Ransomware has now propagated to Office 365. Over the past couple of weeks, a virus known as Cerber effectively compromised an estimate 57% of Office 365 users. The virus encrypted files on the end user’s workstation using an unbreakable algorithm and then held the decryption key ransom for at least $500. This has been seen frequently recently, but this is the first known time that the infection has compromised such a large percentage of users on such a common platform such as Office 365.

If you want assistance assessing your security profile, contact us immediately.

The Department of Homeland Security recommends using an alternative browser (such as Chrome or Firefox) until a patch is released to combat the recently announced Internet Explorer vulnerability – CVE-2014-1776. The exploit requires that Adobe Flash is installed, so systems without Adobe installed should be safe. The risk of an attack enables remote code execution such as the installation of malware just by visiting malicious websites. The vulnerability gives the exploit the same level of permissions as the currently logged in user. That means if your users are administrators on their machines, the sky is the limit for the impact.

If you want assistance assessing your security profile, contact us immediately.

While it has been coming for quite some time, the world seems to be in denial of the fact that Windows XP is no longer supported by Microsoft. While that really translates into no technical support for the operating system, the more impactful meaning is security patches for the operating system will no longer be developed and released. Today’s threat landscape is growing larger by the day so keeping up with the latest vulnerabilities is vital. So, what’s the answer? Implement a more robust security platform? Sure, that will help, but really it’s time for an upgrade. Whether you are a Windows 8 lover or a Windows 7 traditionalist, the time has come to upgrade the end point. Ask your GEM relationship manager how we can help you develop a strategy around this upgrade/migration, and do it YESTERDAY!

On another note, one of the scariest vulnerabilities to hit the web (aka Heartbleed) was announced earlier this week. Simply put, this will allow attackers to unencrypt secured traffic which can lead to a litany of compromised data – passwords, credit card numbers, and social security numbers! This one won’t make a heart bleed; it’ll make a HEAD ACHE! If you are concerned about your exposure to attack, ask GEM for assistance in mitigating this risk, and again – DO IT YESTERDAY! (For specific details you can visit www.heartbleed.com)

Security threats have substantially evolved since the inception of the perimeter firewall. Yet, the same approach to filtering out these security threats – stateful inspection – is used today. This legacy approach of allowing or denying traffic based on port based, IP address filtering does not take into consideration the complexities of today’s network traffic.

• What if you want to allow Facebook, but not Facebook instant messaging?

• What if you want to enable internet email, but prevent documents from being attached?

• Wouldn’t you like to prevent users from using bit torrent applications?

Instead of the yes/no approach that firewalls have utilized for many years, Palo Alto Networks firewalls take a more intelligent approach to deciding which traffic should be allowed on your corporate network. Today’s network threats have become increasing intelligent, shouldn’t your firewall be more intelligent too? Call us today to set an appointment for a (limited time) free evaluation and firewall vulnerability report.

Our local area has been heavily affected by Superstorm Sandy and the damage inflicted has been substantial. In response to this traumatic event, GEM Technologies is donating service hours toward helping businesses that are in dire need of assistance as they recover from the impact of the destruction. To find out if your business or a business you know can utilize these service hours, contact our team at (917) 779-8405. We are also participating in charitable events to raise money for the victims. We are 100% convinced that our community will rebuild and grow stronger as a result of this storm.

Improvements in XenServer 6 make it even easier to use, thereby accommodating customers who desire a cost-effective, powerful, and integrated server virtualization solution. Some improvements include:

• The much anticipated Open vSwitch (a flexible network utility that provides network management
  functionality within cloud infrastructures)

• Substantial optimizations for desktop virtualization

• Full support and integration with Microsoft System Center with the ability to manage virtual machines using Virtual Machine Manager

The core of XenServer 6 also builds upon the recently upgraded Xen 4.1 hypervisor – the latest release by the open source community.

XenDesktop 5.5 adds the “Personal vDisk” technology acquired earlier this month from RingCube, enabling customers to deliver high-definition virtual desktops three times faster for both LAN and WAN users.
By using XenDesktop 5.5, customers can now build true “private desktop clouds” for the first time ever, delivering virtual desktops and apps with rich voice, video and multimedia support to more than one billion end user devices.

Come join your fellow Citrix administrators, engineers, managers and other techies to talk about the latest Citrix technologies and demo some of the newer products. We’ll also discuss some of the announcements presented at the Citrix Synergy conference in San Francisco. It’ll be a perfect time to share tips & tricks that could be used to solve critical issues as well. Enjoy food, beverages, games, prizes and much more, including a chance to win a flip camera. To register, join the Meetup group by visiting http://citrix.meetup.com/19.

Citrix recently released a critical security hotfix to address a vulnerability surrounding the XML services used by the XenApp and XenDesktop product lines. If not patched, this security risk could potentially be used by a remote unauthenticated attacker to execute arbitrary code which could compromise the security of your Citrix access infrastructure. XenDesktop 5 is not affected by this vulnerability.

GEM Technologies advises clients to consult http://support.citrix.com/article/CTX128169 for additional information and to download the patch. If you would like further assistance with this matter or any part of your Citrix access infrastructure, contact GEM Technologies today at 917-779-8405