News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Horowitz: New modem security is a disgrace

    Posted on February 19th, 2019 at 17:10 woody Comment on the AskWoody Lounge

    AskWoody_MVP @Michael432 tweeted last week:

    Someone I know just got a new #router and modem from Spectrum. Security was a disgrace. Default router userid/password was not changed. #UPnP enabled. #WPS enabled. You are on your own. I can help at http://RouterSecurity.org

    Martin Boissonneault responded:

    UPnP is not evil. If it is not available from the WAN side, it’s acceptable in a residential setting. I use it myself in the form of UPnP2 (from memory). I blocked usage of some ports, but it is more convenient. Of course, I _know_ every device attached.

    As for WPS, well, I don’t and won’t enable that. Ubiquiti’s AP does not even offer it. Since WPS is vulnerable over Wi-Fi, that should be default off. But if they think in terms of support costs, they will turn it on as well as UPnP…

    Costs vs accountability!

    And Michael again:

    Bingo! WPS and UPnP are enabled by default to decrease support costs. Fewer phone calls. There are multiple flavors of WPS, some routers let you chose which flavors to use. One type is perfectly secure.

    Care to join the discussion?

     

  • Patch Lady – Managed Service Providers targeted

    Posted on February 19th, 2019 at 14:58 Susan Bradley Comment on the AskWoody Lounge

    Recently I did an article on CSOOnline about how MSP’s have been targeted lately in attacks in order to gain access to clients.  They didn’t use the video over on the CSOOnline website, so I asked if I could post it elsewhere.

    Click here to download the video.

    If you use a consultant or a managed service provider, ask them if they use Multi Factor Authentication on their administrator accounts.  If they say no, ask them why not?

  • More problems with Windows patches breaking older Access databases

    Posted on February 19th, 2019 at 07:50 woody Comment on the AskWoody Lounge

    Susan Bradley noted over the weekend that all of this month’s Windows patches break some Access 95-era Jet databases. That’s been acknowledged by Microsoft in all of the Knowledge Base articles.

    Now an anonymous poster here on AskWoody has raised the cry about a second kind of old-fashioned Access database problem. NSch_L gives the details on the Microsoft Answers forum:

    Problem with Access database after KB 4487017 [February’s Win10 version 1803 cumulative update] and KB 4487026 [this month’s Win10 1607/Server 2016 cumulative update]

    We use an Access 97 database for our applications as a master database, so we can easily destribute this to customers. We access this master database using Adox to get the tables and columns (fields), compare it to the live SQL database and make changes where necessary.

    Since the patch, we are getting errors when requesting the columns for wider tables. We are using an Adox.table and then use the .columns. When doing this for tables with more than 128 fields (exact number not sure) give error 3251 “Object or provider is not capable of performing requested operation”.

    This is causing all kinds of problems.

    It’s easy to click your teeth and tell these people that they should’ve upgraded their databases to a newer format about a hundred years ago. But it doesn’t work that way. Many of these older Access databases run drive key line-of-business apps that, for many reasons, can’t be changed without a complete re-write.

    That isn’t as… incompetent… as it sounds. Remember when Microsoft apparently lost the source code to the 32-bit Equation Editor, back in November 2017? People in glass houses, etc.

  • If an advanced government-sponsored hacking team is out to get you, kiss your keester goodbye

    Posted on February 19th, 2019 at 07:29 woody Comment on the AskWoody Lounge

    Security research firm Crowdstrike just published a report that should bring a chill to the heart of anyone working in security for a large firm or organization. They found that the “breakout time” — the amount of time from first penetration of a network to completely taking it over — varies depending on the source of the attack. If you’re up against an attack from one of the advanced Russian APT groups you have, on average, under 20  minutes to discover the intrusion and plug it.

    Twenty minutes.

    It is quite remarkable to see that Russia-based threat actors are almost 8 times as fast as their speediest competitor — North Korea-based adversaries, who themselves are almost twice as fast as intrusion groups from China.

    So if you’re getting attacked by a Chinese APT group, on average, you have five hours to knock them out.

    You have to sign up in order to get the report, but it makes very interesting reading. The graphics alone are worth the price of admission.

    (Bear = Russia, Chollima = North Korea, Panda = China, Kitten = Iran, Spider = ecrime groups)

    Thx Catalin Cimpanu, ZDNet