Sophos PAC Trip to Burlington

20161025-124818 27We had a great time driving up to and back from our trip to Burlington, MA. Besides the meeting Kathy and I visited Salem, Marblehead, Rockport, Gloucester, Concord, Lexington, Manchester-by-the-Sea and Cape Ann areas. I have posted images up to most of my picture sites but you can take a look at them at SmugMug here.


Verizon threatens to fire workers who fix copper phone lines

from Cabling Installation & Maintenance Posted October 7, 2016

Verizon has reportedly told its field technician crews in Pennsylvania that they can be fired if they try to fix broken copper phone lines. Instead, workers must try to replace copper lines with a device that connects to Verizon Wireless's cell phone network, Ars Technica's Jon Brodkin reports.
From the article:
This directive came in a memo from Verizon to workers on September 20. "Failure to follow this directive may result in disciplinary action up to and including dismissal," the memo said. It isn't clear whether this policy has been applied to Verizon workers outside of Pennsylvania. The memo and other documents were made public by the Communications Workers of America (CWA) union, which asked the Pennsylvania Public Utility Commission to put a stop to the forced copper-to-wireless conversions. The wireless home phone service, VoiceLink, is not a proper replacement for copper phone lines because it doesn't work with security alarms, fax machines, medical devices such as pacemakers that require telephone monitoring, and other services, the union said.

“Field technicians are required to have VoiceLink units on their trucks and to refuse to repair copper plant serving voice-only customers,” CWA local President James Gardler wrote in testimony presented to the state Utility Commission. "Our members are being told that if they actually try to repair copper plant instead of using VoiceLink, they will be subject to disciplinary action by Verizon." The memo to field technicians adds that in order to give customers the “best possible network performance in non-FiOS areas, Verizon will migrate as many customers experiencing trouble on their line to VoiceLink as possible.” ... Technicians can fix the copper line “if the customer does not qualify” for wireless service. In those cases, the tech must document the reason the customer didn’t qualify for VoiceLink.
“It is a requirement that migration to VoiceLink be your first option when the customer qualifies and the trouble is in Verizon's network,” the memo [emphasizes]. Another memo tells workers that they should only restore copper phone service if they can verify that the wireless VoiceLink won't work. VoiceLink devices connect a home's inside wiring to Verizon's cellular network.

Read the full story at Ars Technica.


Interesting article from RPost about a socially engineered eMail caused the loss of $480k


Businesses cannot rely solely on cyber insurance policies to protect themselves and their clients from certain cybercrimes. In a recent case, Chubb Insurance refused to cover a cyber security loss of $480,000 despite the fact that Chubb had insured the victimized company for computer funds transfer fraud.
The case involved a cyber insurance policy issued to Houston-based Ameriforge Group Inc. (AFGlobal Corp.) by a division of Chubb Group. Criminals impersonating AFGlobal’s CEO convinced the company’s accountant to wire $480,000 to a bank in China. When the fraud was discovered, investigators learned that the foreign bank account had already been emptied and closed.  Source
As it turns out, cyber insurance policies such as the one held by Ameriforge Group may cover forgery of financial instruments (such as checks or drafts), but insurers may not recognize informal email correspondence containing financial instructions or wire information as qualifying financial instruments. Sending financial instructions encrypted in Registered Email messages may add sufficient formality to trigger cyber insurance coverage.
Fund transfer fraud often involves emails that appear to come from a company employee -- in this case, the CEO. The fact that the email has the weight of the CEO’s authority makes this particular tactic effective, as it is difficult to verify an email’s authenticity unless the sender uses a sender authentication service such as the Digital Seal® sender authentication feature included in the RMail service.
In the Chubb case, it is noted that the fraudster seemed familiar with the nature of the longstanding and trusting relationship between the accountant and the CEO, suggesting that the fraudster may have had access to emails between the two. These “fake CEO email” tactics often include email correspondence written with context, vocabulary and style matching the CEO’s normal email interactions. As always, using the RMail email encryption service when corresponding about sensitive transactions is an important preventative measure. 
In this case, the fake CEO email to the accounting director Glen Wurm allegedly said: “Glen, I have assigned you to manage file T521. This is a strictly confidential financial operation, to which takes priority over other tasks. Have you already been contacted by Steven Shapiro (attorney from KPMG)? This is very sensitive, so please only communicate with me through this email, in order for us not to infringe SEC regulations. Please do no speak with anyone by email or phone regarding this. Regards, Gean Stalcup.” Wire instructions followed in a subsequent email with a request to transfer $480,000 for due diligence costs associated with a purported acquisition.


Google Home to be release Nov 4th

Now available for preorder for $129 which is less expensive than the full blown Amazon Echo device. The Verge discussed a unit that they were able to test  that they felt was smarter than Siri and the Alexa stating that it was able to understand context in a question and find information from around the web.

It is going to be available in different colors, and they felt the speakers had better quality than the Echo. Google Home works with YouTube Music and Google Play Music, six months of YouTube Red,  and integrates with Spotify, Pandora, iHeartRadio and TuneIn. Any of the third-party services can be used as the default music service if you like.

Home also acts as a Chromecast Audio receiver, so you can choose to cast the music to any Chromecast-connected television or speakers in the house, and you can play music in multiple rooms at once.

Click here to see The Verge’s article here.


Special offer on Amazon’s Echo Dot

imageAt $49.99, this device is pretty interesting. Dan Seifert from the verge did a quick review that goes over the basic new functions that are coming out that make this very interesting. With Google coming out with its own product to rival this one we are in for some interesting new options in this market. Its worth a quick read above if you interested in this technology.


Naked Security: Siri opens “smart” lock to let neighbor walk into a locked house

imageI do love my electronic toys but here is an article this describing an issue with the security lock that is tied into the system that has voice activation and no security protocol. Home automation can give you quite a few benefits but you have to be able to  secure those entry points into your home so that they cannot be easily compromised. Take a look at this article if you have or are considering home automation and jump to the security tips from Chester Wisniewski listing how we can better security Internet of things as we allow them to enter our life.

Remember that our experts here at PAconnect take all of these things into account to make sure that your home is secure and safe as we can make it. And keep in mind the following comment from Chester Wisniewski:

“Of course, please don’t forget that lists like this are, of necessity, incomplete – after all, security is a journey, not a destination, so don’t imagine that this is our last word on IoT security.”


Microsoft blocking Linux Installations through agreements with some Laptop Makers

imageLenovo is one of the laptop makers that is under an agreement with Microsoft to prevent the replacement of the Windows 10 signature edition operating system with one of your choice such as Linux. The Lenovo Yoga 900 S and Yoga 710 S both have this operating system installed on them and as per a Lenovo spokesperson it has been locked up with regards to Lenovo's agreement with Microsoft.

The primary issue with these models is that they are using a proprietary soft-RAID program that cannot be recognized by Linux installers. You can’t change the SATA controller mode in the BIOS setup as well. Windows installers won’t work as well without the special installer drivers from Lenovo. So Lenovo with these models has guaranteed that they only can be used in their designed configurations.

Lenovo has since gone into full damage control and denial. It removed the thread from its support forums (view a cached copy), and even changed its explanation from "we blatantly admitted to anti-competitive practices that could cost us a billion-dollar class-action lawsuit" to "we simply don't have drivers for our deliberately unusual RAID setup."

While this article sounds negative, for most of us this isn’t a big deal because we use the computer as a tool as it was designed to be used. But for those of you that like to play, these models are not the ones to purchase.


Just added j5create to our product line

imageWe are happy to announce that we just added j5create products to our product catalog. They are primarily a USB product technology company that provides cables, docking stations, display adapters, android accessories/adapters, ethernet and WiFi adapters, display port adapters and external hard drive enclosures.

It is very important that if you need USB C product that you get one that is certified to work with that technology and j5create has the products in this category for you. And if you need to expand your USB Type-C access they have a 4-Port HUB with power delivery that will provide that for you.

Call us with your needs and we will be more than happy to match the right product to your needs.



Another Sci-Fi item becomes a real thing!

imageSo Back to the Future fans here is another item seen in the movies that is going to be available soon on the market. Nike is bringing us the self-lacing sneaker and they will be available for you to purchase on November 28th or this year. The HyperAdapt 1.0 will be available for "experience & purchase" starting on the 28th of November, but only in select Nike locations in the US. Pricing is still unknown, but expect a "high price tag," according to a Wired feature on the shoe's development.



Yahoo reports confirms data breach on 500 million accounts

imageAre you using Yahoo Mail or any of their other services? Stop now and change your password and security questions. Yahoo confirmed a data breach that includes logins, names, logins, birthdays, and security questions. What is worse is that the breach happened in late 2014. The Verge has a posting of what you should consider changing here. What should we learn from this and other recent breaches? Take a look at Health Care Info Security posting. And now you have to wonder how that will affect the Yahoo/Verizon deal. All-in-all not a good situation.


weboost Home 4G cell booster

The weBoost Home 4G is our most affordable 4G cell phone booster for home and indoor coverage. The Home 4G ensures your get better voice and data with fewer dropped calls, improved voice quality, faster uploads and downloads. This premier home signal booster can increase cell signals up to 32x while enhancing 4G LTE and 3G signals for buildings up to 1,500 sq. ft. weBoost's Home 4G is compatible with all U.S. and Canadian networks including Verizon, AT&T, Sprint, T-Mobile, US Cellular, Straight Talk and more. Each device comes with everything you need for complete installation including an indoor antenna, outdoor antenna, power supply, 30' cable, and trained support staff on call to assist with the DIY installation. Each device comes with a 30-day guarantee and 2-year warranty from manufacturer meaning it works or your money back.



Amazon entering the online print business

There are several different printing services available online that you can use to print photos, photo books and placing your photos into other formats. If your member of the Amazon Prime, you already have unlimited storage space for all your digital photography images so obviously this is a natural progression of service that Amazon would like to be able to provide you. Especially since, that customers in the US are expected to spend $2 billion or more for online photo printing services this year reported by market research firm IBISWorld.

imageIt appears that Amazon is using a company called S&D Print as the actual printing arm of the service. You go to sign up you'll be presented with the following screen. When you accept the service you are linking your Amazon pay account with the S&D Print account.While this service is just starting out, which is apparent by the limited number of options that you have to choose from, their photo printing prices seem to be in line but the book pricing was to be a little exorbitant.

I have used Shutterfly in the past it was always very happy with the results and they have a large number of options, not only for printing photographs and photobooks, but putting your favorite photos on many types of objects and formats.

Companies like Shutterfly have a big lead on Amazon in this category and it will take Amazon a lot of effort to catch up but Amazon has all the right tools in place to be able to eventually create a viable product that people want to use. However, given a choice between Shutterfly and Amazon Print, right now I am firmly implanted with using the former rather than the latter.


Are you ready for Evernnote Plan changes

By looking at how bright this image is it kind of tells you that Evernote is hesitant and letting you know exactly what their plans are and letting you keep able to actually read what it is that are your options. The biggest thing that struck me is that with the basic plan you can only sync across two devices. Very few of us in this day of age have only two devices that they're working with but I'm sure there are some of you out there that are falling into this category. So, Evernote has fallen into the category of giving you a taste of their product with the free plan to move you into their pay for plans to make it actually functional.

While I don't bemoan the fact that they are trying to become viable, I can't help but be glad that I long ago moved over to using Microsoft's OneNote. OneNote gives me all the integrations with the rest of Microsoft's products and operating systems and allows me to share the information across as many devices as I care to. While in theory OneNote is still a paid for product it does come with every one of Microsoft Office suites.

Granted that $34.99 per year for the plus package and $69.99 per year for the premium package really isn't that expensive for what you're getting. But the basic package you really don't get much of anything. If you buy into the plus package at $34.99 per year then you are not limited to the number of devices that you can use the program on. You get 1 GB of storage capacity and you can access your notebooks without being online, forward emails into Evernote and you get customer support but only through email communication. LEARN MORE ABOUT PLUS

The premium package for $69.99 per year, takes you up to 10 GB of storage, adds customer support through live chat, allows you to search for text in PDF's, search for text in attached office documents, allows you to imitate PDFs, gives you the ability to scan and digitize business cards, provides the opportunity for presenting your notes, gives you an audit trail allowing you to browse the history of your notes and does a cross referencing so that you can see related notes and content. LEARN MORE ABOUT PREMIUM

So if you want a closer look at the pricing listed below click here and it will take you to Evernote's pricing page. For me, I am going to be sticking with Microsoft's OneNote program.


Should you be in the market for a dash cam?

imageWhy would you want one? Accidents can happen to anyone at anytime. A dash cam can be helpful to drivers in the event something goes wrong while driving your vehicle. Consider that a dash cam is more of a protective device. And if you have one, hopefully you will never need to take advantage of pulling the footage from it. Since that is the case, it may be hard to justify the purchase of one. But if you do, it can be worth many times the initial cost of the unit.

If I have peaked your interest, you may want to take a look at the following article that discusses what you should consider when buying a unit and comparing several of the dash cams that are on the market.


Google Play causing issues with battery life?

How Google Play tracks you even if your other apps don’t – Naked Security

imageNaked Security posted an article that Google Play’s update that is tracking your usage or their service by using GPS which if you didn’t know when turned on and in use can drain your battery very quickly. For more detail on this read the article by clicking on the link above.


How not to use Facebook

imageI don’t understand the need for people to put every part of their personal life on-line for everyone to see. But what is even worse is for someone to respect another’s request for not posting what are embarrassing photos of their child that makes them uncomfortable. Once that child makes their request known, if the parent truly cares for them they really should be considerate of their request. That’s when I saw this article in nakedsecurity.sophos.com, it really made me angry with the parents.


Office Lens is now available on Windows 10 devices

imageI have been using Office Lens on my Android phone since last year and have been wondering if it would ever show up on my PC. Now it has.

It is a wonderful tool that I have used to capture documents to store for record keeping, capture business cards to include in your contacts and now you can use it from you pc to do these things as well.

How many times have you found yourself in conference and wanted to be able to capture a projected image or whiteboard drawing to your notes. Use this program to do so quickly and easily from any of the devices you have on hand.




Making of a Miller’s Knife Video

While I am normally posting technical information on this site I am posting this video for my brother Ed who is an avid blacksmith. While this is nothing new for Ed I thought he might enjoy watching it anyway. He loves to make knives out of all sorts of things, especially railroad spikes so it should be up his alley to grab a horseshoe and pound it into another useful tool.


Sophos Intercept X

Yesterday Sophos announced the availability of a new product to the security product line. Sophos Launches Next Generation of Anti-Exploit and Anti-Ransomware Technology With Sophos Intercept X

imageSophos Intercept X combines four critical security components that IT administrators should expect from next-generation endpoint protection.

  • Signatureless Threat and Exploit Detection: Anti-malware and anti-hacker defense that blocks zero-day, unknown and memory resident attacks and threat variants without the need for file scanning
  • CryptoGuard: Anti-ransomware innovation that identifies and intercepts malicious encryption activity, blocks ransomware before it can lock and cripple systems and can roll back maliciously encrypted files to their pre-attack state
  • Root Cause Analytics: A 360 degree visual analysis of attack events that shows where the attack came in, what it affected, where it may have stopped and recommended actions to prevent a similar attack in the future
  • Sophos Clean: Powerful utility that hunts for and removes any trace of spyware and deeply embedded, lingering malware

Sophos Intercept X–Sophos Information Page


Stop Ransomware Before it Takes Your Files Hostage

Ransomware is the #1 malware attack affecting organizations today. It encrypts your files and holds them hostage until the ransom is paid, causing massive disruption to business productivity.
Sophos Intercept features CryptoGuard, which prevents the malicious spontaneous encryption of data by all forms of ransomware – even trusted files or processes that have been hijacked. And once ransomware gets intercepted, CryptoGuard reverts your files back to their safe states.

Ransomware Paper

Page 1 ... 2 3 4 5 6 ... 62 Next 20 Entries »