Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

Project Management — Future integration of Artificial Intelligence

Dr. Harold Kerzner shares an insightful article on future of PM profession and the greater use of technology in modeling and optimization of resources, critical paths, and cost savings. 

AI offers advantages of real time tune ups in the plan and as an expert assistant to the overall PM.  AI still cannot take over the human role of management and leadership concepts, (including grateful leadership concepts that improve teamwork).

I have worked with Microsoft Project extensively and even taught PMM classes for a former company.  Dr. Kerzner is an excellent instructor & author, and am thankful for past attendance of training classes.  This article shares that improved future tools are coming to help the project manager better manage time, people, and material resources

IIL blog  – Project Management and Artificial Intelligence (AI)
http://blog.iil.com/project-management-and-artificial-intelligence-ai/

Recently, I conducted a webinar on The Future of Project Management. During the Q&A session that followed, I was asked if PM 4.0 would include a discussion of the role of artificial intelligence (AI) applied to project management. I was also recently interviewed by a person working on a graduate degree, who asked what I believed would be the relationship between project management and AI in the future.

It appears that the world of AI is now entering the project management community of practice, and there is significant interest in this topic. While I am certainly not an expert in AI, I became curious about how developments in AI could benefit project management.

A common definition of AI is intelligence exhibited by machines. From a project management perspective, could a machine eventually mimic the cognitive functions associated with the mind of a project manager such as decision-making and problem-solving?

The principles of AI are already being used in speech recognition systems and search engines such as Google Search and Siri. Self-driving cars use AI concepts as do military simulation exercises and content delivery networks. Computers can now defeat most people in strategy games such as chess. It is just a matter of time before we see AI techniques involved in project management.

Network Security Tools – File2pcap and Cyberchef May 2017

The SANS Internet Storm Center shares two newer Network Security Tools as highlighted below:

File2pcap – A new tool for your toolkit!

http://blog.talosintelligence.com/2017/05/file2pcap.html

https://isc.sans.edu/forums/diary/File2pcap+A+new+tool+for+your+toolkit/22456/

Regarding file-based vulnerabilities, the original process used to involve starting a local webserver and using a browser to download the exploit file, while recording the transfer using Wireshark. File2pcap revolutionized this requirement by simulating the traffic and creating the proper pcap without any hassles.  File2pcap started out as a tool to create pcaps from input files, showing these files in transfer from a web server to a browser. By simulating the entire data exchange it is possible to create a pcap file for any input file, usually within seconds. The result always shows a full TCP stream from SYN to FIN with packets in order and checksums correct. These pcap files can then be used in combination with a tcp replay tool (or read by Snort) to create proper rules for all file-based attacks.

CyberChef a Must Have Tool in your Tool bag!

https://gchq.github.io/CyberChef/

https://isc.sans.edu/forums/diary/CyberChef+a+Must+Have+Tool+in+your+Tool+bag/22458/

There are well over 100 operations in CyberChef allowing you to carry simple and complex tasks easily. Here are some examples:

* Decode a Base64-encoded string
* Convert a date and time to a different time zone
* Parse a Teredo IPv6 address
* Convert data from a hexdump, then decompress
* Display multiple timestamps as full dates
* Carry out different operations on data of different types

Microsoft Security – MSRT patched OOB to prevent DDoS attacks MAY 2017

Key links are shared below:

https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Windows Malicious Software Removal Tool (MSRT) helps keep Windows computers free from prevalent malware. MSRT finds and removes threats and reverses the changes made by these threats. MSRT is generally released monthly as part of Windows Update or as a standalone tool available here for download.

 – Reason for Revision: Microsoft is releasing this out-of-band CVE   Security update is available for  Microsoft Malware Protection Engine
 – Originally posted: May 25, 2017 
 – Aggregate CVE Severity Rating: Critical

WannaCry Ransomeware – 98 percent impacts were unpatched MS17-010 WIN7

Almost all operating systems lacking the MS17-010 protection were vulnerable.  However the large-scale attack was more “targeted” in nature to WIN7 specifically, as it appears to be more focused on unpatched WIN7 PCs as prime target in corporate world. Other O/S platforms were impacted –to lesser degree because O/S specific handling was not in place.   Kaspersky estimates that 98% of impacts were for unpatched WIN7 PCs. 

For example XP could have been included — but it’s use in corporate world is much more obscure (hopefully) — and those systems were safe mainly due to programming.  Unpatched XP systems abended rather than getting infected (and so do most non-targeted systems).  Corporations will have much better protection moving to WIN 10 PRO

https://www.bleepingcomputer.com/news/security/over-98-percent-of-all-wannacry-victims-were-using-windows-7/

Numbers released by Kaspersky Lab on Friday reveal that over 98% of all documented WannaCry infections were running versions of the Windows 7 operating system. Out of all Windows 7 users, the worst hit were users running Windows 7 64-bit edition, accounting for more than 60% of all infections.  The second and third most targeted OS versions were Windows Server 2008 R2, and Windows 10, respectively. “The Windows XP count is insignificant,” said Costin Raiu, director of Global Research and Analysis Team at Kaspersky Lab.  During the WannaCry outbreak, researchers discovered the worm only worked reliably on Windows 7, causing errors on other platforms, including Windows XP, on which most infosec talking heads falsely blamed for most WannaCry infections.

WannaCry Ransomeware – Huge cyber attack quickly and successfully stopped

Internet or network worm attacks are usually large scale and quickly hit those with unpatched systems or using outdated technology.  Certainly the recovery of damaged equipment and lost business opportunity make this one of the top all time attacks.  But the fix was easily achieved by patching and re-building as needed any impacted machines.  This was more a destructive event, rather than a true ransomware attack as the malicious authors did not make $$$ on this event.  Still, this was a wake-up call for all to become more vigilant

https://www.cnet.com/news/wannacry-ransomware-wimp-why-security-pros-are-staying-chill/

The WannaCry ransomware exploded onto the internet two weeks ago, causing havoc on Windows machines across the globe.  The initial spread has been stopped and PCs have been patched, but it was a rough stretch for the hospitals, small businesses and others that got shut down. Hundreds of people are out the $300 or $600 ransom payments.

You might expect the security industry, which was on the front lines against the attack that locked up 300,000 computers in 150 countries, to be freaking the heck out right now. But here’s the weird thing: They’re mostly not.  “Wannacry became too big,” said Mikko Hypponen, chief research officer at cybersecurity company F-Secure

1. It was unsuccessful. It was a failure As a financial attack, WannaCry went well wide of the bull’s-eye. Unlike targeted ransomware attacks that tend to stay under the radar, it earned very little money — tens of thousands of dollars rather than millions.

2. A victim’s response — “Actually it wasn’t the worst thing that could have happened to us,” he told the forum’s audience.  There were service issues, but WannaCry has had no long-term effects on the NHS’ systems. “It was a bit scary, but the lessons we have learned from it will make us better in the future.”

3. The perpetrators remain penniless — Ultimately, only 322 victims paid the ransom — none of the NHS Trusts were among them. “That’s nothing,” said Hypponen.  The ransom that’s been collected went to three bitcoin wallets, which ultimately makes it very difficult for the attackers to collect their spoils. Bitcoin transactions, though anonymous, are trackable, and every transaction can be seen. “Everyone is watching those wallets,” said Guerrero-Saade. “”Nothing has been moved.”

Ian Levy, technical director of the UK’s recently established National Cyber Security Centre, encouraged people to not blow WannaCry’s impact out of proportion. “It was a piece of software that was written to do something nasty,” he said. “It was not a particularly sophisticated piece of software.” Cyberattacks are often referred to as “advanced persistent threats” or “ADPs,” which, Levy said, make them sound much scarier and more sinister than they actually are.

Computer Technology – Go offline briefly for a digital detox

I love this story of taking a trip in 1960 Cadillac convertible to a retro non-tech Bed & Breakfast.  It shares the need for IT professionals and power users to take a break, and enjoy a “digital detox” for a few hours or days.

Back in August 2013, I personally cut the cord and do more hiking, gardening, and other non-computer related activities.  One must set limits and even escape from the 24×7 technology that surrounds us.  Taking those breaks alleviates stress and gives one a needed rest when they return back to world of computers & smart devices 

https://www.bloomberg.com/news/articles/2017-05-19/i-did-a-digital-detox-in-a-1960-cadillac-el-dorado-maybe-you-should-too

I could point to the rash of studies that describe how exposure to screens (cell phone, computer, tablet, etc.) affects the brain like an addiction to any drug. I could paint a picture of a verdant 15-acre plot in the Delaware River Valley three hours north of New York City and a world away from the current political climate.

But mostly I want to tell you how calm I felt driving 80 mph on an upstate New York highway. I realize I have not defined what I mean by “digital detox.” It means nixing any exposure to screens for the duration of the session—TV, mobile telephone, computer, GPS, and navigation included. Concessions were made for my Sony camera, so I could shoot the trip, and the aforementioned boom box, which we held between us in the car on the way up. We used a Rand McNally Road Atlas and directions from strangers to navigate our way north

The year 1960 was the last time Cadillac made those epic wrap-around glass windshields and the year after the El Dorado logged the all-time largest fins on an American car, ever. In 1960, Car Life magazine named the El Dorado the “Best buy in the luxury field.”It came to us in convertible form with a 345-horsepower V8 engine that growled and purred like a Bengal cub.

We stayed at Milk Barn, a 144-year-old estate near Hankins, N.Y. It had been renovated as a retreat from New York City. That makes sense—the etched and stained glass throughout, the sauna, the marble countertops, and massive wooden beams above Old World wooden floors feel directly descended from European stock. In 2015, rennovations were added shcuh as white beds with Hudson Bay blankets, record players, and Palo Santo holy wood healing stocks. It was perfect for our goal of detaching and detoxing from the hyper-stimulation of modern life.

This wasn’t a major change, to be sure, but simply a shift in energy. Everything in my brain settled down and evened out. And when I got back to the office the next day I felt more refreshed than when I’ve spent long weekends physically away but constantly bombarded with alerts and news on my phone.  When I finally did log on, it caused no small amount of anxiety. The emails and texts came like a deluge. I survived, of course. That’s part of being a responsible adult.

But for days afterward I kept thinking about the fact that I felt more peaceful and engaged with the world driving a car that had no technology to speak of, in contrast with the distraction and disconnection that happen in modern cars chock full of automated and computerized systems.

Windows 7 or 8 – Users accessing NTFS control file may create BSOD

Researchers have discovered that a special file labeled as $MFT is used for specialized NTFS control functions.  While WIN10 does not appear to be affected, a “blue screen of death” abend may occur in Vista, WIN7, or WIN8 when attempting to access this file. The likelihood of occurrence is remote, as users must specifically hunt for this special control file. Microsoft will likely fix this vulnerability in future.

http://www.pcmag.com/news/353933/the-latest-pc-crash-culprit-a-4-character-filename

If you accidentally try to access a filename intended for the Windows NTFS file system, you could end up with a blue screen of death. Whatever you do, Windows 7 and Windows 8 users (and Vista users if there are any of you still out there), don’t try to open a file containing $MFT.

That filename is typically reserved for special metadata files in the Windows NTFS filesystem, but if you try to open a file that contains it as part of its directory path (i.e. c:\$MFT\123), it will crash your computer.

The problem lies with the NTFS driver, which will lock a file containing $MFT if you try to open it. The lock will never release, though, which means that anything else you try to do on your computer will be blocked while the system waits for the lock to expire. The end result? A blue screen of death with a “KERNEL_DATA_INPAGE_ERROR” message.

The likelihood that you’ll mistakenly replicate the above steps of your own accord is small. Microsoft is aware of the problem but has yet to issue a fix for it. For now, if it does happen to your PC, you can do little more than bask in the retro glow of the blue screen of death while your system reboots.

Samsung – Galaxy Book 12 launches MAY 2017

Samsung is also introducing the “Galaxy Book 12” as a laptop/tablet (2-in-1 device) to compete with Microsoft and Apple models. This Windows 10 based device has some of best display technology available — but smaller battery size was noted as one weakness

https://www.digitaltrends.com/laptop-reviews/samsung-galaxy-book-12-review/

The Galaxy Book hits the reset button on Samsung’s 2-in-1 line, with Windows 10, two size options, Intel Core i5 processors, and an improved Super AMOLED screens that promise deep black levels and unmatched contrast. Pricing starts at $1,130 for the 12-inch version, which has 4GB of RAM and a 128GB solid state drive. Our review unit, upgraded to 8GB of RAM and a 256GB SSD, retails for $1,330.  For some users, the OLED screen will be the killer feature, and admittedly, there’s a lot of appeal to a system that makes watching movies and music videos an absolute pleasure. Yet you might not watch for long, because the tablet’s battery life is a sore spot.

Microsoft – New Surface Pro launches MAY 2017

Microsoft is introducing the “New Surface Pro” to replace the “Surface Pro 4” as latest model.  Several improvements have been made and it’s more re-branded to be of a laptop or notebook computing device, rather than a tablet.  State of art INTEL Kaby Lake CPU chips also consume less power, generate less heat, and extend battery life while in use.

https://www.forbes.com/sites/haroldstark/2017/05/26/fans-rejoice-microsoft-has-reinvented-the-surface-pro-4/#4a7ddee63100

Microsoft has launched a new Surface Pro. Microsoft’s new machine makes subtle and important upgrades in many areas.

1. Design – It’s Now A Laptop — New Surface Pro has more rounded corners, redesigned heat venting, an improved 165 degree kickstand

2. Display – Old Dog, New Tricks — The native resolution remains 2736 x 1824 pixels (267 ppi) and there’s the same support for 10 point multi-touch. However, New Surface Pro has native support for the Surface Dial which will be added in near future

4. Performance – Laptop Class — moves to Intel’s ‘Kaby Lake’ chipsets for improved speed, cooling, and reduced power consumption

5. Software – Windows 10 Pro or Windows 10 S — will ship with Windows 10 Pro, but Microsoft has confirmed it will with more limited Windows 10 S eventually

6. Connectivity – One Step Forward, One Step Back — Microsoft is finally adding the option for integrated 4G LTE. USB Type-C is nowhere to be seen on the New Surface Pro other than via a supplied dongle.

7. Battery Life – The Best Change –The shift to Kaby Lake is a big deal and with it comes Microsoft’s bold claim that the New Surface Pro will last up to 13.5 hours on a single charge. This compares to nine hours with the Surface Pro 4 (increase of 50%)

8. Price – More Through Less — On paper Microsoft is retaining the same pricing with the New Surface Pro as the Surface Pro 4 with prices starting from $799. And yet the reality is Microsoft’s charging more because the Surface Pen ($99) is no longer included

Ransomware – Jaff uses PDFs with malicious embedded Word documents

A new major ransomware attack called “Jaff” has surfaced which is being massively spammed in the wild. It uses PDFs with malicious macros embedded in Word documents to avoid detection by many email scanners (as users may have to open documents to trigger AV detection due to the deep nesting of the malicious code within the PDF). Users must continue to avoid all unusual and unexpected attachments.  

http://blog.talosintelligence.com/2017/05/jaff-ransomware.html

https://isc.sans.edu/forums/diary/Jaff+ransomware+gets+a+makeover/22446/

Since 2017-05-11, a new ransomware named “Jaff” has been distributed through malicious spam (malspam) from the Necurs botnet.  This malspam uses PDF attachments with embedded Word documents containing malicious macros.  Victims must open the PDF attachment, agree to open the embedded Word document, then enable macros on the embedded Word document to infect their Windows computers.

Similar to what we saw with recent Locky campaigns, when the PDF attempts to open the embedded Microsoft Word document, the victim is prompted to approve the activity. Requiring user interaction to continue the infection process could be an attempt to evade automated detection mechanisms that organizations may have deployed as no malicious activity occurs until after the user approves. In sandbox environments that are not configured to simulate this activity, the infection may never occur, and could result in the sandbox determining that the file is benign when the reality is that it is malicious, the infection was just simply not triggered.