Apple is expected to release High Sierra to customers. We strongly recommend that you back up your existing data before trying the software. If you encounter issues using Office 2016 for Mac on High Sierra, please send us feedback so we can address them, support@westech.co.za

On October 10, 2017, mainstream support will end on Office for Mac 2011. Upgrades are recommended prior to the support end date.

Word, Excel, PowerPoint, Outlook and Lync have not been tested on macOS 10.13 High Sierra, and no formal support for this configuration will be provided.It also notes that users of Office 2016 for Mac may experience problems with High Sierra

With Office 365 ProPlus, users get the full, installed Office experience on PCs, Macs, tablets (including iPad® and Android tablet) and phones as well as OneDrive for Business online storage and Skype for Business. Moving to Office 365 enables customers to take advantage of the latest product innovations and ensure uninterrupted support from Microsoft.

Recommended Upgrades:

• Office 2016 for Mac applications as part of Office 365 ProPlus
• Office 2016 for Mac

Contact Westech now for more information on how we can help you make the transition.

Getting the right IT security hygiene solution to protect against the threat of cyber attacks is crucial. Fortinet has announced their latest findings on the Global landscape Report. Everyone contributes to the hygiene of the network- make your environment as hard to penetrate as you can.

This report reveals that poor cybersecurity hygiene and risky application usage enables destructive worm-like attacks to take advantage of hot exploits at record speed.

Most successful attacks are caused by or are leveraging cyber weaknesses that are years and years old. Meaning somebody wasn’t exercising or enacting those vulnerability hygiene items ,they were ignored. And that’s what the adversary ultimately used because they are spending less time developing ways to break in, and instead, are focusing on leveraging automated and intent-based tools to infiltrate with more impact to business continuity.

“This means they can spend more of their resources on technical innovations making their exploits difficult to detect. Newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors. Intent-based security approaches that leverage the power of automation and integration are critical to combat this new ‘normal’,” said Quade.

Here are some Highlights:

Effective Cyber Hygiene is Critical to Fight Worm-like Attacks
Crime-as-a-Service infrastructure and autonomous attack tools enable adversaries to easily operate on a global scale. Threats like WannaCry were remarkable for how fast they spread and for their ability to target a wide range of industries. Yet, they could have been largely prevented if more organisations practised consistent cyber hygiene. Unfortunately, adversaries are still seeing a lot of success in using hot exploits for their attacks that have not been patched or updated. To complicate matters more, once a particular threat is automated, attackers are no longer limited to targeting specific industries, therefore, their impact and leverage only increases over time.

Ransom worms on the Rise: Both WannaCry and NotPetyatargeted a vulnerability that only had a patch available for a couple of months. Organisations who were spared from these attacks tended to have one of two things in common. They had either deployed security tools that had been updated to detect attacks targeting this vulnerability, and/or they applied the patch when it became available. Prior to WannaCryand NotPetya, network worms had taken a hiatus over the last decade.

Critical-severity of Attacks: More than two-thirds of firms experienced high or critical exploits in Q2 2017. 90% of organisations recorded exploits for vulnerabilities that were three or more years old. Even ten or more years after a flaw’s release, 60% of firms still experienced related attacks. Q2 data overall quantified 184 billion total exploit detections, 62 million malware detections, and 2.9 billion botnet communications attempts.

Active During Downtime: Automated threats do not take weekends or nights off. Nearly 44% of all exploit attempts occurred on either Saturday or Sunday. The average daily volume on weekends was twice that of weekdays.

Technology Use Foreshadows Threat Risk
Speed and efficiency are business critical in the digital economy, which means that there is zero tolerance for any device or system downtime. As usage and configuration of technology such as applications, networks, and devices evolves, so do the exploit, malware, and botnet tactics of cybercriminals. Cybercriminals are ready and able to exploit weakness or opportunities in these new technologies or services. In particular, business-questionable software usage and the vulnerable IoT devices of hyperconnected networks represent potential risk because they are not being consistently managed, updated, or replaced. In addition, while good for Internet privacy and security, encrypted Web traffic also presents a challenge to many defensive tools that have poor visibility into encrypted communications.

Application Usage: Risky applications create risk vectors, which open the door for threats. Organisations allowing a large amount of peer-to-peer (P2P) applications report seven times as many botnets and malware as those that don’t allow P2P applications. Similarly, organisations allowing a lot of proxy applications report almost nine times as many botnets and malware as those that don’t allow proxy applications. Surprisingly, there was no evidence that higher usage of cloud-based or social media applications leads to increased numbers of malware and botnet infections.

Sector Analysis: The education sector led in nearly every measure of infrastructure and application usage when grouped by element type and industry. The energy sector exhibited the most conservative approach with all others falling in between.

IoT Devices: Almost one in five organisations reported malware targeting mobile devices. IoT devices continue to present a challenge because they don’t have the level of control, visibility, and protection that traditional systems receive.

Encrypted Web Traffic: Data shows the second straight record high this quarter for encrypted communications on the web. The percentage of HTTPS traffic increased over HTTP to 57%. This continues to be an important trend because threats are known to use encrypted communications for cover. Don’t worry, this site is HTTPS secured!

About eight Chrome browser extensions were compromised in the last 3months and the attacker used them to steal Cloudflare credentials and serve up malicious ads.

Always stay protected, don`t open emails that has dodgy links or proof of payments that you don`t know

In June, July and August, developers of the following Chrome extensions had their login credentials stolen through a phishing attack. The extensions affected are:

• Web Developer – Versions 0.4.9 affected
• Chrometana – Version 1.1.3 affected
• Infinity New Tab – Version 3.12.3 affected
• CopyFish  – Version 2.8.5 affected
• Web Paint – Version 1.2.1 affected
• Social Fixer 20.1.1 affected
• TouchVPN appears to have been affected but the version is unclear
• Betternet VPN also appears to have been affected but no version was provided

The link in the email used the bit.ly URL shortener to redirect the developer to a fake login page which harvested their credentials and allowed the malicious actor to take control of the chrome extension developer’s account. Attackers had access to modify the code in these Chrome extensions and release new code, they made a change that injected their own malicious Javascript into the extensions. The new code looked like this:

In addition to stealing Cloudflare credentials, the attackers engaged in ‘malvertising’. The malicious Chrome extension code served up ads belonging to the attacker.

They did this by hijacking ads from well known ad networks and replacing those ads with their own ads. Most of the substitutions occurred for ads being served from adult websites.

Many of the ads were a fake alert telling the browser owner they need to repair their PC. They were then redirected to an affiliate program which the attacker profited from.

How to Protect Yourself

1. Get rid of browser extensions you don’t need

Lesson two is that browser extensions sometimes get hacked. When they do, it can be a catastrophe for you. If you don’t absolutely have to have a browser extension, get rid of it.

Alternatively, deactivate extensions until you need them. Then activate them, use the extension and deactivate it again. This isn’t ideal, but it will reduce your risk if an extension is compromised for a few days.

That screenshot utility? If you don’t use it daily, dump it. That quote-of-the-day extension? Ditch it if you don’t need it.

In 2010, Chrome hit 10,000 extensions. Today, 7 years later, they probably have well over 100,000 extensions available for the Chrome browser. That many extensions create a large attack surface for malicious actors. Make sure you minimize your risk by removing those you don’t use.

    2. Even the Pros get Phished

1. Never click on a link if you don’t recognize a sender.
2. Never click a link in an email and sign in to a service. Instead, if you are presented with a sign-in page, go back to the email and look at the email sender including their domain and look at the URL of the link you clicked very carefully.
3. Never download an attachment in an email and open it unless you verify the sender. Even then, considering asking your sender to use a service like Google Docs that doesn’t require you to download attachments.

It is important to be aware that as these attacks become more popular, you are more likely to be targeted because you are a gateway to infecting a much larger group of people: your customers.Attacks targeting site owners are also a supply chain attack. You supply your large audience with content. By controlling your website and serving up a browser exploit, an attacker can take control of a large number of workstations in a single attack.

As site owners it is our responsibility to be more cautious than most when it comes to our security. We have an obligation to our customers and site visitors to stay secure.