Security Protection – Harry Waldron MVP Rotating Header Image

Malware – Hewlett Packard releases Enterprise Cyber Risk Report 2016

Hewlett Packard has released their Enterprise Cyber Risk Report for 2016 as shared below.  As key themes, it is noted that older vulnerabilities that are actively circulating are sometimes the most popular means of attack.

https://isc.sans.edu/forums/diary/Highlights+from+the+2016+HPE+Annual+Cyber+Threat+Report/20985/

http://techbeacon.com/resources/2016-cyber-risk-report-hpe-security

HP released their annual report for 2016 that covers a broad range of information (96 pages) in various sectors and industries. The report is divided in 7 themes, those that appear the most interesting to me are Theme #5: The industry didn’t learn anything about patching in 2015 and Theme #7: The monetization of malware.

Theme #5 — According to this report, the bug that was the most exploited in 2014 was still the most exploited last year which is now over five years old. CVE-2010-2568 where a “[…]  local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file , which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010 […]” [2] is still the top vulnerability for 2015 (29% in 2015 vs. 33% in 2014), see the pie chart on page 32 showing the Top 10 CVE for 2015, where the oldest CVE is from 2009.  The Top 3 targeted applications and platform where: Windows, Android and Java which isn’t a huge surprise.

Theme #7 — This doesn’t sound really new and not that surprising, in 2015 malware needed to produce revenues. HP noted a significant increase in malware targeting ATM, banking Trojans and ransomware targeting every operating systems in particular smartphones. Some of the well-known ransomware families include Cryptolocker and Cryptowall where the malware author will request a ransom to decrypt password encrypted files but once paid often fail to provide the key. Obviously, the best protection is to regularly backup your files (and more importantly test the backup as well) in case you ever get caught by this.

Microsoft Security Updates – APRIL 2016

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release:

https://technet.microsoft.com/en-us/library/security/ms16-apr.aspx

https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+Summary+for+April+2016/20935/

https://isc.sans.edu/mspatchdays.html?viewday=2016-04-12

http://blog.talosintel.com/2016/04/ms-tuesday.html

From Talos INTEL OVERVIEW Patch Tuesday for April has arrived with Microsoft releasing their latest monthly set of security bulletins to address security vulnerabilities in their products. This month’s release contains 13 bulletins relating to 31 vulnerabilities. Six bulletins address vulnerabilities rated as critical in Edge, Graphic Components, Internet Explorer, XML Core Service, Microsoft Office and Adobe Flash Player. The remaining seven bulletins address important vulnerabilities in Hyper-V, Microsoft Office and other Windows components.

FROM ISC OVERVIEW — Among today’s Patches, here is my personal “patch ranking” by order of urgency:

1.MS16-050: This is essentially Friday’s out of band Adobe Flash patch. Adobe stated that it is already used to spread ransom ware. So don’t wait on this one.
2.MS16-039: Exploits are available for two of the vulnerabilities, and it is “no user interaction arbitrary code execution”. This is the second one you should patch fast.
3.MS16-037/38: This time, the Internet Explorer patch only fixes 6 vulnerabilities. But still, due to the large attack surface, browser vulnerabilities always need to be taken seriously.
4.MS16-042: Code execution without user interaction in MSFT office will always find someone to write an exploit.
5.MS16-040:  Another large attack surface (XML Core Services) vulnerability. Exploitability is only rated as “2” however.
6.MS16-041: This one is a bit tricky to pin down, but I rate it right after the XML Core Services due to the large attack surface (and a bit lower as it requires user interaction)
7.MS16-044: Wasn’t sure if I should rate this above ’41’ or not. I rated it lower in the end as it does require user interaction.
8.MS16-045: Only affects HyperV and the attacker needs to already have some access

Malware – German nuclear power plant cleans up infections

By design, the nuclear power controls are isolated from public networks.  A German nuclear power company discovered a number of malware infections on the business side of their network. USB devices pose some risk, as sometimes “targeted attacks” my cross over if plugged into the private side controlling the plant itself.

http://www.reuters.com/article/us-nuclearpower-cyber-germany-idUSKCN0XN2OS

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet, the station’s operator said on Tuesday.  The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE (RWEG.DE).

The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said.  Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it had increased cyber-security measures as a result.

W32.Ramnit is designed to steal files from infected computers and targets Microsoft Windows software, according to the security firm Symantec. First discovered in 2010, it is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet. Mikko Hypponen, chief research officer for Finland-based F-Secure, said that infections of critical infrastructure were surprisingly common, but that they were generally not dangerous unless the plant had been targeted specifically.

Facebook – 21 Highly Advanced User Features

PC Magazine highlights numerous advanced features that are somewhat hidden to users in 21 slides that illustrate those special techniques

http://www.pcmag.com/slideshow/story/324797/21-hidden-facebook-features-only-power-users-know/

Facebook is the principal digital public square of today. Well, it’s the principal digital public square for those of a certain age (i.e. post-college, the young’ns aren’t into it!) But Zuck & Co’s site is still an extremely integral virtual venue and will continue to be for some time.

While Facebook’s business model has evolved away from just Facebook.com to include its mobile incarnation and other associated apps, the old familiar website is still the preferred venue for many. And why not? Facebook.com one of the most advanced public-facing websites out there.

Facebook is a magnet for some of the top engineering talent in the world, so it stands to reason that the company would boast one of the world’s most complex and multi-faceted websites. It rivals many standalone software apps with the sheer amount of personalization, tweaks, and tinkering available to visitors.

In fact, there are so many things you can do on Facebook.com that you probably don’t know about them all. And we’re not even talking about the third-party Facebook apps or browser add-ons, we’re talking about all the official, baked-in, easily accessible functions that are just a few clicks away. As you’ll see in our slideshow, there are even some functions that appear to be leftovers from bygone eras that we’re not even sure Facebook still knows are there. Take a look and awaken your inner power user social super star.

Apple iPad Pro 9.7 in-depth review

Another in-depth review of the Apple iPad Pro 9.7 is shared below

http://www.slashgear.com/ipad-pro-9-7-review-on-the-road-with-the-laptop-killer-25437649/

I’ve tired of tablets, and I’m not alone. The glorious days of finger-computing arrived, certainly, but it was big-screen smartphones that benefited most from them, and persuading new or existing tablet owners to take the plunge or upgrade has proved harder than manufacturers expected. Apple’s answer is the iPad Pro, straddling segments by trying to be not only the best tablet on the market, but a legitimate replacement to your notebook too.

Apple hasn’t stinted on the hardware, with perhaps one exception. The iPad Pro 9.7 has the same dimensions as the iPad Air 2, but a much improved display: Apple says it’s 40-percent less reflective, 25-percent brighter, and has 25-percent more color saturation, but the big difference to my eyes is the True Tone technology. Think of it as the next step up from auto-brightness. True Tone uses extra sensors hidden in the bezels to look at not just the ambient light levels around you, but the color of the light too.

On the edges there are the four speakers we saw on the first iPad Pro, also doing their clever auto-orientation flipping depending on which way you have the tablet positioned. Bass is a little less present than on the 12.9-inch model, but it’s still some of the best audio I’ve heard from a slate.

Then there’s the camera. Personally, I’ll reach for my phone rather than the nearest tablet to take any meaningful pictures, which means the 12-megapixels of the iPad Pro have been somewhat wasted snapping receipts and documents as an impromptu scanner. Still, the ability to record 4K video is impressive.

What it isn’t is a cheap way to do that. The cheapest 9.7-inch iPad Pro is $599 for the 32GB version. 128GB will set you back $749, and 256GB comes in at a hefty $899. If you want WiFi + Cellular – and most travelers will – then you’re looking at a $130 premium.

Windows 10 – Anniversary edition Build 14328

Several new improvements & features will be forthcoming in next major build for Windows 10

https://blogs.windows.com/windowsexperience/2016/04/22/announcing-windows-10-insider-preview-build-14328-for-pc-and-mobile/

http://www.pcmag.com/news/343959/microsoft-drops-big-windows-10-update-for-beta-testers

Today we are releasing Windows 10 Insider Preview Build 14328 for both PC and Mobile to Windows Insiders in the Fast ring. This build is just one build newer than the Mobile build we released on Wednesday so there isn’t a lot new for Mobile. For PC though this is a MAJOR build, packed with lots of new features and improvements including Windows Ink, updated Start, and more! With the amount of code change in this build there are going to be some rough edges, some of which are called out in the known issues below. If any of those make you uncomfortable, you may want to consider switching to the Slow ring and waiting for a later build which has a bit more stabilization on these new features. We’re very excited for you to try them out and tell us what you think. Here’s what’s new in Build 14328 for PC …

Oracle – Quarterly security update schedule for 2016 and 2017

Oracle is patching large number of products and this is important to not leave out of the patching implementation process.

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Oracle Critical Patch Update Advisory – April 2016 — A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes

Critical Patch Update Schedule – Critical Patch Updates are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

* 19 July 2016
* 18 October 2016
* 17 January 2017
* 18 April 2017

Google Chrome v50 – Windows XP and Vista support discontinued

Google had in past noted an EOL for Windows XP and Vista support, that is fulfilled in release of Chrome 50

http://www.networkworld.com/article/3056615/internet/chrome-abandons-xp-vista-and-older-versions-of-os-x.html

Google yesterday released Chrome 50, and as promised last year, dropped support for Windows XP and Vista, along with three older editions of Apple’s OS X.  The upgrade to Chrome 50 will not be recognized or downloaded by personal computers running Windows XP, Windows Vista, OS X Snow Leopard, OS X Lion or OS X Mountain Lion. Those operating systems debuted between 2001 (XP) and 2012 (Mountain Lion). Users of those OSes will be permanently stuck on Chrome 49, getting neither upgrades to new versions nor security patches for newly discovered vulnerabilities.

Together, Windows XP and Vista powered 13.6% of all Windows PCs in March, or about one in seven systems. Meanwhile, Snow Leopard, Lion and Mountain Lion powered 10.7% of all Macs last month, according to data from U.S.-based analytics firm Net Applications.

Vivaldi Browser version 1 launches for Windows

The free Vivaldi 1.0 browser has just been publicly released.  It is a modern HTML5 based browser with innovative features.

Vivaldi 1.0 browser – DETAILED REVIEW
http://www.techtimes.com/articles/148170/20160407/vivaldi-browser-for-power-users-is-smooth-fast-and-highly-customizable-here-are-the-top-features.htm

Vivaldi 1.0 browser – BLOG HOME PAGE
https://vivaldi.net/en-US/

Vivaldi 1.0 browser – VERSION 1.0 Final version features
https://vivaldi.net/en-US/teamblog/102-vivaldi-finale-1-0

Vivaldi 1.0 browser – DOWNLOAD link
https://vivaldi.com/

On Wednesday, Jon von Tetzchner, the former chief executive of Norway’s Opera Software who lives in Gloucester, launched Vivaldi, a feature-saturated browser for desktop computers that solves problems you didn’t even know you had. Vivaldi 1.0 recently rolled out, and the full live version of the browser has a lot of reasons to get power users excited.  Read on to see an analysis of Vivaldi’s features that make it stand out from the crowd. This implies that more commonly found features such as automatic updates, tabbed browsing, HTML5 video support, speed dial, audio muting and tab pinning will not be covered here.

1. Tab Stacks — Stacking tabs is a good idea when you want to increase visibility in the browser. The feature appeared in the classic Opera and temporarily in Chrome, but got removed.  Dragging and dropping tabs in Vivaldi permits you to stack them into tabs.

2. Tab Tiling — By right-clicking on a Tab Stack and selecting “Tile Tab Stack,” Vivaldi users get to see the full array of tabs in one window.

3. Tab Hibernation — frees up memory by unloading sites, while keeping them listed as simple tabs. With just a right-clicking on the active tab and selecting “hibernate background tabs” every tab except the active one goes into hibernation mode.

4. Note Taking — One of the noteworthy features of Vivaldi is its capability to highlight any text on any website, and add it to a note to keep a record of it. After you highlight the text fragment in the browser, right-click the selection and choose “add selection as a note.”

5. Quick Commands — Some users enjoy having keyboard shortcuts to get around easier through the web browser, and Vivaldi accommodates their need. The F2 key will bring up the Quick Commands interface, displaying the most common activities, such as launching a new private window or closing a tab. A positive side-effect of Quick Commands is that the hotkeys remain highlighted, making it easier to use them the next time you surf the web.

6. Interface Scaling — The feature allows you to change the size of interface elements and text in the browser. A larger font size, for instance, could aid accessibility for elderly users.

7. Sessions — Existing software allow you to save a list of tabs as sessions, but they get updated every time you close the browser.

Windows 10 – WIN7 upgrade experience for Quantum Break game

This PC World article shares overview of moving from WIN7 to WIN10 to take advantage of DirectX 12 and other new graphical features.  Some of the minor issues noted are likely to be improved over coming months.

http://www.pcworld.com/article/3051795/software/quantum-break-pc-performance-running-fine-windows-store-flaws-aside.html

Well, congratulations to Microsoft. After nine months of haranguing me in the bottom-right corner of the screen, I’ve finally upgraded to Windows 10. Not exactly by choice. It was so I could play Remedy’s new game Quantum Break, which you might’ve heard is a Windows 10 Exclusive™ or whatever. DirectX 12, Xbox Live (and Xbox App) integration, the whole banana. And seeing as the last title to release through the Windows Store (Gears of War: Ultimate Edition) was a bit of a technical kerfuffle, I figured I’d best do some brief testing after a long day of reinstalling drivers and software.

The good news is the game runs preeeeeetty well for me thus far, though others have reported some performance issues. Options are slightly more sparse than your typical PC title but Microsoft has fixed some of the garbage from the Gears launch—you can turn the 30 frames per second cap off, for one thing. Games still run in borderless fullscreen though, and I have no idea whether multi-GPU setups are supported because I’m only running a single GeForce GTX 980 Ti.  Windows Store apps don’t play nice with SLI or CrossFire yet, but DirectX 12 games—like Quantum Break—can support mixed graphics card setups if developers take the time to code it in. Remedy hasn’t mentioned doing so for this game, though, so if you’re running SLI/CrossFire maybe think twice about buying. Or let me know if it works and we’ll update this.

The Windows Store is a pain. Since this was my first time installing a game from it on Windows 10 it took some Googling for me to find out how to swap what drive the Store installs to. (Hint: Go to Settings—not the Store settings but your system-wide settings, then System > Storage and change where apps are installed.) Also, there’s no support for any overlays so I have no idea what my actual frame rates are. Clever, Microsoft. Very clever.

Featuring WPMU Bloglist Widget by YD WordPress Developer