Dec 20

logo

We’re at it again! This year is even bigger and better with more lights to choose from. Come annoy the team with the new rendition of Jingle Bells that plays in the office!

Click here: http://christmas.considerit.co.uk

Oct 16

What’s happened

A researcher has found a way to compromise the most common Wi-Fi security standard which allows an attacker to look at traffic on the network, and in some cases, manipulate the data.

 

What’s affected

Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.

In general, any data or information that the victim transmits over Wi-Fi can be decrypted.

 

What are we going to do

Resolving the security problem is likely to involve applying security update to routers.

Sep 19

Dell today confirmed to us that they have stopped selling their popular printer hardware. After quizzing a third-party wholesale supplier, the Dell online chat service, and our Dell Direct Account Manager, we can today confirm that Dell has made the decision to stop selling printers as part of their hardware offering (in the UK at least).

This morning we checked the Dell website and confirmed that all printers had been removed from the Dell UK section, with the exception of their large workhorse C7765dn model.

Speculation could lead us to believe this is the direct result of some sort of fall-out from the recent Dell EMC merger.  We found an interesting article from late 2015 on the merger that says:

It makes you wonder how Dell’s acquisition of EMC will affect its printer business.

Feb 16

There’s an article on the BBC news website that popped up yesterday that took our interest. It states that a “hack” lets phones “eavesdrop and make premium calls”. This was obviously a great concern for us, as it named our primary vendor, snom, as the manufacturer whose phones were used in the research.

The article can be seen on the BBC website here: http://www.bbc.co.uk/news/technology-35579273

What we can’t understand is why the BBC chose to publish such a non-story. What this “security hack” boils down to is not changing the administration page password from the default. Yes, you heard right. The only security flaw is not setting an admin password for managing the settings on the phone.

In fact, if you ignore the fact they used old firmware to carry out their tests and you perform that exact same test on firmware that isn’t old (and was only a beta release) the phone itself prompts you on the screen at every opportunity to set an Admin password.

Jan 18

As of 1st April 2016, there will no longer be an Openreach modem installed for new FTTC connections. This means that when the Openreach engineer visits to switch you on with our service they will only do the jumpering activity at the local street cabinet and then close the job. This means you wont have to wait in on the engineer coming to your premise to install any equipment.

If you’ve decided to purchase your router and equipment through Consider IT, we’ll have it all preconfigured for you. If you’ve chosen for a site install, one of our technicians will still turn up on site at the pre-agreed time to get you online.

Openreach are running this as a pilot and will be holding regular review sessions to understand the highlights and lowlights of these kinds of installs.

Jan 06

We are currently aware of a lot of malicious spam emails currently doing the rounds. As of posting this, few anti-viruses pick up the virus attachments.

The fake email pretends to come from e-mail address avril.sparrowhawk@lescaves.co.uk, but is actually a simple forgery and does not in fact come from Les Caves.

The contents of the e-mail message are as follows:

From:    Avril Sparrowhawk [Avril.Sparrowhawk@lescaves.co.uk]
Date:    22 December 2015 at 11:14
Subject:    CWIH8974 PAYMENT RECEIVED

Good afternoon

Thanks very much for your payment we recently from you, however there was a missed invoice.  Can you just confirm this will be included in the next payment run, or whether there were any queries with this particular invoice?

I have attached the invoice for your reference.

Dec 21

Pressing the backspace key 28 times will let you circumvent a locked-down Linux machine researchers at Universitat Politechnica de Valencia recently discovered.

The GRUB bootloader used by most Linux distributions has the option to password protect boot entries. Not only will this prevent tampering but allows you to prevent peripherals such as CDs and USB ports from booting an OS. Without this protection an attacker could boot a system from a live USB key or CD, switching into their preferred operating system to download or access files stored on the machine’s hard drive.

This flaw with Grub2, of which versions 1.98 and 2.02 are affected, means a simple tap of the backspace key 28 times will bring up the prompt usually hidden behind the password screen.

Oct 23

TalkTalk have once again shown their inability to keep customer data safe. Police are now investigating what TalkTalk term a “significant and sustained cyber-attack” on their website.

talktalk-hack-oct2015

Their website currently shows the page above highlighting the fact the website is unavailable right now.

An official statement was released by TalkTalk on 22/10/2015: View Statement in Full.

What the statement doesn’t highlight is what customers of TalkTalk need to do now.

The investigation is ongoing, but unfortunately there is a chance that some of the following data may have been accessed:

  • Names
  • Addresss
  • Dates of birth
  • Email addresses
  • Telephone numbers
  • TalkTalk account information
  • Credit card details and/or bank details

TalkTalk have also created a help page here for those who may have been affected: http://help2.talktalk.co.uk/oct22incident

Please be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so.

Jun 19

We have noticed a large number of calls yesterday and today in relation to users on Windows 7 where the computer sits stuck on a “Starting Windows” page. The common denominator between all of these incidents is that the computers had AVG Anti-Virus installed.

Whilst we wait on AVG getting back to us with news on this issue we have been resolving these incidents by booting the computers in to Safe Mode, un-installing AVG completely, then booting back into Windows in normal mode before reinstalling AVG.

windows-starting

This is not the first time Anti-Virus programs have caused catastrophic issues with Windows PCs. In April 2010 a McAfee pushed out an update that caused a false positive identification, and incorrect deletion, of the critical Windows system file svchost.exe.

Jun 09

On 14th July 2015 Microsoft will cease supporting Server 2003. This means that, going forward, there will be no more updates or patches for the Server Operating System, which will lead to a less stable and less secure server infrastructure for any businesses that choose to continue to use the system after this date.

Any organisation that is still currently using Microsoft Server 2003 needs to put in place a plan of action to migrate to a new server Operating System, or find an alternative IT infrastructure solution.

Edinburgh IT Support consultants, Consider IT, suggest getting in touch and we’ll provide options for moving forward to a secure and reliable solution.