BUGS BYTE
Microsoft Exchange on-prem servers being exploited by zero-day vulnerabilities.

This is an active exploitation of customers on-prem Exchange servers and our research suggests that the spread is much larger than Microsoft had initially disclosed.

Our team has published a reddit thread and blog post to provide an overview of this threat and what we’re doing in response—check out the highlights below. Join us for a webinar Thursday, March 4th at 1:00pm EST to learn more about these vulnerabilities.

What’s happening?

According to Microsoft’s initial blog, they detected multiple zero-day exploits being used to plunder on-premise versions of Microsoft Exchange Server in what they claim are “limited and targeted attacks.” From our data and analysis, we’ve checked over 2,000 Exchange servers and found ~400 vulnerable with an added ~100 potentially vulnerable.

Why is this significant?

We have seen indicators that this is a large-scale, spray-and-pray attack—not just “limited and targeted attacks” as Microsoft suggested. The targeted organizations range from small hotels, appliance manufacturing, mom-and-pop shops all the way up to city and county governments, healthcare providers, banks and financial institutions and residential electricity providers.

Among the vulnerable servers, we also found over 300+ webshells deployed—some targets may have more than one webshell, potentially indicating automated deployment or multiple uncoordinated actors. And from what we’ve seen, the majority of these endpoints do have antivirus or EDR solutions installed—indicating that preventive security measures have failed to catch this threat.

What should you do?

If you use on-prem Microsoft Exchange Servers, assume you’ve been hit. We recommend you patch immediately, externally validate the patch, and hunt for the presence of these webshells and other indicators of compromise (visit the blog for more technical details).

On your Exchange servers, examine these filesystem paths:

• C:\inetpub\wwwroot\aspnet_client\
• C:\inetpub\wwwroot\aspnet_client\system_web\ (if system_web exists)

If you see unfamiliar .aspx files with random names, and their contents looks like log output with an ExternalUrl line indicating the use of “JScript” code, there is a strong possibility this host is compromised.

Cisco SMB
Cisco Specialization in Small and Midsize Business

The SMB Customer Opportunity

Small and medium-sized businesses (SMBs) have become
the IT industry’s fastest-growing segment. With this trend
comes a heightened demand from customers for knowledgeable network professionals who can successfully design and
deploy Cisco® SMB solutions. This is especially true in the
SMB market, where customers rely heavily on their partners
as trusted advisers.

https://www.linkedin.com/feed/update/urn:li:activity:6765304010846072832

Three Common Pitfalls of Implementing Agile Methodology

By James Dobbs (https://www.linkedin.com/in/james-david-dobbs)


The Agile methodology is a powerful tool that can increase the success rate for project delivery, decrease delivery time, lower the rate of troubled projects, control budget overruns, and increase team morale. As a result, many organizations are hastily moving projects onto the Agile methodology that may not be suited for it. This can cause massive negative impacts and destroy entire programs.

Issue #1:

Determining when Agile is effective and when it is not.

When properly applied to projects where it is well suited, Agile is an extremely valuable tool with myriad upsides and few to no downsides. If Agile is misapplied to a project, the results can be disastrous. Every project should be reviewed on a case-by-case basis to determine if the Agile methodology will be useful. One can do this by asking themselves the following about a project:

Q: Is the problem to be solved simple or complex?
A: Complex projects are a better use case for Agile.

Q: Are the solutions initially known or unknown?
A: Agile works better when project solutions are unknown.

Q: Are requirements set in the beginning and unlikely to change?
A: The Agile methodology is better for projects with changing requirements.

Q: Are end users able to collaborate and give feedback?
A: Agile is better for projects in which end users can collaborate closely and provide feedback.

Q: Is the work modular, and can it be conducted in rapid iterative cycles?
A: If the work is incremental, Agile is a more favorable methodology.

Q: Are late changes manageable, or are late changes expensive/impossible?
A: Agile should only every be used when late changes are manageable.

Q: Are end users unable to start testing parts of the project before the whole project is complete?
A: Agile only functions properly when iterative testing can successfully inform development.

Q: Are mistakes during the project low-cost opportunities to learn and make improvements, or are mistakes catastrophic?
A: Agile should only be used when mistakes are low-cost opportunities for improvement.

Issue #2:

Management must trust teams to set their own velocities for issues.

When a cross-functional team comes together to evaluate an issue that needs to be addressed, they determine their collective domain knowledge, experience, and the ability of all necessary parties to sync up and collaborate on aspects of the issue. These factors create an inherently unique team to which past teams (or hypothetical ones) cannot be compared. These are the factors that a team uses to determine the velocity on a project and for Management to collapse or expand that timeline can introduce chaos and undermine the Agile methodology.

Issue #3:

Agile must be customized, but not too quickly.

Do not use the Agile approach to customizing Agile. Only after using proven approaches, rules, and methodologies that have delivered success in thousands of companies for hundreds of thousands of projects (and perfecting them) can an organization move to customizing Agile to fit their needs.

Agile must be iteratively improved. Once a team is ready to make changes, the should track not only the metrics they’re looking to improve, but also any effect on key performance indicators, including team morale. If slowly and systematically optimized, an organizations homebrew version of Agile can become more powerful than the base Agile methodologies. If properly implemented with skilled cross-functional teams on appropriate projects, the Agile methodology can set an organization and its teams up for unparalleled success.

UniFi-Video Products End of Life Announcement

Phasing out UniFi-Video products – Unifi-Video is EOL

Starting January, 1st 2021 (01/01/2021) all available UniFi-Video resources will focus on UniFi Protect to accelerate its development in terms of features, scalability, security, and continuous efforts to create the best user experience for our video-related products. 

This means UniFi-Video products will no longer be offered or supported, beyond 2020. More specifically: 

  • No software or hardware revisions will be released, including for web UI and mobile applications
  • No customer support will be available
  • No security updates
  • All cloud operations will be shut down and video.ui.com will no longer be accessible

The Plan Ahead for the EOL of Unifi-Video

You can expect two more UniFi-Video release cycles including beta releases (v3.10.13 and v3.10.14). These will address the most critical issues in terms of security updates and/or regressions, so if you plan on continuing to use UniFi-Video beyond the end of life date, we strongly recommend you upgrade your systems to these latest releases as they become available.

Switching to UniFi-Protect

If you decide to switch over to UniFi-Protect, a “one-click” migration of UniFi-Video managed cameras and some user settings will be available in the next controller release for a seamless transition.

Several options are/will be available in terms of NVRs depending on your cameras and storage needs.

UniFi-Protect currently supports the following camera models:

  • UVC, UVC-Dome, UVC-Pro 
  • All G2 cameras
  • UVC-G3, UVC-G3-Flex, UVC-G3-Dome, UVC-G3-Micro, UVC-G3-Pro
  • UVC-G4-Bullet, UVC-G4-Pro

Existing UniFi-Video Recordings

Recordings will not be migrated over to Protect, but they will remain accessible from UniFi-Video applications as long as you keep the UniFi-Video controller running on your NVR/Server.

Note: Remote access has been extended to Jan. 15, 2021 – users will still be able to log in and access their UniFi Video installations via video.ui.com until this date.

Your Company is Remote But is it Secure?

Your Company is Remote – But is it Secure?

2020 has forced many companies to rapidly switch their teams to remote work, sometimes moving hundreds of employees to remote access within days. IT teams across the globe scrambled to set up these new infrastructures, resulting in quickly patched-together solutions that may need reevaluation as companies settle into the remote work routine. Now is the time to assess and optimize your company’s current remote setup and ask:

How secure is your network?

Securing Your Remote Workers

A secure and easy-to-use is important as employees navigate workspaces without colleagues or IT teams in the same physical space. Fortunately, these concerns can be addressed.

Secure User Access

Working from home comes with its own set of security risks but securing access to your company’s network is an excellent first step toward minimizing these risks. Use the following tools to secure user access:

  • Conditional Access: Allows you to control access to your network based on location, app, device state, and user state.
  • Multi-Factor Authentication: Protects your network against lost or stolen passwords.
  • Virtual Desktops: Allows you to build a virtual desktop for workers which gives them remote access to the information in the virtualized session and prevents them from saving any data on their local workstations.

Manage Devices

In addition to securing user access, it is important to secure their devices, too. This has become more difficult with more people using laptops, desktops and other mobile devices to access company data, but there are solutions for securing this technology, too:

  • Mobile Device and App Management: Helps manage work data on mobile apps and decide how much control you want to exert on mobile devices accessing your company’s network.
  • Antivirus Protection: Along with keeping devices up to date and strengthening security policies, protect critical data with antivirus and ransomware protection.
  • Automation: Seamlessly deploy and provision apps, configurations, and user settings across all network users and devices.

Protect Data

Another crucial aspect of network security is data protection. Policies that control access and sharing of data must be put into place. Implementing these measures prevents phishing and ensures confidential data, including social security numbers and other personal identification information, is secure.

Data protection can help in the following ways:

  • Data Loss Prevention: Protects against accidental data leaks, allowing you to detect, monitor, and defends confidential data from being unintentionally shared while helping users learn how to stay compliant without interrupting their workflow.
  • Information Protection: Control access to data and documents by allowing you to decide whether an email or a document can be viewed, forwarded, or printed by a non-employee.
  • Cloud App Discovery: Prioritizes apps, identifies high-risk users, and allows you to integrate applications to enable single sign-on and user management.

Other Security Features

As teams across the world continue to tackle the remote work environment, introducing additional security updates to your organization can ensure protection against threats and introduced new security offerings. These security features include:

  • Strengthen Endpoint Management: Allow your IT teams to make remote and hybrid work possible with the support and management of virtual endpoints. Drive your IT team’s efficiency by enabling the management of virtual desktop infrastructure solutions within the same console as their physical desktops.
  • Defend the Security of Your Network:;Provide security solutions against complex phishing and ransomware attacks by implementing sophisticated attachment scanning, automatic checks of links, and anti-spoofing intelligence.

Need Help Securing Your Network?

BUGS BYTE understands the necessity of securing your IT systems to make it safe for your teams to work remotely. By using BUGS BYTE’s Secure Remote Work Environment services, you can rely on us to assess your current strategy, identify and remediate any gaps, and help you plan for the continuous management of this strategy for the future.

2020 has forced many companies to rapidly switch their teams to remote work, sometimes moving hundreds of employees to remote access within days. IT teams across the globe scrambled to set up these new infrastructures, resulting in quickly patched-together solutions that may need reevaluation as companies settle into the remote work routine. Now is the time to assess and optimize your company’s current remote setup and ask:

Need Help Securing Your Network?

BUGS BYTE understands the necessity of securing your IT systems to make it safe for your teams to work remotely. By using BUGS BUYE’s Secure Remote Work services, you can rely on us to assess your current strategy, identify and remediate any gaps, and help you plan for the continuous management of this strategy for the future.

BUGS BYTE—Transforming the customer experience through tech-enabled managed services

Today’s choices for mobility, cloud, infrastructure, communications, applications, and operations are mission-critical for small, mid-sized, and large enterprises.

BUGS BYTE, is leading the transformation into technology solutions as a service with our tech-enabled managed services portfolio and a commitment to technology innovation, operational excellence, and client intimacy.

Recognized by industry leaders and industry-leading publications, BUGS BYTE has 25 years of operating history delivering exceptional client experiences that directly result in competitive advantage, cost-savings, growth, and improved operational efficiencies.

Visit BUGSBYTE.COM, email info@BUGSBYTE.COM, call (773) 388-BUGS, today for more information.

Cisco Meraki Logos
Meraki MX Firewall as a Cisco ISR Router

If you are looking for a solution so replace your aging fleet of Cisco ISR 2900 and 3900 routers – then you are not alone. See how we ended up with Meraki MX firewalls as this story unfolds.

Cisco’s end-of-life announcements ends software maintenance and security support at the end of 2020. By 2022 the entire lines are considered obsolete and no support is offered.

A metropolitan housing authority in Ohio has found themselves in this position. They have a couple dozen properties in the county with small connected management offices. They reached out to us for a solution.

The proposed solution is Meraki MX67W at each management office or branch.

The unique component to this solution is their WAN topology. In this case, each branch is connected to a datacenter by a private MPLS cloud. Each branch then traverses a datacenter uplink for public access.

In contrast; most topologies will have direct internet access (DIA) to each branch, which is also used as IPSec VPNs for connecting to other sites.

The fundamental difference with the customer’s WAN topology is that there is no reason to firewall the branches’ uplinks to the datacenter. Further the datacenter can NOT be firewalled when reaching the branch. Similarly NAT (network address translation) breaks the organization’s access to each respective site.

Finally the point-to-point links, or the private MPLS, costs per megabyte are magnitudes higher than the cost per megabyte for broadband.

Our solution replaces the routers with firewalls but circumvents the firewall features for the inter-site traffic. Further, the design allows the customer a future transition to the far less expensive broadband without the purchase of any equipment.

The problem with the design is that Meraki MXs are managed thru the Meraki cloud, they call it their “Dashboard“. The MX will only connect with the Dashboard over a WAN interface that is both firewalled and NAT’d. But we cant have the uplink traffic inspected nor manipulated.

In our solution we proposed two options:

  1. NAT Exemption” & firewall whitelist
  2. A dedicated link for Dashboard access

The problem with the NAT Exemption feature is that it is not fully supported by the vendor, Meraki. It has been in BETA testing for over two years.

The problem with the dedicated link for Dashboard access is that the Telco equipment may not have the extra port. Or the Telco may not provision more than a single port for the customer.

It remains to be seen which way this cookie crumbles when the customer weighs in. While both options have their associated risks, the design process and considerations were a good exercise.

Which way would you go if you were responsible for the environment after the IT consultant walked away?

Public WiFi for your Business

Business WiFi

Customers using WiFi at retail business spend 23% more and increase visit frequency by 19% when compared to customers that do not connect to WiFi. Customer spend and frequency rates decrease even more when businesses are in cellular dead zones.

Retail business providing WiFi service to customers see 28% more customer loyalty when compared to their competitors that do not provide customer access to WiFi.

Retail businesses see an increase in customer spend and loyalty within 10-days of a new WIFi implementation. Public signage of WiFi service increases foot traffic. Menu mentions of WiFi increases customer loyalty as well as improves labor efficiency.

Public WiFi and Hotspots are the single most exploited target for business cybercrime and customer identity theft. Savvy customers will know if WiFi is in-secure and will not use, circumvent systems and exploit access.

Everyday Edgebrook WiFi leverages all these benefits and eliminates the risks.

Your Edgebrook WiFi Customers will have easy one-click, reliable access to spend more time and return more frequently – because they know they are secure from cyber threats and identity theft. No passwords getting to the wrong people and no need to routinely change passwords.

Your business systems are secure against threats from customers and the Internet. Protecting your business operations and point-of-sale for your PCI compliance.

Features:

  1. All your customers will recognize familiar networks and logos from other community businesses
  2. Customer access click-thru sign-on – no password needed, still secure
  3. No upfront costs (AT&T/Comcast service is required)
    1. Equipment financing, maintenance and on-going support available for low monthly charges (bartering agreements are available too)
  4. Cloud managed for
    1. quick remote support, easy changes and upgrades
    2. See who is in your store now – staff and customers from the Internet
  5. Secure all customer device traffic and isolate business operations
  6. 100% WiFi coverage across your entire store without dead zones
  7. Market your website, promotions and Facebook pages
  8. Cross marketing from participating Edgebrook businesses (coming soon)
  9. Cross promote reward/loyalty programs (coming soon)
  10. Intrusion detection and prevention – prevent cybercriminals from accessing your point of sale (PoS)
  11. Deep packet inspection – see what Internet services and mobile devices your customers use most
  12. Email alerts when new customers sign-in or when system failures occur
  13. Bolt-on services for security cameras, telephones and energy efficient lighting solutions too
  14. Control staff and customer access on an individual basis.

About Us

Kevin Benson is a professional technical Architect specializing in information security, system virtualization and networking – providing business critical solutions to the countries fortune-1000 customers.

Kevin has always been a native Chicagoan, and a Sauganash resident for 12-years. Kevin supports the community and local business, and is passionate about technology. It is for this reason that he offers to work for community businesses on a freelance basis and accepts barter in trade for these valuable services. Kevin freelances under the company name of Bugs Byte (www.bugsbyte.com)

My Jams

I have just figured out the best of all ways to listen to my favorite music. A tiny 32GB USB drive loaded with MP3s. The drive works on my computer, in my car and my home amplifier – everywhere I would want to be listening to music. A simple, very low-upfront cost, free from monthly charges, elegant solution.

Remember when you’d spend hours in a record store picking out and discovering new music. Weather it was vinyl, cassette or CD, all of us (of a certain age and older) have a music collection. Even if it is collection of MP3 files is on our computers, USB drives or cloud storage – its still a collection even if there is no album art nor liner notes. It is something we can actually interact with, hold in our hands, and loan to friends or bring on a road trip.

I think this sense of owning something tangible seems to be something we are learning to do without. Why “have” something when you can get it just when you need it, and not have it take up space when you don’t need it – some would say a “dust collector”

But I really like having my own things. Call me “old-school”.

In my teems I was very proud of having amassed a my music collection of 200 or so albums (using the term “album” generically so as not to giveaway my age). I remember the experience around discovering the music and the store where I found it. Listening to the music brings me back in time to a particular “phase” of my life. I recall listening to the album, digesting each lyric from the liner notes and learning something new about the band.

So what’s the difference between my music and the plethora of options we have today to listen to music? Think of streaming services like Pandora, Tidal and Spotify; or broadcast radio XM and music channels from your TV provider.

The difference is that it is mine. I can transport myself to another time of my choosing when I want to. I can listen to the story of an album, in track order, as the artist intended for it to be heard. The difference is that I am listening to the studio edits and not the live versions Pandora plays. I am not listening to music that Spotify’s algorithms say are like my favorites. Another big deal is that I am not paying money every month and still not being interrupted by commercials.

I use Pandora, occasionally receive XM Radio’s during promotional weekends, and a Plex server loaded with my own music and videos. All nice to have, but nothing as simple, cheap and elegant as a 32GB of MP3 files the size of my thumbnail.

by: “My Artsy Side”
11/16/2019

IT Projects – What’s Most Important

I just finished a project to upgrade a state university to Citrix Virtual Apps and Desktops (formerly XenApp & XenDesktop) v7.15 LTSR CU5 and Citrix ADC (formerly NetScaler) v12.11.55.

We follow a engagement methodology we refer to as A.D.I.M.E.. An acronym for Asses, Design, Implement & Evolve. Obviously some engagements are heavier on some of these phases, and lighter in others; however EVERY engagement will have each one of these phases to some degree.

Our customer came to us with this project stating their business need to upgrade their entire Citrix deployment. They are a returning customer to us so naturally we’re glad to work with them.

As we do with every engagement we start out with the “A” for assessment around the customers stated business need and put a Statement of Work (SoW) document specifying some engagement milestones. At this point we have a good idea of how much work (and perhaps product) will be needed and the customer knows how much the work costs and can schedule around it as needed.

Great! Everyone knows exactly what to expect and is getting what they want out of the engagement for agreeable consideration. All is fine right?

Except in the real world, the customer says :

“we think it should only take half the time”

WHAT?!?! I thought we were in agreement!

OK, regroup, perhaps we had differing pre-conceived notions. Go back to the customer and find out which milestones the customer can do without in order to cut the time in half. after that conversation the customer comes back with :

 “we still want to get it all done, just in half the time”

Ah. I get it now. the customer has time constraints or a deadline to meet. No problem, we can work with that. We’ll assign a second resource or another person to get twice as much work done in the same amount of time. OK! we’re all good with that. Now in this third exchange the customer gets to the point with :

“we only want to do this for half the price”

Grrrr….. regroup, perhaps we again disconnected on proprieties here. We like business, we like to keep busy, heck we certainly like to have customers. We can make this work. After all, half of something is always better than all of nothing. I got it. let us push out the schedule to a time when we’re slow anyway or have resources sitting on a bench – unutilized. Lets get back with the customer and see how flexible they can be. Of course, guess what we get back in return :

“we need it done right away”

What the…!?!?!? We started out so good with everyone in agreement – didn’t we?

So let me summarize. We have to get everything done in half the time, for half the price, done right away – right? That’s not too much to ask is it? no mention yet of the quality of the work. No worries if we deliver on time and on budget, but the system falls apart in 10-days.

Naturally our quality is our reputation – so we cannot compromise on that. Even if no one has considered it once in the course of this conversation.

So how did this engagement go for this university? We got it all done on time and it will last.

So what was lost? A) a lot of hair (as it was pulled out from stress) – both for the customer and the consultant. Moreover the assessment, design & evolve in the A.D.I.M.E methodology was stricken from the list – no time for it.

Foraging ahead to get this done meant working with blinders on. Ignore anything not directly related to the objective. See a misconfiguration, determine relevance to the objective and ignore it if none. Documentation, knowledge transfer – skip it. Recommendation for improvements – no time.

Even when you know exactly what you are getting for your money, you will never know what you’re compromising with the savings.

– by “The Resource”
11/16/2019