October 10th, 2021 by hankshelp
Posted in Newsletters, Patches, Uncategorized, Updates | No Comments »
August 31st, 2021 by hankshelp
“Hive “uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments, to gain access and remote desktop protocol (RDP) to move laterally once on the network,” the alert states (see: 7 Emerging Ransomware Groups Practicing Double Extortion).
“After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, HiveLeaks,” the alert notes.
Every encrypted file gets saved with a .hive extension appended, the FBI says. The Hive operators then drop a hive.bat script into the directory, which enforces an execution timeout delay of one second to perform cleanup after the encryption is finished by deleting the Hive executable and the hive.bat script, the alert notes.
“A second file, shadow.bat, is dropped into the directory to delete shadow copies, including disc backup copies or snapshots, without notifying the victim, and then deletes the shadow.bat file. During the encryption process, encrypted files are renamed with the double final extension of *.key.hive or *.key.*,” according to the alert.
Later, a ransom note, “HOW_TO_DECRYPT.txt,” gets dropped into the affected directory and warns against attempting to modify, rename or delete the key file, saying that doing so will make encrypted files unrecoverable.
“The note contains a ‘sales department’ link, accessible through a Tor browser, enabling victims to contact the actors through live chat. Some victims reported receiving phone calls from Hive actors requesting payment for their files,” the alert says.
The alert states that the initial deadline for payment fluctuates between two to six days, although it can vary.”
Posted in Uncategorized | No Comments »
July 8th, 2021 by hankshelp
“Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.”
Posted in Uncategorized | No Comments »
June 14th, 2021 by hankshelp
Posted in Uncategorized | No Comments »
April 14th, 2021 by hankshelp
“The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.
Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp.
In all, Adobe fixed 10 security holes in its products during its scheduled April updates, seven of them listed as critical.”
Posted in Uncategorized | No Comments »
April 14th, 2021 by hankshelp
Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server — the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.
Posted in Uncategorized | No Comments »
August 18th, 2020 by hankshelp
“Today, we’re announcing that Microsoft 365 apps and services will no longer support Internet Explorer 11 (IE 11) by this time next year.
This means that after the above dates, customers will have a degraded experience or will be unable to connect to Microsoft 365 apps and services on IE 11. For degraded experiences, new Microsoft 365 features will not be available or certain features may cease to work when accessing the app or service via IE 11. While we know this change will be difficult for some customers, we believe that customers will get the most out of Microsoft 365 when using the new Microsoft Edge. We are committed to helping make this transition as smooth as possible.”
Posted in Uncategorized | No Comments »
July 19th, 2020 by hankshelp
Posted in Uncategorized | No Comments »
May 28th, 2020 by hankshelp
Posted in Uncategorized | No Comments »
February 27th, 2020 by hankshelp
“All large organizations require Print Servers which connects printers to client computers over a network. Print Servers manages the jobs initiated by users based on the printer availability. Microsoft is now working on a new service called Universal Print that will eliminate the need for Print Servers. Universal Print is a cloud-based print infrastructure that will enable great print experiences for both users and IT departments. Universal Print can be deployed on Azure and will be available to business and educational organizations of any size.”
Looks like it may depend on Azure…
Posted in Uncategorized | No Comments »