Symantec Backup Exec and Endpoint Protection .cloud trials available

We’re asked by clients all the time about offerings from different vendors, but one of them has just made it easy to offer free 30 day trails of their products!

We can provide your business with Symantec Backup Exec.cloud and Symantec Endpoint Protection.cloud demos so you can get the feel for the product before actually committing to a purchase.

If you run a business with 5 or even 500 users, then you need two things; Reliable backup of your data and anti-virus / malware protection. Symantec has you covered on both fronts.

Call us at 864.990.4748 or email info@homelandsecureit.com if you would like to give a trail of these cloud offers a test drive. If you are in Greenville or the Upstate of South Carolina, we can assist in the deployment of these two offerings. Give us a call, let’s talk!

Symantec Backup Exec.cloud & Endpoint Protection.cloud

symantec.cloud

 

March 2012 updates from Microsoft… In like a Lion? hah, I crack me up!

New, from Microsoft!   Updates! Just in time for Patch Tuesday…

Microsoft Security Bulletin Advance Notification for March 2012, released today, March 8, 2012, states that there is a little something for everyone.

If you are running XP, Server 2003, Server 2008, Server 2008 R2, Windows 7, or Vista in 32bit or x64, Microsoft Visual Studio 2008 or 2010, Microsoft Expression Design (through version 4),  or even the Server 2008 Server Core, then for the love of all that is Holy, please install the updates!

The impact ranges from Denial of Service to Remote Execution and Elevation of Privilege.  These are bad things.

If you require assistance installing these updates for your personal computer, or maybe many computers on your business network, please contact us at 864.990.4748 or email info@homelandsecureit.com – We offer computer service & repair to the entire Upstate and Greenville, SC!

Here’s the complete Microsoft Bulletin for your reading enjoyment:

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

 

********************************************************************

Microsoft Security Bulletin Advance Notification for March 2012

Issued: March 8, 2012

********************************************************************

 

This is an advance notification of security bulletins that Microsoft is intending to release on March 13, 2012.

 

The full version of the Microsoft Security Bulletin Advance Notification for March 2012 can be found at http://technet.microsoft.com/security/bulletin/ms12-mar.

 

This bulletin advance notification will be replaced with the March bulletin summary on March 13, 2012. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.

 

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.aspx.

 

Microsoft will host a webcast to address customer questions on these bulletins on March 14, 2012, at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://technet.microsoft.com/security/bulletin.

 

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

 

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

 

 

Critical Security Bulletins

============================

 

Bulletin 1

 

– Affected Software:

– Windows XP Service Pack 3

– Windows XP Professional x64 Edition Service Pack 2

– Windows Server 2003 Service Pack 2

– Windows Server 2003 x64 Edition Service Pack 2

– Windows Server 2003 with SP2 for Itanium-based Systems

– Windows Vista Service Pack 2

– Windows Vista x64 Edition Service Pack 2

– Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for Itanium-based Systems Service Pack 2

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Impact: Remote Code Execution

– Version Number: 1.0

 

 

Important Security Bulletins

============================

 

Bulletin 2

 

– Windows Server 2003 Service Pack 2

– Windows Server 2003 x64 Edition Service Pack 2

– Windows Server 2003 with SP2 for Itanium-based Systems

– Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Impact: Denial of Service

– Version Number: 1.0

 

Bulletin 3

 

– Affected Software:

– Windows XP Service Pack 3

– Windows XP Professional x64 Edition Service Pack 2

– Windows Server 2003 Service Pack 2

– Windows Server 2003 x64 Edition Service Pack 2

– Windows Server 2003 with SP2 for Itanium-based Systems

– Windows Vista Service Pack 2

– Windows Vista x64 Edition Service Pack 2

– Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for Itanium-based Systems Service Pack 2

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Impact: Elevation of Privilege

– Version Number: 1.0

 

Bulletin 4

 

– Affected Software:

– Microsoft Visual Studio 2008 Service Pack 1

– Microsoft Visual Studio 2010

– Microsoft Visual Studio 2010 Service Pack 1

– Impact: Elevation of Privilege

– Version Number: 1.0

 

Bulletin 5

 

– Affected Software:

– Microsoft Expression Design

– Microsoft Expression Design Service Pack 1

– Microsoft Expression Design 2

– Microsoft Expression Design 3

– Microsoft Expression Design 4

– Impact: Remote Code Execution

– Version Number: 1.0

 

 

Moderate Security Bulletins

============================

 

Bulletin 6

 

– Affected Software:

– Windows Vista Service Pack 2

– Windows Vista x64 Edition Service Pack 2

– Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation not affected)

– Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation not affected)

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation not affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Impact: Denial of Service

– Version Number: 1.0

 

 

Other Information

=================

 

Follow us on Twitter for the latest information and updates:

http://twitter.com/msftsecresponse

 

Microsoft Windows Malicious Software Removal Tool:

==================================================

Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

 

Non-Security Updates on MU, WU, and WSUS:

========================================================

For information about non-security releases on Windows Update and Microsoft update, please see:

* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base

Article 894199, Description of Software Update Services and

Windows Server Update Services changes in content.

Includes all Windows content.

* http://technet.microsoft.com/en-us/wsus/bb456965.aspx: Updates

from Past Months for Windows Server Update Services. Displays all

new, revised, and rereleased updates for Microsoft products other

than Microsoft Windows.

 

Microsoft Active Protections Program (MAPP) ===========================================

To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners, listed at http://www.microsoft.com/security/msrc/collaboration/mapp.aspx.

 

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

 

The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at https://technet.microsoft.com/security/bulletin/pgp.

 

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.aspx.

 

********************************************************************

THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

********************************************************************

To manage or cancel your subscription to this newsletter, visit the Microsoft.com Profile Center at <http://go.microsoft.com/fwlink/?LinkId=245953> and then click Manage Communications under My Subscriptions in the Quicklinks section.

 

For more information, see the Communications Preferences section of the Microsoft Online Privacy Statement at:

<http://go.microsoft.com/fwlink/?LinkId=92781>.

 

For the complete Microsoft Online Privacy Statement, see:

<http://go.microsoft.com/fwlink/?LinkId=81184>.

 

For legal Information, see:

<http://www.microsoft.com/info/legalinfo/default.mspx>.

 

This newsletter was sent by:

Microsoft Corporation

1 Microsoft Way

Redmond, Washington, USA

98052

 

—–BEGIN PGP SIGNATURE—–

Version: PGP Desktop 9.9.0 (Build 397)

Charset: utf-8

 

wsFVAwUBT1jaU/qHR30eX+zgAQiLng/9EWNGJKv0++2aynBAQNJeqFLGUL9vJFvQ

GzsqWZltP6XaAV31mGaBqgy25S+9ZsJOB8/nGZvW3F7pul2gihEg+SAtsbh48sLO

qjA4Jp9kaUGC9kbDhudZ/4D6/1hI80p2LkmIwVkPI0WhOptJ/qnqdhsAw4rWPi8t

XEWEHtTNdRuc61tN0FoQDA8mUi2MaWWtM03okceLdDyi/PXBrujdI1FCz7RETNZN

tHt+wTT85G4h7TAZaGsn7viV01E8NCJ9imijSerKnLqFW6cN2wtg5ep9O0uDhaGs

ojerwcU+56QVm6/jqqguAf0hzxRKKrUINA1N6cb4EO/4YsI73b2BnEF0349cG1IJ

s2TukyXlH4O8WOylU+JEyW3AgSOFcXvXO5oWV/1K6uB7ao2zgjlwbbrRfS882RbU

nYu4ji6DM4AqSnxkFia77ePEaQc7i+RgCJw8XBd+wqzoRYZD9k9+eyhk9tLW41h6

vBX0tPxoq2PUeA59Ex1lP3qnH7OtlbxInLhqDjEXxtdH2MCep0Q8uYLqJ4XyYY/H

JuijtIAiiXmne816tym24a6BqedZFj8BhaxeT7B7Ga+ZbzdN9u3Rf6mzSWvfqBKK

7qYY0gv4luWnOcK2SGrOGQUEX9IRhsolXFlecfNFQSuQCVwuyHrsko3rEMs0ZYZM

sbcBZjmyURg=

=FSrN

—–END PGP SIGNATURE—–

 

1

What do you say if someone wants to plug something into your network?

You don't want one of these on your network!

Let’s assume you are a business owner and a man walks in wearing a jumpsuit with an official looking badge, and tells you that he is from the power company, sent there to plug a device into your outlet that will monitor and potentially save you money.

What do you do?  Let’s assume they say they are from DHEC and flash what appear to be legitimate credentials and tell you they want to plug in a device to monitor toxins in the air. Or maybe from a nuclear task force, monitoring radiation from the Oconee nuclear power plant.

Do you let them? My money is on yes… IF they present themselves in a professional manner. And by doing so, you may just expose your entire network to bad guys intent on doing what they do best.

This is type of “social engineering” is probably not rampant, but it does exist.

Read about it over on Wired, where they discuss the “Pwn Plug” device which is available for purchase.

And don’t let anyone plug anything into your network unless you know exactly what is going on with it.

Questions about a strange devices connected to your network? Please call us in the Greenville or Upstate SC area and we will help identify it for you!  864.990.4748

No, you won’t lose access to the internet on March 8, 2012… #DNSChanger

If you're seeing red... Panic...

The top email question for me the last couple weeks has been, “What’s this about the internet going down on March 8th?”.

This is related to the DNS Changer malware which has permitted hackers to hijack web traffic and send it to their bogus sites and in the process, get millions of dollars from fraudulent advertisement revenue. The people responsible for this were caught by the FBI back in November of 2011.

This malware was quite prevalent last year, infecting half of all Fortune 500 companies and at least 27 government agencies (over 800,000 total computers), however, since then, the numbers have decreased to less than half a million computers according to DCWG‘s site.

The FBI had planned for the DNS servers which are affected to be replaced on March 8th, meaning anyone who is infected (including Mac users) would have been offline until their issues were fixed, however, yesterday (March 5, 2012), US District Court Judge Denis Cote extended the deadline for shutting down these servers until July 9, 2012 because it was believed more time was needed by authorities to eliminate DNS Changer from computers before their connections were lost.

To check if your computer is infected, you can visit THIS SITE.

Should you require assistance in the Greenville or Upstate SC area, please call upon us at 864.990.4748 or email info@homelandsecureit.com – We can help secure your computer, server or network!

News Flash! Flash Player Update Released to Correct Two Critical Vulnerabilities

Adobe has released an unexpected update to Adobe Flash Player 11.1.102.62 and earlier, running across all platforms (Mac & Android included) which addresses two critical flaws. This is covered in this security bulletin.

It is recommended that you download and install the latest version of the Adobe Flash Player (11.1.102.63 for computers and 11.1.11x.x for Android)).

Failure to update could result in your machine being exploited (code could be executed using your privileges).

COMPUTER UPDATE:

ANDROID:

Should you need support regarding this update or any other computer / server repair or service need, please call us at 864.990.4748 or email info@homelandsecureit.com – We cover the Upstate and Greenville, SC

Think twice before buying discounted Microsoft Office or other computer software

You know the old adage, “If it sounds too good to be true, it probably is.” – It’s just as true today as it was the first time I heard it many years ago.

Reading an article on WYFF 4 site entitled “Top 10 Most Counterfeited Items” has computer software lumped in with other optical media, which is ranked #5 in that list and they claim it accounted for 7% of seizures in 2010.

The article states these are the top 10 counterfeited items, but what it really means is that it is the top 10 list of counterfeit items that were actually seized. Bear in mind that many many others are sold and never discovered by or reported to authorities.

It doesn’t have to be a shady character selling software out of the back of their car, or at a table at your local flea market, in fact, the bigger sales are by websites that appear to be legitimate vendors. These often offer the software available for download, or they will send you the media for a few extra dollars along with the license key.

They distribute keys that are corporate keys, or in some cases, keys that have been taken off the bottom of computers (OEM) and keys that have been generated.

You can save 10, 20, even 100 dollars per product license, but then one day, you may find the product no longer activates because the software developer caught on and blacklisted that key.

What about Best Buy, Staples and other stores as a legitimate source for software? Some unscrupulous employees have been replacing actual legal software with counterfeits, and then selling the originals themselves, leaving those who purchase the product from the store with a bogus version. This is not nearly as widespread as outright sales of the illegal software.

How can you protect yourself from fakes? Consider the supply source, and if a lot of hands touch the product before you get it, it COULD have been replaced with a knock-off. So examine the packaging carefully before accepting it. Is it shrink wrapped or otherwise sealed? That’s good, but not always a surefire way to tell. Look at the quality of the packaging. Legitimate software has quality artwork, no typos or misspelled words (in most cases) and is generally high quality packaging.  Do not accept it if it doesn’t look right to you.

Discounted beyond belief?  Even 10 dollars is a LOT when it comes to software these days.  Think twice before buying that discounted Microsoft Office or Microsoft Windows because there is a reason it is cheap.

For the record, the mark-up many software packages is around 10%, so there’s not a lot of wiggle room there. If every place is selling the product for 200 and you can get it for 175 at Discount City, something is wrong.

Use reputable vendors, preferably one where you can go back and talk with them if there is an issue.

Homeland Secure IT can help you with your software needs in Greenville & Upstate, SC. We are partners with Microsoft, Symantec, Trend, and a whole range of software companies. Let us help you stay legal. Call us at 864.990.4748 or email info@homelandsecureit.com

 

2

Businesses need to protect their notebook, laptop and tablet computers… Are you listening NASA?

I’m not surprised at all when I read an article where a mobile computer (notebook, laptop, tablet) is lost or stolen that may contain sensitive data. I’ve become numb to it in many cases.

In the last week I have read about a doctor who “misplaced” his notebook, and it contained detailed medical records on it (it was later recovered), and in one trade journal I read where a law office hired a technician to upgrade existing computers to new computers they had purchased and it turns out the “technician” was a convicted felon, who used his access to lift one of the old notebooks, which contained client data.

However, the one I read about today over on the Discovery website takes the cake… Read it HERE.

It seems as though NASA lost a laptop computer about a year ago that contained the control codes for the International Space Station. No mention of whether they had made any attempts at all to protect their assets, I would have to research this one further to determine that.

The bottom line here is this: If you run a business, and your mobile computers contain financial, medical or any other sensitive information, you owe it to your clients to protect that data at all costs. In many cases, there are compliance requirements here that cover this, but they go ignored so often.

What can you do? Hire an expert in the field to advise you what to do with your mobile computer, or mobile fleet of computers so they are protected. It may be as simple and as inexpensive as encryption.

Homeland Secure IT would love to schedule a time to discuss these matters with you in the Greenville / Upstate, SC area. Please call us at 864.990.4748 or email info@homelandsecureit.com.

And the winner of our Kindle Fire tablet computer giveaway is…………..

#LeapIntoIT Kindle Fire Giveaway

#LeapIntoIT Kindle Fire Giveaway

The winner of the Kindle Fire is:

Jason Kneese, manager of Outman’s Cigar & Martini Bar here in Greenville!

Out of 9459 entries into our #LeapIntoIT Kindle Fire giveaway, Jason had only a couple, but his retweet of our post was the lucky one that did it.

I would like to thank everyone who took part in the fun and silliness, and also make a statement – We are not doing this again, at least not this way!

It took me a good solid two hours to compile all the data into one big excel file so the winner could be selected. I can find no automated way to mine the data I need from the various sources such as:

Twitter, Facebook, MySpace, Google Plus, Google Places, Merchant Circle, Yelp, FriendFeed, email mailing lists, blog posts, etc, etc, etc….

Next time we do this, it will encompass one action, or maybe we could use a professional giveaway service. I would love to hear your thoughts on how to do it!

Thanks again, it was fun, at least up until the end!

SonicWALL announces End of Support Notification for SonicPoint G Access Points

The following information comes courtesy of SonicWALL’s Global Support Services:

 

Announcement

SonicPoint G End of Support Notification

Affected Products

SonicWALL SonicPoint wireless access points

  • SonicPoint G

Announcement Summary

Effective March 1, 2012, SonicWALL will transition the SonicPoint G from Limited Retirement Mode to End of Support.  Once these products transition to End of Support they will no longer be eligible for technical support, firmware updates or hardware replacement (RMA) even if the managing SonicWALL firewall has active support.

More Information

Customers looking to replace their legacy SonicWALL wireless access points should contact their local reseller or SonicWALL Sales Representative for information on SonicWALL’s SonicPoint-N Series which features high-performance 802.11n technology for greater range and better reliability.

Replacement Products

SonicWALL SonicPoint-N Series

  • SonicPoint-N Dual-Radio
  • SonicPoint-Ne Dual-Band
  • SonicPoint-Ni Dual-Band

Additional Information

Please see the SonicWALL Global Support Services web site at http://www.sonicwall.com/us/support.html.

 

Homeland Secure IT is happy to partner with SonicWALL to provide sales, service and support of the entire line of SonicWALL products. If we can assist in any way, please call us at 864.990.4748 or email info@homelandsecureit.com