Telanova Blogs

Blog

sales: 01344 567990

support: 01344 989530

Would you trust a HTTPs verified site?

Oh, you think you're so safe with your little green padlocks, huh?

Think again. PhishLabs have recently published research where they have found a staggering 24% of phishing sites use HTTPS, an otherwise well known protocol that used to establish trust and privacy of using a site.

Over the years, we have seen a massive push towards encryption of everyday services. Browsers now display a warning for sites that aren't encrypted and half the web now uses standard encryption for their websites. So why fight the competition when you can just join them?

How many times have you visited a website and trusted inputting your sensitive financial data just because your browser says its safe? It's time for that behaviour to change!

How to stay safe online

Create complex passwords. Yes, I know, you've heard it all before. But the reason you've heard this before because it is the forefront of security, and arguably the most important part. Having a strong password (e.g. complex, numbers, capitals, special characters) can save you from a world of trouble.

Be overly cautious. If its too good to be true, it probably is. Don't enter or give any information to anyone unless you can authenticate who they are. And, for whatever reason, don't click random links on the internet.

Look into active web protection. In a day and age of increasing number of cyber attacks, we also fortunately have an increasing number of methods to protect ourselves. Look into installing some form of active web protection that blocks possible malicious websites e.g. McAfee

 

Stealthy Trojans need the 'door bouncer' treatment on your network.

No, this isn't a blog post on Brad Pitt. 

I'm hopeful you've heard of the mythical story of the Trojan Horse? Where, in 1194 BC, the Trojans built a gigantic wooden horse that was disguised as a gift and left it outside the City of Troy's gates. The people of Troy celebrated the peace offering and took the horse inside its impregnable walls. Little did they know, the horse was full of Trojan's best warriors - and at night, they jumped out; opening the gates to the Trojan army where they plundered and razed the city.

The same ruse is now being used to enter our networks and steal our sensitive data. All it takes is a user to open or download a link sent from a malicious email that is disguised as secure and safe. A study in 2011 showed that a 69.9% of all malware attacks are Trojans.

Once downloaded or opened, the malware infects your network or local computer. Attackers can then steal data such as credit cards, financial information, email accounts, passwords and emails, and even send thousands of emails to clients from your own email with the same link or file, creating a snowball effect that is hard to stop. Whatever is saved or used on your network is at risk.

It's a network's Achilles heel.

Thankfully, whilst Trojans are getting sneakier and craftier as technology gets more complex and advanced, so do the deterrents and prevention we can put in place. These prevention's act the same way as a bouncer at a club; checking ID's and making sure no unwanted visitors get in.

That's what Telanova is; a bouncer. We monitor remotely and seamlessly in the background, allowing you to get on with the important work at hand without having to worry and lose sleep over network security issues. Contact us to find out how we can protect your network's city walls from attacks.

 

 

Just when you thought it was safe to go online

Facenet and dating of the future

Sometimes there are times when you read something that makes you consider the future in a very poor light. Having this particular program made publically available at this early stage of development is also a cause for concern of how skewed the world will become in the near future.

Many people will have by now at sometime in their adult life joined , have a close friend or family member that has experienced one of the online dating services. The services generally rely heavily on the basis of instant attraction. In many, you are presented with a visual of the person before any details of the personality are supplied to the browser. Again on the visual impact, the browser can choose to like / skip etc.

Think now to the newly released python script, from Charles F. Jekel and Raphael T. Haftka of the University of Florida [arXiv:1803.04347 [cs.CV]], that based on just 20 of your likes is able to build a generic facial representation, which when applied to further images has an accuracy of 60% of knowing if you will like that image.

Once trained on 406 profiles, where each like represented a different classifier, it was over 70% accurate. Being one of the first algorithms in the area, accuracy is likely to improve over time. The question being then is where will this lead ?

Will you be able to take your liking profile from one supplier and use them with another. The reality of how oddly familiar this all seems, think about where else your liking data is used for marketing. Marketing teams will see the usefulness of this data being collected. Will the privacy agreement you’ve signed protect you liking data. The company you use could use that data for their own purposes as long as it is in their privacy agreement.

Fast forward a few years, and every website you visit could be presented by a computer generated personna that is facially configured to match your dream person. How could you resist not purchasing 63 pallets of widgets that you really don’t need just because you want to please them.

During the rise of computers we were wowed by the amazing graphics and realism that slowly grew as processors became more powerful. Soon the realism will not be realism but a distortion of reality based on our dreams and desires.

Back in reality however, it may just be time to think twice about how you let companies use your data, not all of your data is input by you on a clearly laid out form. Your data is how you navigate, how you interact, how you choose, what you look at. Under GDPR companies must release all your data they collect about you to you, and must tell you how they are processing it.

For more information about the FaceNet script see https://github.com/cjekel/tindetheus/ * arXiv:1803.04347 [cs.CV]

For more information about GDPR email This email address is being protected from spambots. You need JavaScript enabled to view it.

#telanovaReporter

Your teams are being targeted

Sharks circling targeting users

Like spearing fish in a barrel.

The sharks are circling.

Advances in technology have seen great benefits to humankind as a whole. Each step forward for mankind, sees an additional step forward for the criminal underground.

Machine learning is becoming more wide spread. If your company uses Adwords, you may well be using their own machine learning on which of your adverts performs better based on the demographic and information of the person they display the advert to.

In the past many of us will have received an email purporting to be from a bank or parcel carrier that we’ve never used. You may well have become accustomed to saying to yourself, but I don’t have a Western Union account etc.

What now if the machine learning was reading your public social media, of you and your friends and tailoring the email or social post to match what you wanted to see. Imagine if you suddenly saw a post on your social feed that said
yourname
I know you went to insert place last year and I wondered if you’d seen these photos of the place insert sample image ,
catch up soon
insert a name of a friend

  • How closely would you look at the poster's signature
  • Would you click and check out the photos ?
  • What if it said update your Adobe Reader / Gallery Pack software when you did ?
  • Did it all seem legit ?
  • What if on the gallery page you visit theirs more social engineering, such as donate to just giving page ?
  • What would your employees and friends do ?

In research published this month shows that by using machine learning to facilitate socially engineered phishing campaigns they are achieving a 5-14% better rate of return.

  • How does a 5-14% higher chance of breach fare with your company?
  • When and how did you last assess your risk of attack?
  • What action have you taken to reduce that risk ?
  • Are you ready for the onslaught ?
  • What actions have you already taken to upskill your employees?
  • What packages are there that can assist you ?

Want to know more, enter your details below.

Enter your name, telephone and email address so we can contact you
Name :
Email :
Phone :

How much downtime is acceptable ?

System 36 - 30Mb Hard drive

Many years ago, once a year, in a production factory that ran 24/7, everything would come to a halt for the Test. While the Test was in progress all orders were stopped, people hung around like they were waiting for the starting gun of a race.

Deep inside a locked room people would be busy dismantling and inserting a loan hard drive into the System 36 and then the big restore from 12 inch disks in magazines, 1st the monthly back up, then the weekly back up, then the daily back up. After many hours and copious cups of coffee and boxes of biscuits, the system would be sent live to see whether everything had worked successfully. The downtime was costly, and that was thankfully without any live customers trying to connect online to see the status of their order.

Fast forward to just a few years ago, and replication was the in thing. Some companies built whole triplicates of their server rooms, with a duplicate site only a few miles away, ready for raiding for parts, and another site a few hundred miles away ready for major disasters. Testing the fail-overs resulted in many issues of lost orders, lost data as people didn’t realise they were entering data onto the temporary fail-over test systems.

Fast forward to a few of years ago, Enterprise companies were migrating to the cloud, aware of the cost, but knowing of the saving of having a system that would be always on and able to expand and reduce as the demand suited, backups are still required but testing of those can be done in a separate cloud area without disrupting the main business.

Fast forward to today, and the costs have lowered, and now every business Small and Medium can enjoy the cloud benefits. Whether it is full in the cloud servers through Azure, or using Cloud services such as Office 365 and G-Suite.

What comes next is open to debate, but the server-less architecture looks to be a fair bet, which will see that server you built dynamically grow or shrink depending on how busy and how much work it is doing. So you won’t be paying for power you’re not using, and you will be saving the environment.

Stick with us and we’ll keep you up to date

#telanovaReporter

PS. Don't forget to try out our downtime cost calculator

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand