If you are using Windows Installer, Stop!

You May Be Sabotaging Yourself!

This latest cyber-attack uses Windows Installer to download malware onto your computers. What is CVE-2017-11882, and what does it do? How should you detect and protect against it? What other similar malware attacks have come up in the past? These are all questions you should be asking yourself in order to develop the best defense against this type of attack.


It seems like just when we’ve learned how to protect against one type of malware, four others pop up. Recently, Microsoft began combating CVE-2017-11882, which exploited a vulnerability in Microsoft Office. Then, just as expected, as one weakness was fought, a new one popped up. CVE-2017-11882 exploited a new vulnerability within the Windows Installer.

The previous version of CVE-2017-11882

The previous version would exploit the vulnerability using windows executable msht.exe, and then run a PowerShell script which would download and execute the payload. The problem with this is that while previous versions have edited Microsoft Installer, this version doesn’t edit it. What it actually does is use Microsoft Installer for the exact purpose that it was built for, to install things. Only this time it forces it to install malicious programs on your computer.

The new attack uses msiexec.exe as part of the Windows Installer service. For example, the user could receive an email with an attachment. Since the attachment seems legitimate, the user opens and begins downloading it. This attachment installs a malicious MSI package through the use of CVE-2017-11882. This then, in turn, releases either an MSIL or a Delphi binary. This binary will then launch another instance of itself. This duplicate binary is then hollowed out to create a new home for the new malware payload.

How does CVE-2017-11882 go undetected?

This package provides a compression layer that file scan engines need to process and enumerate in order to detect the file as malicious. This is similar to movies where the complicated retina scan needs is needed to gain access to a specific area of the building, yet the spy is still able to get in, due to his fancy contact lens. The system scans the lens and thinks that he is an authorized user, and allows him passage. Similarly, because of this compressed file mask of sorts, it’s hard to detect and identify the actual payload since it is contained in the heavily obfuscated MSIL or Delphi binary.

What can we do to protect against CVE-2017-11882?

Sometimes there are simple solutions to significant problems. For example, one of the easiest ways in which you can defend yourself and your business from CVE-2017-11882 is by having a strong email policy for your company. You should use strong passwords, with both capital and lowercase letters, as well as some symbols. You should never write passwords down, or use the same password for multiple accounts. Doing so can result in a hacker not only having access to your email but also to any and all accounts. Also, you should change your passwords often; it is recommended to change them every two months. This way you can stay ahead of the hackers before they have an opportunity to figure out your password, you will have already changed it.

Email and Passwords

Besides password strength, you should also focus on training employees about the dangers of email attacks, such as those that use the Microsoft Installer. It’s vital that they are trained not to click or open any suspicious emails. For example, employees should be trained to recognize phishing emails that may carry malware, and also to know how to isolate and flag these emails. This way other employees are immediately notified of the email, and won’t themselves fall victim. Employees should always check emails and names of unknown senders to ensure they are legitimate. They should always look for inconsistencies or style red flags such as grammar mistakes, capital letters, or excessive use of punctuation.

Restrict or disable Windows Installer

A second way to protect yourself is by limiting or completely disabling the Windows Installer itself. This would prevent potential attackers from being able to install their malicious software on your user’s systems. This way, only the system administrator could install programs. Controlling the access and spread of these attacks can significantly help your company to protect itself. Rather than trying to put out fires all over the place, you can then focus on one area and defend it appropriately.

Microsoft Recommendations

Microsoft recommends that if you think that you are infected with this malware, you should use your security software to detect and remove the threat. Remember to use appropriate software based on which operating system you are using. Microsoft states that Windows Defender works best for Windows 10 to detect and remove this malware. Microsoft Security Essentials works for Windows 7 and Windows Vista and has the appropriate defense and removal for this malware. After detection and removal, you should update your software to further protect yourself from future exploits.

Similar previous attacks

Attacks like this are not rare in the least. For example, in November of 2017, there was also a vulnerability in Microsoft Office 2000. This flaw allowed hackers to install malware without user interaction. So, while you were just writing a report in Microsoft Word, hackers were downloading malicious malware into your computer without your knowledge or permission. This could easily be fixed by updating software, such as using only the most recent form of Microsoft Office, so that your computers and networks are protected against the latest of threats.

We should stay vigilant, to protect our network and our businesses. Knowing what is out there and what can wreak havoc on your business is half the battle. The other half is updating your staff and your software to ensure that you are providing the most vigorous defense possible. Look for vulnerabilities in your system and business. Additionally, it is crucial to stay up to date with the latest cyber-attack news. This will keep you in the know as far as what is out there, and what potential threats can affect your business.

If you think your network or computer may be vulnerable to an attack, call us today (913) 210-1950. Let us help you safeguard your systems before it’s too late!

Replacing Tech Too Frequently?

How often do you buy a new laptop, tablet or mobile phone? Does it seem like there’s an internal alarm clock that predicts the time of your next purchase? We can help you hit the “snooze” button and save more money.

Image result for computer for service

Apple made news recently with an admission of its practice to release updates that would slow performance of older phones as a byproduct, indirectly increasing frustration and thereby prompting consumers to “need” to upgrade their phone. It’s been a long-running joke that, with two-year contracts with mobile service providers, consumers could count on increased frustrations near the 18-month mark to build anticipation for the next smartphone iteration.

The manufacturer’s suggested retail price (MSRP) of consumer goods relies on the basic elements of supply and demand. While consumers maintain the mentality of “upgrade every two years”, manufacturers released new products on a set timetable, and subsidized costs helped to feed our appetite for the newest, fastest tech with the coolest features. Who doesn’t love a built-in schedule feeding supply and demand? Desktop computing systems experience the effect, as well, though the phenomenon doesn’t receive the same coverage, perhaps because these systems have been around for longer than mobile devices and consumers have just come to accept the situation.

Now that the days of service contracts and subsidized phone costs are over, consumers hold more control over their technology – and their wallets.  With the barrier to entry centering on higher costs — that are no longer subsidized — consumers are looking for ways to make all types of tech last longer. This is especially helpful given that the cost of tablets, most notably the iPad, continues to inch higher as our dependency on mobile technology increases. How can we make our smartphones, tablets, laptops, and desktop tech last longer and run more smoothly?

Desktops and Laptops

Review your system using these guidelines as a checklist, and see how some light housekeeping may help:

  • Is your system freezing or crashing more often?
    • Crashes and freezing can be a reminder to reboot, allow your applications to restart and reset, clear your memory cache and cookies, and just give your machine the chance to let go of anything it’s been unnecessarily holding onto in temporary files.
    • These can also be a sign of something more serious, and it may be a good idea to run an antivirus program, like Webroot, to make sure you’re not a victim of malware, viruses, or ransomware attacks.
  • Is your storage nearly full?
    • When a hard drive fills over 75% capacity, the effect on a system is an overall slow-down. Consider moving to a free cloud-based storage solution, like Dropbox or Google Drive. If you’re an Amazon Prime user, take advantage of your benefit of unlimited photo storage that also offers you the ability to organize photos into albums that you can share with friends and family with just a click.
  • When was the last time you checked for and installed system updates?
    • Outdated operating systems can significantly decrease a system’s performance. Check for updates and install them, since these almost always contain updates that improve performance and maintain security.
  • Is your computer clean?
    • We don’t mean viruses here – we mean “clean”. Dust and particles can get down into crevices and gunk up innards. This can impede airflow, causing a system to overheat, and make your system work harder than it needs to operate effectively. A can of compressed air can do wonders with hidden dust particles in the tiniest of spaces.

Smartphones and Devices

Much like with any computer, smartphones and tablets need routine maintenance to perform at their best. Sluggish and slow speeds hinder your ability to get things done. Never is the phrase “time is money” truer than when trying to send an email or make a call, in attempt to conduct business and finalize a transaction.

Keep your mobile devices operating at their peak efficiency by regularly checking through the following areas:

  • Photo storage
    • Ever wondered why smartphones still offer the option of the shutter sound when taking pictures? The sound is both nostalgic and satisfying. We take photos of moments to help us remember – but we take more photos now compared to the days of film.
    • Our digital memories are eating up our digital storage. Cloud storage is an easy solution, but few take advantage of the opportunity. As we mentioned earlier, Amazon Prime users can take advantage of free unlimited photo storage and create shareable albums. This is a safer option than Facebook, given it’s a service you pay for, and you retain control of the account!
  • Email Inbox(es)
    • A single email message has an almost undetectable impact on your phone’s operation, but how many emails do you get in one day? A hundred? More likely a few thousand messages or more come to you throughout the average work week, and that fills space quickly in your device’s memory. De-clutter your inbox, and start seeing a difference.
  • How many applications do you have installed that you don’t use?
    • Applications can take up a lot of memory space. You can see which applications have the greatest impact on your phone’s settings, and eliminate applications that you haven’t used. Regain screen real estate, too!
  • How many applications are running?
    • Not only can applications take up space, but they can also drain your battery faster. Over time, this can wear down your battery which means it will just drain faster and faster, regardless of how many applications are running at any one time.
  • Internet windows
    • Much like on a desktop where you may have more than a dozen tabs open and running in a single Internet browser session, your phone will open a new window as many times as you like. Again, much like with your desktop browser that stores cookies and browser history that takes up RAM, your phone keeps this data stored, as well, slowing down operations.
  • When in doubt, restart
    • The occasional restart can act as a “reset” for your phone, and you may see an improvement in performance after rebooting.
  • Are there updates available?
    • Whether for an application or your operating system, there are reasons that updates are made available to consumers. Updates are intended to improve the overall operation of your mobile device, and it’s recommended that you keep your phone’s operating system and applications up to date.
  • Is your device clean?
    • Keep your screen wiped, your speakers clear of debris, and your camera lens and charging port clean. Dust and grime can creep into the tiniest of crevices and build up, affecting the interior workings of your phone.

Keeping your technology operating efficiently takes effort on your part, but the return on your time investment will extend the lifespan and decrease the long-term maintenance costs you would need to spend otherwise. Following these basic preventive maintenance tips will make your tech last longer and save you time – and money. For more advice on saving money and getting more from your technology, call Cenetric at (913) 210-1950 or email us at info@cenetric.com

Nonprofits need tech solutions that work: Here’s how the market is helping out.


Technology and NPOs have always had an interesting relationship: Nonprofits tend to be less impressed customer-focused marketing, and less willing to invest in new long-term technology unless the ROI is visible, preferably with a few industry examples to back it up. However, a technology used correctly can be an advantageous source of savings and efficiency for NPOs, often targeting the very problems they want to get rid of.

The key is finding the latest tech solutions that are having a provable impact on organizations beyond the hype for “the most recent thing.” Let’s take a look at the top trends that impress us the most.

The Cloud Continues to Revolutionize Structure

Cloud data means less dependence on hardware and the enablement of flexible, fast organizations that don’t have to rely on traditional structures when their important data can be anywhere, at any time. This has proven particularly beneficial for NPOs, which tend to prefer more adaptability and more flexible work arrangements including remote work, working from home, scheduling trading, and more. In other words, your data is better off if it can be accessed from the cloud.

The key, however, is finding cloud services that you can trust. It is not a good idea to change your organizational structure based on cloud services without proper encryption and verification. The good news is that professional options like OneDrive and Google Storage have proven to been reliable storage options, and are available free or with discounts for NPOs.

The New Age of Digital Payments

NPOs love digital payments, and for a good reason: They enable immediate payment based on appropriate calls to action that can be connected compelling content or messages, giving donors something to do with their emotions while bringing in funds more reliably. But today’s digital payment options go far beyond the normal PayPal link: Facebook now has an option that allows people to donate while they are still on the social network. YouTube has donation cards that can carry viewers away to an online payment option. Twitter and Snapchat are experimenting with $Cashtags and Snapcash for instant methods of giving away money. Even Gmail has an automatic money transfer option for those you exchange emails with. It’s an exciting time for digital payments, and a good idea to review the latest technology services for nonprofits to see how they are changing.

Chatbots for More Than Just Selling

Chatbots are finally coming into their own, and that includes a lot of interesting applications for non-profits that sometimes have trouble communicating their full mission. For those who haven’t encountered many before, a chatbot is a system that pops open a chat window on a website and offers information or services for visitors. These are automated systems with AI capabilities, so a real person doesn’t need to manage them – they can explain things all on their own, and well-crafted chatbots are skilled at making conversations look as normal as possible.

These days, chatbots are a popular marketing topic and are likely to become ubiquitous as time goes on. You can craft them in Facebook, buy them for your website, and program them for your Skype software. For nonprofits, this means the bot can pop up ready to have a conversation with any visitors about what the nonprofit is, how it works, and what connections it has to local events or news. Since chatbots are already being used to sell products within the app, we also expect to see donation options that the bot can offer interested visitors, increasing funding as well as awareness.

CRM for Donors

Today’s customer relationship management solutions are diverse and, thankfully, much more modular than in the past, allowing organizations to pick out the services they need with the guarantee they are all designed to work together across the same platform. And these vendors have no trouble working with NPOs – after all, a customer and a donor share most things in common when it comes to managing and using data. So a good CRM system can help reach more donors, utilize information more effectively, and create more powerful sales funnel.

One way we’re seeing this benefit today’s donors is via email: While it’s trendy to think of email as an “old” method of communication, it’s actually doing very well on the marketing front – indeed, when it comes to results, good old fashioned emails keep on improving, especially in the mobile sector: Social media remains popular for personal use, but many people just prefer to conduct more professional matters, including donations, through email.. If you don’t have a CRM system set up to take advantage of email messaging, it’s time to consider one.

More Applications for the IoT

The Internet of Things, in abstract, is pretty easy to understanding: A bunch of smart devices send data to their respective services, and we learn more about things while also gaining greater control over the technology around. However, finding specific ways this impacts NPOs is a bit more challenging: However, there’s a ton of potential in the IoT and the ideas currently being tested here are exciting.

Roughly, smart devices for non-profits fall into two different groups. The first is infrastructure: When smart devices can tell you how well concrete pillars are holding up, how much heat buildings are retaining, and how efficiently energy or water are used, then nonprofits become very interested in accessing that data for their reports and fundraising. The second group are sensors that can be used in marketing. For example, we are entirely making up: “Thanks to our new partnership with GeoTesla, every time your car passes a local city park you can choose to automatically donate $1 to our land improvement project!”

App Partnerships

One of the greatest advantages of today’s apps is that they can be created by even small organizations, and they are adaptable enough that any NPO can find a way to use apps. Not sure where they may fit in with your goals or partnerships? Check out some of the more innovative uses of non-profit apps currently at work for ideas. However, app creation requires a lot of cost-benefit analysis and asks quite a lot of donors (when was the last time you wanted to download another app on your phone?). Remember to stay creative!

For more information on our non-profit managed services and other IT services for nonprofits (including consultations on what you need), contact Cenetric at info@cenetric.com or (913) 210-1950!

The Benefits of Structured Cabling for Your Business

  • How much do you know about your company’s IT network?
  • What type of cabling system do you use? 
  • When was the last time you upgraded your network cabling?

These are questions any business owner should have answers for. However, if you’re like most that we consult for, your answers aren’t sufficient.  Your IT network is the backbone of your organization. Without a strong network, your employees are wasting time and losing productivity every day.


Are you using old technology and running your business on an out-of-date network?

If so, it’s time for an update.

One of the most useful updates you can make to your network is to switch from that old point-to-point cabling system to a highly functioning structured cabling system.

Point-to-Point Cabling vs. Structured Cabling Systems

These are the only two methods for transporting data through network cables. Many continue to use the old point-to-point cable method for their data infrastructure. A point-to-point cabling system has a tendency to cause problems as your network needs expand is size and complexity. To understand why, you must know how a point-to-point cabling system works:

A point-to-point cabling is set up by connecting one component of a network, a server, switch or a device, directly to another component of the network using a fiber-optic cable. Twenty years ago, this type of wiring was an elegant solution for quickly and easily stringing together a network. At that time, most networks were small, and IT departments were smaller.

Today, as networks grow, and fast transfers of huge amounts of data are more essential, maintaining these older point-to-point cabling system, along with the thousands of cords necessary to operate them, places a big strain on a company’s IT resources.

To avoid dealing with this, many companies have switched to a structured cabling system. Instead of connecting each individual component of a network directly to another, a structured cabling system connects the servers and storage units directly to a communication backbone.

Local cabling panels are installed throughout the office and connected to the communication backbone with a single cable. A user can then connect his device to the entire network by simply plugging a short cable into the closest cabling panel.

The Benefits of Structured Cabling

You may be thinking, “Hey, isn’t adding a communication backbone and redoing all the cable systems in my office going to be expensive?” The answer is yes. Installing a structured cabling system can be costly, but it’s an investment in the future of your business.

Why is it such a good investment? There are many reasons. A structured cabling system:

  • Pays for itself. It’s true that changing from a point-to-point cabling system to a structured cabling system isn’t cheap. The cost of installing a structured cabling system can range from $100 to $500 for each connection. Companies in older buildings with less access to the ceiling and subfloor can expect to pay even more. But the investment will eventually pay for itself by both making your employees more effective and lowering IT costs.
  • Reduces the time necessary to make repairs. Since a structured cabling system is segregated into a group of devices connected to a single local cabling panel, it’s easy for your IT professional to identify problems and solve issues. An additional benefit is that users’ work won’t be disrupted if their devices aren’t connected to the cabling panel being serviced.
  • Helps you plan for the future. A cable has an average useful lifespan of 15 years. That’s two to three times longer than most devices.  The cabling system you install today is going to be around for a long time, and will handle several generations of devices. No one knows how large your business will grow, or what future devices you may require.  However, when you switch to a structured cabling system, you’re helping to future-proof your network.
  • Offers increased flexibility. Adding more devices to the network is much easier when using a structured cabling system. Instead of running a new cable from additional devices to a switch or server using a long cable, your IT professional can simply connect the device to the closest cabling panel. Removing devices is just as easy.  Simply disconnect the device from the cabling panel and the job is done. No more orphaned cables to find and remove, like when using a point-to-point cabling system.

Isn’t it time for you to make the switch from point-to-point cabling? Cenetric can install a structured cabling system for your business in Kansas. Contact us for a complimentary assessment of your cabling needs. (913) 210-1950 or email us at info@cenetric.com

6 Lessons Every Company Should Learn from the WannaCry Ransomware

WannaCry’s ransomware attack is mostly over – here are the lessons businesses must learn from the experience.


WannaCry was a particularly nasty bit of ransomware that infected Windows systems via network connections and encrypted important files to hold them as a ransom for bitcoins. The first wave of WannaCry is over, and we can learn a lot of important lessons from its rise and fall.

1. Operating Systems Change for a Reason

This is probably the number one lesson from WannaCry: The disappointing thing is that is a very familiar lesson that every security experts know well. You have to keep updating your operating system, not just to keep up with the times, but also to protect your business data.

This advice is so common that the real problem is probably something more insidious: Business leaders refuse to take responsibility for the platforms and operating systems they are using. WannaCry is the consequence for that leadership failure, and the sooner organizations recognize that, the better they will be able to plan for the future. Windows XP was particularly vulnerable to WannaCry – that’s an operating system that’s 1)12 years old, 2)surpassed by 4 newer versions of the operating systems with far more advanced tools and integration, and 3)an OS that hasn’t had any support at all from Microsoft (outside of this emergency patch) for nearly three years.

The very common excuse that business makes here is that, “We can’t update because of this regulation, or that compliance issue, or the need to maintain services to our customers.” First, these are incredibly weak excuses. A full upgrade will always take time, resources, and careful planning to meet necessary regulations. That’s part of the process, not an excuse to avoid it. Second, many organizations don’t even realize these are poor excuses because they haven’t actually asked experts. The first thing an organization should do if they are worried about upgrading an older operating system is to bring in an IT expert that has experience in these types of upgrades and ask for a consultation, advice, and ultimately a game plan for the best possible outcome.

2. Patches Don’t Just Get in the Way – They Protect Against Threats

Close behind the lesson about upgrading to new versions of your operating system is the importance of patching. Let’s divided this into two steps. First, your company must be aware of available patches, as they come out, and what they do. This is really easy, even if you aren’t in IT. New patches are heralded by blogs, emails, tweets and many other sources of information explaining what they are and what they accomplish.

Second, give top priority to any patches that are designed to fix vulnerabilities and increase security. Require all employees to download that patch on all machines, that day. Period. You don’t even have to turn on automatic updates, just make sure those patches are downloaded. WannaCry was patched back in March, but guess what? A lot of organizations have no patch plan or requirements, so it didn’t matter.

3. Lack of Awareness is a Vulnerability

Combine both our first lessons, and you get a reminder worth noting – companies cannot claim ignorance here. We have to be aware of the current security dangers, and how to deal with them. That means paying attention to what IT says, understanding how the business systems work, and knowing when a new malware or virus attack hits. These days, no manager can say, “Well, it’s not my problem.” It is.

4. A Single Good Practice Can’t Protect You From All Malware

In the past, most ransomware like WannaCry was spread primarily through phishing emails, and strong anti-phishing strategy was very effective at dealing with the threat. But guess what? Things changes. Cyberattacks regularly evolve and find different, more insidious ways to locate new victims. You cannot count on a single strategy to prevent any particular threat.

5. Network Segmentation May Be Growing More Important

Network segmentation refers to devices that avoid connecting to the business network or connect only briefly in closely monitored situations to avoid data vulnerabilities and malware. Especially after WannaCry, this is looking like a good strategy for companies that handle a lot of sensitive information.

6. The Consequences Will Always Be Worse Than Necessary Preparation

Some of the organizations affected by WannaCry include the UK National Health Service, the South Korean and Chinese governments, and organizations in more than 150 countries. Emergency health services were canceled, governments were unable to offer services, factories were suddenly shut down, and much more. This led to tremendous losses, and will probably lead yet again to a whole lot of fines, firings, and the loss of contracts. It doesn’t matter how demanding security changes are, they are always easier than dealing with the aftermath of a bad attack.

For more information on how to prevent the latest malware attacks, contact Cenetric at (913) 210-1950 or by sending us a message at support@cenetric.com.

It’s Not Even Close to Over… Wanna Cry?

In case you have been living in a cave the past three days…

Wanna Cry is a ransomware that spreads like wildfire by leveraging a Windows SMB exploit to remotely access and infect computers running on unpatched or unsupported versions of Windows. It infects the targeted computer then moves on to others on the network and those it can find on the open internet.


237,000 computers across 99 countries have been infected thus far.

The news has reported that a 22-year-old security researcher has stopped the Wanna Cry ransomware plague.

That’s only partially true.

He found a “kill switch” in the code of Wanna Cry that will keep one strain of Wanna Cry from infecting computers.

Here’s the problem…

Now there are multiple strains of Wanna Cry cropping up across the globe.

Some with a different URL “kill switch,” and if reports can be believed, at least one strain with no “kill switch” at all. This “no kill switch” variant is believed to have been created by parties not related to the criminals who developed the first Wanna Cry code.

Whatever the final number of Wanna Cry strains ends up being, the truth is that we aren’t even close to being done with Wanna Cry. And the criminals in control of this cyber-WMD aren’t done with causing us pain.

Yes, the infection rate has slowed, but that lull is likely only the calm before the second wave of the storm – according to industry experts.

Where did Wanna Cry come from?

There is no public information on the criminals behind Wanna Cry, but the SMB exploit they are utilizing is believed to be part of a hacking toolset that the NSA allegedly created and lost control of when a group of hackers called “The Shadow Brokers” stole it and dumped it onto the dark web.

Currently, the predominant strains of Wanna Cry are being thwarted before they infect computers by utilizing the method discovered by 22-year-old MalwareTech.

He discovered that by registering a domain name that was buried in the ransomware’s code, he was able to create a “sinkhole” that didn’t allow the virus to infect the computer.

The problem is that if the connection to this “sinkhole” domain is lost, Wanna Cry will move into “infect” mode.

As we have stated above, there are now several strains of Wanna Cry out there with a “kill switch” domain name in their code. Each unique domain name must be registered so that a “sinkhole” is created for that strain.

Even with these domain name “sinkholes,” we aren’t out of the woods.

Malware Tech, the security researcher who found the first “kill switch” buried in Wanna Cry code, has stated that “WannaCrypt (or Wanna Cry) ransomware was spread normally long before this and will be long after, what we stopped was the SMB worm variant.”

There are some scenarios that will allow your unpatched computer to be infected – even with the kill switch in place. Here they are

  • If Wanna Cry comes to you via an email, a malicious torrent, or other vectors (instead of SMB protocol).
  • If your ISP or antivirus or firewall revokes access to the “sinkhole.”
  • If your system requires a proxy to access the internet – common in corporate networks.
  • If someone utilizes a DDoS attack to makes the sinkhole domain inaccessible.

What to do…

The cyber-security experts of Cenetric advise you to:

  • Patch your computers
  • Run a decent anti-virus (We highly recommend Webroot)
  • Make sure your backups are current and secure

Because of the high-profile nature of this ransomware attack, there will be copycats that make Wanna Cry even more virulent and destructive.

Wanna Cry 2.0 is inevitable.

It’s important that you act proactively for your company now and get the Cenetric cyber-security team on your side.

We have the resources to help you stay running and safe.

Contact Cenetric today at (913) 210-1950 or info@cenetric.com

Dangerous Google Docs Phishing Scam on the Loose


This is a copy of a letter sent to our clients yesterday:

Please be aware that the964345bedcd94234a11f9eb0940fa2eere is an extremely sophisticated and real-seeming Google Drive phishing attack making the rounds right now. The attack appears to be an invite to a shared Google Doc, usually from a trusted sender. Clicking the link will take you to Google’s  sign-in page, just like a normal Google doc invite. However, by accessing the document, you grant it full permission to your account details, including the ability to access Gmail, Google Drive, and a wealth of other information.

Thankfully, the email is pretty easy to spot. It is addressed to hhhhhhhhhhhhhh@domain.com, and doesn’t quite look the same as a standard google doc share. If you receive an email like this, please delete it immediately. If you have already opened the document within, please contact Cenetric immediately for assistance revoking the associated permissions.

The below image is what the header looks like:


Thank you,

Cenetric Support