HP Notebook Computer battery recall

June 22nd, 2016

Win 10_June newsletter

HP has recalled batteries sold within a range of its consumer and business notebooks over concerns the device could catch on fire. The worldwide voluntary safely recall and replacement program for certain notebook computer batteries was announced on June 14th, find out now if you are affected and what steps you need to take.

June 8th, 2016

2016June7__MicrosoftWindowsNewsAndTips_APassword “brett1” would take 54 milliseconds’ to crack, “brett123” a minute and “brett2016” only 42 minutes.

Password scams are real, here is a real life example…

Every IT technician gets the call at some time…

A good friend of 10 years called me after his wife had been victim to a telephone scam. A Telstra user, she received a call from “Telstra” to say their PC was infected – a pretty standard scam for those of us involved with digital security.

The result was that the scammer had locked the PC using Window’s own SYSKEY security program.

My friend dropped off his PC and install disks, the scammers had cleared his restore points, so there was no way of restoring the PC back to its original state before the social engineering attack.

I found a program designed to crack passwords – a legitimate program designed to help people who had forgotten their passwords or had been scammed.

The password utility was free up to 5 or 6 characters in length. A few seconds later, the password 4123 was cracked. Actually, it was probably less than 2 seconds.

I immediately thought of how easy some of the passwords I’d seen used in the workplace could be cracked by even the most unskilled hacker with this program.

Passwords are one of the biggest problems in digital security at the moment. Several companies are making moves to reduce or eliminate them, but until other methods are simple, reliable and easy enough for widespread implementation we are stuck with the old passwords.

In the past few years I’ve seen some terribly concerning passwords – a three letter word (all lower case), simple names, Password1 etc. Some of the worst offenders have been company directors, financial managers, and therefore putting their entire business at risk.

Whenever somebody wants access to your bank account, personal information, identity etc… they will start with your less secure accounts. The jackpot for them is the account that your other accounts use for verification, such as an email account…

Here are some tips on how you can pick the most secure password:

  1. Passwords in 2016 really should be 16 characters in length or more, with triple complexity – that’s three of the four following – lower and upper case letters, numbers or punctuation.
  2. Avoid repetition, dictionary words, phone numbers, any part of the corresponding username/account name, or simple number/letter sequences.

Brute force attacks start with “rainbow tables” – passwords organised by popularity from lists stolen from other sources. Often these passwords include “Password1”, “qwerty”, “asdfjkl;”, “Sarah”, “abc123” and even common phrases such as “let me in”.

The trick is to find methods that provide enough complexity to make your password too hard to bother for a brute-force attack, without making it too hard to live with.

One suggested method is using the first letter from a favourite phrase.

An example of this I saw several years ago was the line from Gone with the Wind – “Frankly my dear I don’t give a damn” was turned into the password “Fmdidgad”. “How secure is my password” site at http://howsecureismypassword.net gives it 22 minutes to survive a brute force attack.

By adding numbers and characters – “Fmdidgad12#%” will take 34 thousand years!

CNET suggest the same method is very effective when more complex and longer. A password of 15 characters can take 16 billion years to crack. However, the Holy Grail in passwords is to find something simple to remember, something you can increment a few times before starting a new password model, and of course something terribly difficult to guess/brute force.

Here are a few suggestions-

  1. Break the password into two or three segments- The most random segment could be shared by all employees in a department, or small business. If each user in a business has a password that starts with “#$8! ” and then is followed by a password of another 6 characters, it becomes hard to crack. “big1dog” is evaluated as a two second crack, but “$#8! big1dog” is rated at 11000 years of brute force.
    Employees can keep the second segment of the password secret, providing local security.
  2. Include a letter or number- A good password could be incremented by a letter or number, so the above password could be incremented to “$#8! big1dogA” and “$#8! big1dogB”. Don’t do this too often or you risk an old password being discovered and the new one being deduced through the simple pattern used.
  3. Utilise Password programs- Password programs such as KeePass are another method, allowing a completely random string to be saved, and allowing a user to require only a single difficult password to remember.

For more help on password security, visit the following websites or have a chat to us today!

https://howsecureismypassword.net/
http://www.cnet.com/how-to/how-to-master-the-art-of-passwords/
http://www.cnet.com/how-to/the-guide-to-password-security-and-why-you-should-care/

March 9th, 2016

Ransomware Micro-Webinar

Ransomware cyber criminals can hold your business, data, and bank accounts hostage until you meet their financial demands. Join our Director and Security Specialist Martin Thurgate as he discusses the growing threat of ransomware, and how you can protect your organisation from business-ending or brand-damaging ransomware attacks.

Find Out –

  • How ransomware works
  • What you can do to best stay protected
  • How you can identify if you have been infected
  • The best way to deal with a ransomware infection
  • How you can reduce your risk of becoming a victim

We understand that your time is important, this is why we have designed the webinar to be short as possible, so as to have a minimum impact on your working day. If you are interested in attending please email rcooper@diamondgroup.net.au with the names and email addresses of those who wish to attend before Friday 1st of April, to receive the necessary login information.


Webinar Details

Date:
Wednesday 6th April, 2016

Time:
10:00- 10:15am (15 minutes)

Audience:
All staff, including IT Managers and business owners within your organisation

RSVP:
Friday 1st April, 2016

October 20th, 2014

diamondThere has been a lot happening at Diamond HQ lately. Our continued growth has led to us being considered one of the leading ICT MSP’s – not only in our region – but in Australia. Our recent accolade as a finalist in the ARN Industry Awards is certainly testimony to this.

So what’s next? We’ve been closely reviewing the strategic direction of the company and are now focusing our efforts on National expansion within the ICT market.

We’re excited to make a couple of announcements today that represent our first steps on this journey:

· Earlier this month we officially opened our new support area upstairs. We have one of the largest and most experienced support teams in the Hunter Region, and we’re excited to have this new, modern facility for our valued staff.

· We are in the final stages of opening a new Sydney office to complement our Newcastle & Dubbo locations. While we’ll always call Newcastle home, we’re excited about the challenging of growing our business in the ‘big smoke’.

We are looking forward to this exciting new chapter, and are very proud of our team for their continued hard work, passion and dedication to providing exceptional ICT services to our customers.