If you’re like many non-profits, you may benefit from the Microsoft Non-profit program. This endeavor has enabled nearly 400,000 organizations worldwide to access top-notch technology at discounted rates. However, there are going to be some major changes to the software donation program that will take place on April 4, 2022 that you should be aware of.
Arguably, the largest change that will take place is that on-premises products will no longer be available to nonprofits as a donation. Microsoft defines on-premises products as “standalone, perpetual licenses that users install on specific computers and that can be used without an internet connection (e.g., Office Standard)”. Instead, the majority of on-premises solutions will continue to be available through cloud donations, but organizations can still request these products through until April 4, 2022. Windows Pro, Windows Server and SQL Server will still be part of the catalog of on-premises Microsoft software. Organizations operating computer labs, training centers, or providing public-access computers will still be able to access specific on-premises product donations.
Below are some of the cloud donations that will be available for your organization following this change:
- Microsoft 365 Business Premiumwill continue to be free for up to 10 users
- Microsoft 365 Business Basiclicenses will continue to be free for up to 300 users
- The Power Apps Per App planto build low-code and no-code custom workflows is available for free for up to 10 seats.
- Organizations can also leverage up to $3,500 in Azure services yearly directly from Microsoft in markets where Azure is available.
If you have any questions or concerns regarding this change, feel free to reach out to us at info@OptfinITy.com or call us at (703) 790-0400.
Apple’s AirTag devices have risen in popularity since their release in 2021. Though their aim is to help users track items such as their keys or bags by attaching an AirTag to them, some have found more nefarious uses for these tracking devices. There have been reported cases of AirTags being slipped into someone’s bag or car without their content. This act of secretly tracking an unsuspecting victim is a serious concern for survivors of domestic abuse, and has also been used in attempts to stalk others or steal cars.
So, what can you do if you believe someone is using an AirTag to track you? The most basic thing you can do is to manually search yourself and your belongings for places where an AirTag may have been slipped in. However, because of its small size, you may not be able to find the device. Therefore, a good next step is to use a Bluetooth tracking app to scan your area to see if there is an AirTag nearby. If you do find an AirTag nearby and want to find its serial number in case you need to alert law enforcement, you can find that number without alerting the owner by using Apple’s Find My app. First, hold the device up to your phone , tap on the name of it, and then you will be able to see its serial number. Alternatively, you can also tap and hold the top of an NFC-capable smart phone to the white side of the AirTag. The webpage that pops up will contain the serial number. To disable the device so that the owner can no longer see your location, twist it counterclockwise on the back by the Apple logo and take the battery out. When in doubt, contact law enforcement if you believe that you’re being tracked. If you’d like to discuss online safety, feel free to contact us at info@OptfinITy.com or call us at (703) 790-0400.
Cybersecurity experts and the FBI are warning Americans that there will likely be an increase in cybersecurity attacks targeting U.S. citizens and companies. This warning follows a slew of sanctions Western nations have placed on Russia following its invasion of and malware attacks against Ukraine.
Tensions have further escalated since the U.S. and allies blocked some Russian banks from the SWIFT international payment system. Experts warn that ransomware and malware attacks, data wiping and theft, and denial-of-service attacks are among types of attacks that hackers will use as a form of cyberwarfare against the U.S. and its allies.
Cyber experts warn that small- to medium-sized businesses are among the most vulnerable entities, as they typically do not have the cyberattack mitigation plans necessary to prepare for and defend against sophisticated, targeted attacks. The best forms of protection that executives and officials recommend for businesses and individuals alike is to make sure that software and anti-virus systems are up to date, two factor authentication is in place, and a crisis plan has been established. If you’d like to ensure that your organization’s cybersecurity protocols are up to date and secure, feel free to contact us at email@example.com or call us at (703) 790-0400.
If you’re like millions of other Americans, you’ve probably heard of, if not already played, Wordle. This addictively simple word game has boomed in popularity due to its virality, ad-free nature, and lack of a price tag. Unfortunately, this may change soon. In late January, it was announced that the New York Times bought Wordle. The news rattled many users who fear that their favorite game may soon be put behind a paywall like many of the Times’ own games and articles. This notion was confirmed when the Times stated that the game would “initially remain free” to new and existing players.
Luckily for players, there’s a way to play this game for free should it go behind a paywall. Wordle runs on a browser, which means that all of its code is saved as plaintext on the game’s website. To grab the free version, players only need to right click in their browser, select “save page as webpage”, and save Wordle as an HTML file. Then, the original game can be played offline. By clicking on the saved HTML file, it should then open the game in a browser, even if you’re offline. Further, because the game is based on a list of over 2,000 five-letter solution words, an offline version should (in theory) allow users to play free every day for seven years. Before dashing to download the HTML, be aware that you may not be able to save your streak, and sharing would be messy- if even possible. If you’d like to learn more about optimizing your technology and devices, feel free to reach out to us at firstname.lastname@example.org.
Cybersecurity apprehensions surrounding the Olympics have been prevalent for the past few Olympic games, but the 2022 Beijing Winter Olympics have brought on a new set of concerns as it relates to technology.
In 2020, the Tokyo Olympics incurred over 450 million cyber-related incidents, far superseding the number seen during the 2012 London Summer Olympics. For these Olympics, FBI Director Christopher Wray commented on his fears of the host city being situated in China, as the Chinese government has allegedly carried out repeated cyberattacks against Americans in an attempt to steal information and technology from U.S. companies.
As a result, Olympic athletes have been advised to use temporary cell phones while at the Games. Government agencies across the globe have also warned athletes of apps like My 2022 which is used to track players’ health amidst the COVID-19 pandemic, despite it not being secure.
While these are dangers which affect the athletes, viewers of the 2022 Winter Olympics should also use caution when trying to watch the Games. According to Dr. Francis Gaffney, DirectorMimecast Labs & Future Operations, there are 2 major potential threats that viewers should watch out for:
- Typosquattting– This is a type of campaign that cybercriminals use to install malware or steal sensitive information. Check sites for typographical errors before clicking on links within seemingly familiar websites, as these criminals sometimes create fake websites that mimic the official Olympics’ site to prey upon unwary users who may mistype what they actually want to search for.
- Fake streaming sites– Cybercriminals will often create fake streaming websites that promise viewers free access to the Games. Similar to typosquatting, any login credentials or “free trial” payment information be harvested by threat actors and either used to install malware, or may be sold on the Dark Web. To stay safe while watching the games, keep an eye out for typos on seemingly legitimate sites and don’t visit sites that promise free streaming services of the Olympics.
If you’re interested in discussing internet safety and ensuring that your credentials are safe, you can email us at info@OptfinITy.com or call us at (703) 790-0400.
FEBRUARY 14, 2022: OptfinITy announced today that CRN®, a brand of The Channel Company, has named OptfinITy to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2022. CRN’s annual MSP 500 list identifies the leading service providers in North America whose forward-thinking approaches to managed services are changing the landscape of the IT channel, helping end users increase efficiency and simplify IT solutions, while maximizing their return on investment.
With many customers still recovering from the impact of the ongoing pandemic, MSPs have become a vital part of the success of businesses worldwide. MSPs not only empower organizations to leverage intricate technologies but also help them keep a strict focus on their core business goals without straining their budgets.
OptfinITy was recognized as an MSP Pioneer 250 company due to its extensive managed services portfolio, including on-premises and off-premises capabilities, weighted toward managed services while largely focusing on the SMB market.
About The Channel Company
The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelco.com
Follow The Channel Company: Twitter, LinkedIn, and Facebook.
© 2022 The Channel Company LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved.
The Channel Company Contact:
The Channel Company
In recent years, Zoom has become one of the most popular video conferencing platforms in the world, boasting over 300 million daily meeting participants- largely due to the sharp increase in remote working trends. Though many people find its interface user-friendly and convenient, it certainly comes with a host of privacy risks. Privacy experts have been concerned about Zoom since 2019, when the software disclosed its involvement in both a webcam hacking scandal along with a bug that allowed uninvited users to snoop in on video meetings- even ones protected with a password (now known as “zoom-bombing”). Since then, Zoom has cleaned up its act and disabled concerning features, such as its built-in attention-tracking features, and enabled security features like end-to-end encryption. However, there are still several privacy concerns to watch out for.
- Non-Attendees May be Watching your Recordings: If you pay for a Zoom subscription, be mindful of who you allow to access cloud recordings. This feature, which allows hosts to record the meeting, text transcriptions, and active chats within the meeting, can be useful as a reference for meeting attendees, but can also be accessed by other authorized users at your company- including those who may have never attended the session. If you’re concerned, Zoom allows administrators to limit the recording’s accessibility to only certain preapproved IP addresses.
If you would like to discuss software security and account privacy, feel free to contact us at email@example.com.
Though cookies and cached data within your mobile phone browser can improve your browsing experience by keeping you logged into websites and saving website preferences, they can also become burdensome. Cookies are used by websites to track your browsing history so that they can more easily serve you with personalized ads- which can be an annoying and intrusive experience for some. Additionally, too much cached information can slow down your browser’s speed. So, if you own an Android and are interested in clearing your cached data and browser cookies, continue reading to learn how to do so.
If You Use Google Chrome:
- Navigate to the top right corner of the browser and click the “More” button (symbolized by 3 vertical dots)
- Select “History”, then “Clear browsing data”
- Within this setting, you can also choose whether to clear data from the last 24 hours, the last month, or all data history
- By selecting the “Advanced” option, you can also delete saved passwords, site settings, and autofill form data
- After selecting what you want to delete, click the blue “Clear data” button
If You Use Samsung Internet:
- Navigate to your phone’s settings
- Next, click on “Apps”
- Scroll down and click “Samsung Internet”, then “Storage”
- At the bottom of “Storage”, you can choose to either “Clear cache”, “Clear data”, or both
- Clicking “Clear data” will bring up a prompt warning that all the app’s data will be deleted permanently
- This includes files, settings, accounts, and databases
If you Use Mozilla Firefox:
- Navigate to the browser, and select the “More” button in the top right corner (symbolized by 3 vertical dots)
- Click “Settings”
- Go to the “Delete Browsing Data” menu
- Select “Delete any existing open tabs”
- From this menu, you can also delete your browsing data, site data, site permissions, cookies, and cached images and files
Hope you found this helpful! If you have other questions about how best to secure your devices when browsing online, feel free to reach out to us at firstname.lastname@example.org.
ZLoader is a popular malware among hackers, and has recently been used to steal user credentials and other sensitive information by exploiting a vulnerability in Microsoft’s digital signature verification.
So how does this affect you? Microsoft’s signature verification tool Authenticode is used to ensure that a file is legitimate and trustworthy. Researchers at Check Point Research (CPR) have concluded that the cybercriminal group Malsmoke is responsible for this campaign it operates by tricking victims into running a corrupt file that appears to be signed as legitimate and safe. From there, hackers can use the ZLoader trojan banking tool to steal cookies, passwords, and other sensitive information right from your computer.
So, what can you do to avoid being hit with this malware? If you’re a Microsoft user, CPR recommends that you install Microsoft’s security patch for Authenticode verification ASAP. Fortunately, this patch has been available for installation since Microsoft first discovered this vulnerability in 2013- but downloading it has not been mandatory since 2014. This update, as well as common-sense practices like avoiding clicking on unfamiliar links or downloading attachments found in emails, are users’ best lines of defense against this malware. If you’re interested in discussing cybersecurity patches and best practices for your organization, feel free to reach out to us at info@OptfinITy.com.
On December 12th, the Virginia General Assembly was hit by a ransomware attack. Specifically, the Legislative Automated Systems branch was attacked by currently unnamed threat actors. This department essentially acts as the information technology arm of the state legislature, dealing with affairs involving publication production and distribution, computer technology information, and legislative information collection and dissemination. When the attack was discovered, the department promptly shut down most of its servers in an attempt to put the spread to a halt. The malware was described by a top agency official as “extremely sophisticated”, though the ransom note contained no specific amount or date by which an amount needed to be sent.
Though representatives stated that the department was still functional, the cyberattack severely impacted business operations, cutting many employees off from critical systems. Primarily, it prevented legislators and staff from accessing systems that handle bills. This attack came at a critical time, as December marks a busy time for legislators attempting to request, draft, and modify bills for January’s legislative session. The Virginia Law Portal was also rendered unusable, barring those interested from viewing online versions of the state code and Constitution. Though the Capitol Police’s internal site was also taken down, communication capabilities remained functional. Virginia has since hired the cybersecurity firm Mandiant to address the root of the attack and establish recovery plans moving forward. Unfortunately, the state’s backup system may have been compromised during the attacks, so paying the ransom may be the only option to get back encrypted data. If you’ve been hit with ransomware or are interested in discussing backup and preventative measures, feel free to reach out to us at info@OptfinITy.com or call us at (703) 790-0400.