The "Let's Encrypt" project is running into some problems fewer than two months after it started issuing free certificates. Meanwhile, the hosting company, Linode had to ask its users to reset their passwords after a series of DDoS attacks. To hear more, just click play!





IT Rewind Featured Stories:

Did our short segment leave you wanting more? Check out the original articles of stories we covered!





InfoWorld, @infoworld, Fahmida Y. Rashid, @FYRashid



eWeek, @eWEEKNews, Sean Michael Kerner





Continuum's Must-Read Blog Post This Week

With the Consumer Technology Association's CES 2016 conference kicking off today, I can't help but think of how many new gadgets, or endpoints, will be unveiled at the event by week's end. Endpoint management is becoming increasingly challenging due to the growing number of personal devices, as well as the growing number of places where a connected device can be found.... Keep reading »

Continuum's Employee Spotlight

Each week, Continuum will spotlight an employee that has gone above and beyond. The spotlight is more than just a recognition of the hard work being done at Continuum, but a look into the person behind that work. We'll find out what our employees do for fun, what their favorite movies are, what their passions are and much more! We also ask them about their experiences working at Continuum and what they like most about their job. Check back each week to find out who made the Employee Spotlight!

This week, Ray Reed, Continuum's Workforce Management Analyst, is being featured! Get to know Ray »

What Else Is New in the IT Channel?

Now that you've seen our top picks for this week, here are some more stories that made the headlines. Have a suggestion for a story that we should cover next week? Let us know by commenting below or tweeting @FollowContinuum or @BenDBarker!





Third time isn't the charm:

Third Try Is No Charm for Failed Linux Ransomware Creators

InfoWorld, @infoworld, Lucian Constantin, @lconstantin





Buggy Blackphone:

Bug in Silent Circle's Blackphone Let Attackers Remotely Control Device

Computerworld, @Computerworld, Darlene Storm, @SecurityIsSexy





WorPress resolution:

WordPress 4.4.1 Update Resolves XSS Vulnerability

Threatpost, @threatpost, Chris Brook



Transcription

Hey everyone welcome back to IT Rewind. After a couple of weeks off, we’re back and ready to start the New Year with a bang. This week, the Let’s Encrypt Project runs into a bit of trouble with cyber criminals and the cloud hosting provider Linode is asking users to reset passwords after series of DDoS attacks. You’ll hear more about these stories right now on IT Rewind!

By now, you’ve probably heard about the Let’s Encrypt project. The backers of the project wanted to make it easier for websites to get certificates in encrypt HTTP traffic. To do so, Let’s Encrypt started issuing free certificates in December. Well, now cyber criminals are taking advantage of the project’s good faith efforts. Researchers from Trend Micro have identified a malvertising campaign that is specifically targeting sites that are using the free certificates. The campaign directs visitors to sites that contain the Angler Exploit Kit. The cyber criminals used the Let’s Encrypt certificates to protect traffic with HTTPS and gain legitimacy with the public. Once Let’s Encrypt issues a free certificate, it does not monitor the certificates or take any more action, even if the site is flagged as malicious.

The cloud hosting provider, Linode, is asking its customers to reset their passwords. A series of DDoS attacks, which appear to have begun on December 25th, have impacted multiple Linode data centers, including those in Dallas; Atlanta; Newark, New Jersey; Fremont, California; Singapore, Frankfurt, Germany and London. Attacks have continued, despite Linode offering a statement on December 26th, which said that the incident was “considered resolved.” Along with the DDoS attacks, unauthorized access was discovered on three user accounts. Additionally, an external machine was found to contain a pair of Linode user credentials.

Before we go we’d like to give a shout out to Ray Reed who was featured in this week’s Employee Spotlight. Ray is a Workforce Management Analyst here are Continuum and has been with the company for just over a year and a half. If Ray could have any super power, he said he’d like to be able to control time. To learn more about Ray, check out the link below. Do you have a recommendation for next week’s Employee Spotlight? If you know of an employee that has been going above and beyond lately, leave a comment below, or tweet @FollowContinuum using the #EmployeeSpotlight.

That’s all the time that we have for this week’s episode of IT Rewind, As always, read the full stories that we covered today and other tech stories by clicking on the links below as well as the featured Continuum blog post of the week. This week, we explain why MSPs need to crack down on endpoint security in 2016.

Of course, you can always find us on Twitter, Instagram and Vine at FollowContinuum. We’re also on Facebook, LinkedIn, Spiceworks, YouTube and Periscope.

Take it easy.

Don't you want to find more leads?



