by Mike Wilson
Posted on 2018-01-13 00:27:10
As you may have seen in the news, last week the technology world was shaken by the disclosure of two vulnerabilities in modern processors, known as Meltdown and Spectre. These vulnerabilities are unusual, in that they target the CPU directly, which means that the operating system is not the source of the problem. In other words, any server, PC, mobile, or embedded device running an affected processor is vulnerable and will need to be patched.
Though these vulnerabilities are unusual in some ways, Meltdown and Spectre are similar to other vulnerabilities in the ways that they can be exploited. To exploit these vulnerabilities, an attacker must execute malicious code on a vulnerable system, via such means as an email attachment, browser plugin, or document macro. This means that normal digital hygiene practices apply very well to this situation.
To eliminate your exposure to these vulnerabilities, be sure to stay current on security patches for all network connected devices; including servers, PCs, and also network printers, firewalls, etc. Patches have already been released by Microsoft for Windows 10, and by Apple for Mac OS and iOS. Microsoft will be releasing patches very soon for the other supported versions of Windows, and other vendors are already rolling out patches, as well.
In addition to operating system updates, PC and Server hardware manufacturers have released their own patches that cannot be installed via typical operating system update procedures. These updates can be obtained via the manufacturer’s website and installed manually. Some manufacturers have their own automatic update mechanisms. For example, if you have a Dell PC running the Dell Command Update client, then you will automatically receive a notification when a BIOS update is available.
If you have any questions or concerns about your network security, please don’t hesitate to email us at firstname.lastname@example.org or call us at 541-342-5531.
by Feynman Group
Posted on 2014-04-11 18:07:49
Heartbleed is a bug in OpenSSL, a technology used by Internet services to encrypt and keep user data secure. OpenSSL is an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Modern Web security relies heavily on these two protocols. The “Heartbleed” bug was first reported on Monday April 7th. It allows anyone with Internet access to read small pieces of memory from the systems using OpenSSL. Using this vulnerability, the attacker can get 64KB of memory from the server. This can be repeated many times, and with each try, the attacker can get a random 64KB piece of memory from the server. What this means is that the attacker can obtain virtually anything that’s in the server’s memory, including usernames, passwords, and SSL private keys. This is a major security risk.
Leaked private keys allow the attacker to decrypt any past and future traffic to the protected services, and impersonate the service at will. Any protection given by the encryption and the signatures in the certificates can be bypassed. Recovery from this leak requires patching the vulnerability, revocation of the compromised keys and reissuing and redistributing new keys. Even after going through these processes, the bug will leave any traffic intercepted by the attacker in the past still vulnerable to decryption.
This vulnerable code was introduced in OpenSSL in version 1.0.1 which was released in March 2012, which means that potentially some attackers have been eavesdropping SSL encrypted communications ever since. OpenSSL is used by some of the most popular server software such as Apache and nginx whose combined market share is over 66 percent, which makes this potentially a global problem.
It is impossible to know if you were ever a victim of this attack because it does not leave traces. The logs on the server will not show any malicious activity. You can however test and see if a site is vulnerable to this bug using one of these tools:
The bug mainly creates problems on Web and email servers, where system administrators should update to a version OpenSSL 1.0.1g or newer. PCs, Macs and mobile devices are not directly affected and antivirus software cannot help with Heartbleed.
There are a few things that every Internet user should do. Consider changing your passwords on your Yahoo, Flickr, and Tumblr accounts as security researchers were able to get usernames and passwords out of Yahoo’s servers using this bug right after it become public. Also, consider changing your Google, Facebook and Dropbox accounts as they also confirmed that those were vulnerable to this bug. There isn’t any news about people getting their accounts within these services hacked, but since this attack leaves no traces, there is a chance some of them were compromised.
On the bright side, most servers that run Microsoft software weren’t affected by Heartbleed, as well as plenty of other sites, including Apple, Amazon, eBay, PayPal and most major banks.
By: Mite Tashev
by Feynman Group
Posted on 2014-02-25 18:39:53
Microsoft is ending support for Windows XP after April 8th 2014. What does this mean exactly you might ask? Systems on your network running Windows XP after April 8th 2014 will no longer receive security updates or technical support from Microsoft. Security updates are released to patch vulnerabilities found in the operating system that allow malicious users and applications pathways to access the data on your computer. Computers in your environment running Windows XP will continue to function as they have for years, however after April 8th 2014 computers running Windows XP should not be considered protected. The more time that goes by after April 8th, the more vulnerabilities there will be that are unpatched. It is recommended that you upgrade your operating system to Windows 7, or Windows 8.1 to continue to receive security updates from Microsoft.
Reasons to migrate away from Windows XP (directly taken from Microsoft’s Website http://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx )
Without critical Windows XP security updates, your PC may become vulnerable to harmful viruses, spyware, and other malicious software which can steal or damage your business data and information. Anti-virus software will also not be able to fully protect you once Windows XP itself is unsupported.
Businesses that are governed by regulatory obligations such as HIPAA may find that they are no longer able to satisfy compliance requirements. More information on HHS’s view on the security requirements for information systems that contain electronic protected health information (e-PHI) can be found here (HHS HIPAA FAQ – Security Rule).
Lack of Independent Software Vendor (ISV) Support:
Many software vendors will no longer support their products running on Windows XP as they are unable to receive Windows XP updates. For example, the new Office takes advantage of the modern Windows and will not run on Windows XP.
Hardware Manufacturer support:
Most PC hardware manufacturers will stop supporting Windows XP on existing and new hardware. This will also mean that drivers required to run Windows XP on new hardware may not be available.
By: Nate Martin
by Feynman Group
Posted on 2012-06-27 17:02:28
Feynman Group is a dedicated and proud sponsor of multiple community service based organizations in Lane County. Over the past two seasons, Feynman has been a core partner and sponsor of Eugene Little League baseball, a 100% volunteer based organization committed to getting kids out of the house and onto the baseball field! Eugene Little League services the greater part of Eugene and surrounding areas and is for both boys/girls ages 5 to 15 years of age. Little League is an “instructional based” organization emphasizes teaching, mentoring and positive reinforcement for all who play.Read More
by Feynman Group
Posted on 2012-06-15 23:00:39
Jonathan Brandt, owner Journey Tree, Inc., decided to move his offices in November of 2011 to the Citizens Building in downtown Eugene. He also decided it was time for a new phone system after 15 years of the old one. “It was an easy decision as a business owner” to invest in the new Cisco UC Platform said the Financial Planner.
After the successful move Jonathan will use Feynman Group for their IT support too. “I found Feynman Group is valuable because they are a one-stop solution” says Jonathan and “I need to focus on what I’m good at and what I enjoy which will benefit my clients.” He names a couple technicians he has noticed to be very “knowledgeable and “pleasant.” He emphasizes that he doesn’t want to have to think about the IT for his company, but feels good he can trust in FG. “It’s great to have one source for all these things they do and if they weren’t exceptional it wouldn’t be valuable.”Read More