Bovinova 2.0 / 2012 was a great experience! Did you miss it? If so, there’s always Bovinova 3.0 in 2013!

Okay, so this last weekend was amazing… Bovinova 2.0 blew the first event out of the water!

The bar has been raised considerably, so Bovinova 3.0 next year is going to have to be exponentially cooler to top it!

What IS Bovinova you ask? It is a big (no, bigger than “big”) BBQ! They roast an entire cow over a fire, and goat, lamb, chicken, turkey, hotdogs, hamburger and a llama. Wait, did this guy just say llama? You bet I did!

Also, during the Friday before the event, there is live entertainment, including a band, which I was lucky enough to play with for the second year running, and a local entertainer known as Tim TV who has his “Secret Cirkus” and they twirl lighted hulahoops and play with fire! (Eating it, fire-hooping, etc).

You can keep up with the Bovinova happenings at www.Bovinova.com

"Burnt Offering", the official Bovinova Band featuring John M. Hoyt and Joey Loman

Data Killer – Could tape & hard drive shredding & “DOD” wipes be a thing of the past?

Currently, the ONLY true way to ensure that your data is not recovered from an old hard drive is to destroy that drive by shredding it.

In the video below, you will see a device that has the potential for erasing the data using the same method that was used to record that information, albeit much more powerful.

It remains to be seen whether data will be truly rendered unreadable using the “Data Killer”, but in theory it could work, and the fact that the hard drive itself would remain operable is quite attractive.

One thing is for sure, a “DOD wipe” is not enough to protect your data. We have successfully recovered data that was erased or wiped using 5 passes or more of common software.

 

If you have backup tapes or hard drives that you would like to securely dispose of, please contact us in the Upstate of SC, we can arrange for the secure shredding of those devices.  864.990.4748 or use our CONTACT form for more information

Greenville / Upstate musicians wanted for fun & funky band!

Okay, this has nothing to do with Homeland Secure IT, but it has everything to do with fun!

Most of you who follow this blog also know I am a musician and you may or may not know that I am “between bands”.

I’ve decided that starting a new, fun and funky band is what I really want to do. Not doing the average country rock, southern rock, classic rock or any one other genre, but instead, to do a variety of music that people want to hear at events, festivals, fairs, corporate grand openings, dances, parties, wedding receptions and the like.

We’re talking tunes from across all genres, from rock to reggae, disco to country, jazz to blues. So basically, anything with a great groove is fair game! No downer, “cry in your beer” type songs here, and just a sprinkling of the well loved, and maybe over-done songs. Maybe some originals thrown in for good measure.

And while it will be a “cover band”, these covers will not be performed exactly as the original. If people wanted to hear the original music, they wouldn’t book a band, they would hire a DJ!

The project is called “Hot As A Pepper”!

If this sounds like something you want to get involved in if you are a guitarist, vocalist, keyboard player or drummer, then let’s talk. Or maybe you know someone who might fit into a group like this… Please pass on my contact information to them…

There are a few requirements though…

  • Must be reliable – this requires work, you will need to be there
  • There will be at least one rehearsal per week, more if everyone is up for it
  • This will be a gigging band – at least a gig per month, probably averaging 2 to 3 per month
  • This will be PRIMARILY local to the Upstate – no touring here
  • There WILL BE smoky bars/clubs with maybe intoxicated people around
  • There WILL BE late night gigs (hopefully more events/festivals after a year or so though)
  • You have to have a great personality – fun to be around.
  • This is not ONLY for money… If you are driven ONLY by money, uhmmm you won’t be happy!

Let me know if you want more information about Hot As A Pepper! Venue owners and those needing a great band for events should reach out immediately to see how we can help each other!

You can find us on facebook at http://facebook.com/HotAsAPepper and at our website of www.HotAsAPepper.com

Apple OS X security update released to address clear text password flaw

Yesterday, Apple released an important security update that fixes vulnerabilities in all current versions of OS X.

Over 35 security flaws are addressed in 19 different components that are part of OS X or OS X server including the Kernel, Bluetooth, Directory Service, QuickTime, Time Machine and others which could lead to elevation of privileges, DoS (Denial of Service) and code execution.

More information about these updates and vulnerabilities can be found in the security update bulletin

Apply these and all other updates to keep your Apple OS X computer as safe and secure as possible. If you require assistance with computer security or service  here in the Greenville or Upstate SC area, please call us at 864.990.4748 or use our CONTACT form.

Adobe releases patches to keep your Shockwave, Flash Professional, Photoshop and Illustrator secure

When prompted to install updates for your Adobe products, please do so…  A number of patches are available that will address multiple vulnerabilities.

This comes from our friend and partner, WatchGuard’s blog (follow the links through for Adobe’s official explanation):

Adobe Patch Day: Shockwave, Flash Professional, Photoshop, and Illustrator Updates

by Corey Nachreiner

Severity: High

Summary:

  • These vulnerabilities affect: Adobe Shockwave Player, Flash Professional, Photoshop, and Illustrator
  • How an attacker exploits them: Multiple vectors of attack, including enticing your users to open malicious files or visit specially crafted web sites
  • Impact: Various results; in the worst case, an attacker can gain complete control of your computer
  • What to do: Install the appropriate Adobe patches immediately, or let Adobe’s updater do it for you.

Exposure:

Today, Adobe released four security bulletins describing vulnerabilities in many of their popular software packages, including Shockwave Player, Flash Professional, Photoshop, and Illustrator. A remote attacker could exploit the worst of these flaws to gain complete control of your computer. The summary below details some of the vulnerabilities in these popular software packages.

  • APSB12-13: Five Shockwave Code Execution Vulnerabilities

Adobe Shockwave Player displays interactive, animated web content and movies called Shockwave. According to Adobe, the Shockwave Player is installed on some 450 million PCs.

Adobe’s bulletin warns of five security vulnerabilities that affect Shockwave Player 11.6.4.634 and earlier for Windows and Macintosh. Adobe’s bulletin doesn’t describe the flaws in technical detail, only characterizing them as memory corruption vulnerabilities. All five flaws share the same impact. If an attacker can entice one of your users into visiting a website containing some sort of malicious Shockwave content, he could exploit these vulnerabilities to execute code on that user’s computer, with that user’s privileges. If your Windows users have local administrator privileges, an attacker could exploit this flaw to gain full control of their PC.

Adobe Priority Rating: 2 (Patch within 30 days)

  • APSB12-12: Flash Professional Buffer Overflow Vulnerability

Adobe Flash is a platform for creating interactive or animated web content and video. Flash Professional is the Adobe authoring environment used to create Flash content.

Flash Professional 11.5.1.348 and earlier for Windows and Mac suffers from a buffer overflow vulnerability. Adobe does not share any relevant detail about this flaw, nor how an attacker might exploit it. However, we assume that if you open specially crafted Flash content in Flash Professional, an attacker can leverage this flaw to execute code on your computer, with your privileges. As usual, if you have administrative or root privileges, the attacker would gain complete control of your machine.

Adobe Priority Rating: (Patch at your discretion)

  • APSB12-11: Photoshop TIFF Handling Vulnerability

Photoshop is a popular image editing program. Photoshop CS5.5 (for Windows and Mac) suffers from two vulnerabilities; a vulnerability involving its inability to properly handle specially crafted TIFF images, and an unspecified buffer overflow vulnerability. By tricking you into downloading and opening a malicious image in Photoshop, an attacker can exploit the TIFF flaw to execute code on your machine, with your privileges. If you have local admin privileges, the attacker gains complete control of your computer. Adobe doesn’t describe how an attacker might leverage the second buffer overflow vulnerability.

Adobe Priority Rating(Patch at your discretion)

  • APSB12-10:  Five Illustrator Code Execution Vulnerabilities

Illustrator is Adobe’s vector drawing software. It suffers from five unspecified memory corruption vulnerabilities. Adobe doesn’t describe these flaws in any other detail, other than calling them code execution vulnerabilities. If forced to guess, we assume that if you handle specially crafted, Illustrator-compatible files (perhaps an image), an attacker could exploit this flaw to execute code on your computer with your privileges. Again, if you are an administrator, the attacker gains full control.

Adobe Priority Rating(Patch at your discretion)

While we’re on Adobe updates, if you haven’t installed the early Flash Player update that Adobe released last week, we recommend you do so immediately. That update is much more severe than the ones released today.

Solution Path:

Adobe has released updates for all their affected software. If you use any of the software below, we recommend you download and deploy the corresponding updates as soon as possible, or let Adobe’s automatic updater do it for you.

NOTE: Adobe has chosen to only release some of these fixes as paid updates (CS6). If you didn’t already plan to pay for these updates, you will have to decide if these security issues change your mind. On a positive note, attackers don’t often target the products in question (Photoshop, Illustrator, Flash Professional). Nonetheless, it’s difficult for us not to recommend the latest security updates, and we wish that Adobe had extended these security updates to previous versions as well.

For All WatchGuard Users:

Attackers can exploit these flaws using diverse exploitation methods. A properly configured UTM device may mitigate the risk of some of these issues. That said, it cannot protect you from local attacks, nor can it prevent attacks that leverage normal HTTP traffic. Therefore, installing Adobe’s updates is your most secure course of action.

Status:

Adobe has released patches correcting these issues.

References:

This alert was researched and written by Corey Nachreiner, CISSP.

Corey Nachreiner | May 8, 2012 at 4:35 pm | Tags: adobe, Flash Player, patch, Photoshop, shockwave, updates | Categories: Security Updates | URL: http://wp.me/pVP8E-xd

Should you require assistance with these Adobe security updates or any security or network updates for your business here in the Greenville / Upstate area, please do not hesitate to call upon us at 864.990.4748 or use our handy CONTACT form!

Is your smartphone spying on you? Privacy and security experts say that it could be…

I’ve posted links on Facebook & Twitter in the past, as well as a blog post here and there about privacy and security as it applies to smartphone and mobile computer users.

Did you know that for just a few dollars an app can be  purchased, and even installed remotely in some cases on a smart phone that will allow the phone itself to be used as a spy tool?

One of the “best” apps available (and most expensive to purchase) for Android and (jailbroken) Apple phones allows:

  • Remote installation (you don’t have to have access to the phone to install it)
  • Remotely wake up a phone that is “off”
  • Auto-reinstall upon reload of OS
  • Complete stealthing (almost impervious to detection)
  • Turn on the camera (front or rear facing)
  • Turn on the microphone (monitor anything said in a room)
  • Access GPS (see where the phone is)
  • Eavesdrop on phone conversations (both sides)
  • Eavesdrop on Skype and other video conferencing (both sides)
  • Enable keystroke logging (everything typed is viewable)
  • URL logging (where the phone owner has browsed to is viewable

In addition to those features it can do some other interesting things….

  • If a phone wanders outside of a defined area, alert the person watching
  • If the phone exceeds a set maximum mile-per-hour, alert the person watching
  • If the phone is called or texts a particular number/s, alert the person watching
  • If the phone is used to call or text a particular number/s, alert the person watching
  • Record conversations and upload (non-real-time access and archiving)
  • Record random camera shots (time-lapse of what phone sees)
  • Full remote access, to allow browsing files and installing additional apps

The same tools are available for computers and can be used on tablets, notebooks and even desktops.

What are some signs that your phone or computer may have monitoring software installed on it?

  • Slow internet access
  • Random reboots
  • Camera doesn’t respond when you want it to
  • GPS may indicate it is in use and tools like Waze may not be able to access it
  • WiFi may turn on and off randomly
  • GPS may turn on and off randomly
  • Echos on your phone conversations
  • Phone turns on automatically, even if turn it off or on timed shutdown
  • Emails and text messages may show as being read
  • After reinstallation of phone OS, issues begin again
  • Data usage seems higher than it should (maxing out your data plan)

What can you do about this? How can you remove smart phone spy software?

This can be a tough one! Many people have reported having their phone wiped and reloaded only gave them a short period of time before the software was reinstalled (remember, it can do it automatically and can be pushed to the phone remotely in some cases).

Can you buy a new phone and get away from it? In some cases, yes… But in others, if the person applying the software still has access to the phone physically, or knows the number, they could reinstall the software.

A good option might be to change platforms (If you are on IOS, go to Android, or vice-versa) so the person at least has to buy a new version of the software.

Changing your phone number can help. But only if the person doing the spying does not know your phone number. There are other ways for them to find you too, but I won’t get into that here.

Installing quality mobile anti-virus can help keep you from getting the software installed in the first place.

Worst case scenario?  Turn off the data plan on your phone.  How inconvenient!

How does it get installed remotely?

The person who wishes to monitor you can send you a text message, picture message, or an HTML link and once you visit that link, it can install the software and you will not even be alerted to that fact. Some anti-virus like Trend Micro’s mobile security product can detect that attempt and alert you.

How does it get installed locally?

Anyone who can access your phone for just a minute can visit the download link of the spy software and install it on your phone. After it is active, there are no traces for you to see (other than the potential for the symptoms listed above).

Use of a PIN or locking code that only you know can reduce the likelihood of that happening.

Isn’t this illegal?

Of course it is, but the majority of people would never suspect it, and if they do and actually FIND the spy software, tracing it back to the person who is doing the spying could prove extremely difficult, especially if they use proxies and other means for hiding their activities.

If you need help in your Upstate or Greenville, SC business regarding mobile computing or smart phone security, Homeland Secure IT may be able to help. Call us today at 864.990.4748 or use our CONTACT form…   You might want to do it from a land line, far away from the suspicious cell phone if you wish to avoid alerting them.

Microsoft May Patch Tuesday brings updates to Windows, Office and more

It seems like only last month we were talking about Microsoft updates…

The updates for May 2012 will include three critical bulletins aimed at plugging holes which allow remote code execution in Microsoft Windows, Office, .NET Framework and Silverlight.

There are four additional security bulletins rated as “important” and a total of 23 security issues to be addressed.

Read the full story here.

As always, please install these updates to insure your systems remain as secure as possible, and while you are at it, make sure your Adobe Flash, Reader, Acrobat and your Java are up to date too.

Should you need assistance with these or any other security issues that might affect your Greenville or Upstate business or corporate network, do not hesitate to call us at 864.990.4748 or use our handy CONTACT form.

What else does Homeland Secure IT do besides computers, servers and networks?

You know the elevator speech that you typical hear from people, where they pitch their services or wares to you? Mine goes something like this, “I’m John with Homeland Secure IT, and we provide small and medium businesses with computer, server and network support, service and sales here in the Upstate”.

The person I am telling will usually walk away thinking that we fix computers, or that we sell servers. All of which are correct, but by no means is that ALL we do. I can’t very well tell you, “Hi, I’m John and my company does everything related to IT”. Actually, I *have* said that, and that results in a tilt of the head and total confusion.

It is very hard to convey what we do, when in fact, we do so much!

So just what do we do? Welllllllllllll, taking a deep breath…

We DO provide service, repair, consultation and support of computers, servers, networks, mobile computers, and the like.  That means, we fix stuff! We go to a client’s location and fix a malfunctioning server, we repair a computer or replace it, we put updates on firewalls, and consult with IT and facility administrators about needs. We also perform repairs of personal home computers in our Greenville office.

But, it’s so much more than just that. A vast array of technologies are included in there, here are a few:

  • Voice over IP phone systems
  • IP Surveillance Cameras (Security cameras, CCTV, DVR)
  • Time & Attendance systems (Time clocks and time tracking hardware and software)
  • Mobile computers (Notebook, netbook, laptop, tablet, smartphone)
  • VPN and remote access to your business (secure access to files and machines)
  • Wireless / Wi-Fi systems (both small business, and much larger, for schools, campus, college, enterprise)
  • Licensing – We are licensing experts for Microsoft, Symantec, Trend Micro, Cisco and more!
  • Email – Microsoft Exchange servers, cloud based email like Google Apps / Gmail, Office 365

That’s the tip of the iceberg! We also offer full sales of these products!  We partner with the biggest names in technology and provide hardware, software and license sales!  Whether you need one or a thousand of these items here in our area, we can help.

Here’s a partial list of the manufacturers who’s products we offer:

  • Microsoft (Windows, Server, Exchange, SQL)
  • Cisco (firewall, router, switch, VoIP, camera, security, wireless)
  • Symantec (Backup Exec, endpoint virus protection)
  • WatchGuard (Firewall, security)
  • SonicWall (firewall, security)
  • TrendNet (Switch, firewall, router, camera, wireless)
  • D-Link (Switch, firewall, router, storage, camera, wireless)
  • LinkSys (Switch, router, wireless)
  • Trend Micro (WFBS, anti-virus, anti-malware, anti-spam)
  • Acer (computer, netbook, notebook, tablet, laptop, monitor)
  • Samsung (computers, monitors and much more)
  • Toshiba (computers and more)
  • Lenovo (computer, server, tablet and more)
  • NexLink (business computer, server & tablet solutions)
  • AcroPrint (Time and attendance systems)
  • AVTECH (Server room monitoring)
  • Jabra (headsets of all styles from wireless to corded)
  • HP (computer, server, printer, network and more)
  • DELL (computer, server, backup network and more)
  • Servosity On Demand Backup (Remote backup solution)
  • Audio-technica (headphones, microphones)
  • Sennheiser (audio – headphone, microphone)
  • Asus (computer, display)
  • Panasonic (high speed scanner, printer and security)
  • Ricoh (printer, scanner, copier, etc)
  • Brother (printer, scanner, copier, etc)
  • DA-LITE (projection screens, projector mounts)
  • SNOM (IP phones)
  • SMC Networks (network switches and more)
  • LG Erricson (switches, VoIP)
  • Intuit (Quicken, Quickbooks)
  • Eaton (power supplies, UPS, power conditioning products)
  • Quantum (Backup tape drives, RDX)
  • Tandberg (Backup, tape, RDX drives)
  • Adaptec (Controllers for SCSI, RAID, SAS, tape)
  • Digium (VoIP systems)
  • MSI (motherboard, notebook)
  • MozyPro (remote online backup)
  • Adobe (Photoshop, dreamweaver, creative suite, CS)

Sorry about that, had to cut myself off again. The list goes on and on. We are able to provide products from these manufacturers AND the expertise to install and support them!

I sometimes think it would be easier to answer the question of, “What do you guys do?” with if it were rephrased to be, “What DON’T you guys do?”…   Then I would answer, “We don’t windows”.  Oh but we do!

If we can assist you or your business with anything technology related, please give us a call at 864.990.4748 or use our handy CONTACT form. Whatever you need – We do IT!

 

 

 

Russian hackers raked in 4.5 billion dollars in 2011

Thirty-six percent of the estimated $12.5 billion in ill-gotten gains by cybercriminals in 2012 can be attributed Russian-speaking hackers through various online criminal tactics according to an article over on ComputerWorld’s site.

How can you help protect your business from becoming a victim? The only 100% effective way is to not be connected to the internet, however that would make conducting business very difficult in this day and age.

Here’s a short list to help lower chances of becoming a victim:

  • Keep desktop and notebook computer operating systems up to date
  • Keep server operating systems up to date
  • Update all software applications including Java, Adobe Flash Player, Adobe Reader, Microsoft Office
  • Use modern operating systems (Windows 7 has proven less vulnerable than XP time and time again)
  • Update your Macs (yes, they are becoming a bigger target)
  • Utilize hardware firewalls at your network perimeter
  • Lock down incoming ports, allow only what is absolutely necessary
  • Use reliable and trusted anti-virus (we recommend Trend Micro Worry-Free)
  • Add a mail scrubbing gateway appliance or Trend Micro product on Exchange mail server
  • Consider locking down particular websites (Again, Trend Micro WFBS can do this)
  • Use strong passwords
  • Use HTTPS, SSL and encryption whenever possible
  • Physically secure your computers
  • Secure your wireless network
  • Use VPNs between sites
  • Get computers under control of your domain controller, including smartphones for email (remote wipe)
  • Implement a backup solution, whether hardware (tape, RDX, SAN) or cloud / remote (Servosity, MozyPro)
  • Train your staff to not open suspicious emails, visit sketchy websites, and to report oddities immediately
  • Hire an outside resource to occasionally look over your security plans. Two sets of eyes are better than one!

Obviously, there is a LOT more to keeping your network secure, but that’s a great start, and one that over half of the businesses have not even considered!

If you would like to discuss the current state of security of your network in the Greenville, Spartanburg, Anderson, Clemson, Simpsonville, Upstate area, please give us a call at 864.990.4748 or use our CONTACT form.

We work with the biggest names in IT Security! From Cisco to WatchGuard.

Is your business computer network ready for IPv6?

This time it is for real...

Get ready for a slew of IPv6 news topics because World IPv6 Launch is right around the corner (June 6th, 2012).

This means that a boat-load of ISPs will be flipping the switch and enabling IPv6 permanently on or before this magic date. A quick google search for IPv6 news will turn up lots of articles posted in the last few days alone, such as:

These types of posts are growing in numbers rapidly.

But really, what does it mean for you?

Not to tell you that the sky is falling, but, hey, the sky is falling.  Not today, not next week, not in June, but yes, soon, your IPv4 technology will be outdated, and the smart IT administrator is currently working on a plan to migrate to IPv6.

Here’s the bad news for you:  Your old firewall or router may need to be ditched and new one purchased in order to have proper network routing. Some current firewalls and security routers that are sold today are not even compatible. And some computers and operating systems are not ready.

The good news is that many manufacturers such as Cisco, Linksys, WatchGuard, Sonicwall, Jupiter, and Zyxel have been preparing for this change-over for a while now. Microsoft has supported IPv6 for several years.

You are not without options.

If you would like to discuss how you can prepare for the inevitable, please give us a call at 864.990.4748 and arrange a consultation. You can also use our CONTACT form. We cover the Upstate and Greenville, SC area and are authorized dealers for more network and network security products and appliances.