FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierFlux principal

LockBit 3.0 : le premier ransomware à proposer son programme de Bug Bounty

28 juin 2022 à 09:54

Les cybercriminels derrière le ransomware LockBit ont dévoilé une nouvelle version de leur logiciel malveillant : LockBit 3.0. Cette nouvelle version intègre une nouvelle méthode d'extorsion, prend en charge les paiements Zcash et surtout elle met à l'honneur un programme Bug Bounty : une première pour un ransomware.

Le ransomware LockBit fait très souvent parler de lui, car il est à l'origine de très nombreuses attaques. Accessibles par l'intermédiaire de la formule Ransomware-as-a-Service (RaaS), il passe en version 3.0 après deux mois en phase de tests. Il est intéressant de prendre connaissance des changements opérés pour avoir en tête les nouvelles techniques employées par les cybercriminels.

Pour la première fois, un groupe de pirates informatiques propose un programme de Bug Bounty pour un ransomware. Habituellement, ce sont les entreprises privées qui mettent en place un programme de Bug Bounty (Microsoft, par exemple) pour récompenser avec de l'argent les personnes qui parviennent à découvrir une faille de sécurité dans un logiciel.

Cette fois-ci, LockBit 3.0 invite les chercheurs en sécurité et les hackers éthiques (ou non) à participer à ce programme de Bug Bounty. Une récompense est promise en fonction de la criticité du bug de sécurité découvert et de son origine. Par exemple, vous pouvez obtenir une récompense si vous découvrez un bug qui permet de déchiffrer les fichiers, ou si vous trouvez un bug dans le réseau Tor qui permet d'identifier l'adresse IP du serveur où est installé le domaine en ".onion". La récompense est comprise entre 1 000 dollars et 1 million de dollars. Pour obtenir une récompense de 1 million de dollars, il faut dévoiler l'identité du gestionnaire du programme d'affiliation LockBit (opération de doxxing).

Bien entendu, participer à ce Bug Bounty n'est pas comparable à celui d'une entreprise privée : cette action sera considérée comme étant illégale dans de nombreux pays. Par ailleurs, les cybercriminels sont en mesure de récompenser les personnes qui auraient de brillantes idées pour améliorer le ransomware LockBit.

Pour le paiement de la rançon, LockBit accepte plusieurs cryptomonnaies : Bitcoin et Monero, et désormais le Zcash qui est plus difficile à tracer. Cette nouvelle version utiliserait un nouveau modèle d'extorsion qui permettrait à des cybercriminels d'acheter les données volées lors des attaques, directement à partir du site où sont mis en ligne les leaks. Enfin, sachez que la note de la rançon n'est plus nommée "Restore-My-Files.txt" mais "<ID>.README.txt".

Source

The post LockBit 3.0 : le premier ransomware à proposer son programme de Bug Bounty first appeared on IT-Connect.

Le ransomware DeadBolt : nouvelles attaques en cours, QNAP mène des investigations

19 juin 2022 à 22:45

Depuis plusieurs mois, les NAS QNAP sont ciblés par des cyberattaques, et malheureusement, cela devient une habitude. Comme le mois dernier, c'est une nouvelle fois le ransomware DeadBolt qui s'en prend aux NAS de la marque QNAP. Le fabricant a mis en ligne un message d'avertissement vendredi dernier.

Cette fois encore, QNAP demande à ses utilisateurs de vérifier que leurs NAS bénéficient bien de la dernière version du système, car de nouveaux correctifs de sécurité sont intégrés régulièrement. Par ailleurs, QNAP demande à ses utilisateurs de ne pas exposer le NAS sur Internet afin de bloquer les connexions à distance, en dehors du réseau local. Personnellement, cela m'étonne, car si un NAS est à jour et qu'il est correctement configuré, il devrait être suffisamment sécurisé pour ne pas être mis à mal facilement par un ransomware. À moins qu'une vulnérabilité zero-day soit utilisée, ce qui ne semble pas être le cas même si des investigations sont en cours.

Au sein de son bulletin d'alerte, QNAP précise : "QNAP a récemment détecté une nouvelle campagne de ransomware DeadBolt. Selon les rapports des victimes, la campagne semble cibler les périphériques NAS de QNAP fonctionnant avec QTS 4.x.". Lorsqu'un NAS est compromis, les fichiers chiffrés ont l'extension .deadbolt. Si vous n'avez pas de sauvegarde de vos données, la seule solution ce sera de payer la rançon à moins de faire une croix sur vos données. Le support QNAP est disponible pour aider les personnes qui ont besoin d'aide.

Le montant de la rançon associée au ransomware DeadBolt est de 0,03 bitcoin, ce qui correspond à environ 580 euros compte tenu de la valeur actuelle du bitcoin.

Au-delà du ransomware DeadBolt, à l'origine de plusieurs campagnes, les NAS QNAP sont ciblés aussi par les ransomwares Qlocker et eCh0raix. Il y a quelque temps, le ransomware DeadBolt s'en est pris aussi aux NAS ASUSTOR.

Source

The post Le ransomware DeadBolt : nouvelles attaques en cours, QNAP mène des investigations first appeared on IT-Connect.

Terramaster NAS FINALLY Release TOS 5 – Everything You Should Know

17 juin 2022 à 01:56

Terramaster TOS 5 Software Update RELEASED!

According to Terramaster the new TOS 5 release has been in development for one and half years, includes more than 50 new features, 600 enhancements, comprises 300,000 lines of new code and now, the long-awaited TOS 5.0 is officially released today! Although there are a huge number of improvements under the bonnet, there is also a whole bunch of improvements on the surface too, ranging from improvements in the GUI and responsiveness to new fully featured applications. Here is what you need to know.

TOS 5 Now has a Secure HyperLock-WORM file system Option

Data is a precious asset of the vast majority of users, and data security is very important! Some data storage and custody are even regulated by law, such as court cases, medical cases, financial securities, company financial data, etc. These important data can only be read but not written within a specified time period according to the law. Therefore, such data needs to be protected against tampering. The WORM (Write Once Read Many) features provide a write-once-read-many technology, which is a commonly used method for data security access and archiving in the storage industry. The WORM feature means that after the file is written, it can enter the read-only state by removing the write permission of the file. In this state, the file can only be read and cannot be deleted, modified, or renamed. By configuring the WORM feature to protect the stored data, it can be prevented from accidental manipulation.

TerraMaster HyperLock-WORM file system is a storage system with WORM characteristics. Through the write-once-read-many technology, the integrity, confidentiality, and accessibility of the original data in the storage medium are guaranteed to satisfy the sensitive requirements of enterprises. Data security storage and legal supervision needs. The characteristic of the TerraMaster HyperLock-WORM file system is that its WORM feature is developed based on the file system and is not limited by the file service type. It is suitable for most common file services, but can only be set by the administrator. Administrators can flexibly assign read and write permissions to users and set a protection period. During the protection period, the data uploaded to the device can only be read and cannot be deleted, modified, or renamed. The protection period can be set up to 70 years! In order to improve security, once the protection period is set, it can only be extended but not shortened.

Compared with other storage solutions with WORM features, the TerraMaster HyperLock-WORM file system has higher security. Once the TerraMaster HyperLock-WORM file system is created, even the administrator cannot delete or modify the storage partition from the menu page or the system background. As long as the storage device is safely placed in an isolated environment, anyone without access to the NAS hardware devices, even employees with administrator privileges or hackers, cannot pose a threat to the data. TerraMaster HyperLock-WORM file system is an innovation in data security management, which can provide more secure protection for customers’ important digital assets, and is suitable for industries with important data such as government, public health, law, finance, and enterprises.

New Storage Utilities in TOS 5

The core function of a TNAS is data storage and backup. TOS 5 has fully optimized storage management and added more utilities to facilitate users to monitor the health status of storage space and increase storage space utilization.

  • Hard disk Benchmark
    Through the hard disk benchmark test, you can better understand your hard disk’s read/write, latency, and throughput performance. The hard disk benchmark can also reflect the health of the hard disks
  • Hard Disk Secure Erase
    Secure Erase can completely erase the data on the disk by randomly writing 0 or 1 to the disk. Securely erased hard drive data can no longer be recovered, suitable for users who store sensitive data.
  • SMART Long Test
    SMART is an important indicator of hard drive reliability. SMART Quick Test and SMART Long Test options have been added to TOS 5. You can get more accurate hard drive health indicators with the SMART long test, but the advanced long will take more time.
  • Hard Disk Bad Block Warning
    Enable monitoring of the bad blocks of the hard disk. Once the number of bad blocks increases, a notification and warning will be sent to the administrator.
  • SSD TRIM
    By periodically TRIMing the SSD, the storage sectors are pre-initialized to maintain the excellent read and write performance of the SSD.
  • Hard disk Operation Log
    Record all operations of the system or the user to the hard disk.
  • Array Synchronization Settings
    Device performance is affected during array synchronization. The new system allows users to customize the synchronization speed of the array according to their needs.
  • Data Scrubbing
    Data scrubbing is the process of modifying or removing incomplete, incorrect, inaccurately formatted, or duplicated data in a database. Data scrubbing improves data consistency, accuracy,and reliability.
  • File System Defragmentation
    File system defragmentation can reorder, optimize and organize scattered data fragments, thereby improving the efficiency of disk data reading and writing.
  • File System Compression
    Once file system compression is enabled, data stored to TNAS will be automatically compressed to save storage space. Users can customize the compression level. The higher the compression level, the higher the compression rate and the more space saved, but the slower the writing speed.
  • SSD Cache Array
    Failure of an SSD serving as a cache will risk data loss. Users of TOS 5 can set up an array for multiple SSD caches, such as RAID 1 for 2 SSDs, even if one SSD fails, it will not affect the normal operation of the cache, thereby reducing the risk of data loss.

New Photo Management Tool with AI-Powered Cataloging and Identification – (Still in Beta at time of writing)

Terra Photos is a smart photo management application. Through the AI ​​algorithm, Terra Photos can recognize and classify the faces, pets, things, and scenes of the photos in the specified directory, which is convenient for you to sort, classify and share the photos through the graphical interface. Terra Photos is the ideal photo management tool for home users, photographers, and creative agencies.

  • AI face recognition
    Terra Photos has a built-in AI algorithm that can automatically recognize and classify faces with an accuracy rate of up to 80%. For wrongly recognized faces, Terra Photos also provides manual correction methods to provide greater convenience for photo management.
  • Broader AI applications
    Not only face recognition, Terra Photos can also automatically identify dozens of categories such as pets, objects, landscapes, sports, vehicles, and flowers by enhancing AI operations. Terra Photos provides users with smarter management tools, greatly increasing the usefulness of photo management.
  • Geographical Classification
    By integrating the GPS location information of photos through map resources, Terra Photos can also automatically categorize your photos by geographic location, making it easier for you to quickly query your photos.
  • Take into account personal privacy and sharing
    Terra Photos adopts a separate storage strategy for personal photos and shared photos of family members. The two kinds of photos are stored in directories with different access rights, which helps to protect personal privacy and facilitates the sharing of photos between family members or business customers. share with each other.
  • Flat UI
    Terra Photos uses a flat user interface to flatly display the user’s commonly used categories in the first-level directory, such as photos, albums, videos, people, pets, objects, locations, recently added, and favorites, which is more conducive to users to quickly browse and find target photo.
  • More flexible management strategies
    Terra Photos’ flexible query filtering strategy can begin to help you filter out the photos you want by combining the name and time of the photo, with the combination of the year, month, day, and ascending and descending order.
  • Share happiness and creativity
    Terra Photos provides users with sharing tools, you can choose to create photos or share albums and flexibly formulate sharing strategies, sub-defining sharing titles, sharing links, effective time, access passwords, download permissions, etc. Terra Photos provides an easier way for home-sharing or business client sharing.

Surveillance Manager for Adding and Monitoring Multiple IP Cameras on a Live feed on Your  Terramaster NAS

Security Camera Icon Png #129985 - Free Icons Library

Surveillance Manager is a video surveillance management tool. Through Surveillance Manager, you can build a video surveillance system with multiple IP cameras and TNAS, connect your cameras through ONVIF protocol, manage cameras, view real-time recordings, view historical recordings, and store the recordings of network cameras directly in TNAS to specify storage location.

  • Simple to Use
    Surveillance Manager uses web browsers for configuration and management. The recording device does not need to be connected to a monitor, and any computer in the network can log in to the system to view the recording.
  • Good Compatibility
    The surveillance Manager adopts the general ONVIF protocol and can adapt to most general-purpose cameras. It supports the automatic camera search, which simplifies the connection configuration of the cameras
  • Suitable for Medium-sized Users
    The surveillance Manager can connect dozens of cameras at the same time and support multi-channel recording. Suitable for families and small and medium-sized business users.
  • Multi-channel Real-time Monitoring
    The surveillance Manager supports multi-channel real-time monitoring. The screen display layout of monitoring can be customized, and the screens can be switched with one click.
  • Timeline Rollback
    Roll back the recorded video by dragging the timeline or customizing the time period, making it easier to view historical events.
  • Recording Schedule
    The surveillance Manager supports custom recording schedules and activity-triggered recordings to increase storage space utilization.
  • Form Recording Storage
    The recorded video is classified and stored according to the camera and time, which is convenient for quick query and download

New iSCSI Manager Application to Manager Larger Storage on your Terramaster NAS

Terramaser NAS is widely used as a storage device for virtualized computing. With TerraMaster iSCSI Manager, you can create multiple iSCSI targets and LUNs on your TNAS, and customize the capacity, permissions, and connections through a graphical interface to meet your storage space requirements in different virtualization environments.

  • Custom ISCSI Target IQN
    Using iSCSI Manager, create multiple iSCSI targets on your TNAS and customize IQNs to help you easily identify. You can also choose to enable authentication or mutual authentication for the iSCSI Target to increase access security.
  • Customize network management policies
    To improve network utilization efficiency, you can designate a dedicated network interface and channel for the iSCSI Target to separate the iSCSI Target’s network from the networks of other services. To optimize the transfer efficiency of the iSCSI Target, you can also limit the maximum fragment size in bytes transmitted and received.
  • Multiple session connections
    In order to adapt to complex virtualization application scenarios, iSCSI Manager allows users to enable multiple session connections from one or more initiators for iSCSI Target. Note: Multiple session connections provide flexible connection methods for initiators, but improper settings may put your data at risk! Make sure you use multiple session connections in a cluster-aware file system.
  • Balance performance and flexibility
    You can create multiple LUNs and mount them to the iSCSI Target you specify. iSCSI Manager provides Thick provisioning and Thin provisioning configuration strategies for LUN storage space. Thick provisioning can provide better storage performance, in contrast, thin provisioning can provide more flexible storage space utilization.
  • Safer protection
    Combined with the Snapshot technology, you can take snapshots of LUNs to prevent data loss caused by misoperations or accidents. Note: Snapshots are not supported for LUNs under the Thick provisioning configuration.
  • Initiator access control
    By default, all connected initiators in iSCSI Manager have read and write permissions to LUNs. You can also customize access permissions for each initiator to meet the needs of various occasions.
  • Low-capacity write protection
    When the storage space of the LUN is about to be exhausted, if the initiator continues to write data to the LUN, the LUN may be destroyed. For this reason, iSCSI Manager has specially designed the low-capacity write protection function. When the LUN is in low capacity, it will prevent the initiator from continuing to write data for protection.

New CloudSync Tool for connecting your 3rd Party Cloud Services and Remote Servers in TOS 5

CloudSync is a cloud drive synchronization application for fast and secure data synchronization between your TNAS and cloud drives. It is a very practical and efficient one-stop cloud drive disaster recovery solution. Different from previous versions, in TOS 5, we have integrated the synchronization of various cloud drives into one application, which is more convenient for users to use. At the same time, we have also redesigned the application layout, added some features, and optimized the user experience.

  • Support multiple cloud drives
    CloudSync integrates a variety of mainstream cloud drive synchronization functions in one application, including Google Drive, OneDrive, Amazon S3, Dropbox, Baidu, Alibaba Cloud, etc. It only needs to manage one application to meet different cloud drive synchronization management.
  • Multiple synchronization strategies
    CloudSync provides users with two-way and one-way synchronization strategies. Two-way synchronization can meet the flexible needs of data utilization, and one-way synchronization can meet the focus of data protection and increase data security.
  • Data leakage prevention strategy
    In order to improve the protection of sensitive data, CloudSync supports data encryption. You can encrypt the data before synchronizing it to the cloud drive, and then decrypt the data after synchronizing it back to TNAS to prevent data leakage on the cloud drive.
  • Scheduled Tasks
    According to usage scenarios and business requirements, users can set the execution time of synchronization tasks by themselves to avoid the busy time of business operation.
  • more flexible configuration
    In order to meet more customer needs, CloudSync also supports various flexible configurations such as synchronization bandwidth limit, file size limit, synchronization file type limit, synchronization frequency, etc.
  • In full control
    CloudSync not only provides users with a detailed synchronization task configuration history, but also provides a list of millions of file backups and transfers, allowing you to monitor the backup progress and various exceptions throughout the process.

Terramaster Duple Backup Deduplication Management Tool in TOS 5

Duple Backup has not been released an official version before TOS 5 and has been developing and testing it. In TOS 5, we have redesigned Duple Backup. The new Duple Backup has optimized the user interface, added some features, and improved the user experience. Duple Backup has powerful backup and restore functions, and is a disaster recovery tool designed to strengthen the data security of TNAS devices. To prevent data loss due to TNAS device hardware failure or system failure, through Duple Backup’s intuitive user menu, you can back up important folders or iSCSI LUNs in TNAS to multiple destinations (such as remote TNAS devices, file servers, or cloud disks) ), and supports multiple backup strategies of incremental backup and multi-version backup. The backup and restore process is very simple and intuitive, and can quickly restore lost data in the event of a device failure.

  • Various backup objects
    The backup object of Duple Backup can be the shared folder in TNAS or the specified file directory. Not only that, it can also back up the iSCSI LUN and the configuration of the iSCSI LUN in the TNAS device to meet the needs of backing up the data in the TNAS.
  • Multiple destinations
    According to business needs, you can choose up to 4 different backup destinations for the data in TNAS, such as: another TNAS device, file server, WebDAV server, various mainstream cloud disks. With the Duple Backup Vault client, using two TNAS devices for mutual backup can greatly simplify the backup configuration process.
  • Multiple backup strategies
    According to business requirements and storage resource configuration, you can select incremental backup or multi-version backup strategies for backup tasks to improve storage space utilization.
  • Secure data transfer
    Taking data security into full consideration, Duple Backup uses SSL certificate encryption throughout the backup task to ensure the security of data transmission.
  • Efficient transmission
    In order to improve backup efficiency, before performing backup tasks, data is compressed and then transmitted, and the maximum compression rate can be as high as 30%, which not only reduces the user’s network bandwidth usage, but also saves storage space and reduces customers’ IT investment costs
  • Restoration is easy
    Through an intuitive graphical interface, Duple Backup provides suitable restoration methods for different destinations. When an accident occurs, users can use Duple Backup’s restoration tool to restore data in a very short period of time to reduce losses caused by disasters.
  • 3-2-1 Backup Strategy
    In order to prevent data loss in the event of an accident, the 3-2-1 backup strategy is widely adopted by many users, that is, to keep at least 3 backups of data, 2 of which are stored on different devices, and at least 1 is stored in a different place. Duple Backup, as a backup tool specially designed for TNAS, is ideal for a 3-2-1 backup strategy.
  • In full control
    Duple Backup not only provides users with a detailed backup and restore task configuration history, but also provides a list of millions of file backups and transfers, allowing you to monitor the backup progress and various exceptions throughout the process.
  • Suitable for a variety of applications
    Duple Backup is not only suitable for home users, but also for business users with multiple offices or branch offices. With local backup and off-site backup of branch offices, it can provide reliable security for data.

Improved Snapshot Management and Services Added in TOS 5

TerraMaster Snapshot is a disaster recovery tool developed based on the BTRFS file system. Take snapshots of shared folders or iSCSI LUNs and quickly restore data after a disaster by taking advantage of file system features. In TOS 5, Snapshot has been redesigned to add more features and improve the user experience.

  • Filesystem level snapshots
    TerraMaster Snapshot is a snapshot tool based on the BTRFS file system. The Btrfs file system introduces advanced storage technology and snapshot technology to provide flexible and efficient data protection and recovery tools while improving high data integrity.
  • Save your time and space
    The TerraMaster Snapshot snapshot function is based on COW (copy-on-write), so snapshots can be created almost instantaneously, and they take up almost no space when they are first created, greatly increasing the utilization of space and time. It can be said to be a perfect snapshot solution.
  • Virtualization disaster recovery
    TerraMaster Snapshot can provide a good disaster recovery solution for virtualized storage space by taking snapshots of shared folders or iSCSI LUNs, whether it is virtualized storage through NFS or iSCSI.
  • Higher snapshot performance
    TerraMaster Snapshot can create up to 1,024 snapshots for each shared folder and up to 65,536 snapshots for the entire system, providing you with adjustable, storage-saving data protection capabilities to meet stringent snapshot performance requirements.
  • Efficient snapshot rollback
    The snapshot file resides in the same storage space as the subvolume, and you can browse it like a normal directory and restore a copy of the file as it was when the snapshot was taken. TerraMaster Snapshot arranges snapshots through a timeline, combined with an intuitive graphical interface, when you need to restore a snapshot file, you only need a few mouse clicks to roll back the snapshot to the version you need.
  • Remote incremental backup
    Generating snapshots on the same storage space as the snapshot subvolume is not an ideal backup strategy, and if the hard disk fails, the snapshot will be lost. TerraMaster Snapshot can send snapshot copies as incremental backups to an external hard drive or to a remote storage system via SSH (the backup destination also needs to use the BTRFS file system) for increased data security

Complete Remote System Access Tool in TOS 5 – Security Isolation Mode

For users who pay great attention to data security but do not need to use external network resources, TerraMaster has added a new security tool in TOS 5 — Security Isolation Mode. At present, hackers and ransomware are raging around the world, and a large number of customers’ precious digital assets are under unprecedented threat. TOS 5’s unique Security Isolation Mode can provide users with a safe and reliable operating environment, isolate external risks, and protect digital assets from infringement.

  • Kernel security level
    Through the digital signature based on the kernel level, once the security isolation mode is enabled, any programs that have not been signed by the system will be blocked from running, effectively preventing viruses or malicious code from running.
  • Self-isolation
    The Security Isolation Mode can effectively prevent illegal in-stack and out-stack access to the external network through the self-established isolation barrier, only allow legal access in the local network, and protect the system from external malicious attacks.
  • Secondary advanced protection
    In order to prevent security barriers and system protection measures from being attacked and tampered with, the Security Isolation Mode adopts secondary password verification protection. Deleting or modifying all configuration information related to security protection measures requires password verification again, effectively preventing hackers from damaging the barrier.
  • Strong blocking
    Any code based on Java, php, or Python will be blocked from execution, effectively preventing the system from being injected with malicious code to threaten data security.
  • Scenes to be used
    . Enterprises or organizations that are extremely sensitive to data security;
    . External network services that need to be closed and isolated, do not need to access the external network or provide remote access;
    . Only use TNAS to provide file storage, no need to run web pages, databases, mail services, virtual machines, and other applications;
    . Applicable industries: military, judicial, electric power, scientific research, medicine, and other industries

New Terramaster Flexible RAID System – TRAID

TRAID is the abbreviation of TerraMaster RAID. TRAID is a flexible disk array management tool developed by TerraMaster. It has features such as the automatic combination of disk space, hard disk failure redundancy protection, and automatic capacity expansion. All these features do not require manual configuration by the user, and the system will automatically complete the configuration according to the properties of the hard disk. TRAID provides users with an optimized, flexible and elastic disk array management solution, especially suitable for new users who are not proficient in how to configure a disk array. Once you have selected TRAID as your array type, you cannot convert TRAID to a traditional array type unless you delete and recreate the array. If you want to manage the array type manually, it is recommended that you use the traditional type when building your array, such as Single, RAID 0, RAID 1, RAID 5, RAID 6, RAID 10, etc. Below is our description of how TRAID works and a demonstration of me mixing a bunch of drives in a single RAID, one by one.

Improved Backup Management Tool in TOS 5 – Centralized Backup

Centralized Backup has not released an official version before TOS 5, and has been developing and testing it. In TOS 5, we have redesigned the Centralized Backup. The new Centralized Backup has re-optimized the user interface, added some functions, and improved the user experience. Centralized Backup is a professional disaster recovery tool specially developed for business users. By using Centralized Backup, company IT managers can use TNAS as the central backup server, without having to configure each host separately, and use TNAS as the initiator to centrally back up the storage space of internal employee computers, workstations, servers, virtual machines, or even is the system partition.

  • Developed for business users
    For business users, data security is extremely important, and for IT administrators, it is a huge challenge to make timely backups of various servers and be able to manage the personal computer data of multiple employees. Centralized Backup combines the needs of business users to provide a centralized active-backup solution.
  • Multi-purpose machine
    By running Centralized Backup on a TNAS device, only one TNAS device can be used to meet the backup requirements of the enterprise for employees’ computers, servers, file servers, virtual machines, and workstations, greatly reducing the enterprise’s IT investment costs.
  • Employee computer backup
    Different from general backup tools, Centralized Backup does not require employees to participate in the backup process. IT administrators can initiate backup requests from the server through Centralized Backup’s PC backup module, and can actively back up folders on hundreds of employees’ computers. , disk partition, or system partition. Centralized Backup can greatly protect digital assets scattered on employees’ computers, and can greatly reduce the workload of IT administrators.
  • Server backup
    The server is the central nervous system of an enterprise’s digital information. The server not only runs a variety of application environments such as OA, CRM, and ERP that support business operations, but also stores important business data. Through the server backup function of Centralized Backup, IT administrators can simultaneously backup systems and data of multiple servers to TNAS. When an accident occurs, the abnormal host can be quickly restored, greatly reducing the impact of equipment failure on the business.
  • File server backup
    The file server is the storage center of enterprise digital assets. Disasters such as unexpected power outages, equipment failures, and system failures may lead to the loss of precious digital assets. Through the file server backup function of Centralized Backup, IT administrators can back up the file directories of multiple file servers to TNAS, reducing the risk of data loss in the event of a disaster.
  • Virtual machine storage backup
    Centralized Backup supports storage backup of VMware Vshpere and Windows Hyper-V virtual machines. Through the virtual machine backup function of Centralized Backup, the backup of multiple virtual machine clients can be initiated from TNAS.
  • Multi-version restore
    Centralized Backup provides the backup target multi-version management function. When a disaster occurs, IT administrators can roll back the time of the repository to find the correct backup version to restore to the specified destination host.
  • In full control
    Centralized Backup not only provides users with detailed backup and restore task configuration history, but also provides millions of logs, allowing you to monitor the backup progress and various exceptions throughout the process. By enabling the notification function, administrators can keep track of the progress status of backup and restoration in a timely manner.

TFM Backup for Internal Backup and Folder Synchronization

TFM Backup is the abbreviation of TerraMaster Folder Mirror backup. TFM Backup is a dedicated backup tool for TNAS shared folders developed by TerraMaster. Through TFM Backup, you can easily backup the shared folders in TNAS to other local folders. Storage location or a remotely mounted folder. TFM Backup has mirror backup and differential backup to choose from, and users can realize automatic scheduled backup by configuring backup schedule tasks. TFM Backup provides users with a simple and flexible backup solution for backing up data in TNAS.

  • Improve disk space utilization
    Traditional RAID 1 disk arrays use redundancy to mirror the data of one disk to another disk, which can effectively avoid the risk of data loss due to disk failure. But a RAID 1 disk array requires at least 2 disks, that is, in a RAID 1 disk array, at most 50% of the effective disk storage space is available. For some users, not all data is important data, and it may not be necessary to mirror the entire disk data. Before TerraMaster launched TFM Backup, RAID 1 array seemed to be the only choice when users made mirror backups of data on disks. Now, users can choose to use TFM Backup to selectively do mirror backup, which can increase the utilization of disk space while ensuring data security.
  • Flexible backup strategy
    TFM Backup has two backup strategies: mirror backup and differential backup. In the mirror backup mode, the backup source data is always consistent with the destination data, which can reduce the work of data management; in the differential backup mode, the newly added or modified data is backed up, even if the source data is deleted, the destination The data always retains the last backup version, which can effectively avoid the loss caused by misoperation.
  • Custom backup plan
    TFM Backup provides a customizable backup plan, and you can customize the backup time, period, and frequency. You can perform backups during less busy periods according to business needs to avoid disruption to normal business.
  • Multiple backup tasks
    TFM Backup supports multiple backup tasks. You can use TFM Backup to create multiple backup tasks for multiple folders with different backup policies and destinations, and configure different task schedules for each task to meet the backup needs of different file types in various application scenarios.
  • Flexible backup destination
    The backup destination of TFM Backup can be in a different storage pool, a different volume, or a different device (using a remotely mounted folder). To avoid data loss caused by disk hardware failure, it is recommended to set the backup destination to a volume in a different storage pool.

Improved System Storage Searches with Terra Search

For some medium or large institutions, finding the required information from the vast amount of stored literature can be a big challenge. Terra Search’s file content search capabilities can help you overcome this challenge. Terra Search can quickly find all kinds of mainstream documents containing search keywords by establishing a database and search engine, which greatly improves the work efficiency of employees.

  • Customized for industry applications
    Terra Search is specially developed and customized for business users, and has the characteristics of flexibility, speed, practicability and wide application. Terra Search is suitable for institutions and enterprises that need to manage a large number of documents, such as libraries, judiciary, hospitals, scientific research, military, government, etc.
  • Powerful search engine
    Terra Search has a built-in powerful search engine, combined with a large database, it can easily handle millions of document management and content search, and can search hundreds of target files per second (related to the hardware performance of the TNAS device).
  • Applicable to a variety of documents
    It is widely compatible with documents in various mainstream formats, such as office documents, text files, pdf, photos, music, e-books, web files, program codes, etc., to meet more than 90% of business users’ common file search needs.
  • Image text content recognition
    Terra Search has a built-in automatic recognition function of image text content, which can quickly identify text in multiple languages ​​in images. The supported image formats include jpg, gif, jpeg, png, tiff, tif, etc.
  • Custom search criteria
    In order to increase search efficiency, Terra Search also provides user-defined search conditions. Users can add search conditions such as file name, extension, title, owner, creation time, etc. according to their needs.
  • Custom search directory
    By setting specific search directories and file types, users can limit the scope of the search, and improve search flexibility and search efficiency.
  • Search result preview
    Terra Search provides a preview function of search results. Even for pictures, you can view the search results of pictures and texts through the preview window, and quickly screen accurate search results.
  • Category display
    Through the flattened category display of the search page, users can screen documents, pictures, applications, and videos from the search results, making the search results clear at a glance.

Improved VPN Service Support with VPN Server in TOS 5

VPN Server provides you with an easy-to-use VPN solution, which can set up a TNAS device as a VPN server to allow other devices to remotely connect to TNAS through a private channel to ensure data communication security. Multiple devices connected to the VPN Server can form an interconnected network through private channels.

  • Supports multiple VPN protocols – TerraMaster VPN Server supports PPTP, OpneVPN and L2TP/IPSec protocols, which can adapt to different network environments and meet your different business needs.
  • Multiple authentication methods – VPN Server supports PAM and LDAP authentication, can connect with local users and domain users, and supports PAP, MS-CHAP, MD5, SHA, RSA and other authentication methods to ensure the privacy of private channel connections.
  • Real-time network I/O monitoring – VPN Server uses graphs to monitor the network I/O of each VPN connection in real-time, allowing you to know the status of online devices and the I/O load of the network in time.
  • Simple operation interface – VPN Server uses a flat menu, each VPN connection is managed separately, and the advanced setting items use the default options to avoid troubles for users due to complicated configuration options. It is simple, intuitive, and very suitable for home users and small and medium-sized buisness users.
  • Log tracking – VPN Server provides a complete operation log and execution log, which is convenient for you to understand the operation history and the connection status of the VPN service, which can help you to quickly troubleshoot the fault.

How to Upgrade to Terramaster TOS 5 from TOS 4 – What You Need To Know?

Upgrading to TOS 5 is not as straightforward as other firmware updates and there is an element of complexity that, if done wrong, might result in re-initialising your system and formatting your storage/data, so follow the steps below VERY carefully! Please follow the guide below to install the new TOS 5.0 system

Must read before installation!

1.Since the root file system, storage path, application installation location, and startup method of TOS 5.0 are different from those of the previous version, you cannot directly update to TOS 5.0 from the current version, but need to reinstall the system.

Reinstalling the system will theoretically not delete the data on your hard drive, but for safety consideration, please back up your data in advance.

  1. The new TOS 5.0 system is only applicable to the x.86 series of TNAS models (220 series, 221 series, 420 series, 421 series, 422 series, 423 series);
  2. Your current TOS version need to be 4.2.32 or above;

  3. TNAS PC needs to be 5.0.19 or above, otherwise, it may not work properly;

  4. TNAS Mobile needs to be 5.0.1 or above, otherwise, it may not work properly. Note: Currently, TNAS Mobile is only available for iOS, and the Android version will be released soon, please pay attention to our update news.

How to install TOS 5.0?  

  1. Download the TOS 5.0 installation package;
  2. Log in to your TOS, go to Control Panel > General Settings > Factory Default, tick “Reset to Factory default” and click “Apply” to clear your system;

  3. Your TNAS will automatically restart and enter the initialization guide page; if you cannot enter the initialization page, please use the TNAS PC to search for your TNAS again, and enter the IP address of your TNAS in the browser address bar;

  4. Select the “Custom” mode during the initialization process, upload the TOS 5.0 installation package, and wait for the installation to complete;

  5. After the system installation is completed, the system will automatically restart; Then, follow the instructions on the page to complete the administrator settings;

  6. After the system is installed, you need to clear the browser cache, otherwise some system pages may not be displayed correctly.

Installation packages download link:

  1. TOS 5.0:https://download2.terra-master.com/TOS_X642.0_5.0.120_00154_2206121730.ins
  2. TNAS PC for Windows OS:https://download2.terra-master.com/TerraMaster_TNASPC_for_win_V5.0.22.zip

  3. TNAS PC for macOS:https://download2.terra-master.com/TerraMaster_TNASPC_for_mac_V5.0.22.dmg

  4. TNAS Mobile for iOS:It will be published later.

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,263 other subscribers


Get an alert every time something gets added to this specific article!


Want to follow specific category?

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

Cybersécurité : améliorer la collaboration est essentiel pour mieux protéger les organisations

10 juin 2022 à 08:58
Par : UnderNews

L’étude de Cohesity montre que le risque cyber réside dans le manque de collaboration entre les équipes IT et les équipes chargées des opérations de sécurité. Près de la moitié des personnes interrogées dans le cadre de l’enquête mondiale déclarent que leur organisation a été touchée par un ransomware au cours des six derniers mois.

The post Cybersécurité : améliorer la collaboration est essentiel pour mieux protéger les organisations first appeared on UnderNews.

Une version spécifique du ransomware Black Basta cible les serveurs VMware ESXi

8 juin 2022 à 08:02

Un de plus ! Le ransomware Black Basta prend désormais en charge le chiffrement des machines virtuelles sur des hôtes VMware ESXi. Il vient s'ajouter à la liste des ransomwares compatibles VMware ESXi, qui ne cesse de s'agrandir.

Pour les pirates informatiques, les hyperviseurs représentent la cible idéale, car en compromettant un seul serveur, ils peuvent en chiffrer plusieurs puisque le serveur VMware ESXi héberge plus ou moins de machines virtuelles selon les entreprises. Ainsi, l'attaque peut s'avérer plus rapide tout en étant dévastatrice.

Les analystes en sécurité d'Uptycs ont remarqué qu'il existe une version du ransomware Black Basta qui cible spécifiquement les serveurs VMware ESXi. De ce fait, le nom de ce ransomware vient s'ajouter à la liste de ceux qui sont déjà en mesure de s'attaquer aux hyperviseurs VMware, notamment LockBit, HelloKitty, Hive, AvosLocker ou encore plus récemment, Cheerscrypt.

Lorsqu'il entre en action, Black Basta va faire comme ses petits copains : il va rechercher la présence de banque de données dans le répertoire "/vmfs/volumes" du serveur afin de détecter l'emplacement des machines virtuelles. S'il ne trouve rien, il s'arrête, mais s'il trouve des machines virtuelles, il s'en prend aux VMs.

Pour chiffrer les machines virtuelles, le ransomware d'appuie sur l'algorithme ChaCha20 et sur du multithreading afin que la phase de chiffrement soit plus rapide. Les différents fichiers chiffrés se retrouvent avec l'extension ".basta" et un fichier "readme.txt" avec des notes (notamment un ID unique pour que les cybercriminels identifient la victime) est déposé dans chaque dossier.

Le ransomware Black Basta est assez récent, car il a été vu pour la première fois en avril 2022, et à ce moment-là, il s'attaquait aux serveurs Windows. Désormais, les pirates se tournent vers les serveurs VMware ESXi. "D'après le lien qui mène au chat et l'extension du fichier chiffré, nous pensons que les acteurs à l'origine de cette campagne sont les mêmes que ceux qui ont ciblé les systèmes Windows auparavant avec le ransomware Black Basta.", précisent les analystes d'Uptycs.

Source

The post Une version spécifique du ransomware Black Basta cible les serveurs VMware ESXi first appeared on IT-Connect.

L’agence de santé publique du Costa Rica victime du ransomware Hive

1 juin 2022 à 09:27

En quelques semaines, les services publics du Costa Rica ont subi deux attaques informatiques différentes, une première par le ransomware Conti, et une seconde qui vient de se produire, par le ransomware Hive. Faisons le point.

Suite à une attaque informatique avec le ransomware Hive, tous les ordinateurs du réseau du service de santé publique du Costa Rica (CCCS) sont désormais hors ligne. Début Mai, le Costa Rica a déjà subi une attaque informatique par les membres du groupe Conti, et le CCCS faisait déjà partie des entités gouvernementales touchées même s'il y en avait d'autres tel que le ministère de la Finance, le ministère des Sciences, etc.

D'ailleurs, suite à cette première attaque, le nouveau Président du Costa Rica avait basculé le pays en état d'urgence, tout en prenant la décision de ne pas payer la rançon de 10 millions de dollars réclamée par le gang Conti. De son côté, les États-Unis ont apporté leur soutien en promettant une récompense pouvant atteindre 15 millions de dollars en échange de renseignements sur les leaders du groupe Conti.

Revenons à cette nouvelle attaque par le ransomware Hive, un logiciel malveillant qui fait régulièrement parler de lui et qui est disponible selon le modèle "ransomware-as-a-service".

Dans un premier temps, le CCCS a publié ce tweet pour informer de l'incident en cours : "La CCCS a été victime d'un piratage dès le début de la matinée de mardi. Le piratage a eu lieu aux premières heures du mardi 31 mai. Les analyses correspondantes sont en cours de réalisation. Les bases de données de l'EDUS, du SICERE, des salaires et des pensions n'ont pas été compromises". C'est tout de même rassurant en ce qui concerne une éventuelle fuite de données au sujet des Costaricains.

Sur site, les employés ont reçu la consigne d'éteindre leurs ordinateurs et de les débrancher du réseau, car lorsque l'attaque a commencé, toutes les imprimantes ont commencé à imprimer des dizaines et des dizaines de pages. Désormais, des opérations sont en cours pour tenter de restaurer les différents services les uns après les autres, mais le CCCS n'a pas donné de délais.

Il y a de très fortes chances pour que ces deux attaques soient liées, et certains membres du groupe Conti ont probablement recréé un petit groupe de cybercriminels qui est à l'origine de cette attaque avec le ransomware Hive. En tout cas, c'est une possibilité. D'ailleurs, Yelisey Boguslavskiy de chez Advanced Intel indique : "AdvIntel a identifié et confirmé avec un haut niveau de certitude que Conti travaille avec HIVE depuis plus de six mois - depuis au moins novembre 2021. Nous avons identifié des preuves solides de l'utilisation active par HIVE des accès initiaux fournis par Conti et des services des pentesters de Conti.", et il ajoute également : "Les mêmes personnes travaillaient à la fois pour Conti et pour HIVE, comme le montre la liste des victimes qui sont identiques sur les blogs de HIVE et de Conti.".

En espérant que le CCCS du Costa Rica parvienne à restaurer ses et à en finir avec cette série d'attaques, notamment en améliorant la sécurité des différents systèmes informatiques utilisés par l'ensemble des entités gouvernementales. Ce magnifique pays ne mérite pas ça ! 🙂

Source

The post L’agence de santé publique du Costa Rica victime du ransomware Hive first appeared on IT-Connect.

Cheerscrypt, un nouveau ransomware qui cible les serveurs VMware ESXi

26 mai 2022 à 09:36

Il est de plus en plus fréquent que les ransomwares s'en prennent aux serveurs VMware ESXi, et cette tendance se confirme une nouvelle fois avec ce nouveau ransomware baptisé Cheerscrypt. Faisons le point.

Les hyperviseurs VMware sont une cible favorite pour les pirates informatiques, car ils sont très populaires à l'échelle mondiale, aussi bien dans les PME que dans les grandes entreprises, et affecter un hyperviseur permet de toucher X machines virtuelles donc l'impact est fort. D'ailleurs, plusieurs ransomwares sont déjà "compatibles" avec les serveurs VMware ESXi afin de réaliser des attaques, on peut citer LockBit et Hive. Généralement, ce sont des ransomwares pour Linux qui ont une variante pour VMware ESXi, un système basé sur Linux, justement.

Les chercheurs en sécurité de chez Trend Micro ont fait la découverte de ce nouveau ransomware baptisé Cheerscrypt et pour lequel ils ont mis en ligne un rapport qui détaille le mode opératoire.

À partir du moment où un hyperviseur VMware est compromis, l'outil de chiffrement est exécuté sur le serveur et à l'aide d'une commande esxcli, les machines virtuelles vont être énumérées et arrêtées.

esxcli vm process kill –type=force –world-id=$(esxcli vm process list|grep 'World ID'|awk '{print $3}')

Au moment de chiffrer les fichiers du datastore, il s'intéresse particulièrement aux fichiers correspondants aux machines virtuelles, avec les extensions suivantes : .log, .vmdk, .vmem, .vswp et .vmsn. On remarque notamment le format VMDK correspondant aux disques virtuels des machines virtuelles.

Ce qui est surprenant, c'est que les fichiers sont renommés en ".cheers" avant même d'être chiffrés, donc si le renommage ne fonctionne pas, le chiffrement échouera. En complément, un fichier nommé "How To Restore Your Files.txt" sera déposé dans chaque dossier, avec les habituelles instructions et notamment un lien vers le site Tor (adresse en .onion) des pirates informatiques afin d'entrer en contact.

Si l'on se réfère à ces notes, les victimes auraient trois jours pour accéder au site sur le réseau Tor et payer la rançon afin d'obtenir la clé de déchiffrement. Dans le cas où la rançon n'est pas payée, les données seront revendues sur le marché noir, donc on parle bien ici de double extorsion, car les données sont exfiltrées, et pas seulement chiffrées. Si les données ne trouvent pas preneur, elles seront tout simplement mises en ligne.

D'après le site Bleeping Computer, le site serait actif depuis mars 2022 et il y aurait 4 victimes pour le moment, dont un hôpital belge.

Source

The post Cheerscrypt, un nouveau ransomware qui cible les serveurs VMware ESXi first appeared on IT-Connect.

Le ransomware DeadBolt s’en prend encore aux NAS QNAP !

20 mai 2022 à 08:41

QNAP alerte ses utilisateurs : une nouvelle vague d'attaques est en cours avec le ransomware DeadBolt ! Il est impératif de mettre à jour son NAS dès que possible !

Dans son nouveau bulletin de sécurité, QNAP précise : "QNAP demande instamment à tous les utilisateurs de NAS de vérifier et de mettre à jour QTS à la dernière version dès que possible, et d'éviter d'exposer leur NAS à l'Internet.". D'après l'équipe de réponse à incident de QNAP, cette nouvelle vague d'attaques cible principalement les NAS des séries TS-x51 et TS-x53, et les versions du système suivantes : QTS 4.3.6 et QTS 4.4.1.

Ces derniers mois, les NAS QNAP sont régulièrement la cible du ransomware DeadBolt et les vagues d'attaques sont assez fréquentes : c'est la troisième depuis le début de l'année 2022. Entre temps, le ransomware DeadBolt s'en est pris également aux NAS ASUSTOR.

Lors des précédentes vagues d'attaques, la rançon demandée était de 0,03 bitcoin sur chaque NAS, ce qui représente environ 850 euros. Pour un particulier, c'est une somme qui est loin d'être négligeable. À ce jour, le ransomware DeadBolt a chiffré les données de plusieurs milliers de NAS QNAP, dont environ 5000 en janvier 2022 et 1000 en mars 2022.

Lorsqu'un NAS est victime du ransomware DeadBolt, les fichiers chiffrés utilisent l'extension .deadbolt. En complément, la page d'accueil de l'interface du NAS (c'est-à-dire le fichier /home/httpd/index.html) est remplacée par une page qui donne les instructions permettant à l'utilisateur de régler la fameuse rançon aux pirates informatiques.

Voici à quoi ressemble cette page :

QNAP - Ransomware DeadBolt

Au-delà de mettre à jour votre NAS, si vous ne souhaitez pas qu'il soit accessible depuis Internet, vous devez désactiver toutes les règles de redirection de port à destination de votre NAS et créé sur votre routeur. Potentiellement, vous avez pu créer ces règles via l'interface du NAS grâce au protocole UPnP, qu'il est recommandé de désactiver.

Utilisateurs de NAS QNAP, à vos mises à jour !

Source

The post Le ransomware DeadBolt s’en prend encore aux NAS QNAP ! first appeared on IT-Connect.

Rapport 2021 de la CNIL

18 mai 2022 à 07:00
Par : Caroline
rapport 2021 CNIL 300x225 - Rapport 2021 de la CNILLa CNIL vient de rendre son rapport d’activité pour l’année 2021. Un rapport de 124 pages, rappelant ses actions, ses priorités, dévoilant ses chiffres, présentant son organisation ainsi que ses ressources humaines et financières. Qu’est-ce que la CNIL et quel est son rôle ? La CNIL, Commission Nationale de l’Informatique et les Libertés, est une autorité administrative indépendante. Elle est composée de 18 membres (élus ou nommés). Elle veille à ce que l’informatique soit au service du citoyen. L’outil informatique […]

The downside of ‘debugging’ ransomware

16 mai 2022 à 11:30

The decision to release a ransomware decryptor involves a delicate balancing act between helping victims recover their data and alerting criminals to errors in their code

The post The downside of ‘debugging’ ransomware appeared first on WeLiveSecurity

Le Costa Rica déclare l’état d’urgence à la suite d’une cyberattaque massive

14 mai 2022 à 12:59
Par : UnderNews

Le Costa Rica a déclaré l’état d’urgence à la suite d’une cyberattaque de grande ampleur ciblant des organismes gouvernementaux. Le groupe cybercriminel Conti serait à l’origine de cette attaque par rançongiciel.

The post Le Costa Rica déclare l’état d’urgence à la suite d’une cyberattaque massive first appeared on UnderNews.

Ransomware Conti : 15 millions de dollars à celui qui aidera les USA à identifier les leaders

9 mai 2022 à 09:49

Les États-Unis sont prêts à offrir jusqu'à 15 millions de dollars en échange d'informations qui permettraient d'identifier et de localiser les leaders du groupe de pirates Conti, associé au ransomware du même nom. Récemment, le gang Conti a été associé à une attaque informatique contre différentes institutions du Costa Rica.

Pour être plus précis, jusqu'à 10 millions de dollars de récompense sont offerts en l'échange d'informations sur l'identité et la localisation des fortes têtes de Conti, et 5 millions de dollars supplémentaires pour permettre l'arrestation et la condamnation de personnes ayant tenté de participer à des attaques de ransomware de Conti. D'après des chiffres de janvier 2022 et les estimations du FBI, le gang Conti serait à l'origine de nombreuses attaques, et il y aurait plus de 1 000 victimes qui auraient payé la rançon, pour un montant total de 150 millions de dollars.

Le mois dernier, le groupe Conti a revendiqué une attaque contre six institutions publiques du Costa Rica, exigeant le paiement d'une rançon de 10 millions de dollars pour éviter que les données exfiltrées ne soient divulguées sur Internet (il y a notamment des données liées aux finances publiques du pays - plus d'infos ici). Ce n'est probablement pas un hasard si les États-Unis ont mis en ligne "cette annonce" pour obtenir des informations quelques jours après cette attaque au Costa Rica.

Ce n'est pas la première fois (et sûrement pas la dernière) que les États-Unis sont prêts à offrir une importante somme d'argent en l'échange d'informations sur des groupes de cybercriminels. En novembre dernier, c'est une récompense de 10 millions de dollars qui était promise en l'échange d'informations au sujet des membres du groupe REvil. Finalement, même si le code source du ransomware Conti a fuité au début de la guerre entre l'Ukraine et la Russie, cela ne semble pas perturber réellement les activités du gang Conti en lui-même...

Source

The post Ransomware Conti : 15 millions de dollars à celui qui aidera les USA à identifier les leaders first appeared on IT-Connect.

Un bug dans les ransomwares populaires permettrait d’arrêter le chiffrement !

4 mai 2022 à 07:57

Un chercheur en sécurité a découvert un bug qui prend la forme d'une faille de sécurité au sein de ransomwares populaires, ce qui permettrait d'arrêter l'opération de chiffrement en cours sur une infrastructure compromise ! Néanmoins, ce n'est pas gagné d'avance...!

Les ransomwares populaires, parmi lesquels on retrouve Conti, REvil, Lockbit, AvosLocker ainsi que Black Basta, sont vulnérables à un bug de sécurité qui peut être exploité pour mettre fin à la charge finale de ces logiciels malveillants : l'opération de chiffrement des données.

Un chercheur en sécurité nommé Hyp3rlinx a découvert que les ransomwares sont vulnérables aux attaques de type DLL hijacking, ce qui permet l'injection de code malveillant au sein d'une application. En l'occurrence ici, le code injecté va permettre de mettre fin à l'activité du ransomware. Ceci est possible, car les ransomwares n'effectuent pas suffisamment de vérification.

Pour chaque échantillon de ransomwares qu'il a analysé, le chercheur Hyp3rlinx a mis en ligne un rapport qui détaille la vulnérabilité, le hash de l'échantillon utilisé, un exploit PoC et une vidéo de démonstration. A chaque fois, pour piéger le ransomware, il faut utiliser un code d'exploit compilé dans un fichier DLL et nommé d'une certaine manière.

Hyp3rlinx affirme qu'il faudrait placer cette DLL spéciale sur un emplacement accessible par le réseau et où se situent d'autres données, afin que le répertoire soit ciblé par le ransomware, et que la DLL soit chargée. Ainsi, l'exécution serait stoppée, ce qui permettrait d'arrêter le chiffrement des données.

Nous ne savons pas exactement sur quelles versions des ransomwares il s'est appuyé pour réaliser ses tests et ses démonstrations. Même si cela s'applique aux dernières versions et qu'en soit c'est intéressant, ce n'est pas facile à mettre en œuvre comme protection.

De plus, il est certain que les pirates informatiques vont mettre à jour leurs ransomwares pour éviter ce piège. Au-delà du chiffrement des données, les entreprises restent vulnérables à l'exfiltration des données qui peut donner lieu à une demande de rançon.

Source

The post Un bug dans les ransomwares populaires permettrait d’arrêter le chiffrement ! first appeared on IT-Connect.

De fausses màj Windows 10 infectent votre PC avec le ransomware Magniber !

2 mai 2022 à 09:24

De fausses mises à jour de Windows 10 sont actuellement distribuées dans le cadre de campagnes d'attaques. En réalité, l'utilisateur récupère le ransomware Magniber sur sa machine !

De nombreux utilisateurs, à travers le monde, sont victimes de cette attaque ! Ils pensent installer une mise à jour de sécurité pour Windows 10 ou une mise à jour cumulative pour Windows 10, mais en fait, leur machine se retrouve infectée par le ransomware Magniber ! Ces deux fausses mises à jour sont distribuées via des fichiers ayant différents noms, et notamment les deux noms suivants qui seraient relativement populaires :

  • Win10.0_System_Upgrade_Software.msi
  • Security_Upgrade_Software_Win10.0.msi

Deux noms peu rassurants pour les utilisateurs avertis, d'autant plus que ces deux fichiers utilisent l'extension ".MSI" qui n'est pas le format habituel des mises à jour Windows. On retrouve également les noms suivants, qui intègrent un numéro de KB, mais qui sont toujours au format MSI :

  • System.Upgrade.Win10.0-KB47287134.msi
  • System.Upgrade.Win10.0-KB82260712.msi
  • System.Upgrade.Win10.0-KB18062410.msi
  • System.Upgrade.Win10.0-KB66846525.msi

D'après les informations du site VirusTotal, et si l'on se base sur la date des échantillons analysés par ce service en ligne, la campagne de distribution de ce logiciel malveillant aurait débuté le 8 avril 2022. Ce qui reste flou pour le moment, c'est comment les attaquants parviennent à piéger les utilisateurs : peut-être par l'intermédiaire d'une campagne de phishing ? Un canal de diffusion classique.

Le ransomware Magniber

Lorsque le ransomware Magniber infecte un poste informatique, il va chiffrer les données en utilisant une extension de fichiers aléatoire basée sur 8 caractères, comme ".gtearevf" par exemple. L'habituelle note est également laissée sur la machine, via un fichier nommé "README.html" et qui contient les instructions pour le paiement de la rançon.

Le site de Magniber permettant de payer la rançon est accessible via le réseau Tor. Il permet de déchiffrer un fichier gratuitement (probablement pour montrer à l'utilisateur que l'opération fonctionne), mais également de payer la rançon pour obtenir la clé de déchiffrement.

Ransomware Magniber

Pour cela, si l'utilisateur paie dans les 5 jours qui suivent l'infection, le montant de la rançon est de 0,068 bitcoin, soit 2511 euros à l'heure où j'écris cet article. Ensuite, le montant de la rançon sera doublé puisqu'il passera à 0,13600 bitcoin soit 5022 euros.

En soi, le montant est faible pour une entreprise, mais il s'avère que cette campagne cible plutôt les étudiants et les particuliers, et là c'est plus difficile à digérer.... Dans tous les cas, il est recommandé de ne pas payer la rançon pour ne pas encourager les actions malveillantes de ce type !

Source

The post De fausses màj Windows 10 infectent votre PC avec le ransomware Magniber ! first appeared on IT-Connect.

Des entreprises russes visées par des cybercriminels compatriotes

26 avril 2022 à 11:44
Par : UnderNews

Les cybercriminels russophones ont habituellement un code de conduite vis-à-vis des entreprises compatriotes : ils ne les attaquent tout simplement pas. Cependant, le gang de ransomware OldGremlin constitue un contre-exemple. Ce groupe cible des organisations en Russie depuis le printemps 2020 et a récemment mené des campagnes qui exploitent les sanctions frappant actuellement le pays.

The post Des entreprises russes visées par des cybercriminels compatriotes first appeared on UnderNews.

Élections présidentielles sur fond de cyberattaques : à quels types d’attaques et de ransomwares se préparer ?

6 avril 2022 à 09:21
Par : UnderNews

Les cybermenaces sont entrées dans nos quotidiens avec une multiplication particulièrement remarquable en 2021 : 37% d’augmentation d’intrusions sévères selon l’ANSSI. A quelques jours des élections présidentielles, qui sont les moments privilégiés d’attaques phishing et spread phishing d’envergure, viennent s’ajouter les tensions géopolitiques actuelles. Dans ce contexte, quels types de menaces les organisations françaises doivent-elles appréhender ? et comment s’en prémunir ?

The post Élections présidentielles sur fond de cyberattaques : à quels types d’attaques et de ransomwares se préparer ? first appeared on UnderNews.

TrueNAS Core Software Review – Account Management, Alerts, Notifcations & Business Support

23 mars 2022 à 01:17

TrueNAS Core Software Review – Part II, Managing Accounts, Alerts & Business Support


If you are considering managing your own private server, want to build it yourself (investing your budget primarily into the hardware) and want to take advantage of free to download open source software, then there is a huge chance that you are aware of TrueNAS. In part two of my full review of the TrueNAS Core software, I will be looking at how business users are going to find the account management of TrueNAS, how those accounts can be adapted/changed on the fly, what authentication methods are on offer to those accounts, how detailed the alerts are, in what ways can those concerned by notified as quickly as possible and just what options are available to business users who like the flexibility of TrueNAS but want commercial-grade support. We have a lot to cover, so I won’t waste much of your time, but I should add that today’s review was made possible with help from iXsystems providing a Mini X+ TrueNAS system. iXsystems is the business arm of the open-source TrueNAS platform and they provide the means for users who like the FreeBSD platform to have more of a turnkey ‘off the shelf’ solution at their disposal. If you want to read the FULL review, you can read the (LONG) FULL Review of TrueNAS is available HERE.


Part I of the TrueNAS Review Can be found HERE


Part III of the TrueNAS Review is HERE (25/03)

Review of TrueNAS – Accounts Creation, Control & Management


Given the rather technical, bespoke and detailed nature of TrueNAS, it is easy to understand why the solution is aimed at business users who want things set up in a ‘certain way’. Although turnkey solutions are easier to deploy and are generally more user-friendly, they are more often than not too rigid and inflexible for businesses to use in their larger business models. In most cases, a TrueNAS custom-built (or iXsystem) will be deployed in the center of a business and accessible from many, many company staff for backups, email, document archives, hybrid sync storage and more. Therefore it is important to review how TrueNAS handles multiple accounts, how security is afforded to these accounts and how privileges and access to more mission-critical or confidential data are managed. TrueNAS features a quick and easy means to create multiple users and/or groups for the host user network (as well as connecting these with remote access as required). Let me talk you through what stood out for me in TrueNAS when it comes to account management.


Significant Range of Security and Account Configuration Options


Creating a user account in TrueNAS is incredibly straightforward, as well as making each account as secure as possible. Each account has the standard username and password settings you would expect, but then they delve quite a bit deeper into how you want these users to access the system, their subgroups (which then allows you to create bulk protocols/privileges for all users in that group quickly) and the nature of their account. Options such as which file directories this user can interact with can be set to rear only, write or full access are fairly standard, but I like the options for locking some user accounts easily, creating unique SSH keys, creating temporary admin powers and rotational/changeable passwords are a nice extra touch. As the system is predominantly designed to be remotely accessed via 3rd party client OS’ and 3rd party client software, the more customizable user account features of user images and bespoke desktop GUI found on NAS systems such as Synology and QNAP are absent, but this is still a very easy and detailed user creation element to TrueNAS.

Good Support of Microsoft Account Authorization


It’s a relatively small extra detail, but user account security in TrueNAS also includes an option to integrate the use of Microsoft account security when accessing the storage on the server. This is applicable to any system running Windows 8 or higher (including Windows 11) and allows the authentication methods that are used in the Windows operations system to be used to further verify the identity of a connected user. This user service is not exclusive to TrueNAS of course, but it is another neat piece of third party crossover support that the software includes in its open-source architecture.


Impressively Configurable 2-Step Authentication


The fact that TrueNAS features the support of 2 step authentication (also known as 2FA – 2 Factor authentication) is not going to be a huge surprise for many, given its ubiquitous appearance on pretty much all software clients in the last few years. For those that arent aware, in brief, two-step authentication allows you to have a 2nd degree of user authentication when logging into a service/software alongside your password, as your phone will need to provide a randomly generated code every time when you log in. You need to use one of the many authentication client tools available online (with Google Authenticator being one of the most used for mobiles), but it is surprisingly easy to set up. Where 2-Step authentication in TrueNAS differs from most is the level of configuration that is on offer within the 2FA settings.



Most systems will provide you with the option to simply synchronize with the authentication tool you are using (3D generated barcode or long passkey as best suited to the end-user). TrueNAS on the other hand allows you to change the authentication interval that the randomly generated code changes (usually 30 seconds) to longer for those that need it for accessibility support, as well as change the validity period/number of attempts before a potential lockout. Then you have the option to customize the length of the one-time password (OTP) to greater than the usual default 6 digits (something I have not seen offered by any other NAS brands in 2022). Finally, there is the choice to integrate the requirements for 2-step authentication into SSH logins (command line access with an SSH client window tool such as Putty), which given the huge degree of SSH access built into the typical TrueNAS use scenario, it definitely beneficial.

No Bulk Group or User Creation Options


One small but present absence that I noted in TrueNAS was the lack of an option to create bulk users at once or to import an existing CSV or .xlsx file. This is a very minor detail of course and only applicable to users who have larger volumes of users they wish to move over to a new server from an existing setup, but I am still surprised that it is absent in TrueNAS Core. I have contacted iXsystems to enquire about this and apparently it IS an option that is available in TrueNAS Scale, but nevertheless, I am disappointed that it is not available across the whole platform.

Review of TrueNAS – Alerts & Notifications


Most users who are looking at getting a private server, although initially heavily invested in tinkering and playing with the device, will eventually want the system to just sit in the corner, be quiet and do it’s job! It’s understandable, as interesting as the software and services are, ultimately a NAS (TrueNAS or otherwise) is a tool and as soon as you have set the device up to do the thing you specifically need it to, you want to go back to doing other things and whilst your NAS carries on. However, whilst that is true, in the event something is wrong or out of the ordinary system processes are noticed internally, you want the TrueNAS to tell you ASAP! Most NAS systems have inbuilt notifications and alerts that can be pushed to select/all end users that can be tailored to preferred client devices and methods. In the case of TrueNAS there are (as you might expect) a wide, WIDE variety of settings and choices for delivering those all-important notifications and although in the case of many apps being 3rd party (therefore having their own notification and alert schemes in place as appropriate), the greater storage system, network/internet connections and user behaviour alerts are still pretty extensive in their alert options. Here is what stood out in TrueNAS for me in this area.


VERY Customizable Alerts and Notification Customization


I really cannot stress enough how diverse the range of alert configuration options that TrueNAS allows you to adapt. The window above is just a small example of the many, many windows available although it is a long, long list of options, you cannot really suggest that TrueNAS didn’t cover all the scenarios. There are even slightly more customizable ones that you can add too. The delivery of these alerts is a little less straightforward than those found in Synology/QNAP (which have proprietary client apps for mobile and desktop that allow faster alert methods) but a large number of platforms are supported in TrueNAS for notifications that include email, Slack, AWS, InfluxDB, Mattermost, Pager Duty, SNMP Trap and more. Alongside incredibly concisely built alert parameters, each one can be scaled in priority and in turn, its urgency adjusted.



TrueNAS uses a 7 tier alert priority scale and you can adjust each alert & notification variable in the wide-ranging list to your own requirements. For example, if you were running a shared storage area with a team of 10 users and 8/10 of those users were accessing the system at once (potentially bottlenecking the network in a 1GbE network, depending on the file volume/frequency), you might want the system admin/IT to know this. It isn’t a high-level alert, more of a case of being aware of the additional network load. In that case you can setup an alert of bandwidth/zdev access above a certain level/% and suitable admin to receive a level 2 notification (NOTICE) so they are aware. Alternatively, example 2, there have been several failed login attempts under a specific user account, but eventually that user has logged in successfully. This might be a cause of concern as repeated password attempts could so easily be an unauthorized individual connecting to the greater system. You can set the # of failed login attempts before an automatic lockout OR set an alert of level 3 ‘WARNING’ to alert a system admin to look into this account behaviour to access the situation. Alerts and notifications become significantly more intricate (breaking down into encryption certificates, hardware health, critical system failure, SSH/Telnet logins. etc) and this easy 7 tier alert system can be applied to all instances.


Build In Support Lines, Business Support tiers, Direct System Messaging System and Issue Reporting Mechanism in the TrueNAS GUI


As TrueNAS is an opensource and community-driven NAS platform, you would be forgiven for wondering just how much this all means when you hit a technical wall, encounter system roadblocks, need advice on a setup or just generally looking for guidance. One of the main appeals of an off the shelf/turn-key solution from brands such as Synology and QNAP is that as a paid hardwware+software solution, you feel that there will be technical support lines via live chat, email and even phone in some cases (depending on the level of solution of course) that a homebrew/DiY solution will not be able to supply. However, the support on a TrueNAS system is a little more diverse than that. If you build your own NAS system from scratch and install TrueNAS Core onto your system, you will not have access to premium/commercial level support, but you do have links in the TrueNAS GUI to community support, details online guides and access to the Jira support system that allows your query for assistance to be submitted to the community pool. There are also provisions there to check if your issue has already been documented and resolved elsewhere. These links are immediately available from within the GUI in multiple areas.



But if you are a business user, despite the TrueNAS open-source/freely available status, you may well have opted for it for it’s customization and flexibility compared with off the shelf NAS solutions. Therefore you might still want paid/commercial/enterrpise grade support. This is where the distinction between going TrueNAS DiY and pre-built TrueNAS from iXsystems becomes a little clearer, as iXsystems are the official pre-build provider of TrueNAS and with their solutions, they offer a scaled range of support options that include numerous contact methods. In addition to all the TrueNAS CORE support options that are still available, TrueNAS Enterprise customers who purchase hardware from iXsystems can receive assistance from iXsystems if an issue occurs with the system. Silver and Gold level Support customers can also enable Proactive Support on their hardware to automatically notify iXsystems if an issue occurs. Here is how those support options scale and which systems support each tier:

Gold Silver Bronze Warranty
Software Help Desk 24×7 12×5
12×5 Limited
Hardware Support 4 Hour

On-Site Support & Repair

Next Business Day
On-Site Support & Repair
Advance Parts Replacement Return to Depot
Remote Deployment Assistance (60 days) Yes Yes Yes No
On-Site Hardware Spares Kit Included Optional Optional Optional
Proactive Support & System Monitoring Yes Yes No No
Advanced Hardware Replacement
Delivered the next business day
and/or Saturday.
Delivered the next business day. Delivered the next business day. No
After Hour Maintenance/Upgrade Assistance By appointment By appointment No No
Online Support Portal and Knowledge base Yes Yes Yes Yes
Software Updates Yes Yes Yes Yes
S1: Not serving data or severe performance
degradation, critically disrupting business.
Response within 2 hours, 24×7 Help Desk Support Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) Email support (Next business day) for S1 and S2 intermittent faults only
S2: Performance degradation in production or
intermittent faults.
Response within 4 hours, 24×7 Help Desk Support Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) Email support (Next business day) for S1 and S2 intermittent faults only
S3: Issue or defect causing minimal impact. Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) Email Response within 4 hours, 6:00 AM to 6:00 PM Pacific Time (M-F) No support available.
S4: Request for information or administrative
requests.
Next business day response. Next business day response. Next business day response. No support available.

The level of support afforded to each tier of the iXsystem hardware portfolio is not quite as straightforward, however, as smaller-scale systems only support upto a bronze tier. Therefore on closer examination, you can only access the highest/most-involved customer support tier when you are looking at the enterprise tier hardware systems. Now, on the face of it, that makes sense in terms of priority as it is those highest volume use systems that are going to want the fastest and most responsive support. Equally, the most modest systems will be used by smaller-scale users and have smaller scale utilities in mind. Still, I know more than enough NAS users who choose more modest NAS systems from Synology and QNAP, BUT will push for extended warranties, 5year warranty enterprise storage media, choosing to allocate their storage server budget towards lengthy support periods for peace of mind/insurance. Here is how the commercial support options spread across iXsystem hardware options:

Model Gold Silver Bronze Warranty
M-series Available Available Available 3-Year Included
X-series Available Available Available 3-Year Included
R-series Not Available Available Available 3-Year Included
FNC Not Available Available Available 3-Year Included
Mini Not Available Not Available Available 1-Year Included. SW Warranty requires registration

In the case of my review, I have been using a TrueNAS mini x+ and below is how the support prices are based on this model of the TrueNAS iXsystem mini. It is worth noting that only systems with all hardware provided by iXsystems are eligible for software support and warranty. Enterprise Bronze Support is only available for customers that have larger TrueNAS systems also under Enterprise Support Contract. Component swaps are the standard process for resolving major issues.

Model 3-Year Silver 3-Year Bronze 3-Year Warranty Warranty
Mini E, E+ Not Available $299 $149 1-Year Included. SW Warranty requires registration.
Mini X, X+ Not Available $399 $199 1-Year Included. SW Warranty requires registration.
Mini XL+ Not Available $599 $299 1-Year Included. SW Warranty requires registration.

Overall, I think TrueNAS (and iXsystems) have balanced the level of support and assistance options that are available to most kinds of NAS user. It makes sense that a free-to-download software platform would not be able to provide a commercial/enterprise-grade support level without having to financially support this behind a subscription service. And they do not leverage this against the community support, opening encouraging this as an option and facilitating multiple methods of looking up similarly submitted and solved issues, streamline the community support process as much as possible and still presenting the choice to go down the paid-support route when needed. The face this support is not available in non-iXsystem TrueNAS setup’s might be a bit of a downer for some, but as mentioned multiple times in this review, the money that some users are saving in a custom/DiY solution in TrueNAS vs a turnkey/off-the-shelf solution from Synology/QNAP needs to be paid in learning how it all works. I think TrueNAS and iXsystems found the best middle ground possible here.

Larger Range of Configuration Options Can be Overwhelming and Lacks Convenient Preset Options


When I said that there are a lot of alert and notification choices built into TrueNAS, I was not kidding. Even at a casual glance, they are in the triple figures, and that is jsut on the outset. It IS true that the bulk of them are automatically set to one of the 7 pre-set alert levels by default, but if you have a slightly more secure/closed setup in mind for your system notifications, you are going to be spending hours, not minutes adjusting them all to your unique needs. The same goes if you want to run a more open setup for testing, as the TrueNAS default settings are a pinch higher than I would class as ‘casual’ in scaled alerts (better safe than sorry). Now, other turnkey solutions on the market combat this by providing various alert/notification switches BUT also arriving with security councillors/preset configuration dropdowns. In brief, I wish TrueNAS had a range of preset notification levels, perhaps set as ‘low-medium-high-business-enterprise’ that changed these settings in bulk and THEN you can go in manually where needed and change a few, allowing you to create a custom profile which you can then save as ‘CUSTOM’. Similar tiered/scaled choices exist in other areas of TrueNAS for other services that change bulk options on the fly, as well as ‘advanced’ tabs in places when you want to get your hands a little dirtier and play with options at a deeper level in the GUI. Overall though, I prefer to have too many alert/notification options that are not enough though!


In the third and final part of my review of TrueNAS coming later this week, you can find out what I thought about Security, Network Management, how the platform handles applications & Addons and my overall verdict of TrueNAS Core 12.


Part I of the TrueNAS Review Can be found HERE


Part III of the TrueNAS Review is HERE (25/03)


Alternatively, you can read the (LONG) FULL Review of TrueNAS is available HERE.


 



 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,460 other subscribers


Get an alert every time something gets added to this specific article!


Want to follow specific category?

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR ANY OTHER NAS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  
❌