Recent Comments

    Blogroll

    Search

    Archive for Uncategorized

    Security Mailer Volume 21 Number 40

    October 10th, 2021 by

    Security Mailer Volume 21 Number 40

    • Mozilla updates
      • Firefox
      • Firefox ESR
    • Cisco security advisories
    • Linux updates and patches
    • General security reviews last week
    • Wireshark updates

    Posted in Newsletters, Patches, Uncategorized, Updates | No Comments »

    FBI Issues Alert on Hive Ransomware

    August 31st, 2021 by

    FBI Issues Alert on Hive Ransomware

    “Hive “uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments, to gain access and remote desktop protocol (RDP) to move laterally once on the network,” the alert states (see: 7 Emerging Ransomware Groups Practicing Double Extortion).

    “After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, HiveLeaks,” the alert notes.

    Every encrypted file gets saved with a .hive extension appended, the FBI says. The Hive operators then drop a hive.bat script into the directory, which enforces an execution timeout delay of one second to perform cleanup after the encryption is finished by deleting the Hive executable and the hive.bat script, the alert notes.

    “A second file, shadow.bat, is dropped into the directory to delete shadow copies, including disc backup copies or snapshots, without notifying the victim, and then deletes the shadow.bat file. During the encryption process, encrypted files are renamed with the double final extension of *.key.hive or *.key.*,” according to the alert.

    Later, a ransom note, “HOW_TO_DECRYPT.txt,” gets dropped into the affected directory and warns against attempting to modify, rename or delete the key file, saying that doing so will make encrypted files unrecoverable.

    “The note contains a ‘sales department’ link, accessible through a Tor browser, enabling victims to contact the actors through live chat. Some victims reported receiving phone calls from Hive actors requesting payment for their files,” the alert says.

    The alert states that the initial deadline for payment fluctuates between two to six days, although it can vary.”

    Posted in Uncategorized | No Comments »

    Microsoft Issues Emergency Patch “PrintNightmare”

    July 8th, 2021 by

    Microsoft Issues Emergency Patch for Windows Flaw

    Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.”

     

    Posted in Uncategorized | No Comments »

    Security Mailer (2021 #23)

    June 14th, 2021 by

    Security Mailer Volume 21 Number 23

    • Adobe security updates for Acrobat and Reader, many other products
    • Cisco security advisories
    • Linux updates ands patches
    • Linux Synopsis
    • Microsoft
      • Patch Tuesday updates and patches,
      • Security Advisories
      • Security Update Releases
    • General Security reviews last week
    • Android security bulletin,
    • New TLS attack,
    • Google patches 0-day for Chrome

    Posted in Uncategorized | No Comments »

    Adobe April Updates and Patches

    April 14th, 2021 by

    Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

    “The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines.

    Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp.

    In all, Adobe fixed 10 security holes in its products during its scheduled April updates, seven of them listed as critical.”

    Posted in Uncategorized | No Comments »

    Patch Tuesday 13Apr21

    April 14th, 2021 by

    Microsoft Patch Tuesday, April 2021 Edition

    Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server — the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.

    Posted in Uncategorized | No Comments »

    IE 11 & Edge Legacy to be sunset

    August 18th, 2020 by

    Microsoft 365 apps say farewell to Internet Explorer 11 and Windows 10 sunsets Microsoft Edge Legacy

    “Today, we’re announcing that Microsoft 365 apps and services will no longer support Internet Explorer 11 (IE 11) by this time next year.

    • Beginning November 30, 2020, the Microsoft Teams web app will no longer support IE 11.
    • Beginning August 17, 2021, the remaining Microsoft 365 apps and services will no longer support IE 11.

    This means that after the above dates, customers will have a degraded experience or will be unable to connect to Microsoft 365 apps and services on IE 11. For degraded experiences, new Microsoft 365 features will not be available or certain features may cease to work when accessing the app or service via IE 11. While we know this change will be difficult for some customers, we believe that customers will get the most out of Microsoft 365 when using the new Microsoft Edge. We are committed to helping make this transition as smooth as possible.”

    Posted in Uncategorized | No Comments »

    Security Mailer (2020 #29)

    July 19th, 2020 by

    Security Mailer Volume 20 Number 29

    • Adobe security bulletins and updates
    • Apple security bulletins and updates
    • Browsers-Mozilla updates Thunderbird
    • Cisco security bulletins and updates
    • Linux updates and patches
    • Microsoft
      • Patches 17 year old DNS server vulnerability
      • Tuesday patches and updates
      • security bulletin revisions
      • security advisories
    • General Security review of last weeks’ vulnerabilities

    Posted in Uncategorized | No Comments »

    Windows 10, & Windows Server, version 2004 Known Issues

    May 28th, 2020 by

    Windows 10, version 2004 and Windows Server, version 2004 Known Issues

    Posted in Uncategorized | No Comments »

    Microsoft to soon reveal Universal Print

    February 27th, 2020 by

    Microsoft to soon reveal Universal Print, a cloud-based print infrastructure service that eliminates Print Servers

    “All large organizations require Print Servers which connects printers to client computers over a network. Print Servers manages the jobs initiated by users based on the printer availability. Microsoft is now working on a new service called Universal Print that will eliminate the need for Print Servers. Universal Print is a cloud-based print infrastructure that will enable great print experiences for both users and IT departments. Universal Print can be deployed on Azure and will be available to business and educational organizations of any size.”

    Looks like it may depend on Azure…

    Posted in Uncategorized | No Comments »

    « Previous Entries