottom line, if employees are saving data onto their workstations and not to a drive or share on the server, then that data is not being backed up – unless that specific workstation is being backed up separately as well. Worse yet, if that employee’s laptop is stolen and they have all of their work data saved on that hard drive, how can you recover that?
That’s a risk for your company.
JENLOR recommends a practice of directing employees to save critical data onto a share on the network. With a proper backup strategy, all of that data will then be backed up, reducing headaches later from a crashed workstation hard drive OR a stolen laptop OR other misfortunes that lead to end user downtime and frustration.
We encourage you to revisit the process of where and how your employees are saving data. If you have any questions OR would like to discuss options further, please reach out and we would be happy to consult on the best practices for your organization.

Crypto TorLocker2015 Security Warning

Recently, JENLOR has seen a few cases of a new version of the CryptoLocker virus called CryptoTorLocker2015. Although we don’t have specifics about how CryptoTorLocker2015 is installed on a computer, we do know that once it is installed, the virus begins scanning your computer and infecting data files and shortcuts. During the encryption process, the CryptoTorLocker2015 virus changes filenames and adds a new extension to a user’s files. We’re also seeing a “ransom note” added to any directory that the virus encounters – “HOW TO DECRYPT FILES.txt.”

Please be on the lookout for any emails with FAX or URGENT in the subject line or in an attachment. Note the .zip extension on these files and please DO NOT open any attachments. Deleting and reporting these types of emails will be critical in stopping the spread of this infection.

Continue reading “Crypto TorLocker2015 Security Warning”

End-of-Life for Server 2003

According to Microsoft, July 14, 2015, they will end extended support on all versions of Windows Server 2003/R2. This is going to push many organizations into a new server very quickly or risk several issues.

What does this mean for me and my organization?

  • No more warranty support or Technical Support from Microsoft.
  • Maintenance Costs – Running legacy servers is expensive. You will have increasing costs maintaining aging hardware due to incompatibilities and lack of technical support from Microsoft.
  • No Updates – There will be no more updates to fix bugs, performance issues and security vulnerabilities. To put this into perspective, 2013 saw the release of 37 critical updates for Windows Server 2003/R2. Past the end of life date, these critical issues will remain unfixed leaving you open to cyber security dangers such as malicious attacks or electronic data loss.
  • No Compliance – Once support ends, your organization will almost certainly fail to meet industry wide compliance standards. Regulations such as HIPAA, PCI, SOX & Dodd-Frank all require regulated industries to run on supported platform.

Continue reading “End-of-Life for Server 2003”

CryptoLocker and CryptoWall 2.0 Resurgence

JENLOR recently has seen a resurgence within our customer base of a very crippling virus that is a variant of the CryptoLocker virus.  Please be on the lookout for any emails with FAX in the subject and attachments.  Please note the.zip extension on these files and please DO NOT open any attachments.  Deleting and reporting these types of emails will be critical in stopping the spread of this infection.This widespread virus is embedded in emails and is currently not being consistently flagged as spam or a virus.  Like many other virus attacks, the publisher of the virus is hours (or even up to days) ahead of the companies providing anti-spam and antivirus definitions.  This unfortunately is common with the biggest vendors (Symantec, McAfee, Trend Micro, etc.) throughout the industry.  They are working hard to provide the protection needed to stop this type of virus and should have virus definitions updated in the near future.Please do not hesitate to call our service team at 412.220.9330 x 2 if you have any questions or concerns.  Or, you can forward the suspect email directly to service@jenlor.com for our team to review.

Continue reading “CryptoLocker and CryptoWall 2.0 Resurgence”

New Face at JENLOR

We have added another new staff member at JENLOR. We want to introduce him to you and take this opportunity to summarize his job role.

Lucas Rider

Managed Services Administrator

Lucas oversees JENLOR’s monitoring systems for our managed services customers. We use a broad set of monitoring tools that require constant focused attention, which Lucas provides. Our monitoring services cover server environments, security appliances, and local/offsite backup strategies. Lucas brings a balance of organizational skills, technical abilities, and intuitiveness to our team.  We rely on him to continually improve our managed services deliverables.  Lucas, who grew up in Raccoon Twp., is a veteran of the U.S. Air Force and has an associate’s degree in Computer Network Systems from ITT Tech. Unsurprisingly, Lucas is a “gamer” and previously competed professionally.  He also participates in conservation and preservation of natural habitats in PA.

Microsoft Audits

Recently, we have assisted a few of our customers with the Microsoft auditing process. Microsoft conducts these audits to ensure that every copy of installed Microsoft software is actually licensed. In conversations with our vendors, and from our own experiences, we have seen an increase with their audits on small/mid-sized businesses.

What are Microsoft Licensing Audits?

There are 2 types of audits from Microsoft. The first is known as the Software Asset Management (SAM) audit. This audit relies on your voluntary participation. During a SAM engagement, a Microsoft consulting partner examines your Microsoft software resources for any type of misuse.

The second is the Legal Contract and Compliance (LLC)audit. An LCC audit, which is involuntary, is only administered when Microsoft believes that a serious licensing infraction has taken place or a company has consistently refused to undergo a SAM engagement. This type of audit is costly and time consuming.

Continue reading “Microsoft Audits”