What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes two Remote Service Techs, and one or more IT Field Techs whose activities are curated by an Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. (It's really the cat's meow for your IT needs!)
We have extensive experience in all aspects of networking:
- Managed IT Services Support in Chicagoland
- Computer LANs
- Computer WANs
- Computer VPNs
- Computer Network Switches
- Data Backup/Business Continuity
- Data Network and Voice Wiring
- Wireless Networks
- Remote Access
- Multiple Locations
- Web/Email Hosting
We can implement and maintain every part of your business network.
If you need:
- Managed IT Services Support in Chicago, IL
- Data Network Setups & Cloud Services in Chicagoland
- Computer Networking in Chicago, IL
- IT Tech Support in Chicago, IL
- Install Servers, Firewalls, Data Security in Chicago, IL
- Internet Network Setup in Chicagoland
- Firewall Network Security in Illinois
- Remote Office data networks in Chicago, IL
...this is where you
need to be!
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Network Security Assessment—The Single Most Important Cyber Security Tool You Are Neglecting Every Year September 26, 2020
Why you should have a network security assessment at least once per year
Let's face it – our digital world is under constant attack and your corporate network is one of the biggest targets out there. Why? Because it also tends to be an easy mark. Year after year we see large scale attacks against corporations, but did you know that the majority of cyber incidents occur against small business? Ask yourself, when was the last time you had a professional network security assessment? We'd like to share why assessments are an important piece of the multi-layered approach to cyber security for your business.
Let's start by stating something that you might not expect a tech company to express. At some point, your network and computer systems WILL BE breached by some type of cyber attack. No amount of effort or software can protect you 100%. The key is to take as many steps as you can to make it less likely you will be hacked or more realistically, take as many steps to ensure that a breach can do no real or sustainable harm to your business. No approach on the market can guarantee you will never be breached and if you run into an IT firm or product that tries to make this guarantee...run for the hills because "it just ain't" true.
Now, there are the obvious steps that you can take to protect yourself and make it harder on the criminals:
- good Email habits
- anti-malware software
- employee training
- a professional Disaster Recover (DR) plan/device
However, there is another tool in the arsenal that you should use regularly and that is an annual (at minimum) Network Security Assessment.
How Is A Network Security Assessment Done?
Your IT support company can do an assessment; they should then give you a risk report displaying areas that need to be tightened up. If your IT company does not perform these, it may be time to start looking into someone new. Cyber threats are more prevalent every day and it is important to partner with an IT company that recognizes this and protects your business accordingly.
We find that our assessment usually uncovers security threats and holes; even when a business has the right practices and has done their research. Cyber security is a daily battle. When we run our assessment we use the results to constantly improve the defenses of our clients. And that is why, like most things in tech, an assessment should be a regular event.
The Network Security Assessment Is Done. What’s Next?
The network security assessment itself is not the only thing to request though. It is equally important to make sure that your firm supplies you with a report of their findings. This report should be simple to understand, contain an overall score and give you a breakdown of each issue found, along with how serious those specific issues are. Ask for an action plan detailing fixes for any issues that are found. Why go through the assessment if you aren't going to DO anything with the data?
How important and helpful are these reports? We are an IT company with a background protecting our partners from risk, we place protections in place for our partners and still find ways to improve our customer cyber safety every time we run an assessment.
Why? Because cyber security is a dynamic, ever changing landscape and you need to proactively search for issues. Don't let yourself learn the hard way. You never want to discover there is a hole in your cyber security by way of an attack or breach.
Interested in a Network Security Assessment?
If this article has you questioning your current setup, or if you are simply interested in starting a conversation regarding the cyber security protections necessary for your business, a network security assessment with Andromeda is a great place to start.
This post appeared first on Andromeda's WeNetwork.com/tech/ats-blog/ web page.
Kraken Malware Uses Microsoft Windows Error Reporting To Exploit System Oct 15, 2020
Hackers are relentless when it comes to testing the boundaries of software for potential weaknesses to exploit.
It seems that an unknown group of hackers has found a new one.� Based on what researchers at Malwarebytes are seeing, a group of hackers has developed a new fileless attack technique designed to abuse Microsoft's WER (Windows Error Reporting) service. They did this in order to slip unnoticed past whatever detection protocols are in place on the target system.
As with so many other attacks, this one relies on phishing techniques, with an email sent to an unsuspecting employee with access to the network the group wants to infiltrate. The researchers found the malicious file packaged in a .ZIP file and bearing the title "Compensation Manual.doc" with the body of the email claiming that the poisoned document contains detailed information relating to worker compensation rights.
Naturally, the document contains no such information. It does, however, contain a macro designed to load "Kraken.dll" into memory and execute it by way of VBScript. Once that happens, the binary will inject an embedded shellcode into WerFault.exe, which is a part of the aforementioned Windows Error Reporting System.
Here's what the research team had to say about it:
"That reporting service, WerFault.exe, is usually invoked when an error related to the operating system, Windows features, or applications happens. When victims see WerFault.exe running on their machine, they probably assume that some error happened, while in this case they have actually been targeted in an attack."
Unfortunately, little else is known about the malicious code at this time, which the research team has dubbed "Kraken." It's designed to terminate if indications of analytic activities are detected, and there's nothing in the code that clearly marks it as being the design of one of the well-known, well-established threat groups. This one's sneaky and difficult to detect. Make sure your IT staff is aware of the threat.