An Office 365 vulnerability gives hackers access to encrypt files on SharePoint and OneDrive that can’t be recovered without ransom.
Read More
COVID-19 has become a critical threat to Ohio and the nation, and precautions have been put in place to help slow the threat.
thinkCSC has been closely tracking a global ransomware attack called “WannaCry” and all thinkCSC managed services clients are safe.
We have received several reports from clients who are receiving suspicious emails from Xerox WorkCentre, whether or not they actually use the device.
If you receive a message with “Scanned Image from a Xerox WorkCentre” as a subject and a zip file as an attachment, DO NOT OPEN IT FOR ANY REASON.
As a general practice, no company or device (copier, fax machine, scanner) will ever send you a zip file. You may receive zip files from individuals, but companies and services will not typically send zip files; always proceed with caution.
The Service Desk is always available to answer questions if someone is unsure of a file or attachment. Please contact us if you have opened the email or receive suspicious emails in the future.
thinkCSC is issuing a security alert regarding .TIFF files. Zero-Day attacks targeting Windows users has been detected by Microsoft and is already affecting people in Asia an the Middle East. It is expected to spread to the U.S. and Europe very quickly. This vulnerability enters your system when you open a .TIFF file and allows the attacker (potentially on a remotely hosted computer) to gain administrative access to your system and network.
Security Alert
It is imperative that you refrain from opening any questionable .TIFF file, as the messages are often constructed to make the user believe they are coming from a trusted choice.
While Microsoft is working to develop a patch to protect users, at this time, current antivirus and firewall solutions are unable to prevent infection. Most vulnerable are Microsoft Office users who are running Windows Vista or Windows Server 2008. Microsoft Office 2003 through Office 2010 are impacted in this zero-day attack.
What Are .TIFF Files?
From Adobe: TIFFs are a file format popular with graphic designers and photographers for their flexibility, high quality, and near-universal compatibility. Learn more about these raster graphic files and how you can put them to use in your next project.
If you have any questions or believe you have been a target of this threat, please contact our team at your earliest convenience.
thinkCSC is issuing an urgent security alert regarding OS X Mavericks updates.
We are receiving a number of reports from clients that the latest updates are creating major compatibility, hardware driver, file sharing, and printing compatibility issues, as well as other problems. We recommend that you refrain from installing the OS until you check with us in order to avoid downtime. Apple is providing OS X Mavericks under the normal updates section with no cost associated with the update.
Because of the issues we’re seeing, we believe the wisest approach is to contact our tech team first and make sure you will not experience any of the compatibility issues being reported. If you have already run the update and you’re experiencing problems, please let us know. If you have any questions or need assistance with your update, please contact our team at your earliest convenience.
You can see all of our security alerts by visiting thinkCSC security alerts.
What Is OS X Mavericks?
From Wikipedia: It is the 10th major release of macOS, Apple Inc.’s desktop and server operating system for Macintosh computers. It was announced on June 10, 2013, at WWDC 2013, and was released on October 22, 2013, worldwide.
Recently, several of our clients have been exposed to a new variant of malware which is becoming known as Crypto Locker. Antivirus vendors are working diligently to combat the virus. However, it is still possible for the malware to infect the machine even if it has current, up-to-date antivirus protection.
Crypto Locker specifically targets Word, Excel, PDF and possibly other file types. It encrypts the files and makes them unusable. Typically, a single machine (or more) on a network becomes infected. The malware proceeds to modify all of the specific files on that machine, as well as any files that machine has access to on its network, including mapped drives to shared servers. One infected machine can quickly spread, making nearly all company files stored on the network unusable.
On the machine that is actually infected, you will likely see a pop-up called CryptoLocker stating that your files have been encrypted and try to ransom you to pay hundreds of dollars to have them unencrypted.
thinkCSC would advise you to not pay them any money or give them any information.
It is unlikely that paying them will result in fixing your issue and this will likely result in fraud and other problems. It is important that these issues be reported as quickly as possible. The infected machine should be shut down and removed from the network.
On machines that are uninfected but trying to access files that have been changed by Crypto Locker, you may receive errors like ‘File is not in a recognizable format,’ ‘<Filename> cannot be opened because it is an unsupported filetype or has been damaged,’ and other variations of those messages.
The fix? In most cases, there is not one. The only tried and true solution, until Antivirus vendors are able to adapt, is to restore from backups. If you have an antiquated or untested backup system, possibly including tape backups, this could become quite problematic and lead to extensive downtime.
There are several lessons to learn from this. First, it is important to have a strong, automated backup solution that runs on a regular basis. Second, that backup solution should have monitoring and be tested on a regular basis. Third, point in time and time to restore need to be taken very seriously. If you only backup once day, you will likely lose an entire day or more of data should you need to restore. Time to restore is another important consideration. If you have to bring in tapes from offsite and then perform a restore, it will take longer before you and your data will be on working terms again. Fourth, it is always important to have currently licensed, updated Antivirus. This is a first line of defense and not a perfect solution that will stop 100% of all threats, so it is also important to have a complete protection system including email security, strong firewall, antivirus, and a comprehensive automated backup solution and patch management.
If you have been infected by this malware or would like to discuss thinkCSC’s Managed Services Program, Backup & Disaster Recovery (BDR) Solution, or any other concerns, please contact your account executive or contact us today.
Recent Comments