Computer Safety & News

Microsoft has recently expanded their Azure Cloud facility to include MySQL and PostgreSQL data base extensions, as documented below: https://azure.microsoft.com/en-us/blog/announcing-general-availability-of-azure-database-services-for-mysql-and-postgresql/ Today, I am excited to announce the general availability (GA) of Azure Database for MySQL and Azure Database for PostgreSQL. The GA milestone means that, starting today, these services are bringing the community versions of […]

The new Transport Layer Security (TLS 1.3) protocol has been finalized after 4 years of development effort.  It will offer improved security protection for SSL processing — including improved protection from ROBOT, Heartbleed, and POODLE vulnerabilities http://searchsecurity.techtarget.com/news/252437681/TLS-13-update-is-finalized-with-encryption-upgrade The IETF approves the TLS 1.3 encryption protocol upgrade after four years and 28 versions; improvements include better security […]

This highly technical & informative document shares that the initial WIN7 patch offered some protection and improvements for the Meltdown vulnerability, impacting virtually all modern computing devices.  However there were both inefficiencies & even new vulnerabilities.  The MARCH 2018 Windows update replacement patches for WIN7 and Server 2008-R2 represent improvements in protection. http://blog.frizk.net/2018/03/total-meltdown.html Did you think […]

US CERT, FBI, and Homeland security all warm of increased Brute Force Attacks as outlined in following warning: TA18-086A: Brute Force Attacks Conducted by Cyber Actors   https://www.us-cert.gov/ncas/alerts/TA18-086A 03/27/2018 06:00 PM EDT — According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying […]

Microsoft Azure has made available a new Health Service dashboard that can tailored by ADMINS to monitor applications within the cloud https://azure.microsoft.com/en-us/blog/announcing-azure-service-health-general-availability-configure-your-alerts-today/ https://docs.microsoft.com/en-us/azure/service-health/resource-health-checks-resource-types https://docs.microsoft.com/en-us/azure/service-health/ Today I am excited to announce the general availability (GA) of Azure Service Health, a personalized dashboard that provides guidance and support when issues in Azure services affect you. Unlike our […]

The following TECH TARGET article outlines NIST recommendations for corporate & government users.  The link for the huge 100MB guide of 456 pages is also noted below: http://searchsecurity.techtarget.com/answer/Ransomware-recovery-methods-What-does-the-NIST-suggest?src=5727487 Ransomware maliciously encrypts all of a victim’s documents and files so that they can’t decrypt them. To help enterprises with ransomware recovery, the NIST recommends corruption testing, […]

As SANS ISC shares, webmasters should ensure Apache Struts CVE-2017-5638 is patched, as attacks are actively circulating.  Vulnerable websites may be compromised in these security attacks. https://isc.sans.edu/forums/diary/Scanning+for+Apache+Struts+Vulnerability+CVE20175638/23479/ https://cwiki.apache.org/confluence/display/WW/S2-052 https://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/ Over the past two weeks, I have noticed several attempts against my honeypot looking to exploit CVE-2017-5638 Apache Struts2 vulnerability that look very similar to this […]

The Windows 10S mode will be a free selectable option in future WIN10 versions as documented below https://redmondmag.com/articles/2018/03/08/windows-10-s-mode-changes.aspx https://support.microsoft.com/en-us/help/4020089/windows-10-s-faq Windows 10 in “S mode” soon will be available in all Windows 10 editions, and Microsoft plans to drop a proposed charge for users wanting to switch from S mode. Joe Belfiore, corporate vice president for […]

Further developments for the new Windows Server 2019 release is noted below: https://redmondmag.com/articles/2018/03/20/windows-server-2019-arriving-2h-2018.aspx Microsoft indicated that Windows Server 2019 will reach general availability “in the second half of calendar year 2018,” according to an announcement today by Erin Chapple, director of program management for Windows Server. It was perhaps the first official mention by Microsoft […]

One of the most comprehensive PENTEST tools has first update for 2018. NMAP 7.70 has been released https://nmap.org/npcap/changelog https://nmap.org/download.html https://nmap.org/npcap/ We’re excited to make our first Nmap release of 2018–version 7.70!  It includes hundreds of new OS and service fingerprints, 9 new NSE scripts (for a total of 588), a much-improved version of our Npcap […]