Category Archives: Tech news

If only I had time…

Category : Tech news

Well, there it is. The world is officially on pause until further notice. I never thought I would see the day when time stopped. Yes, technically the clocks are still ticking, the world is still spinning, and the re-runs of antiques roadshow are still being played. However, politically, economically and the rest of our own human constructs have been seized by nature in an epic twist in the tale of human existence. So, what does this mean for us?

We could sit around baking in the sun, drinking whiskey and listening to the songs of yesteryear, now that I mention it, that does sound rather appealing. Or we instead finally take the time to do the jobs we have been intending on doing for a while now that always fell under the label of “If only I had time”.

For me personally this is burning through the various courses I have on Udemy and general admin/maintenance tasks in order to benefit us here at Genius. In turn that benefits you!

From a technology perspective, this could be general health checks of your systems whether that is in a home or business environment. Consider upgrading business critical systems while they are not in use. The main one I want you to consider is moving to newer, more reliable and feature rich services. Here are some examples:

  • Migrating your old, outdated email system to Office 365 (Gives you access to some excellent collaboration tools such as Teams and SharePoint).
  • Moving your shared storage solution to a cloud service like Azure, Dropbox, OneDrive etc. For a lower cost, more available and risk-free storage space (no more accidently deleting those important files).
  • Starting your post lockdown business endeavours with a nice and shiny new website!

It is much easier for us to setup and implement new solutions like these in this situation due to the demand for continuous service being lower than normal. This means we can iron out issues and set it up exactly as needed ready for the workforce to come back in full swing.

It is crucial that when we are back, we are back better than ever.

Whatever it is you need; we want to help. It is a difficult time but more than ever we need to stay productive and motivated.

COVID-19: Security, VPN’s and Remote Desktop

Category : Tech news

Person Using Laptop

How do we keep our company running while working from home and under lockdown?

The main tools we’ve implemented for clients are VPN’s and Remote Desktop applications. A VPN (Virtual Private Network) will essentially transfer your network connection into the office allowing you to access onsite file servers and any other onsite resources needed for day to day operations. Remote Desktop tools allow you to remotely access your in-office desktop making it easy to navigate and perform tasks exactly as you would in office. This also means higher spec systems can still be utilised for intense use such as rendering, editing and any other program requiring significant resources.

What else do we need to be looking out for when home working?

With all the panic setting in we’ve noticed many companies having less than ideal solutions for home workers. This may leave you completely open to attacks from malicious users. Some types of VPN’s are more secure than others and some remote desktop solutions are also weaker than others.

This means while you and your staff can easily get into the office virtually, others most likely can too.  

Midnight Black Samsung Galaxy S9

What do we do?

First, if you’re using PTPP VPN. Stop. As this expert put it, “At this point nobody who cares in the least about the communications they intend to protect should be using [PPTP].” This is because PTPP itself dates back to Windows 95; the encryption can be brute forced in a matter of hours. Consider L2TP/IPSec, OpenVPN or SSL VPN protocols. These are just as easy to configure and provide much better encryption methods.

Regarding remote desktop solutions, consider one of the popular applications such as TeamViewer and Chrome remote desktop. These both offer 2FA via the account associated with it. Don’t start opening RDP up to the external network without first whitelisting IP addresses and locking it down thoroughly. An easier way to do this, if you insist on using RDP, is utilising the VPN connection first then users can RDP internally.

If you’re unsure about anything in this article and wish to learn more about securing your remote working infrastructure, get in touch. We’re always on hand to help and wish you all the best in these uncertain times.

Stay in, stay safe, have a productive week guys!   

Windows 7 EOL – What!?

Category : Tech news

So, you may have seen a flurry of posts and articles warning you of the fact Windows 7 has come to its end. It is no longer being supported by Microsoft. What does this mean for you?

Don’t panic, your PC isn’t going to shut down or explode or anything. End-Of-Life (EOL) just means that the manufacturer will no longer be pushing out updates and security patches for this product (Yes, those same annoying updates that take forever and randomly install at the most inconvenient of times).

“Yay!” you may be thinking, “no more annoying updates, phew.” Be warned though reader, this comes with many dark consequences.

Without those updates, without those ever so important security patches, Windows 7 will be vulnerable. Soon there will be a rising amount of easy to use exploits developed to attack Windows 7 machines and because Microsoft won’t be releasing patches, they will work on every single Windows 7 device.

The “too long, didn’t read” of all this is you need to do two things:

  1. Remove all sensitive data from Windows 7 machines and move them to a secure machine (updated, patched and still supported).
  2. Decommission the Windows 7 machine or upgrade to Windows 10. There are many ways to do this so if you’re unsure please do get in touch.

For businesses this may be a tricky job, you may have hundreds of users on Windows 7 and don’t know where to start. This is where we, or a similar service provider come into play.

We can upgrade all machines out of hours and re-install the business-critical apps needed for everyday operations. This is a much cleaner and pain-free solution compared to trying to walk everyone through the upgrade individually.

IF you decide all this is too much hassle and “everything is still working so it’s fine” then be prepared to be targeted by hackers and other nefarious individuals that want your data and now have an easy way to get it.

Don’t leave it too late, get in touch, keep yourself safe and have a lovely week!

Phishing Attacks (More Advanced Than Ever)

Category : Tech news

Typically we recommend checking the domain names within suspicious emails (, but there is a new, more advanced type of phishing email spreading.

The phishing email uses spoofing to make it look as if it comes from a valid domain. It then supplies the victim with a .zip file containing the Remcos RAT.

These are typically emails from banks with an attached .ZIP or .TXT file. Please get in touch if you suspect one of these emails.

You may not be hit with this email attack but it’s just something we want to make our clients aware of.

Remos software page
The Remcos Surveillance Software

What is Remcos?

The Remcos remote access trojan first emerged on underground forums in 2016 and has received a number of updates over the course of the last few years.

Available to crooks for as little as £30, the malware is an information stealer and surveillance tool, using capabilities including keylogging, taking screenshots and stealing clipboard contents to secretly take usernames and passwords from infected victims.

Now researchers at Fortinet have uncovered a new Remcos campaign – with the new variant titled “2.5.0 Pro” according to hard coded strings in the malicious code which was compiled in September – indicating the freshness of this variant.

These attacks begin with an attempt to trick the victim into opening a malicious ZIP file under the pretence of payments being made into a bank account. The .ZIP file is a gateway to a .TXT extension which runs a PowerShell script when activated, executing the installation of the malware onto the victim’s Windows machine.

When the malware is running, it records all information entered in the web browser, providing information on what websites the user is visiting and what they enter into the site – enabling the attacker to see and steal usernames and passwords.

Researchers have detailed the full capabilities of the new version of Remcos along with its Indicators of Compromise in their analysis of the malware.