Newsletter Archives
-
Do you still patch on premises Exchange servers?
Posted on March 2nd, 2021 at 16:29 Comment on the AskWoody LoungeDo you still patch a Microsoft Exchange server in your network? If you do, heads up. There is limited/targeted attacks underway. Microsoft has released patches for it. While they say “Exchange online is not impacted”… my guess is that it’s already patched and/or mitigated for the issue.
What’s interesting to me is that the attackers are coming FROM the United States. It’s like the SolarWinds attacks, they aren’t coming from outside the USA, but inside. Thus geo blocking no longer works to keep the bad guys out.
Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM. https://t.co/tdsYGFICML
— Microsoft Security Intelligence (@MsftSecIntel) March 2, 2021
-
Here’s looking at you, kid: the child-cam scam
Posted on March 1st, 2021 at 01:06 Comment on the AskWoody Lounge
PUBLIC DEFENDER
Here’s looking at you, kid: the child-cam scamBy Brian Livingston
It’s terrible when no one is paying attention to you. But it’s much worse when someone is paying attention to you whom you don’t WANT to be paying attention to you.
Around the world, millions of nursery schools, daycare centers, and private homes have installed “child cams.” These are intended to allow parents to see what their kids and caregivers are doing at daycare, how their infants are sleeping in a crib room, and so on. Many of the systems allow the video to be viewed from a distance across the Internet.
Read the full story in AskWoody Plus Newsletter 18.8.0 (2021-03-01).
-
Emotet malware disrupted
Posted on January 27th, 2021 at 10:31 Comment on the AskWoody Loungehttps://krebsonsecurity.com/2021/01/international-action-targets-emotet-crimeware/
Woo hoo!! What does that mean to you and me? A slight lowering of attacks until…. well until they figure out a new way to attack us.
-
What does the SolarWinds attack mean to us?
Posted on January 4th, 2021 at 11:12 Comment on the AskWoody LoungeHeard about the SolarWinds attack and how attackers had access to Microsoft’s source code? Here’s my views on the SolarWinds attack.
I don’t think it means that attackers can inject things into Windows. I don’t think it gives them any more information than they probably already had.
But I think that over time Microsoft will make the Attack Surface Reduction rules to be easier to use to add protection even down to us lowly home and small businesses.
I currently do not enable these rules on my home computers. But I’m keeping an eye on them for sure. And patching my machines, but just not immediately.
More at Computerworld.
-
Today’s the day – Flash EOL has arrived
Posted on December 30th, 2020 at 18:02 Comment on the AskWoody LoungeToday’s the day – Flash EOL has arrived
Back in 2017, Adobe announced it was “planning to end-of-life Flash”. Yes, this has been posted about before… Well, the time has now come. Pop-ups have been seen in those machines still using it, for a bit now.
If you have questions about what happens next, Adobe has a page full of questions and answers here.
If you’re looking for articles on how to uninstall, check out Martin Brinkmann’s ghacks post.
(and yes, only half the world is having New Year’s Eve already – Happy New Year to all)
-
Tech support scams want you
Posted on December 29th, 2020 at 22:43 Comment on the AskWoody LoungeOne of the items that came out of the first ever Askwoody survey is that most of the readers are older. You’ve been around technology for a long time. And that’s a good thing as you have experience with a lot of technology. But that also puts you in the “sweet spot” of scams. Meaning that the attackers see you as a good target to attempt to scam. And one of those classic scams is the Microsoft support scam not to be outdone by the increasingly used Apple iphone support scam.
This headline caught my eye:
Dept. of Justice credits Microsoft with identifying tech-support fraud scheme that targeted seniors
No kidding. Of course if you are a savvy senior (which most readers are) you may do the trick where you pretend to be a stupid user just to draw that person on the phone line on so as to waste their time so they don’t try to go after another person. I’ve often played the dumb blonde routine until the very end where I tell the person on the other end of the call that they should be ashamed of themselves.
What do you do? Do you hang up? Do you keep them on the phone?
-
Windows 7 ESU for 2021
Posted on December 23rd, 2020 at 10:07 Comment on the AskWoody LoungeUPDATE: Purchasing is now open. https://www.askwoody.com/2020/windows-7-esu-for-2021/
About 3,000 of you purchased the Windows 7 ESU from Harbor Computer Services last year. We offered to make this available to Woody readers after so many IT firms recklessly said that they wouldn’t. My feeling is that while I’d prefer that no one was running Windows 7 anymore, for those that are they need access to updates to retain some degree of security on those systems. We aren’t here to judge. My firm is also an advocate for healthy IT communities and so we agreed to sell the ESU license to all comers even though there’s no money in it for us to speak of. In our regular business, selling stuff is not our thing. We’re a services business.
We’ve been getting a lot of email recently asking about the year two ESU license and we’ve been letting everyone know that we didn’t have any information yet from Microsoft or distribution. But just yesterday, we got word from our distributor that the license should be ready for purchase beginning on January 5th 2021. Keep that should in mind because this date is dependent on Microsoft hitting thier deadlines. It appears that the price will be $142 all in. This is less than the predicted $150-$200 so that’s some good news. Keep in mind that last year Microsoft changed the pricing during the first month creating some chaos, so we’re braced for a sudden price change and will keep you posted.
The process for making this purchase will be the same as last year. We’ll open a form on which you’ll provide all of the information needed for the purchase to take place. Then you’ll get an email from Ted@harborcomputerservices.net with your ESU license code and instructions for installing it.
To prepare for your license purchase you will need:
- Your tenant information from last year. Find that email from Ted. It’s in there and you were instructed to keep it in a safe place.
- Credit card
- Number of licenses needed
- email address
Keep an eye on this space in January for the URL to the purchase form.
If you’d like to know more about the behind-the-scenes process. Please see this article from last year. How we automated the Win7 ESU-purchase process @ AskWoody
– Amy Babinchak, president Harbor Computer Services, Third Tier and Woody contributor
-
A few smallish gremlins still infest Win10 20H2 and 2004
Posted on November 8th, 2020 at 21:05 Comment on the AskWoody LoungeON SECURITY
By Susan Bradley
With the release of Windows 10 20H2, May’s Version 2004 has moved into an elder-sibling role.
But that doesn’t mean that the spring update no longer has growing pains. Currently in the process of upgrading my systems to Version 2004, I’ve not run into any significant problems. But that’s not the case for everyone.
Read the full story in AskWoody Plus Newsletter 17.44.0 (2020-11-09).