Computer News & Safety – Harry Waldron Rotating Header Image

October, 2017:

Facebook – Fake Accounts research OCT-2017

This valuable article shares awareness that 1.5% of all accounts are noted as problematic.  While Facebook has improved controls to prevent create fake accounts.  These are out there & often are used for friend requests where the person is actually unknown.  There is danger in getting hacked or for social engineering schemes by those using fake accounts.  Every friend request should be evaluated by visting the FB home page and exploring their friends, photos, and posts.  If you truly don’t know person, then cancel out of request for safety reasons.

Facebook itself estimates that 1.5% of accounts on its platform are “undesirable,” which adds up to about 30 million profiles. That led some reporters at Yahoo Finance to conduct an investigation into just how easy it is to create or purchase phony profiles—and the results aren’t reassuring.

Columnist Rick Newman first tried to create two fake accounts using different names and with different political leanings. However, Facebook caught on within 48 hours and asked him to upload photos clearly showing his face. Since he’d used someone else’s pictures to create the fakes, he was caught. He also tried to set up imposter accounts through the Tor Browser, but Facebook sniffed out that attempt, too. However, when Newman decided he wanted to purchase accounts instead, he discovered a very different story.

Using several shady sites, he was able to purchase accounts featuring preloaded pictures of beautiful women for $1.50 each. (The most expensive account Newman saw cost $150. It had been on Facebook since 2006.) Most of the accounts were based overseas, but purported to represent Americans living in Milwaukee, Anchorage and more.

Leadership – Teamwork creates more synergy than working alone

John Maxwell shares an excellent article on the “power of teams”

The Power of Teams — Your leaders need teams. The truth is that teamwork is at the heart of great achievement. The Law of Significance says that one is too small a number to achieve greatness.  The beauty of teams is that when your leaders invest in others, they’re investing in their own ability to achieve the results they want. After all, teamwork makes the dream work.

1. Teams involve more people, thus affording more resources, ideas, and energy than could any individual.

2. Teams maximize a leader’s potential and minimize her weaknesses. Strengths and weaknesses are more exposed in individuals.

3. Teams provide multiple perspectives on how to lead a team or reach a goal, thus devising several alternatives for each situation. Individual insight is seldom as broad and deep as a group’s when it takes on a problem.

4. Teams share the credit for victories and the blame for losses. This fosters genuine humility and authentic community. Individuals take the credit and blame alone. This fosters destructive pride and sometimes a sense of failure.

5. Teams keep leaders accountable for the goal. Individuals connected to no one can change the goal without accountability.

6. Teams can simply do more than an individual.

Malware – Powershell manipulated as powerful scripting tool OCT-2017

The SANS Internet Storm Center shares an excellent awareness of how Powershell which provides low-level API interaction with O/S can be manipulated when permission is given by users in one-click or other attack methods

Powershell is a great language that can interact at a low-level with Microsoft Windows. While hunting, I found a nice piece of Powershell code. After some deeper checks, it appeared that the code was not brand new but it remains interesting to learn how a malware infects (or not) a computer and tries to collect interesting data from the victim.  Usually, a malware will avoid to install itself on a virtualized environment (an automated sandbox or a security analyst’s lab). A common way to detect a virtualized environment is to check BIOS values. Powershell can use query lot of operating system information through WMI

Microsoft Skype – New 2017 version launched

A new version of Microsoft Skype is available for WIN7, WIN8, and early versions of WIN10. An update is being prepared for the newer Creators WIN10 version in near future.

The new Skype shuns Windows 10, arrives on older Windows and Mac first

The new Skype is here. Microsoft is today bringing the modern Skype experience to Windows and Mac users. The modern Skype initially launched on the iPhone and Android earlier this year, and the changes weren’t well-received by users. Microsoft has been making improvements to the design ever since, and the design looks much better now.

Unlike mobile devices, the new Skype is actually fantastic on Windows and Mac. There’s a new notification panel, support for add-ins like PayPal, Giphy, customizable themes, and more on the new Skype. Put simply, if you have been using the old Skype desktop app, you will most probably love the modern design — at least if you are using a Mac. For Windows users, there’s a catch.

The new Skype is only available for older Windows devices running Windows 8/7, or Windows 10 November Update (2016). And if you are Windows 10, you will have to wait a bit more for the new update. Microsoft says the company is still working on the redesign for its Windows 10 users, and it will be rolling out an update “shortly.”

Windows 10 – Build 17025 Redstone 4 early preview for Spring 2018

WIN10 17025 has been released for early beta and insider testing as documented below

The next version of Windows 10 is already taking shape and some early adopters can get a peek at what Microsoft has in store today.  Now that that Windows 10 Fall Creators Update is making its way to users—although not all at once since Microsoft distributes updates using a phased approach that can last months—the company is offering members of its Windows Insider program an early look at what the future holds for the operating system.  The latest build, number 17025, contains features that may eventually make it into Redstone 4, the codename for the upcoming, yet still unnamed major Windows 10 feature update. This time around, the company is focused on refining the operating system’s settings experience, particularly for people who use accessibility options.

Cybersecurity – AIG to include insurance protection in 2018

Annually Businesses lose billions of dollars due to malware risks.  AIG plans to include insurance protection in 2018 to better protect their customer base as described below

American International Group said it will begin revising all commercial policies to include cyber coverage in January, a move that will boost rates but make it clearer how customers are covered if they are the victim of a security breach. The change, which will trigger rate increases, is part of the insurance giant’s effort to shift from issuing policies that do not specify whether cyber losses are covered, said Tracie Grella, AIG’s Global Head of Cyber Risk Insurance, while on the sidelines of a cyber risk conference in New York on Thursday. Cyber coverage is a mounting concern for companies worldwide as hackers increasingly take aim at their technology systems.

Adobe Flash – Emergency fix for CVE-2017-11292 being exploited in wild

Please carefully update Adobe Flash as prompted, ensuring the update comes directly from vendor.  More information can be found below

Security firm Kaspersky Lab researchers first discovered the zero-day flaw, designated CVE-2017-11292, and observed it being used to attack enterprises and government organizations. As of Monday, researchers have found that targets have included targeted individuals (including some politicians) in Iraq, Afghanistan, Russia, Iran, Africa, the Middle East and the United Kingdom.

In response, Adobe has released a Flash security update, currently available for Google Chrome, Microsoft Edge and Internet Explorer, and the company urges users to update both the browser and desktop versions of Flash as soon as possible. Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a critical type confusion vulnerability that could lead to code execution.  Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows.

Hardware – AMD Ryzen CPU with Vega graphics offer mobile advantages

The new AMD Ryzen microprocessor with the Vega graphics, provide mobile advantages in areas of power, battery consumption, and price/performance.

AMD announced today its first two processors to combine its new Zen CPU architecture with its Vega graphics. The new chips, aimed at lightweight mobile systems, go head to head with Intel’s U-series processors, and for the first time in many years, AMD is going to have competitive chips in the thin-and-light laptop market.

But things are looking like they’re going to be different in the mobile space. That’s because the two new chips, the Ryzen 7 2700U and Ryzen 5 2500U, show signs of being faster in both processor and graphics tasks than Intel’s latest comparable chips.  On the graphics side, the difference is even more pronounced; in the Time Spy subtest of 3DMark, AMD is claiming performance of more than double that of Kaby Lake-R, even edging slightly ahead of a previous generation Kaby Lake paired with a GeForce 950M discrete GPU.

In bringing Zen to the mobile space, AMD has made some changes to power management and clock speed handling. At a static Windows desktop, AMD says that the chips can be in this powered-down state 99 percent of the time. The multimedia hub can also be powered separately from the CPU and main GPU core, so scenarios such as showing hardware-accelerated streaming video can keep the processor in its “mostly powered down” state for longer.

Windows 10 – Fall Creators Update version 1709 release on OCT 17th

Below are links related to the newest version 1709 for Windows 10.  Also YouTube offers excellent training & overview resources by searching on “Windows 10 Fall Creators Update”.

How to get the Windows 10 Fall Creators Update

Microsoft today released the Windows 10 fall creators update, which is broadly available.  This Windows 10 fall creators update (version 1709) is known as a “semiannual channel (targeted)” release, which means that it’s designed for testing by organizations. Later, it’ll arrive as a semiannual channel release for testing and deployment at an organization, according to Microsoft’s update scheme. Consumer users, on the other hand, may get this release directly, if available, since the operating system bits will get gradually rolled out by Microsoft to consumer users.

Consumers can delay this upgrade when it’s available, but they can’t wholly block it. It’s possible for them to manually download and install Windows 10 version 1709, too, to get it right away, but Microsoft just advises that approach for “advanced users,” as described here. The usual course for consumers is to wait for the update’s automatic arrival via the Windows Update service.

When deploying the Windows 10 fall creators update using the Microsoft Deployment Toolkit or System Center Configuration Manager, IT pros need to use “the appropriate image index in any task sequences that you create or update,” explained Michael Niehaus, director of product marketing for Microsoft’s Windows Commercial group, in this announcement. The announcement lists the index numbers to use for each of the six Windows 10 fall creators update editions. Microsoft also has published a new version of the Windows Assessment and Deployment Kit that supports Windows 10 version 1709.

Ransomware Worm – Bad Rabbit uses NSA EternalRomance exploit patched by Microsoft in March 2017

Based on further research, the new Bad Rabbit Ransomware Worm uses NSA EternalRomance exploit patched by Microsoft in March 2017

Despite early reports that there was no use of National Security Agency-developed exploits in this week’s crypto-ransomware outbreak, research released by Cisco Talos suggests that the ransomware worm known as “Bad Rabbit” did in fact use a stolen Equation Group exploit  revealed by Shadowbrokers to spread across victims’ networks. The attackers used EternalRomance, an exploit that bypasses security over Server Message Block (SMB) file-sharing connections, enabling remote execution of instructions on Windows clients and servers. NotPetya also leveraged this exploit.

Arriving disguised as an Adobe Flash update, Bad Rabbit has multiple ways of spreading itself across networks. It can exploit open SMB connections on the infected Windows system, and it can also exploit the Windows Management Instrumentation Command-line (WMIC) scripting interface to execute code remotely on other Windows systems on the network, according to analysis by EndGame’s Amanda Rousseau. And the malware has a collection of hard-coded usernames and passwords, as Rousseau and researcher Kevin Beaumont noted.