No audio device found in Remote Desktop Terminal Server client redirection on 2008 or 2012 server

no-audio-card-sound-on-2012

Having a problem getting audio sound redirected over terminal server or remote desktop server 2008 or 2012 to the client?

Here are a couple of things to check to enable audio redirect, even when server has no audio sound card.

When you connect the client to the server, it will redirect all sounds to be played via your local sound card however this may fail due to the following issues.

  1. Make sure the client has Audio enabled.
    • In the Remote Connection (MSTSC.EXE) , under LOCAL RESOURCES – > REMOTE AUDIO SETTINGS, make sure PLAY ON THIS COMPUTER is enabled
  2. Make sure that on the 2012 Server, DESKTOP EXPERIENCE is installed. This can be found under Server Manager under Roles and Features
  3. Right click the speaker icon and make sure you can test a PLAYBACK SOUND. There should also be a VIRTUAL SOUNDCARD listed
  4. If you still get NO AUDIO DEVICE FOUND at this stage, you will need to go back to server manager, under the SERVER COLLECTIONS, make sure that the REMOTE USER has Audio enabled.

If you require further assistance or more technical information, please make comment and we will be happy to further assist.

2015 Top 25 passwords used – how to protect yourself on mobile and computer.

If you cannot remember a complex password or more than one password, ask Sterling IT how we can assist you with a password manager that is secure.

Internet users continue to put their security at risk by using generic passwords such as “123456” and “password”, despite widespread advice to create more unique and secure codes.

Both “123456” and “password” have held the top two spots on SplashData’s annual list of leaked passwords since the first list in 2011 and data released by SplashData yesterday shows 2015 was no different.

The top 10 passwords on the 2015 list are dominated by numerical passwords, with football, baseball and ‘qwerty’ also among the least secure passwords being used online.

 

Go to Smart Company to READ MORE

Sterling IT have the solution to protect your passwords securely on phone and computers.

Contact us for more info

 

Source: smartcompany.com.au  – Recommended by Sterling IT for all good businesses.

CEO CFO and other management caught up in scam emails to transfer funds using fake accounts

my-account-was-hacked-and-all-my-money-stolenScammers are reportedly claiming to be corporate CEOs in email scams designed to steal up to hundreds of thousands of dollars from targeted companies.

Sterling IT has had one of its clients be hit with this twice and we believe they phished the email addresses from their website.
The staff also had their titles with their email addresses making it very easy.

Stay Smart Online has received a report that scammers misrepresenting themselves as corporate CEOs are sending fake emails to the CFOs of targeted companies. These emails request that up to hundreds of thousands of dollars be transferred urgently from targeted businesses to apparently legitimate bank accounts held by third-party individuals. However, these bank accounts may have been established using the details of people who have been victims of identity theft.

The relatively sophisticated scam appears to be identical to, or a recurrence of, the ‘Business Email Compromise’ or ‘Wire Fraud’ scam that Stay Smart Online provided an Alert about in October 2014. Details of the 2014 scam were provided by CERT Australia. The FBI has published similar reports regarding the ‘Business Email Compromise’ scam.

Businesses are advised to be suspicious of unexpected, urgent demands for large sums of money by any person – including CEOs and other senior leaders. You should always verify these requests directly with the person involved, and follow all governance and due diligence processes.
CERT Australia provides the following advice:

  • Consider adding a second method of verification for large financial transfers, such as verbal verification between employees.
  • Alert employees to be vigilant with regard to these incidents, especially those conducting or authorising wire transfers or similar financial instruments.
  • Do not reply to the email.
  • Sender Policy Framework (SPF) checking should be implemented to detect and prevent sender address forgery.
  • Review network logs for evidence of the indicators provided in this Alert.
  • Configure mail servers and mail scanners to block and remove emails with the indicators provided in this Alert.
  • Report identified activity to CERT Australia.

If a company has been defrauded as a consequence of these emails, report the matter to local police for investigation and escalation as appropriate.

 

 

Source: staysmartonline.gov.au 

Received an email? Do you click or not click? – Malware, Scams, Trojans, Viruses could be lurking

The internet has become an indispensable tool for everyday life, both personal and business. Its global use and familiarity has also opened the doors for cyber-criminals to take every opportunity to exploit vulnerable people through disturbing online attacks. Online scams and malware are also becoming increasingly sophisticated, and while IT professionals are aware of what to look for and how to fix problems when they arise, their colleagues may be confused by the latest scams discussed in the media.

Botnets

A botnet is the result of a criminal using malware (malicious software) to turn a computer into a bot, short for robot. In conjunction with a large number of other computers, these systems together form a botnet. Bots can often propagate themselves across the Internet by searching for vulnerable and unprotected computers. Exposed computers can be infected quickly and unknown to the user stay dormant until they are required to perform their detrimental attack. Once infected these bots can be controlled remotely to perform automated tasks over the internet such as sending out spam, malware and spyware; launching denial of service (DoS) attacks against other systems; or participating in other types of cyber-crime such as theft or fraud.

Hacking

Computer hacking has been around much longer then people have had PCs in their own homes, and is the term used to describe gaining unauthorised access into a computer. Hacking can be used to find weaknesses in your security settings which are then exploited to gain sensitive or personal information, to install malware, or to block or hijack your access to websites or email.

Malware

Extremely common, malware, or malicious software, is software you don’t want to infect your computer. Malware includes computer viruses, worms, ransomware and Trojan horses. Specifically designed to disrupt, damage or gain control of a computer system or data, therein each of these types of malware has its own purpose. Malware does a range of things, it may tell you that your computer has a security problem, re-formats your hard drive, alters, deletes or encrypts files; steals sensitive information, sends unauthorised emails, or takes control of your computer and all of the software on it.

Types of Malware

Viruses

A computer virus when executed will replicate by inserting copies of itself (possibly modified) into your computer programs, data files, the hard drive or connected network shares. By doing this the virus infects your system and interferes with the way a computer operates. Viruses are often spread via normal looking attachments in an email message or instant message; through downloads, or in pirated software.

Trojan Horse

Like the Greek tale, the Trojan horse or Trojan, employs social engineering so that it looks legitimate, useful or interesting to the potential victim who is then more susceptible to installing it on their computer. As a non-self-replicating type of malware program it is designed so when it is executed it carries out the actions determined in the program, often including joining the computer to a botnet.

Ransomware

As a relatively recent addition to the malware family, ransomware is a digital form of extortion. When you open a malicious email attachment or click a malicious link in an email message, instant message, on a social networking site, or other website; ransomware is downloaded onto your computer and is designed to block access to all your files and programs until a sum of money is paid. A computer becomes basically inoperable as you have no access to any of your files (unless you have done regular data backups). It is generally advised that you don’t pay the ransom as you cannot be guaranteed you will get the key or code to unlock your files.

Phishing

Phishing has also become a firm favourite of cyber-criminals. These sophisticated modern day forgers use deception and social engineering techniques to trick users. This is done by sending emails, text messages or website links purporting to be from authentic companies that the victim may have had previous communications with (also called spoofing). These fake messages or links are then used to persuade the recipient to reveal personal information including usernames, passwords and credit card details. Phishing scams have become increasingly prevalent because they are easy to execute, and with little effort.

Spam

Spam is another common method for sending information out and collecting it from unsuspecting people. Spam is usually the mass distribution of unsolicited messages, marketing, advertising or pornography. Spam tends to annoy people mostly by clogging their inboxes with junk, however it can also be a vehicle for malware, scams, fraud and threats to privacy.

TIPS FOR CYBER SECURITY

It is vital that anyone who sends and receives emails daily (at home or at work) is made aware and well educated on these common types of cyber threats.
There are a wide range of things you should remember or put into place within your organisation, to ensure your computer/computers are protected the best way possible.

• Avoid giving your email address out online. If you publish your email address on the web, make it unscannable so that it cannot be harvested by bots. There are alternative ways to display an email address which in turn makes it hard for spambots and cyber criminals to harvest it.

• Never open an attachment that is a .zip file or .exe file unless you are expecting it. Files from unknown senders often contain some kind of malware or virus.

• Check who is sending you email communication. Be aware that malware, phishing scams or spam may come from unrecognisable or odd email addresses, however legitimate email addresses can be forged easily.

• Never respond. If unsure, report the message as ‘spam’ to your service provider, and delete it! Also, you should delete the email from your trash to save you accidentally opening it in the future.

• Only click links from trusted senders. If an email has a link you don’t recognise, take a closer look by hovering your mouse over and checking the destination in your browser. If it doesn’t match, it is not legitimate.

• Check for spelling, grammar and syntax. Most malware, phishing scams or spam originate from foreign countries so may contain some very obvious errors.

• A reputable company or organisation will never use an email to request personal information. If you think there is a possibility it may be legitimate, type the real URL into your browser or contact the company directly.

• Reading an email in plain text rather than html can help to avoid phishing attempts, however this is not 100% foolproof.

• Report any suspicious or scam emails to the company that is being imitated, your email security provider, or to SCAMwatch.

• If a computer runs slowly, keeps crashing or stops responding often, this could be a sign that the computer is infected. Get an IT professional to take a look for you.

• It is extremely important to back up your data every single day.

• Utilise multilayered defences. This includes installing anti-virus, anti-malware, anti-spyware, and using cloud based email filtering and web filtering services. You should also not conduct day to day work with Administrator privileges on your workstation. Instead, you should use elevated privileges only when required, for example to install trusted software. Having one form of protection alone may not cover you for all the possible threats.

• Keep your software regularly updated. Software that updates automatically is incredibly beneficial to busy organisations.

• Use strong passwords and keep them secret. It is also a good idea to change them on a regular basis. Don’t use the same password for multiple accounts.

• Install a firewall on your computer and never turn it off.

• Increase security settings on your browser. You can limit user rights to certain online sites.

• Use external devices cautiously. This includes USBs and iPads/iPhones etc. as these can become infected with malware, corrupting your computer.

Cyber criminals are quite adept at tricking email users into falling for their scams. They are always coming up with new methods of deception. It is in the best interest of every company to ensure all their employees are educated on the most commonly known threats. Staying cyber-vigilant and applying solid security measures, is always the best defence against any future breaches.

Want to add another of level of protection on your email? Filter with Mailguard – the providers of the information above.

Need more information, quote on Mailguard or training for your staff?
Contact Us NOW! – Don’t Delay

How to fix WordPress site that has been hacked. Protect your site with iThemes Security Pro

 

Our external website got attacked yesterday (and not proud of it). We are very security conscious and hold NO data (customer or own) on our site excluding our blogs.
Even with strong admin passwords, we thought we were safe.
The only way we were safe is we make monthly off server backups.

We tried recovering some files but each time, there was a background script which would kill those newly updated files and replace with the ‘hacked page’.

We have now implemented a plugin called iThemes Security Pro.

This is a free plugin and is brilliant as allows so much configuration through a GUI (simple) interface, including renaming admin account, locking down php files plus much more.

It is also rated quote high and has over 700,000+ installs as well.

The main thing here is the fix was to restore from a backup after deleting ALL files on the host, then applying iThemes Security Pro

Make sure you backup, backup, backup. (iThemes Security Pro will do this for you as well)

If you need help with implementation of this, or assistance with a hacked website, comment here or contact Sterling IT.

Fake Email Warning : ISIS terrorist threat to Sydney comes in a legitimate looking email with malicious payload in attachment and/or link.

hackerFake Emails re ISIS threat
You are advised to be cautious about opening any emails you receive that refer to any ISIS threat.
New emails referring to ISIS terrorism activities carry a malicious attachment that can be used to infect your computer.

ACMA (“The Australian Communications and Media Authority”) is receiving a surge in reports of emails with the subject ‘ISIS attacks in Sydney?’. The emails request people to open an attached Word, RAR or other file by claiming the attachment includes an article naming the Sydney locations ISIS plans to attack in 2015.

Clicking on the attachment could result in malicious code being installed that allows an attacker to take control of your computer.

The email includes the contact details in an attempt to represent itself as a legitimate email. It is highly likely similar malicious emails are in circulation using references to high profile, terror-related events.

The full text of the malicious email is provided below:

Subject: ISIS attacks in sydney?
Body: ISIS has warned Australian Police today about new attacks in Sydney.
Attached the places in word file which ISIS planning to attack in Sydney this year 2015.
These terrorists have Australian Citizen why they attack us?
Read more in the detailed story in word file.
Please address any correspondence to:
[news address inserted here]
The switchboard number for [news] is:
[news phone number inserted here]
Telephone: [news phone number inserted here]
Email: [news email inserted here]

To stay safe, it is important that you do not click links in phishing emails or reply to the sender if you do not know them.
Source : Stay Smart Online , a Government initiative.