All posts in News

July 2017 Security Update with Amy Krohn

Veracity Consulting’s Vice President of Technology, Amy Krohn delivers the following recap of the cybersecurity happenings for the end of June through early July 2017 time period.

Template Injection Used in Attacks on U.S. Critical Infrastructure: The recent attacks aimed at energy facilities and other critical infrastructure organizations in the United States have leveraged a technique called template injection, according to Ciscoís Talos intelligence and research group.The U.S. Department of Energy said it was working with affected firms and pointed out that only administrative and business networks appeared to be impacted, not systems controlling the energy infrastructure.

Dok’ Mac Malware Used to Target Swiss Banks:A variant of the Dok malware for Mac targets Swiss banking users in attacks that appear to be part of Operation Emmenta.

PoS Malware Hits Avanti Payment Kiosks:Cybercriminals used PoSeidon PoS malware to steal payment card and biometric data from Avanti kiosks.

Flaws Found in Dell EMC Data Protection, ESRS Products: Dell EMC provides patches and workarounds for vulnerabilities found in its Data Protection Advisor and ESRS Policy Manager products.

Kaspersky Releases Open Source Digital Forensics Tool: Kaspersky releases source code of Bitscout, a compact and customizable tool designed for remote digital forensics.

Google to Completely Ban WoSign, StartCom Certificates in Chrome 61: websites still using StartCom or WoSign-issued certificates should consider replacing these certificates. Apple and Mozilla have already decided to ban WoSign and StartCom for at least one year. Talk to your System Administrator and web developers about this change.

75 % of U.S. Companies Think GDPR Doesn’t Apply to Them: A new report focusing on Europe’s General Data Protection Regulation (GDPR) preparedness shows a worrying disconnect between Business and Security. GDPR will come into effect in May 2018, and the regulation will require close cooperation between Business, IT and Security to enable and ensure regulatory compliance across the whole organization. The penalty for failure is severe: up to €20 million or 4% of global turnover.  To comply with disclosure requirements, companies need to have a detailed and thorough incident response plan in place; and for this to be effective, all aspects of the business (not just IT and Security) need to know exactly what must be done.  If you don’t have one talk to your IT teams about it. If you need a security assessment, contact the Veracity team and we will get you started.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions. We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Security.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

 

Security Update for the Month Ending May to June 2017: Adobe Patches 20 Flaws

Veracity Consulting’s Vice President of Technology, Amy Krohn delivers the following recap of the cybersecurity happenings for the end of May through early June 2017 time period.

Adobe Patches 20 Flaws in Flash Player and Other Products! Updates released by Adobe on Tuesday for Flash Player, Shockwave Player, Captivate, and Digital Editions address a total of 20 vulnerabilities, including critical weaknesses that can be exploited for remote code execution. Update your Adobe products now!

Thousands of Firms Fail to Update Software on Most Computers: An analysis of 35,000 companies around the world showed that thousands of them have failed to update the software running on a majority of their computers.  Don’t let this happen to your company. If you need help with a plan, Veracity can assist you with our managed IT infrastructure services capabilities.

MAC USERS!  MacRansom RaaS Potentially Created by Copycats: A newly discovered ransomware family targeting Mac users is using the Ransomware-as-a-service (RaaS) distribution model and uses code copied from previous MacOS ransomware, Fortinet researchers warn. The threat uses a web portal hosted on TOR, but samples aren’t readily available through the portal, and interested parties must contact the author directly to obtain them. Wannabe criminals can specify a ransom amount, a date to trigger the ransomware, and whether the malware should execute when someone plugs in a USB drive.

MAC USERS! MacSpy Malware Offered as Free Service: The first malware-as-a-service (MaaS) targeting Mac users was discovered on an underground forum available for free, AlienVault reveals. Users can infect machines by placing MacSpy’s unzipped folder onto a USB drive and manually executing a 64-bit executable called ‘updated’ when needed. Don’t load any unknown zip files on to your Mac or allow anyone else to, either. Do a scan on the device and then install.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions. We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Security.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

 

Security Brief with Amy Krohn: Did Someone Just Share a Random Google Doc With You? Don’t click!

Veracity Consulting’s Vice President of Technology, Amy Krohn delivers the following recap of the cybersecurity happenings for  end of April – early May 2017 time period.

A Dangerously Convincing Google Docs Phishing Scam Is Spreading Like Crazy! DON’T CLICK: The latest Phishing scam appears to be spreading on a massive scale through people’s contacts. If you’re concerned your account has been compromised, you can go to Google’s security page to adjust permissions. (Look for “manage apps,” and revoke access to untrusted apps.) . Read More

Intel Warns of Critical Vulnerability in Processor Firmware . A critical escalation of privilege vulnerability affecting Intel Active Management Technology (AMT) could allow an unprivileged network attacker to gain system privileges. To deflect: Get a good, complete hardware inventory together, and get a good software inventory.

Cloudflare Launches Service to Protect IoT Devices: Cloudflare has launched a new service that aims to address one of the most wide-spread issues in today’s connected world: the poor security of Internet of Things (IoT) devices.

ATTENTION MAC USERS – New “Dok” Mac OSX Malware Steals Sensitive Data:  New malware able to spy on OSX users’ internet traffic, including https traffic, has been found targeting European users. The malware was previously not stopped by Apple’s Gatekeeper, and when discovered was not detected by anti-malware signature engines.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Security.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

Facebook, Microsoft and Adobe! April Security Update with Amy Krohn

Veracity Consulting’s Vice President of Technology, Amy Krohn delivers the following recap of the cybersecurity happenings for April 2017.

VMware released patches for its vCenter Server product to address a critical remote code execution flaw that exists due to the use of a vulnerable third-party component. The vulnerabilities can be exploited for denial-of-service (DoS) attacks, remote code execution, and to obtain sensitive data. The security hole affects vCenter Server 6.0 and 6.5; version 5.5 or other VMware products are not impacted. VMware has advised users to apply the 6.5c and 6.0U3b patches to address the vulnerability.

Facebook on Friday, April 14, 2017, said it disrupted an international fake account operation that was firing off inauthentic “likes” and bogus comments to win friends it would then spam. Under pressure to stem the spread of “fake news,” Facebook has taken a series of steps including making it easier to report such posts and harder to earn money from them. Facebook said the campaign aimed to trick people into connecting as friends they would later target with spam.

Microsoft Patches Office, IE Flaws Exploited in Attacks. Microsoft’s security updates for April 2017 address more than 40 critical, important, and moderately severe vulnerabilities, including three zero-day flaws that have been exploited in attacks. If you are an Office and IE user, please update your applications.

Adobe patches have 60 vulnerabilities  across several products. Security updates by Adobe inform patch users of nearly 60 vulnerabilities across several of the company’s products. The Acrobat and Reader updates address 47 flaws, including many that could lead to simple code execution. Please be sure to accept this update.

Good-bye Microsoft Vista!  Microsoft Kills Support for Windows Vista this month. Now that support has ended, Windows Vista will continue to work as before, only that it will become increasingly vulnerable to security risks and malware. It’s time to upgrade!

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Security.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

3 Benefits of Database-as-a-Service

What is Database-as-a-Service?

Databases are the foundation of today’s business.  Why?  Data drives business and finance.  Organizations have been analyzing their data for several decades in an effort make intelligent decisions and increase ROI. Big Data helps to increase you business speed to market, better engage with customers, and analyze their  consumer markets.  This brings about challenges to your resource strapped technology team.

IT must be agile about infrastructure and business critical applications, especially databases.  How can technology teams rapidly respond to demands for “real-time” environments, while watching the bottom line? Its called Database-as-a-Service. An easy solution that will allow technology service to grow and contract as necessary.  Avoid poor resource utilization of existing hardware and uncontrolled infrastructure and spending growth, by utilizing this new resource.

With the expansion of “Big Data” and Analytics growth, a traditional, manual approach to database management is quickly becoming obsolete. There is a different approach that will allow for automation. This works in you favor to reduce  equipment costs yet provides you with the ability to respond to the business needs.

Cloud and Database as a Service (DBaaS) are two concepts that technology leaders are considering to modernize their data infrastructure. How can this new concept of Database as a Service help your business grow?

Three Ways DBaaS Can Help Your Business:

  1. Database as a Service will allow you to Virtualize Your Infrastructure.  You know that virtualization can increase your flexibility and scalability. This adds up to cost savings or ROI.  Your technology team can stand up environments and deployed faster. You will have access to better performance because you will be using newer technology.  Overall your IT costs will be driven down since you will only use what you need.
  2. DaaS Helps Your Company Automate.  Using any kind of  SaaS allows you to automate processes since these services go hand and hand with your DevOps teams.  By automating you will increase your infrastructure stability (including database).  This only helps with improve compliance.  By automating you are also reinforcing standards and time-to-market.
  3. Your Infrastructure Becomes Standardized.  When you set up individual databases IT teams always run the risk of dealing with different versions and configuration of databases.  This makes managing and administrating a database a nightmare.  By implementing SaaS, administrators standardize ensure that best practices are followed. This makes administering the databases easier and less time consuming.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.  We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Cybersecurity

IRS Scammers are Working Overtime During Tax Season!

Amy_Krohn

Amy Krohn, Veracity’s VP of Technology

Protect Yourself From Scammers During This Tax Season and Everyday!

There is a new phone scam working in Kansas City and around the country. The Internal Revenue Service reports impostors are calling people and demanding immediate payment.  In many cases threatened jail-time or deportation.  How do I know this?  I came home to a a crying family member being threatened by these villains demanding payment.

Tax season is stressful. IRS scammers only add to your anxiety, through phone calls and emails.  They will try to convince victims they owe money.  The more the public is educated about the security risks and what to look for, better prepared we will be to fend off these impostors.   As a professional in Infrastructure and Security, its my job to take care of educating my clients about security on a greater scale.  But when the issue hits home or when I hear of the elderly, who are perhaps not as tech-savvy, being taken advantage of, I feel its my duty to step forward to help.  Below are some helpful “rules” from the IRS to know about the IRS calling you at home.

Five things the scammers often do but the IRS will not do.

Any one of these five things is a tell-tale sign of a scam. The IRS will never:

  1. Call to demand immediate payment, nor will we call about taxes owed without first having mailed you a bill..
  2. Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
  3. Require you to use a specific payment method for your taxes, such as a prepaid debit card.
  4. Ask for credit or debit card numbers over the phone.
  5. Threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.

When these scammers call, simply hang-up.   They will more than likely call again and you should hang up again.  Report the phone number to the IRS.   Your best defense is to not give out any piece of information to them.  And never give out your social security number,  license, passport information, address, or children’s information.  For more information on the IRS scams and what you can do go visit  www.justice.gov/tax or www.irs.gov .

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Management and Analytics, Strategy and Architecture, Managed Infrastructure, and Security.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

The IOT Data Challenge

What is the IoT?

It is truly remarkable how many devices generate data today in our internet-connected world. As users, we now consume and generate less data than sensors and internet devices––the network known as the Internet of Things (IoT). That means our “things” know more than we do about us.

The IoT operates at machine-scale, by dealing with machine-to-machine generated data. This machine-generated data creates discrete observations at very high signal rates (1,000s of messages/sec). Add to this the complexity that the sensor data values rarely change (e.g., temperature operates within an acceptably small range). However, when the values do change, the ramifications––the changes––will likely be important.

To support real-time edge analytics, we need to provide detailed data that can flag observations of concern, but doesn’t overwhelm the ability to get meaningful data back to the data lake for more broad-based, strategic analysis.

IoT data is useful when it’s in a streaming pipeline, but it’s even more useful when you store it and enable historical data along with what is happening in the moment. Having a storage solution that enables a tiered, holistic approach allows data to have a “lifespan” for access and malleability. This kind of flexibility is needed because IoT data can be out of order or even delayed.

With multiple handoff points you’ll need to ensure that you secure and maintain consistency of that data for a clean chain-of-custody on the information. Finally, don’t just view IoT as the means to an end for near-term decision making. Keep in mind that the data being generated may need to live for long periods of time, and your corporate data handling and data retention policies may need to be aligned to the new reality of this type of data. It is a whole new world in IoT and the data old rules may not cleanly apply.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and
communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Services,
Enterprise Architecture, Managed Infrastructure, Security, and Web Services.

Hot jobs of the week – March 17th

There are some brilliant roles around Veracity this week. Take a look and see what you could do…

Working for us isn’t about slaving away from nine to five, it’s about having a passion and commitment!  Join our team and together we’ll change the way the world looks at technology. Find out more and apply now at Veracity careers.

Sr. UX Developer

Our Sr. UI developer  is responsible for developing user interface modules for multiple applications using UI frameworks like angularJS, etc. As a member of our team your will be responsible for enhancing customer facing products!  This position plays an important role in technical design and architecture. He/She interfaces directly with team leads, and other matrix teams.

Are You Our New Project Manager?

Our Project Manager is responsible for coordinating effort, work and integration across software development projects.  We need someone that can lead project teams in the implementation efforts for projects/programs lead by the PCO/PMO team, ensuring that they are accurate, secure and efficient.  You will manages the contractual commitments, scopes of work, budgets, and timelines of multiple projects simultaneously. Additionally you will direct and monitor work on a daily basis, identifying resource needs, performing quality review, and escalating functional, quality, and timeline issues appropriately.  You will serve as the primary technical liaison for a project from initiation through delivery. Interested? Join our team and let’s build something great!

Enterprise Architect

We’re looking for an Enterprise Architect!  Our Enterprise Architects work with stakeholders, both leadership and subject matter experts, to build a holistic view of the organization’s strategy, processes, information, and information technology assets.  Veracity’s enterprise architect links the business mission, strategy, and processes of an organization to its IT strategy, and documents this using multiple architectural models or views that show how the current and future needs of an organization will be met in an efficient, sustainable, agile, and adaptable manner.

Check out all our HOT JOBS and other openings today!  And come work for the best consulting firm in Kansas City!

About Amy Riedel

Amy Riedel has recruited a good number of amazing people to work on accounts with a cornucopia of clients. She is leading Veracity’s recruiting strategy and acquisition efforts across the United States.  Her team of recruiting ‘sleuths’  search the “ends of the earth,”  looking for the best in Engineering,  Program Management, and System Administration. With offices on the East coast, West coast and in the Midwest, Veracity looks for talent from all over the United States to join their team.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses and
communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Services,
Enterprise Architecture, Managed Infrastructure, Security, and Web Services.

There is no time like the present. Start Today!

A new year is always a time for new ideas, fresh starts, and turning points. But, too often these good intentions don’t translate into positive action. There’s one simple way to change that…just start!

Positivity is infectious, and something I associate with our Veracity team, who do a wonderful job of bringing solutions to our customers. Each of us has the ability to start something simple and grow it into something great–– when there is a clear purpose behind our actions.

At Veracity, our purpose is to help our customers succeed through technology. We harness innovation to be your best, most trusted partner on the journey to your digital future. We are 100% focused on you––our customer––and work to maximize your return on investments across your business.

When it comes to customer relationships, we want to know more. We listen to you so that we can understand your needs and design the best solution for you.

We exist for you, our customers. Your success is our success. Our decisions and strategies are designed to protect and ensure the success of your existing and future investments, so you can focus on what’s really important––preparing your organization for the opportunities ahead.

 

Choose Kindness Over Indifference!

“There is a crack in everything. That’s how the light gets in.” ~ Leonard Cohen.

Lets be honest, it was a tough 2016.  The world isn’t always fair. In fact, there are many, many times when it’s unfair and it feels like other people are out to get you. It’s important to remember the positive.  MLK Day reminds us that there is something much bigger to care about then what’s on our social media feed.  MLK Day is about people helping people and contributing to a community that needs us. Its about acts of kindness that we should be doing everyday.  A little goes such a long way.  Acts of kindness, particularly random acts renews our faith in the world and each other. Although today is a “Day of Service,” think about practicing random acts of kindness, everyday.

Here are seven  “Random Acts of Kindness” that will make yours and someone else’s day better:

  1. Help an older person who was struggling with their bags, technology, or directions.
  2. Buy two meals and share it with someone that needs it.  Better yet take a moment to actually talk to them about their life.
  3. Tweet or Facebook message a genuine compliment to three people right now.
  4. If you walk by a car with an expired parking meter, put a quarter in it.
  5. Compliment someone to their boss.
  6. Each time you get a new item of clothing, give away something old.
  7. When you’re on a crowded train or bus, offer your seat to an elderly, disabled or pregnant person.

I promise that when we choose kindness and service over indifference, great things will happen.  Happy Martin Luther King Jr Day.

At Veracity, we’re striving to build a better community. Join us as we celebrate 2017 #MLKDAY with volunteering and our Veracity Give Back program. Veracity champions several charitable causes throughout the year.  To learn more about the causes championed by Veracity Consulting, check our website or contact me about how your company can start a Give Back Program!

May Your Days Be Filled with Kindness,

Hill