Category: News and Events

Simplify your Business Networks with Citrix SD-WAN!

Arby News and Events , , , , ,
Simplify your Business Networks with Citrix SD-WAN!

You may have heard by now of the new technology that’s been getting a lot of buzz over the past years, software-defined WAN or SD-WAN.  This exciting technology enables organizations to reduce network complexity and cost while improving flexibility, security, availability, and visibility.  Citrix has made use of this technology and improved on the concept into what is now known as Citrix SD-WAN.

Citrix SD-WAN builds reliable WAN from different network links such as MPLS, broadband, 4G LTE, Satellite, etc.  It also is able to constantly monitor the condition of every link with its unique per-packet selection algorithm which also makes use of instant path selection decisions as each packet comes into the SD-WAN for transmission.  In turn, results in having the best path chosen at each given moment.  When users or the applications they use request for more bandwidth, Citrix SD-WAN can distribute the traffic using all available links which creates a secure virtual path through the aggregation of all of the individual links, so no link stays passive.

When your network has issues with bandwidth usage, the improvement of performance that users will see is not only felt through more bandwidth, but through the enablement of QoS control over link types that don’t usually provide QoS such as the internet.

Some key features in which Citrix SD-WAN can simplify your business network:

Centralized management and configuration of all devices. leveraging the use of templates for WAN, QoS and Firewall configurations. No more logging into each branch router to add a QoS rule or access-list for a new application – you just add to a global template and it’s automatically updated on all branches.

Zero Touch Deployment (ZTD). It makes a huge difference in large scale deployments. The branch appliances can automatically connect to the Citrix ZTD service in the cloud and download the required configuration, licenses, and software updates. No need to login to the appliance, just plug the cables. All controlled from the central management and secured by built-in authentication.

Improved visibility. Since all traffic passes through SD-WAN, it can give you a much deeper understanding of what is going on in the network, up to the application-level with its built-in DPI (Deep Packet Inspection) capabilities. Not only will you get visibility into the most used applications, it can also provide application-level QoE (Quality of Experience) measurements.

To learn more about Citrix SD-WAN, you can check out our Citrix Product page here or contact us directly at 893-9515 and we will be happy to answer your inquiries!

New Vulnerability aLTEr Discovered by Researchers

Arby News and Events , , , , , , , ,
New Vulnerability aLTEr Discovered by Researchers

Researchers from Ruhr-Universität Bochum & New York University Abu Dhabi have recently discovered three types of attacks/vulnerabilities for devices using Long-Term Evolution (LTE) network protocol that cyber criminals can use to steal your data.  The researched team has dubbed the attacks as “aLTEr”.  With LTE (a form of 4G) as a standard in the mobile communications industry, many of their users can be affected by these new attacks.  However, according to the researchers, the efforts in which to do these attacks are so high that they will most likely only target those of special interest like politicians or high-level management of corporations.

aLTEr attacks can either be passive or active in nature.  The passive attacks are considered so as they do not directly interfere with network connections, what they cyber criminals do are to release a type of tool in which they use to eavesdrop on the activities of the user.    This means that they can monitor your internet activities and collect information on the user’s habits on the internet and use it to their advantage.

An active attack on the other hand, makes use of the middle-man method.  Through the vulnerability found within the data layers, attackers are able to intercept your traffic with the network.  They are able to fool the network into thinking that they are the user and vice versa so that they may redirect you to a malicious website rather than the intended destination so that they may try to steal your data or infect your device without you nor the network knowing.

Although stated that this is not vulnerabilities which will affect the majority of LTE users, there are still those at risk.  The researchers have recommended the following steps you can take to avoid prevent these attacks:

  • Update the specification. A specification updates means that the implementation of all devices must be changed, which leads to a high financial and organizational effort. This is likely not feasible in practice.
  • Correct HTTPS configuration. Using correct parameters for HTTPS (especially HTTP Strict Transport Security (HSTS)) helps to prevent the redirection to a malicious website. It can act as an additional layer of protection.
  • Virtual Private Network (VPN). Using VPN tunnel with integrity protection and end point authentication helps to prevent the attack. The VPN tunnel acts similar to HTTPS as additional security layer.

For those interested in an extra layer of defense against attacks like aLTEr, Cisco Umbrella and Cisco AMP for endpoints are the solutions you are looking for.  Cisco Umbrella acts as your first layer of defense as it protects your endpoints from downloading malicious requests such as phishing attempts or infected websites trying to download in the background.  For threats that can’t be blocked by umbrella, such files downloaded by the user outside of the Umbrella network, there is Cisco AMP for endpoints.  Cisco AMP for endpoints can block malware using global data analytics, perform exploit prevention, uses machine learning, perform rootkit scanning, and has a built-in antivirus engine.

To learn more about aLTEr attacks you may read up on the official website.  To learn more about Cisco Umbrella and Cisco AMP for Endpoints, you may call us at 893-9515 for more information!

 

CT Link Tours Bahay Tsinoy!

Arby News and Events , , , ,
CT Link Tours Bahay Tsinoy!

With CT Link Systems, Inc. celebrating its 20th year anniversary in the IT industry this coming November, we have long thought that we should give back to the community that has helped us to reach this big milestone.  As an initiative of the company, CT Link has partnered with Kaisa Heritage Foundation for a CSR activity aimed to help teachers in the community to be able to maximize collaboration tools such as Office 365 to better equip them for there profession and to ultimately help students maximize these tools as well.  Before the actual CSR activity, Kaisa invited our team of volunteers to visit their office to see the venue in which they would be teaching in and as a bonus gave us the opportunity to tour the famous Bahay Tsinoy Museum to learn more about the Filipino Chinese Heritage.

For those of you who are not familiar with Bahay Tsinoy, it is a museum which showcases the history of the Chinese settlers of the early Philippines and how they have affected our culture today.  Below are a few exhibits that can be found in the museum:

  • Gallery of Rare Prints and Photographs- scenes depicting old Chinese occupations, streets of Binondo, prints on turn of the century Chinese life.
  • Ching Ban Lee Ceramics Gallery – tangible artifacts testament to centuries of trade between our two countries.
  • Jimmy Ongking Hall – contains the Tsinoys in Nation Building permanent exhibit of Bahay Tsinoy

To learn more about CT Link’s CSR activity, stay tuned for our article on it which will be coming out sometime this year!  To learn more about Bahay Tsinoy and Kaisa, you can also look at their website here!

(Photo Credit to Ms. Mari Verna Ching from CT Link Systems, Inc.)

Improve workplace Productivity with Microsoft Workplace Analytics and MyAnalytics!

Arby News and Events
Improve workplace Productivity with Microsoft Workplace Analytics and MyAnalytics!

Microsoft’s Workplace Analytics and MyAnalytics leverage data to improve workplace productivity

Do you have trouble multitasking your work tasks such as meetings, appointments and other projects?  If you do, Microsoft things that its data analytics tools may help you juggle these tasks.  They have just recently announced that it will be enhancing their productivity insight products, Workplace Analytics for teamwork and MyAnalytics, so that they may better help put individuals and teams at the center of change.

 

Microsoft has said “Collaboration habits can make or break teamwork, when people run efficient meetings, create time for focused work, and respect work/life boundaries their teams thrive. Putting these habits in place is difficult and takes the support of the entire team. Data can create a common language to help members build consensus on important teamwork norms. By shedding light on how work actually gets done, organizations can build more efficient, creative, and engaged teams.”

Workplace Analytics

Through applied algorithms, Workplace Analytics uses data (emails, meetings, etc.) from Office 365 to identify patterns that affect your productivity, workplace effectiveness, and engagements.  This allows upper management to enroll their respective team members into programs that will help them gain beneficial habits such as setting aside time to do solo projects or bring agendas to meetings.   This helps the team progress toward their goals and tracking it overtime while giving members productivity insights and action plans through Office 365.

MyAnalytics nudges

Besides the updates of Workplace Analytics, Microsoft has also announced an update for MyAnalytics, an insight app for Outlook, called “nudges” which is a collection of collaboration tips which surface in your inbox periodically.  There are four kinds nudges:

Focus Time Nudge

Reminds you to set aside time for focused work before accepting new meetings or appointments

Effective Meeting Nudge

Encourages you to practice good meeting habits such as asking a coworker to fill in for your if your schedule is too hectic.

After-hours Nudge

Discourages you from sending emails after office hours

To-do and Unread email Nudge

Will remind you of tasks you have set for yourself or promised to complete for your team members

Workplace Analytics is now available on preview and MyAnalytics will be available soon.  To learn more about Office 365, please visit our product page or call us at 893-9515 and we will be happy to help!

Security Tips: Business Email Compromise (BEC) Schemes

Arby News and Events , , , , , , ,
Security Tips: Business Email Compromise (BEC) Schemes

Business Email Compromise (BEC) Schemes

In the past few years, millions of dollars have been lost to fraudsters and scammers.  However, not all have been lost through malware attacks such as ransomware.  Business email compromise (BEC) schemes are sophisticated attacks focused mostly on companies who do wireless transfers frequently.  The FBI have estimated that nearly $750 million dollars have been lost to this type of schemes and affected more than 7,000 people between October 2013 and August 2015.  Below are a few versions of the scheme:

 

The Bogus Invoice Scheme

Referred to as “The Bogus Invoice Scheme”, “The Supplier Swindle”, and “Invoice Modification Scheme”. This scam is usually done by using the name of established partners of the business, they impersonate being an employee of the established partner while asking for wire funds for invoice payments to their fraudulent account by using a spoofed email, telephone, or facsimile.

CEO Fraud

Also referred to as “CEO Fraud”, “Business Executive Scam”, “Masquerading”, and “Financial Industry Wire Frauds”. The scammers impersonate high-level executives (CFO, CEO, CTO, etc.), lawyers, or other types of legal representatives while urging the victim that they are handling confidential and time-sensitive matters then pressuring the victim into wire transferring funds to a separate account which they control.

Account Compromise

In this scam, an email account of an employee is hacked and then used to make requests for invoice payments to fraudster-controlled bank accounts. Messages are sent to multiple vendors identified from the employee’s contact list.

Data Theft

This scam usually involves compromising an email of a role-specific employees (usually HR) in the victim’s company, then using the said email to gather identifiable information of other employees and executives which is later used as a jump-off point for more damaging BEC attacks to the company later on.

Below are some quick prevention tips on how you can avoid these types of attacks:

Prevention tips

  • Carefully scrutinize all emails. Be wary of irregular emails that are sent from C-suite executives, as they are used to trick employees into acting with urgency. Review emails that request transfer of funds to determine if the requests are irregular.
  • Educate and train employees. While employees are a company’s biggest asset, they’re also usually its weakest link when it comes to security. Commit to training employees according to the company’s best practices. Remind them that adhering to company policies is one thing, but developing good security habits is another.
  • Verify any changes in vendor payment location by using a secondary sign-off by company personnel.
  • Stay updated on your customers’ habits including the details, and reasons behind payments.
  • Confirm requests for transfer of funds when using phone verification as part of two-factor authentication, use known familiar numbers, not the details provided in the email requests.

 

To learn more about BEC attacks, you can read a more in-depth article from our partner’s, Trend Micro, informative article here.  If you have inquiries that you would like answered about this topic, you can also contact us at 893-9515 and we will be happy to help!

CT Link Becomes a VMware Enterprise Partner!

Arby News and Events , , , , , , , ,
CT Link Becomes a VMware Enterprise Partner!

On June 29, 2018, CT Link officially signed up to become a VMware enterprise partner.  VMware’s core business focuses on support to modernize data centers, integrating public cloud, empowering digital workspaces and transforming security for its clients.  These focuses have helped VMware become one of the leading figures in the virtualization software market and a main reason why CT Link Systems, Inc. has decided to be an official partner focusing on products such as vSphere and vSAN.

VMware vSphere virtualizes and aggregates the underlying physical hardware resources across multiple systems and provides pools of virtual resources to the datacenter. As a cloud operating system, VMware vSphere manages large collections of infrastructure (such as CPUs, storage, and networking) as a seamless and dynamic operating environment, and also manages the complexity of a datacenter.

VMware vSAN on the other hand, is a hyper-converged, software-defined storage (SDS) product that pools together direct-attached storage devices (storage that is used individually and not accessible to others) across a VMware vSphere cluster to create a distributed, shared data store.

For those who are interested in learning more about VMware we will be releasing a more in-depth article on the vSphere and vSAN soon!  If you wish to learn more about it now, you can contact us at 893-9515 and we will be happy to answer your inquires!

About VMware

VMware is a software company that provides virtualization and cloud computing services. It was founded in 1998 and is based in Palo Alto, California. VMware’s software allows users to create virtual machines, which are essentially emulations of a physical computer system. These virtual machines can run multiple operating systems simultaneously on a single physical machine, which can help companies save money on hardware and simplify IT management.

VMware’s virtualization software is used by businesses of all sizes, from small startups to large corporations. It has become particularly popular among organizations that run data centers or operate large-scale cloud computing environments. VMware’s software can help these businesses to maximize their hardware resources, reduce downtime, and improve the reliability of their IT infrastructure.

In addition to its virtualization software, VMware also offers a range of cloud computing services. These services include vCloud Director, which allows businesses to create and manage virtual data centers in the cloud, and vSphere, which provides a platform for running and managing virtual machines in the cloud. VMware also offers a range of cloud-based applications and services, including VMware Cloud on AWS, which allows businesses to run their VMware workloads on the Amazon Web Services (AWS) cloud.

One of the key benefits of VMware’s software is its ability to provide high levels of security and reliability. Its virtualization technology helps to isolate applications and data, which can help to prevent security breaches and minimize the risk of data loss. VMware’s software also includes a range of features designed to improve performance and reduce downtime, such as automated failover and load balancing.

Ransomware Lunch & Learn With Cisco!

Arby News and Events , , , , ,
Ransomware Lunch & Learn With Cisco!

Ransomware is becoming more prevalent now as more companies are starting to have their networks infected with these disruptive malware.  With this in mind, Cisco has been improving their security portfolio to keep your IT infrastructure same from these malicious malware attacks.  Learn more about it from our Cisco experts on July 17, 2018 at Discovery Primea at our Ransomware Lunch & Learn event!  Get a chance to win a Smart TV and other goodies as well as you learn more about how you can stay safe from ransomware attacks.  To learn more about the event or how to register for it, please contact us at 893-9515!

About Cisco

Cisco is a multinational technology corporation that specializes in networking and communication technologies. The company is headquartered in San Jose, California, and has offices and operations in over 100 countries worldwide.

Founded in 1984, Cisco has become a leading provider of networking equipment and solutions for businesses and organizations of all sizes. The company’s products and services include routers, switches, wireless access points, security solutions, collaboration tools, and software-defined networking solutions.

Cisco’s networking solutions enable businesses to connect their devices, applications, and data across local and wide-area networks, as well as the internet. The company’s products are designed to provide fast, reliable, and secure connectivity, with features such as Quality of Service (QoS), network segmentation, and advanced security protocols.

In addition to its hardware products, Cisco also offers a range of software solutions for network management, security, and collaboration. The company’s software-defined networking solutions provide a flexible and scalable approach to network management, enabling businesses to easily configure and manage their networks through a centralized dashboard.

Cisco’s collaboration tools enable teams to work together more effectively, with features such as video conferencing, messaging, and file sharing. The company’s security solutions provide protection against cyber threats, with features such as firewalls, intrusion prevention systems, and endpoint protection.

Microsoft To-Do adds New Features Steps and List Sharing

Arby News and Events , , , , ,
Microsoft To-Do adds New Features Steps and List Sharing

It’s now been over a year since Microsoft has released To-Do, it’s intelligent task management app which was developed by the team behind wunderlist.  With it being integrated with Office 365, the team has been collecting a multitude of feedback from users and have now released them in a couple of updates throughout this year.

One of these updates would be Steps which allows you to create sub-tasks to your main tasks to help break it down to smaller actionable items to help you focus on finishing the said task.  The number of steps will be displayed on the task to help productivity so that you know how far you are in that specific task.

 

Another update which was just recently announced was the feature of List Sharing.  List Sharing allows you to share your To-Do list with others so that collaboration will be easier as others may see your progress on your tasks or update it as tasks or Steps are accomplished.  This can be done through sharing a link to the ones you want to share your list with and once you are finished collaborating with whomever you are working with while still retaining the option to stop sharing it.  Microsoft says that this update will be available for most Office 365 users by mid June.

To learn more about To-Do on Office 365, you may contact us at 893-9515 so we can better help answer your inquiries!

About Office 365
Microsoft Teams is a communication and collaboration platform designed for businesses and organizations. It allows team members to communicate with each other through chat, audio and video calls, and meetings. Microsoft Teams integrates with other Microsoft services, such as Office 365, SharePoint, and OneDrive, providing a seamless experience for team members to share files and work together on projects.

In addition to real-time communication, Microsoft Teams offers a range of tools for project management, task assignments, and file sharing. It also allows users to customize their workspace with third-party apps and bots, making it a versatile platform for teams of all sizes and industries. Microsoft Teams can be accessed through desktop and mobile apps, as well as through a web browser, making it easy for team members to stay connected and productive from anywhere.

Malware VPNFilter is on the Rise as Infected Routers Increase

Arby News and Events , , , , ,
Malware VPNFilter is on the Rise as Infected Routers Increase

On May 24, a report was published by security researchers upon the discovery of a group who had infected more than 500,000 home and small-enterprise routers in at least 54 countries with their malware VPNFilter.  This malware can attack, collect research, steal key credentials, monitor SCADA protocols, and install a kill command to destroy your device via your infected router.  These attacks have been happening since 2016, however there has been a spike in infections in recent weeks, mostly in Ukraine.  This has prompted the researchers to publish their report early due to its high threat and vulnerability level to the identified systems involved.

From observations from the researchers, they’ve noticed that VPNFilter’s infection goes through 3 stages:

Stage 1

Infected router enables the deployment and spread of the malware by locating target servers with downloadable images from Photobucket.com, extracting an IP address, and recognize several types of CPU architectures running on Busybox and Linux-based firmware. Redundant command and control mechanisms identify and adapt, such that if the Photobucket download fails, Stage 1 will download from ToKnowAll.com. It also listens for a trigger packet from the attackers, checking for the IP from api.ipify.org and stores it for later use. In this stage, the core malware code survives in infected systems even when rebooted.

Stage 2

It deploys intelligence collection such as file collection, command execution, device management and data exfiltration. It also deploys self-destruct capabilities. It can assess the network value the server holds, especially if the system holds potential interest to the threat actors. The actors can then decide if they can use the network to continue gathering data or use the system to propagate through the connections. The self-destruct function in this stage overwrites critical portions of the device for a reboot directive, destroying the firmware once attackers trigger the built-in kill command and leaving the device unrecoverable.

Stage 3

This stage contains modules that act as plugins for Stage 2. One packet acts as a sniffer for collecting data and intercepting traffic, such as website credentials theft and Modbus SCADA protocols, while another plugin allows for automated communication to ToR. Other plugins that have yet to be identified were observed to be included in this stage.

According to the researchers, you should take the following steps to help protect your systems from VPNFilter:

  • Reset your routers to restore its factory default settings. Rebooting stops Stages 2 and 3 from running on infected devices, at least until Stage 1 reinstalls both processes
  • Update the router’s firmware immediately once the manufacturers release the patch

For Trend Micro Smart Home Network users, you can be assured protection from this threat with the following rules implemented:

  • 1054456 WEB Linksys Unauthenticated Remote Code Execution -1 (OSVDB-103321)
  • 1054457 WEB Linksys Unauthenticated Remote Code Execution -2 (OSVDB-103321)
  • 1055170 EXPLOIT Generic Arbitrary Command Execution -1
  • 1056614 WEB Cisco Linksys E1500/E2500 apply.cgi Remote Command Injection -1 (BID-57760)
  • 1058664 WEB Cisco Linksys E1500 and E2500 Router Directory Traversal Vulnerability (BID-57760)
  • 1058665 WEB Cisco Linksys E1500 and E2500 Router Password Change Vulnerability (BID-57760)
  • 1058980 WEB Cross-site Scripting -14
  • 1059209 WEB Cisco Linksys E1500 and E2500 Router OS Command Injection Vulnerability (BID-57760)
  • 1059253 WEB Netgear DGN1000 And Netgear DGN2200 Security Bypass Vulnerability (BID-60281)
  • 1059264 WEB QNAP VioStor NVR and QNAP NAS Remote Code Execution Vulnerability (CVE-2013-0143)
  • 1059672 WEB Cisco Linksys E1500/E2500 apply.cgi Remote Command Injection -2 (BID-57760)
  • 1132723 WEB GD Library libgd gd_gd2.c Heap Buffer Overflow -1 (CVE-2016-3074)
  • 1133310 WEB Netgear R7000 Command Injection -1.1 (CVE-2016-6277)
  • 1133463 SSDP Simple Service Discovery Protocol Reflection Denial of Service Vulnerability
  • 1133464 WEB Netgear WNDR1000v4 Router Remote Authentication Bypass
  • 1133572 WEB Shell Spawning Attempt via telnetd -1.b
  • 1133802 WEB Netgear NETGEAR DGN2200 dnslookup.cgi Remote Command Injection (CVE-2017-6334)
  • 1133908 EXPLOIT QNAP Transcode Server Command Execution
  • 1134566 NETBIOS MikroTik RouterOS SMB Buffer Overflow -1 (CVE-2018-7445)
  • 1134567 NETBIOS MikroTik RouterOS SMB Buffer Overflow -2 (CVE-2018-7445)

If you have further inquiries on the above malware, you may contact us at 893-9515 and we will be happy to answer them!

Meraki Wireless Health is Now in Beta!

Arby News and Events , , , , , ,
Meraki Wireless Health is Now in Beta!

Last January Cisco announced that they would be adding an exciting new feature for Meraki, the Meraki Wireless Health.  In essence, Wireless Health is a powerful heuristics engine which can promptly find errors which are affecting the end users experience across multiple stages of their connectivity, which includes association, authentication, IP addressing and DNS availability, then does a quick cause of analysis and response.

This helps IT administrators to quickly find out whether there are users who are able or unable to successfully access the wireless network and easily identify the problematic access points, clients, and failing connection stages that are the source of bad end user experience.  Being able to see all access points (AP) in a given network is a critical factor in having a successful end user experience by identifying and repairing problems to avoid lengthy and inopportune downtime and latency.

With this in mind, Cisco as recently announced that Meraki Wireless Health has become available to all existing MR customers at no additional cost or charge as a generally available beta feature.  To access it, you just need to navigate to Wireless > Wireless health in the Meraki dashboard.

To learn more about Meraki, you can visit our Product page here or directly contact us at 893-9515 and we will be happy to help you!

About Cisco

Cisco is a multinational technology conglomerate that specializes in the design, manufacturing, and distribution of networking equipment, software, and services. Founded in 1984, the company is headquartered in San Jose, California, and has a global presence in over 100 countries.

Cisco’s core business revolves around networking solutions, including routers, switches, wireless access points, and security appliances, which are used by businesses and organizations of all sizes to connect devices and share data. Additionally, the company offers a range of software solutions and services, including collaboration tools, analytics, cloud computing, and cybersecurity.

Cisco is also a major player in the development of new technologies, such as the Internet of Things (IoT) and 5G mobile networks. The company has invested heavily in research and development, and has acquired a number of technology startups in order to stay at the forefront of innovation.