After upgrading check for new services as the Internet Storm Center noted after a firewall operator noted new streaming data coming to/through firewall.
Upgrading the NAS server caused a media streaming service to turn on.
And that is how it starts. After an upgrade some months ago a service is turned on, even though one does not notice.
Then some time goes by and a vulnerability opens within the system.
Now the hackers can target the system.
Check your systems with Alpha or Sigma(Σ)
Patch your Google Chrome –
Why would a Google Chrome vulnerability be important? because if you happen to bump into a nefarious website
(unbeknown to you) it will affect your Google Chrome and then little by little the hacker will gain more information.
Pretty soon there will be open ports that you may not know about and those ports are “phoning home” to the master.
Scan your systems(with A or Σ) to see if you have rogue applications on your systems.
We are all busy – the department is smaller, as we lost Jim, he retired. John was fired in the last layoffs. But what happened – we soldiered on. We have gotten new servers installed, systems retired taught the users a new program. It is as if we had Jim and John still here.
But we missed leaving a program on one of the servers which did not get patched. So now the program is vulnerable – and it is only as matter of time before a person interested in penetrating systems for fun or profit will abuse the system in ways unknown.
Incompetence – no unknown competence
how good are your sys admins?
are your programmers developing secure websites?
Get your systems scanned – you don’t know what is going on. We can scan and review.
System admin Jim is sitting in a café getting his favorite cappuccino, while waiting for the drink to be prepared he flips open the notebook computer and goes to his favorite website – checking on sports and news.
Then of course checks his email with outlook on his desktop.
What he did not realize is that another person next door to the coffee shop has been listening in on the network sessions, and captured the network traffic. Since the outlook email transmits passwords in the clear (without encryption) the hacker was able to obtain the username and password of the system administrator at abc co.
The hacker now can log into the abc co server. After the hacker logs into the remote server he was able to access more systems and place software that will give him access to the company systems even after the sys admin changes his password.
We can check your systems for unknown software very easily and let you know what is going on.
Our Linux admin is a pretty sharp guy, he is working on updating website technology (php version). We have to keep up with patches and new technical abilities.
Unbeknownst to him, a hacker somehow placed a “crontab” entry which will run every 60 minutes shutting down defenses and opening other attack avenues. The hacker used a well known breach in the Windows platform to make inroads on one computer, this allowed him to connect to another computer which now he is in control of.
Too bad the systems were not regularly inspected for potential breaches. One never knows who is lurking on the Internet ready to pounce.