New keyboard shortcuts for Windows 10 users

By EDITOR 

Since its release back in 2015, Windows 10 continues to receive updates and new features. This time, users are greeted with some new keyboard shortcuts that will make life easier. Here are our top picks that can be extremely helpful to your daily operations.

Windows Snapping

If you’ve never used Windows Snapping, you’re missing out on one of Windows 10’s key features. Known as Aero Snap on Windows 7, the snapping feature allows you to snap windows vertically on top of each other. You can even snap windows to a 2×2 grid for better multitasking. Simply use these keyboard shortcuts:

  • Windows Key + Left – Snap current window to the left side of the screen
  • Windows Key + Right – Snap current window to the right side of the screen
  • Windows Key + Up – Snap current window to the top of the screen
  • Windows Key + Down – Snap current window to the bottom of the screen

You can also combine these shortcuts to snap your current window into a corner like top left, top right, and more.

Task Views

This window management feature allows you to see all your opened windows so you can quickly return to a specific program or document. This is particularly useful if you have multiple windows open at once. In addition to clicking the Task View button on the taskbar to open it, these keyboard shortcuts will do the trick:

  • Windows Key + Tab – Open a new Task View interface with windows from your current virtual desktop appearing in the Task View list. To switch between virtual desktops, simply use the virtual desktop switcher at the bottom of the screen.
  • Alt + Tab – While not a new keyboard shortcut per se, it allows you to switch between open windows on all virtual desktops.
  • Ctrl + Alt + Tab – This is similar to Alt + Tab but the thumbnails stay on the screen even after you release all the keys.

Virtual Desktop

A great way to stay organized, this nifty feature lets you use an unlimited number of virtual desktops so you can dedicate each of them for certain functions. For instance, one could be used solely for work with all your business software and the other for entertainment. Some keyboard shortcuts to help you quickly manage your virtual desktops include:

  • Windows Key + Ctrl + D – Create a new virtual desktop and switch to it
  • Windows Key + Ctrl + F4 – Close current virtual desktop
  • Windows Key + Ctrl + Left/Right – Switch to the virtual desktop on the left or right

If you’re looking for ways to boost productivity, or have any questions about how Microsoft Windows can help streamline your operations, just give Lanlogic a call. Our IT experts are more than happy to help.

Posted in Uncategorized | Leave a comment

Warning signs your computer has malware

By EDITOR 

With the rise of eCommerce and online banking, cybercrime has evolved. Like criminals who pull smash-and-grab jobs, they go where the money is. However, unlike bank robbers, cybercriminals do their best to avoid detection by letting malware do the work for them. Viruses and ransomware sneak into PCs to quietly steal passwords, financial credentials, and other personal information to be sold on the black market for profit. Not all malware is stealthy though. Here are some telltale signs.

Slow computer

Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, just because your PC is running slower than usual doesn’t necessarily mean that it’s infected, as there could be other causes to your computer slowing down. First, check if you’re running out of RAM. For Windows, open task manager (press Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM are used up under the Memory section. For Mac OS users, you can open the Activity Monitor app and, under System Memory, you should be able to find out your RAM usage.

Other causes could include lack of space on your hard drive or even damaged hardware. Once you’ve ruled out other possible causes, then malware may have infected your device.

Blue screen of death (BSOD)

If your PC crashes regularly, it’s usually either a technical problem with your system or a malware infection. You might not have installed the latest drivers for your device or the programs you’re running could possibly be incompatible with your hardware. If none of these problems are apparent in your PC, then a virus could be clashing with other programs and causing your crashes.

To check what caused your last BSOD, go to Control Panel > System and Security > Administrative Tools > Event Viewer and select Windows Logs. Those marked with “error” are your recorded crashes. For troubleshooting solutions, consult forums or your IT department to figure out what to do next.

Lack of storage space

There are several types of malware that can manipulate and corrupt the files saved on your computer. Most tend to fill up your hard drive with suspicious files. Ransomware, for example, is a notorious type of malware that denies you access to your data until you pay a so-called ransom. There are more aggressive forms of ransomware, like NotPetya, known for exploiting security holes to infect computers without needing to trick users.

If you find any unknown programs that you have never installed before, notify IT personnel in person immediately (do not email them) and have them handle the situation for you. Your device might not be the only one in your network that is infected with suspicious programs.

Suspicious modem and hard drive activity

Combined with the other warning signs, if your hard disk is working excessively while no programs are currently running or if you notice that your external modem is always lit, then you should scan your computer for viruses.

Pop-ups, websites, toolbars, and other unwanted programs

Pop-ups come from clicking on suspicious pages, such as those where users are asked to answer survey questions to access a website’s service or install free applications. While they’re inherently harmless, they could be downright annoying. Refrain from clicking pop-up pages and just close them instead. Run malware scans and update your browsers.

You might think that downloading free applications is harmless, but the installation process can inject malware into your device. When you’re installing a program from the internet or even app stores, it’s easy to just skim over the terms and conditions page and repeatedly press next. This is where they get you. In the process of skipping over certain installation steps, you might have agreed to accepting a new default browser and opening unwanted websites and other programs filled with viruses. Be cautious when downloading something for free.

You’re sending out spam

If your friends are telling you that you’ve been sending them suspicious messages and links over social media or email, you might be a victim of spyware. Warn your friends not to open anything that appears to be spam and make sure to reset your passwords across all your devices and enable multifactor authentication.

Knowing how malicious software affects your computer can help you take the necessary precautions and steps to rectify the situation as soon as possible. Regardless of whether or not your system has experienced these symptoms, it’s always smart to perform regular malware scans to ensure your business is safe. To find out more about malware and IT security, contact Lanlogic today.

Posted in Uncategorized | Leave a comment

Understanding HTTPS

By EDITOR 

Are you an avid online shopper? Have you noticed if each payment page has HTTPS in its URL lead-up? If you’re not absolutely sure, you might be a prime target for identity theft. Here’s why you should make sure that the websites you browse for shopping have a little padlock icon on them in the URL bar.

HTTPS Encryption

When you visit a website that doesn’t use HTTPS, which is common with older websites that have been left on its domain with minimal intervention, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be decrypted by anyone with even the most basic tools.

HTTPS Certificates

The other thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website.

The problem is that if your computer is hacked, it could be tricked into directing www.google.com to the address 8.8.8.255, for example, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials.

HTTPS creates a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a fraudulent website.

What this means for daily browsing

Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:

If your browser marks a website as “unsafe”, it is always best to err on the side of caution; do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.
There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is a reliable Firefox, Chrome, and Opera extension that encrypts your communications with websites).
HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site. Many unscrupulous cybercriminals utilize similar spellings of legitimate websites to fool people into thinking that they are in a secure site. Always be vigilant.
Avoid sites that don’t use the HTTPS protocol — it can be as simple as that.

When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give Lanlogic a call.

Posted in Uncategorized | Leave a comment

Why you need managed services in healthcare

By EDITOR 

Cybercriminals are increasingly targeting the healthcare industry for its perceived vulnerability. Nowadays, more and more hospitals are realizing that overall patient care not only involves medical attention, but also entails securing patient data. For many healthcare organizations, it’s crucial to work with the right managed services provider (MSP) to ensure transactions are seamless and patient data is constantly protected.

They guarantee response times

When it comes to providing healthcare services, talking about fast response times is not the only thing that matters. You should always make sure that your provider guarantees response times, and that you’re able to contact them 24/7. Consider this: in a scenario where something breaks or you come across technical issues in the dead of the night, your best bet would be to contact your MSP, not to try fixing things on your own. Therefore, you need a provider who is able to give assistance whenever you need it most.

They support a business continuity plan

You risk putting your organization in jeopardy if your MSP can’t assist in your recovery from major outages or natural disasters. A business continuity plan is absolutely necessary in your healthcare organization — you simply can’t afford to lose all your valuable medical data in the event of a disaster. You need all the help you can get from your IT provider to maintain redundant systems, as well as help manage automatic failovers.

They provide proactive security

In the world of healthcare data security, aligning your practice with HIPAA compliance mandates is essential. Failing to meet regulations may result in huge fines, serious penalties, and even the withdrawal of your license to operate. The ideal MSP should offer core security services that include identity-based security and encryption, authorized privileges and access control, and data accountability and integrity.

They offer staffing services

Healthcare staffing shouldn’t be a hassle, but thanks to the changing dynamics of healthcare IT, that’s exactly what it can become. You need an MSP that assumes full responsibility for your clinical labor while providing you with a single point of contact for all your staffing operations, including account management, customer support, order placement, and more.

Choosing the right MSP can be tedious, but when you do make the switch, they can streamline your operations, reduce operational costs, and enhance workforce transparency.

If you want to learn how great technology and support can benefit your healthcare practice, get in touch with Lanlogic today. We provide the perfect set of healthcare IT solutions and outstanding support to drive your organization forward.

Posted in Uncategorized | Leave a comment

A closer look at fileless malware

By EDITOR 

To avoid detection by antimalware programs, cybercriminals are increasingly abusing legitimate software tools and legitimate programs in systems to steal data or ruin its integrity. They use fileless malware to infiltrate trusted applications and issue executables that blend in with normal network traffic or IT/system administration tasks while leaving fewer footprints. Ultimately, your business could be at risk. Let’s see why.

What is fileless malware?

Fileless malware is stored in random access memory (RAM) instead of on the hard drive. In a typical fileless infection, payloads can be injected into the memory of existing software or applications by running scripts within whitelisted or authenticated applications such as PowerShell, which is designed to automate system administration tasks such as view all USB devices, drives, and services installed in the system, schedule a series of demands, or terminate processes (i.e., Task Manager).

Because there are no files to trace, fileless malware escapes detection from most antimalware programs, especially those that use databases of precedents. Furthermore, most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a difficult time establishing where to start looking. Fileless malware isn’t as visible compared to traditional malware. They employ a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s process and the infrastructures that run them.

Fileless malware by the numbers

Cybersecurity firm Kaspersky Lab first discovered a type of fileless malware on its very own network a couple of years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

In November 2016, attacks using fileless malware saw an uptick of 13% according to a report. In the same quarter, attacks surged 33% compared to the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on more than 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, cybersecurity firm Trend Micro detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely your business would have been targeted in the earliest stages of this particular strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations do?

While your business might not be in immediate danger, you should employ solutions that analyze trends in behavior. It is also wise to invest in a managed service provider that offers 24/7 network monitoring, proper patches, and software updates. Call Lanlogic today to get started.

Posted in Uncategorized | Leave a comment

Easy fixes to your Wi-Fi issues

From answering emails and using online productivity suites to browsing Facebook and streaming YouTube videos, a fast and reliable internet connection is a must. But what do you do when there are connectivity and speed issues? Here are some solutions to five of the most common Wi-Fi worries.

Range constraints

Wi-Fi works via radio waves that are broadcast from a central hub, usually a piece of hardware known as a router. To avoid a weak signal in your office, make sure:

  • Your router is placed in a centralized location and not tucked away in the corner.
  • Your Wi-Fi antennae are either in a fully horizontal or vertical position for optimal signal distribution.

Note that Wi-Fi range constraints can also occur from interference, so if your office is situated in a highly populated area, try changing your router’s channel.

Slow speeds

Despite a high-speed or fiber optic internet connection, slow load times can still occur for a number of reasons. To optimize speeds, try the following:

  • Make sure your router is located in the same room as the devices connecting to it.
  • Install more routers to better accommodate a high number of connected devices.
  • Close bandwidth-intensive applications such as Skype, Dropbox, YouTube, and Facebook.
  • Disable your router’s power-saving mode.
  • Create a new router channel to avoid network bottlenecks.

Connection issues

We understand how frustrating it can be when the Wi-Fi network shows up on your device but still won’t connect. Before you give up, these solutions might help:

  • Determine whether your Wi-Fi connection is the problem or if your internet is down by plugging your laptop directly into the router via an Ethernet cable. If you can’t get a connection, then Wi-Fi isn’t the culprit.
  • Factory reset your router with a paperclip or a pen and hold down that tiny button for about 30 seconds.
  • Try rebooting your device.

Unstable connections

Random hiccups in your Wi-Fi connection are normal from time to time. However, if they become a constant nuisance in your office, try the following quick fixes:

  • Move your router to a different spot or even a different room.
  • Avoid having too many routers in the same location, as that can confuse your device.

Network not found

Router glitches can result in your Wi-Fi network not appearing at all. Two solutions that can resolve this problem are:

  • Disconnecting the router from the power source and waiting at least 30 seconds before reconnecting it.
  • Replacing an old router; if it’s over three years old, you’re probably due for a replacement.

When you experience Wi-Fi issues, these tips will help you avoid serious downtime. But if you’d rather have a dedicated technology provider take care of your hardware needs, give Lanlogic a call and we’ll be happy to help.

Posted in Uncategorized | Leave a comment

Top security threats to financial services

By EDITOR 

Hackers go for the gold. This means that banking information makes for the number one target. These cyberattacks lead to the theft of large sums of money, undermine the economic stability of individuals and organizations, as well as destroy the reputation of banks and other financial institutions. When these incidents occur, the damage can be irreversible and substantial. As such, business owners should learn about the evolving security threats and identify the modus operandi of cybercriminals. Let’s take a closer look.

Extortion
Distributed denial of service (DDoS) attacks, which are typically delivered from massive botnets of zombie computers or internet of things (IoT) devices, have been used to bring down banking networks. This occurs when a targeted server or system is overwhelmed by multiple compromised networks. It’s essentially like a traffic jam clogging up the highway, preventing regular traffic from arriving at its intended destination.

Some cybercriminals are relentless with DDoS attacks and follow them up with cyberextortion, demanding payment in return for release from costly downtime. Banks cannot defend against these attacks alone, so they rapidly share information among themselves through organizations such as FS-ISAC4 and rely upon the ability of their internet service provider to handle and redirect massive quantities of traffic.

Social media attacks
This happens when fraudsters use fake profiles to gather information for social engineering purposes. Thankfully, with new regulations such as the General Data Protection Regulation (GDPR), big companies like Facebook and Twitter have significantly enhanced their security and privacy policy with regards to their data handling practices. The unprecedented reach of social media is something companies cannot afford to ignore because of the possible implications a data breach can have on businesses.

Spear phishing
Spear phishing is an attack where cybercriminals send out targeted emails ostensibly from a known or trusted sender in order to trick the recipient into giving out confidential information. Over the years, hackers have upped their game and cast a bigger net, targeting unwitting employees to wire money. This attack is called business email compromise (BEC), where a fraudster will purport to be a CEO or CFO and request for large money transfers to bogus accounts.

Point-of-sale (PoS) malware
PoS malware targets PoS terminals to steal customer payment (especially credit card) data from retail checkout systems. Cybercriminals use a memory scraper that operates by instantly detecting unencrypted type 2 credit card data, which is then sent to the attacker’s computer to be sold on underground sites.

ATM malware
GreenDispenser is an ATM-specific malware that infects ATMs and allows criminals to extract large sums of money while avoiding detection. Recently, reverse ATM attacks have also emerged. Here, PoS terminals are compromised and money mules reverse transactions after money is withdrawn or sent to another bank account. In October 2015, issuers were mandated to shift to EMV or Chip-and-PIN system to address the weakness of the previous payment system.

Credential theft
Dridex, a well-known credential-stealing software, is a banking Trojan that is generally distributed through phishing emails. It infects computers, steal credentials, and obtain money from victims’ bank accounts.

Other sophisticated threats
Various data breach methods can be combined to extract data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organized crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATMs of cash.

Additionally, with the rise of cryptocurrency, cybercriminals are utilizing cryptojacking, a method that involves the secret use of devices to mine cryptocurrency.

The creation of defensive measures requires extensive knowledge of the lurking threats, and our team of experts is up to date on the latest security information. If you have any questions, feel free to contact Lanlogic to find out more about TTPs and other weapons in the hacker’s toolbox.

Posted in Uncategorized | Leave a comment

Lessons from a disaster recovery plan audit

By EDITOR 

Why do some companies fail their disaster recovery plan (DPR) audit? Perhaps because they did not get the right information for it. They say experience is the best teacher; thus, nothing beats what you can learn from real-world case studies. See what you can learn from the following case.

Hosting certain types of data and managing a government network legally bind you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures led to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan.

Update and test your plan frequently
What was one of the first and most obvious failures of the department’s DRP? It didn’t include plans to restore an essential piece of their infrastructure — the department’s intranet. Without it, the employees are unable to complete even the most basic of tasks.

The reason for the oversight? The last time the plan was updated was in 2011, leaving out more than six years of IT advancements. If annual revisions sound like too much work, just consider all of the IT upgrades and improvements you’ve made in this year alone. If they’re not accounted for in your plan, you’re destined to fail.

Keep your DRP in an easy-to-find location
It may seem a bit ironic that the best way to store your top-of-the-line business continuity solution is in a binder, but the Michigan Department of Technology and Budget learned the hard way that the alternatives don’t work. Auditors found the DRP stored on the same network it was meant to restore. Which means if something had happened to the network, the plan would be totally inaccessible.

Your company would do well to store electronic copies on more than one network in addition to physical copies around the office and off-site.

Always prepare for a doomsday scenario
The government office made suitable plans for restoring the local area network (LAN), but beyond that, there was no way for employees to get back to work within the 24-hour recovery time objective.

Your organization needs to be prepared for the possibility that there may not be a LAN to go back to. Cloud backups and software are the best way to keep everything up and running when your office is flooded or crushed beneath a pile of rubble.

Your DRP is more than just a pesky legal requirement. It’s the insurance plan that will keep you in business when disaster strikes. Our professionals at Lanlogic know the importance of combining both academic and real-world resources to make your plan airtight when either auditors or blizzards strike. Message us today about bringing that expertise to your business.

Posted in Uncategorized | Leave a comment

Get your network gear ready with UPS

By EDITOR 

Clever business owners utilize an uninterruptible power supply (UPS) during disasters like fires, storms, and other emergency situations. A UPS is usually set up for desktop computers to give users enough time to save their work and progress. Another useful power-saving plan for emergency situations would be to use a UPS for networking gear.

UPS for network equipment

UPS systems provide backup power in case of outages and protection against power surges, which don’t just damage computers but also make you lose unsaved work. Deploying them for Wi-Fi routers and modems allows you to stay connected to the internet during these  typically chaotic instances.

Moreover, it makes sense to not just keep your PCs powered up, but to also have internet access during a disaster. This strategy works relatively well if your staff are predominantly laptop users, as that means you only need to juice up your Wi-Fi gear.

Better than generators

Although generators are indispensable for certain businesses, they also require greater upkeep. Small- and mid-sized businesses may not have enough capacity to maintain them because they typically require a utility crew who can manage high-maintenance equipment.

What’s more, misusing or mishandling generators could result in generator-related fatalities. On the other hand, misusing a UPS unit could result in the loss of a day’s work, but it’s unlikely to lead to anything as extreme.

Why internet access is important during a disaster

UPS-supported modems or routers help you stay online for as much as 90 minutes, which should be enough time to get your bearings before power finally runs out. Internet service providers are usually prepared for catastrophes and would normally have an emergency power source to stay operational. And if you can stay online via Wi-Fi during an emergency, you get the following benefits:

  • Internet speed that’s faster than cellular access
  • No extra telecom costs resulting from overreliance on cellular data
  • All devices stay online using a stable Wi-Fi connection
  • Devices don’t have to rely on cellular data-equipped phones for internet connection

Plug in your network gear now

Businesses that aren’t located in disaster-prone areas probably don’t give much thought to installing UPSs for their computers, let alone their modems. But accidents and emergencies are inevitable. And when they happen, you’ll find that having internet access is one of the most important things you need to ensure business continuity.

Think of an emergency power supply source like a UPS as an investment that not only protects your systems from data loss but also keeps your Wi-Fi equipment functioning in emergency scenarios. Call Lanlogic today for productivity-saving tips and other hardware hacks for your business.

Posted in Uncategorized | Leave a comment

Phishing through VoIP: How scammers do it

By EDITOR 

Many businesses nowadays are well-armed against email-based phishing scams, which is why scammers have moved over to VoIP (Voice over Internet Protocol) scams. Through “vishing scams,” hackers can pretend to be bank representatives and convince your employees to provide confidential financial details via a seemingly innocuous VoIP call. Take a look at why vishing is on the rise to understand how to keep your business from falling victim.

VoIP makes it easy to create fake numbers

One of the main reasons vishing scams are increasing in frequency is the ease by which cybercriminals can hide their tracks and escape with minimal risk of detection.

Using a fake number, scammers can contact your employees, pretend to be a representative of a bank or government agency, ask for sensitive information — such as salary information, account numbers, and company intellectual property — and get away with it. Scammers can also manipulate local numbers to emulate multinational banks, which they will then use for various VoIP scams.

VoIP is easy to set up and difficult to track

It isn’t very difficult to configure a VoIP system, and this makes fraudulent phone calls or messages an easy thing to accomplish. Scammers only need to know the basics of a VoIP setup.

VoIP hardware such as IP-PBXs, IP phones, and routers are also inexpensive and quite easy to access. Hackers can conveniently connect these equipment to PCs for the purposes of recording phone calls and stealing information from conversations.

Also, fake numbers are difficult to track because they can be ditched at any time. And with advanced voice-changing software widely available nowadays, a vishing scam is much easier to pull off.

Caller ID can be tampered with

In some vishing scams, attackers don’t even have to destroy a number to cover their tracks. Instead, they can trick users into thinking that they’re talking to a legitimate Microsoft technical support staff, a PayPal representative, or a fraud investigator, simply by tampering with the caller ID.

VoIP scamming is cost-efficient

Traditional phones are still used for phishing scams, but they don’t compare to the efficiency VoIP affords, which allows attackers to target victims all over the globe at a fraction of the cost. Cybercriminals resort to VoIP scamming because the price per call is much lower. Vishing scammers are sneaky and resourceful, and they will exhaust all possible means to attack your systems for profit — and that includes your VoIP channels.

Protecting yourself is simple

To protect against VoIP-based scams, set stringent policies on information-sharing and impose strict security processes for all business communications. Informed and aware employees are key to making sure that scammers are held at bay. Protect your company against all types of scams by getting in touch with Lanlogic today.

Posted in Uncategorized | Leave a comment