Recent Comments

    Blogroll

    Search

    Archive for Uncategorized

    Security Mailer Volume 21 Number 52

    January 3rd, 2022 by

    Security Mailer Volume 21 Number 52

    • Open Source patches
      • OpenJDK
      • log4j12
      • OpenSSH
    • Linux updates and patches
    • Microsoft breaks Exchange Server with faulty anti malware update
    • General Security reviews last week
    • Wireshark updates

     

    Posted in Newsletters, Patches, Uncategorized, Updates | No Comments »

    Security Mailer Volume 21 Number 49

    December 12th, 2021 by

    Security Mailer Volume 21 Number 49

    • Mozilla updates
      • Firefox
      • Firefox ESR
      • Thunderbird
    • Cisco security advisories
      • Apache Log4j affecting Cisco
    • Open Source
      • Mozilla Network Security Service Library
      • VIM
      • mailman
    • Linux updates and patches
    • General Security reviews last week
    • Apache Log4j Java Logging
    • Sonic Wall VPN Appliance Vulnerabilities

    Posted in Uncategorized | No Comments »

    Security Mailer Volume 21 Number 47

    November 28th, 2021 by

    Security Mailer Volume 21 Number 47

    • Cisco security advisories
    • Open source
      • Thunderbird
      • Axis
      • NTFS-3G
    • Linux updates and patches
    • Microsoft updates revised
    • General section reviews last week
    • Wireshark new version release

    Posted in Uncategorized | No Comments »

    Windows 10 or Windows 11?

    October 30th, 2021 by

    On October 17, 2021, I upgraded my Surface Laptop 4 from Windows 10 Pro to Windows 11 Pro. The actual upgrade went smoothly with no apparent problems or error. All my apps and hardware worked as before.

    After almost 2 weeks, I’ve seen the following issues or problems.

    • Let’s start with the obvious.. The Start menu. While it takes a bit getting used to, it’s not hard to adjust. Just tedious.

      My problems with it are:

      • Why populate it with a load of built-in/default programs?? It required deleting almost all of them and adding the programs that were there in Windows 10.
      • Why only show 21 apps??
      • Why include the “Recommended” section??? It’s completely useless to me
      • The menu can’t be adjusted.
      • The old list of apps requires an additional click.
    • Next, The toolbar. Lots to dislike here.Probably haven’t seen all of it.

      • Location is fixed at the bottom. WHY??? Every previous version of Windows allowed me to move it to the top and hide it. After two weeks, I’m still moving the mouse to the top of the desktop before I remember.
      • Icons are in the middle or the left of the toolbar.
      • Can’t drag & drop objects onto the toolbar programs.
        • First off, I may need to describe pinned quick items.
        • Previously, I was able to select an icon on the desktop or in a folder and drag it to the appropriate program icon on the taskbar. It would show up in the “Pinned list when I right clicked on the icon.
        • Now, I get the “Not” symbol. I depend on this ability to allow me to have a clean desktop and not have to use menus or sub-menus.
        • When I would right click on the blank area of the toolbar, I would get a menu which included “Task Manager”. I use this a lot. Now, all I get is “Taskbar Settings”. I had to search for “Task Manager”. Right click on the item and select “Pin to taskbar”
    • Windows 10 automatically hid most of the icons that would appear in the right-hand corner and put them into the “overflow corner”. Windows 11 puts almost none in there, making the toolbar that much more cluttered. You have to go to Taskbar settings, select the “Tab Corner overflow” option and select the icons to “hide”.
    • I have two options for speakers: the laptop and the external display. I prefer the external display, but it’s an older display and it will often cut out, requiring I switch to the laptop. With Windows 10, I clicked on the sound icon in the corner and switched. With Windows 11, I had to pin the Settings icon to the taskbar. Then I could select it, select “sound settings” and, finally, switch.

    Bottom Line

    As I said, everything I’ve described can be adjusted, recreated or done in an alternate way. After 2 weeks, though, I still find them annoying. I expect over time I’ll get less and less annoyed (hopefully as they update and change the OS). However, I have to say that I haven’t seen a single thing that I would consider reason enough to upgrade from Windows 10. In old terms, it’s kind of like a “Service Pack”.

    For the average user, I don’t see any reason to leap unless there is some new or “improved” function that is needed or wanted. Windows 10 will be supported until October 14th, 2025 .Needless to say, a lot about Windows 11 will change over the next 4 years!!

    Posted in Uncategorized | No Comments »

    Security Mailer Volume 21 Number 40

    October 10th, 2021 by

    Security Mailer Volume 21 Number 40

    • Mozilla updates
      • Firefox
      • Firefox ESR
    • Cisco security advisories
    • Linux updates and patches
    • General security reviews last week
    • Wireshark updates

    Posted in Newsletters, Patches, Uncategorized, Updates | No Comments »

    FBI Issues Alert on Hive Ransomware

    August 31st, 2021 by

    FBI Issues Alert on Hive Ransomware

    “Hive “uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments, to gain access and remote desktop protocol (RDP) to move laterally once on the network,” the alert states (see: 7 Emerging Ransomware Groups Practicing Double Extortion).

    “After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, HiveLeaks,” the alert notes.

    Every encrypted file gets saved with a .hive extension appended, the FBI says. The Hive operators then drop a hive.bat script into the directory, which enforces an execution timeout delay of one second to perform cleanup after the encryption is finished by deleting the Hive executable and the hive.bat script, the alert notes.

    “A second file, shadow.bat, is dropped into the directory to delete shadow copies, including disc backup copies or snapshots, without notifying the victim, and then deletes the shadow.bat file. During the encryption process, encrypted files are renamed with the double final extension of *.key.hive or *.key.*,” according to the alert.

    Later, a ransom note, “HOW_TO_DECRYPT.txt,” gets dropped into the affected directory and warns against attempting to modify, rename or delete the key file, saying that doing so will make encrypted files unrecoverable.

    “The note contains a ‘sales department’ link, accessible through a Tor browser, enabling victims to contact the actors through live chat. Some victims reported receiving phone calls from Hive actors requesting payment for their files,” the alert says.

    The alert states that the initial deadline for payment fluctuates between two to six days, although it can vary.”

    Posted in Uncategorized | No Comments »

    Microsoft Issues Emergency Patch “PrintNightmare”

    July 8th, 2021 by

    Microsoft Issues Emergency Patch for Windows Flaw

    Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.”

     

    Posted in Uncategorized | No Comments »

    Security Mailer (2021 #23)

    June 14th, 2021 by

    Security Mailer Volume 21 Number 23

    • Adobe security updates for Acrobat and Reader, many other products
    • Cisco security advisories
    • Linux updates ands patches
    • Linux Synopsis
    • Microsoft
      • Patch Tuesday updates and patches,
      • Security Advisories
      • Security Update Releases
    • General Security reviews last week
    • Android security bulletin,
    • New TLS attack,
    • Google patches 0-day for Chrome

    Posted in Uncategorized | No Comments »

    Adobe April Updates and Patches

    April 14th, 2021 by

    Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

    “The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.

    Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp.

    In all, Adobe fixed 10 security holes in its products during its scheduled April updates, seven of them listed as critical.”

    Posted in Uncategorized | No Comments »

    Patch Tuesday 13Apr21

    April 14th, 2021 by

    Microsoft Patch Tuesday, April 2021 Edition

    Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server — the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.

    Posted in Uncategorized | No Comments »

    « Previous Entries