Computer Safety & News

While fighting computer crime is always challenging, violent crime and property crime fell in 2018 from 2017 levels as noted in full report below https://www.fbi.gov/news/stories/2018-crime-statistics-released-093019 Both violent crime and property crime fell in 2018 from the previous year, according to the FBI’s annual crime statistics released today. Violent crime declined 3.3 percent between 2017 and […]

This PC Magazine article shares over twenty highly advanced Facebook features for power users https://www.pcmag.com/feature/324797/22-hidden-facebook-features-only-power-users-know Facebook boasts one of the world’s most complex and multi-faceted websites. It rivals many standalone software apps with the sheer amount of personalization, tweaks, and tinkering available to visitors. In fact, there are so many things you can do on […]

The SANS ISC warns of a botnet called Polycon which may manipulate VOIP phones & their Auto-configuration File settings (CFG) https://isc.sans.edu/forums/diary/New+Scans+for+Polycom+Autoconfiguration+Files/25366/ One of my honeypots detected a bot looking for Polycom master provisioning files. Such files are called by default ‘000000000000.cfg’ and contain interesting information to perform provisioning of VoIP phones. Normally, this file is […]

A Vulnerability in PHP Could Allow for Arbitrary Code Execution https://www.us-cert.gov/ncas/current-activity/2019/09/27/ms-isac-releases-advisory-php-vulnerability A vulnerability has been discovered in PHP, which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based […]

Apple users are encouraged to install iOS v13 and Safari v13 security updates, which have just been released https://support.apple.com/en-us/HT201222 https://www.us-cert.gov/ncas/current-activity/2019/09/25/apple-releases-security-updates The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Apple’s security updates page and apply the necessary updates for the following products: iOS 13.1, iPadOS 13.1, Safari 13.0.1 & tvOS 13

The Canadian Centre for Cyber Security (CCCS) & US-CERT have released an advisory on a new ransomware called TFlower & the need to be up-to-date on all Microsoft security patches https://cyber.gc.ca/en/alerts/tflower-ransomware-campaign https://www.us-cert.gov/ncas/current-activity/2019/09/25/canadian-centre-cyber-security-releases-advisory-new-ransomware The Canadian Centre for Cyber Security (CCCS) has released an advisory on a new ransomware campaign. The malware, named TFlower, may infect users […]

  Microsoft Pushes Windows 10 Version 1909 Toward Completion Announcing Windows 10 Insider Preview Build 18362.10022 (19H2) Windows Insiders in the Slow ring are receiving a minor update to the latest Windows 10 version 1909 build, indicating that Microsoft is nearly done developing this release. “Today we are releasing [1909] Build 18362.10022 to Windows Insiders […]

The Cybersecurity and Infrastructure Security Agency (CISA) encourages patching Adobe ColdFusion studio https://www.us-cert.gov/ncas/current-activity/2019/09/25/adobe-releases-security-updates-coldfusion https://helpx.adobe.com/security/products/coldfusion/apsb19-47.html Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.  Please review Adobe Security Bulletin APSB19-47 and apply the necessary updates.

Microsoft releases Net Core 3.0 on September 23, 2019 for general availability.  Long term Net Core will be an improved & open source based replacement for Framework “dot net” to host & provide advanced Microsoft communications handling & control for applications https://redmondmag.com/articles/2019/09/23/microsoft-releases-net-core-3-0.aspx Announcing .NET Core 3.0 Watch the team and the community talk about .NET at […]

https://redmondmag.com/articles/2019/09/23/basic-authentication-in-exchange-online.aspx https://techcommunity.microsoft.com/t5/blogs/blogarticleprintpage/blog-id/Exchange/article-id/27095 It plans to end support for Basic Authentication next year when used with various e-mail protocols, according to a Friday announcement. Those protocols include Exchange ActiveSync, Post Office Protocol (POP) and Internet Message Access Protocol (IMAP).   Additionally, Microsoft will drop support for Remote PowerShell when used with the Exchange Online service. Support will […]