Quickbooks Online

Digital Age Solution now offers Quickbooks Online as another Software As A Service (SAAS) offering. SAAS combined with our other services allow businesses of any size to budget all of their Information Technology into one monthly bill that avoids “surprise” expenses from month to month.

Just like Microsoft’s Office 365 SAAS, Quickbooks Online provides optional levels of service. Simple Start offers a single user seat per license, and all the basics. Essentials offers three users per license, and adds services and more reports. Plus provides five users per license, inventory tracking, and 1099s.

Best of all, users of Quickbooks Online don’t have to worry about purchasing and upgrading to the latest version of the software. Users are always using the latest version of the software.

There are so many benefits and added features to Quickbooks Online. This video helps get a feel for some of those features.

When you are ready to add Quickbooks Online to your Digital Age Solution package, give us a call at 301-662-7386 or e-mail us.

Local Numbers and Local Service

Did you know that Digital Age Solution offers telephone service through our DAS VOIP product?

Voice Over IP (VOIP) offers a lot of advantages for customers. Telephone traffic is routed through the Internet to you. So, your phone isn’t tied to your house, or even your cell phone.

With DAS VOIP, we offer a host of solutions to keep you connected wherever you are. You can pick-up your phone and take it with you on vacation. You can use your smart phone to make and receive calls using your DAS VOIP phone number. You can have your number ring to multiple phones all at once or in a sequence.

DAS offers all of the premium features that other phone companies offer, and more. Our Voice to Text feature transcribes voicemail messages and sends them by e-mail or text message. Our mobile app for iPhone and Android lets you manage your phone service wherever you go.

Don’t worry about losing your phone number.. You can keep your local number, get a new local number, or get a number from some other location. We are not restricted by your zip code or anything else. If you want a number for every state, we can do that.

Best of all, you get the reliability and service of a local company. You can come to our store and talk to us. We can come to your location and help you. When you call 301-662-7386, you are talking to someone who lives and works in Frederick County, Maryland.

Merry Christmas!

As 2017 draws to a close, all of us at Digital Age Solution share our most sincere thanks and well wishes to all of you. Each solution we provide to our customers fill us with the pride and satisfaction of a job well done.

You are first on our list when it comes to providing information technology support. We are grateful for the opportunity to be your I.T. Department.

For the next few days, we’ll be celebrating Christmas and New Years with our family and friends.

If you need help with your technology during the holidays, please feel free to call us and leave us a message. We remain on-call to help you with your needs.

Merry Christmas and Happy New Year!

Yours,

Mike

Michael Kuster
Owner

Bad Rabbit Ransomware Spreads via Network

An ongoing ransomware campaign is hitting Eastern European countries with what seems to be a variant of the Petya ransomware dubbed Bad Rabbit (which we detect as RANSOM_BADRABBIT.A). Digital Age Solution utilizes Trend Micro XGen™ security products with machine learning to proactively detect this ransomware as TROJ.Win32.TRX.XXPE002FF019 without the need for a pattern update. The attack comes a few months after the previous Petya outbreak, which struck European countries back in June.

Initial reports peg the main casualties as transport systems and media outlets in Ukraine and Russia. The Ukranian arm of CERT (CERT-UA) has also issued an advisory warning of further potential ransomware attacks.

Initial Analysis

Figure 1: Bad Rabbit Infection Chain

Figure 1: Bad Rabbit Infection Chain

Our initial analysis found that Bad Rabbit spreads via watering hole attacks that lead to a fake Flash installer “install_flash_player.exe”. Compromised sites are injected with a script that contains a URL that resolves to hxxp://1dnscontrol[.]com/flash_install, which is inaccessible as of the time of publication. We’ve observed some compromised sites from Denmark, Ireland, Turkey, and Russia where it delivered the fake Flash installer.

 Figure 2: Code showing the injected script

Figure 2: Code showing the injected script

Once the fake installer is clicked, it will drop the encryptor file infpub.dat using the rundll32.exe process, along with the decryptor file dispci.exe. As part of its routine, Bad Rabbit uses a trio of files referencing the show Game of Thrones, starting with rhaegal.job, which is responsible for executing the decryptor file, as well as a second job file, drogon.job, that is responsible for shutting down the victim’s machine. The ransomware will then proceed to encrypt files in the system and display the ransom note shown above.

 Figure 3: Bad Rabbit ransom note showing the installation key

Figure 3: Bad Rabbit ransom note showing the installation key

A third file, viserion_23.job, reboots the target system a second time. The screen is then locked, and the following note displayed:

 Figure 4: Bad Rabbit ransom note displayed after system reboot

Figure 4: Bad Rabbit ransom note displayed after system reboot

Based on our initial analysis, Bad Rabbit spreads to other computers in the network by dropping copies of itself in the network using its original name and executing the dropped copies using Windows Management Instrumentation (WMI) and Service Control Manager Remote Protocol. When the Service Control Manager Remote Protocol is used, it uses dictionary attacks for the credentials.

Bad Rabbit also spreads via the SMB file sharing protocol. It attempts to brute force any administrative shares it finds; if successful it drops a copy of itself into these shares. If these bruteforce attacks fails, it uses an exploit related to the Eternal Synergy SMB vulnerability to drop copies onto these shares. This is a divergence from the earlier Petya attacks, which used the EternalBlue vulnerability.

Among the tools Bad Rabbit reportedly incorporates is the open-source utility Mimikatz, which it uses for credential extraction. We also found evidence of it using DiskCryptor, a legitimate disk encryption tool, to encrypt the target systems.

Mitigation and Best Practices

Users can mitigate the impact of ransomware such as Bad Rabbit with the best practices utilized by Digital Age Solution’s Safe & Secure Managed Services.

The Windows 10 Fall Creators Update

The Windows 10 Fall Creators Update is beginning to roll out to Windows 10 customers around the world, and today, Microsoft outlines all the great new features available in the update with this blog post and our special episode of This Week on Windows.

With the Windows 10 Fall Creators Update, Microsoft is introducing some fun, new ways to get creative – from bringing mixed reality and 3D to the masses, to faster broadcasting for gaming, to turning photos and videos into real memories, and so much more. The Fall Creators Update can be experienced on a wide variety of Windows 10 PCs and on a range of Windows Mixed Reality headsets.

You can get the Fall Creators Update in a few different ways. If you already have a Windows 10 PC and have automatic updates enabled, the update will be delivered to you when it’s ready. If you are an advanced user and would like to get the update manually, visit this blog post to learn how to get the Fall Creators Update.

Petya Ransomware

Not two months ago, the world fell victim to the largest malware attack in history. This week another attack threatens the data of the world. 

The Petya ransomware restarts computers and encrypts all data on computers. The malicious software the demands $300 in the digital currency Bitcoin. 

The Petya spreads rapidly across a network after a single computer becomes infected. It uses the EternalBlue vulnerability in Windows or through one of two Windows administrative tools; Petya attempts to use one tool and tries the next tool if the first is not successful.

EternalBlue is the same exploit used by WannaCry ransomware in May. The exploit is believed to have been developed by  the NSA and released to tje world  by hackers. On March 14, 2017, Microsoft issued a security bulletin detailing the flaw and announced that patches had been released for all Windows versions that were currently supported at that time. In May, Microsoft released a patch for older operating systems in response to the Wanna cry attack. Unfortunately, not everyone will have installed it the patches.


Petya ransomware infects computers and waits about an hour before rebooting the imfected computer. While the compuyer reboots, a user should turn the computer off to prevent the files from being encrypted. Afterward, a tech can rescue the umemcrypted files from the hard drive. 

If your computer reboots to display the ransom note, DO NOT pay the ransom. The “customer service” email address used by the criminals behind this attack was shut down by the service proviser. As a result, no one will send the decryption key to unlock your files. 

Disconnect your computer from the internet, and bring it to Digital Age Solution.  Our techs will reformat the hard drive, reinstall Windows, and recover your files from a backup

If you have not done so already, sign up for DAD Safe and Secure. We automatically back up your files with version recovery constantly, protect your system with up to date Internet security and anti-virus software, and install updates and patches yo keep your computer up to date.

Safe World

Summer vacation begins next week for most students in Frederick County. This summer, kids have access to more information than ever before with technology.

It can be a scary and dangerous place in the world wide web.

Digital Age Solution can help make it a “Safe World” with our services and recommended hardware and software.

We make on-site service calls to secure your world: At Home, At Work, Anywhere you need us.

DAS VOIP Saves Doctor’s Office Money and Increases Efficiency

Digital Age Solution brought one local pediatrician’s office into the Digital Age with DAS VOIP and an upgraded network this week.

“Our bill went down and this system is so much more powerful,” the office manager exclaimed as we demonstrated their new DAS VOIP Cloud PBX.

DAS VOIP’s Cloud PBX provides a robust phone system that is housed on our servers. This allows customers to free up space, save on electricity, and not worry about equipment in their office. The system includes voicemail, virtual attendants, time-based routing, caller id routing, unified communications, and so much more.

It also provides disaster recovery and flexibility. Our customers can connect their phones to any Internet connection and get online, or use our ClickConnex App on their smartphones.

The pediatrician’s office staff quickly learned how efficient the system is in their daily routines. Transferring calls, accessing messages, and visualizing phone calls on the DAS VOIP web site are very easy. Time-based rules eliminated having to transfer calls to the phone service, or switching messages at lunch time and the end of the day.

If you’d like to see how we can save you time and money, contact us for a Digital Age Solution!

WannaCry Ransomware Strikes Worldwide

Computers and networks around the world fell victim to WannaCry ransomware over the past two days. The attack successfully shut down hospitals, transit systems, and businesses in every point of the globe. The threat significantly affected the United Kingdom, Taiwan, Chile and Japan.

Last year, hackers announced that they had hacked and downloaded tools from the NSA. One of the tools acquired utilizes a vulnerability to attack (code named EternalBlue).

The vulnerability drops a file on the vulnerable system which executes as a service. The service then drops the actual ransomware file onto the affected system, encrypting files with the .WNCRY extension. A separate component file for displaying the ransom note would also be dropped.

The ransomware encrypts files with a total of 166 extensions, including those commonly used by Microsoft Office, databases, file archives, multimedia files, and various programming languages.

To spread to other systems, it uses the file that was dropped and runs as a service. The service uses the name “Microsoft Security Center (2.0)“. This service scans for other SMB shares on the network, and uses the EternalBlue vulnerability to spread to other systems.

Figure 3. Added service

Microsoft already patched supported Windows operating systems to address the SMBv1 vulnerability used in this attack in March. Even before that, in September 2016 Microsoft strongly urged users to migrate away from SMBv1, which dates back to the early 1990s. US-CERT issued similarly strong recommendations as well. Organizations that had followed best practices—both in patching and in proper configuration of SMB services—would not be affected by this attack.

The infected machines either do not have the patch installed or still operate the Windows XP, Vista, or Windows 8 operating systems.

In the wake of the largest ransomware attack in the history that has already infected over 114,000 Windows systems worldwide in the last twenty-four hours, Microsoft just took an unusual step to protect its customers with out-of-date computers. Microsoft just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.

Digital Age Solution customers with DAS Safe & Secure contracts do not have to worry!

Our security software identifies and blocks this threat and file encryption regardless of your operating system.

DAS Sync protects against ransomware by keeping file history back-ups on our cloud servers. We can easily recover files for customers.

DAS Remote Monitoring and Management also applies patches to protect our customer’s computers. For outdated systems, we have already pushed the new update to computers.

If you want to be sure your systems are protected with DAS Safe & Secure, contact us to get Safe and Secure.

Bringing 21st Century to Old Space

We’ve been working with one of our customers and our partners to update a very old space in Downtown Frederick for use in the Digital Age! The space features great old lumber, art deco metal work, and tons of character.

Now, the space is ready for meetings, trainings, and conferences with wireless network access, Voice Over IP phones and conference phones, 70″ monitors on the walls, and wireless HDMI to allow anyone to quickly connect from laptops, tablets, and even smart phones.

We’ll post some more photos of the Digital Age Solution for this retrofit of an amazing space soon!