Foundations - The IT Blog for SMB

Foundations - The IT Blog for SMB

Recent Posts

Should I Upgrade to MacOS High Sierra?

Posted by Alden Gleason on October 11, 2017 9:52:00 AM CDT

This question is on the top of most people’s minds as Apple has recently released its latest version of MacOS. We believe in two paradigms of thought regarding software updates.

Read More

Topics: MacOS, Updates, High Sierra

Texas 24 joins Southlake Chamber

Posted by Alden Gleason on October 9, 2017 11:32:01 AM CDT
We are excited to be joining the Southlake Chamber of Commerce! We look forward to being part of the local business community. Texas 24 is a Managed IT Services company that provides technology solutions for small and mid sized business. Our specialties include, VoIP (Voice Over IP Phone Systems), Cloud Migrations and Management, Network and IP Services, IP Cameras, Server Support, Endpoint Protection, and IT Consulting Services.

https://www.southlakechamber.com/
Read More

Topics: Southlake, Texas 24, Southlake Texas, Southlake, TX, Chamber of Commerce, IT Support, Managed IT Services, IT Consulting, MSP, Network Support, IP Cameras

What is a Zero Day?

Posted by Alden Gleason on October 8, 2017 10:02:43 PM CDT

Zero Day:

A vulnerability that hasn’t been discovered by the software creator. The vulnerability was introduced during the creation of the software code unintentionally, and the software programmers are unaware of its existence. 

The Hackers
Zero day vulnerabilities are found typically by hackers. This introduces us to two types of hackers. White hat hackers are security professionals who are looking out for the general good of society. They are hacking to find undisclosed vulnerabilities so that they can turn them over to vendors to create software patches. Black hat hackers are known as dark side hackers. They are looking for software vulnerabilities that can turn a profit for them.

The Dark Web
Typically, Black hat hackers sell the vulnerabilities they find on the Dark web. The Dark web or Dark net is a small part of the deep web. The dark web is comprised of computers creating an overlay network. This network is inaccessible without the proper software running on your computer. By its nature, the distributed peer to peer network makes it very difficult to track and identify users. Search engines like Google do not index the Dark web, so websites are hidden and not easily discovered.

The Broker
Once the vulnerability is discovered, the hackers will locate a broker on the Dark web. These brokers work as a match maker between a hacker’s vulnerability and a threat actor. The broker will get paid a commission to sell the vulnerability to the threat actor. The broker builds his reputation from selling high profile exploits, and packages of zero days. Threat actors can be anyone, from an individual to a group of hacktivists and even goverments.
 
The Attack
Once the threat actor has acquired the vulnerability, the malicious payload is added to it. The zero day by its self doesn’t contain malicious code. Simpley put its a security hole that allows entry into the computer system. Malicious payloads often create botnets to attack other entities, encrypt files (ransomware), leaks preparatory or classified documents, or operates silently looking for specific targets.

A Zero Day is released before any security professionals know it exists. These vulnerabilities are the most dangerous because no patches have been developed, antivirus vendors do not have definitions to stop them, and Intrusion prevention systems do not have the rules to block them.

Read More

Topics: Security, Managed Security, Artificial Intelligence, Malware, Zero Day, 0 Day, MSSP, Patches