News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Patch Lady – if you use a IT consultant

    Posted on December 9th, 2019 at 18:54 Susan Bradley Comment on the AskWoody Lounge

    If you use an IT consultant please please please forward them this post by Amy Babinchak on what a Managed Service Provider should do to audit their own internal processes:

    http://techgenix.com/msps-internal-security-audit/

    Hackers, attackers are targeting consultants because they know they can hit a lot of people with one targeted attack.  Just the other day Krebs on Security reported that 100 small dentist offices were impacted by ransomware after their IT consultant was targeted.

    If you don’t use an IT consultant and instead do your own IT, make sure you think about the vendors and services you use for online activities and think about ways to add two factor authentication to sensitive information.  Add two factor to your bank access.  If you use hosted email, check with your ISP or vendor if they support two factor.  Just the other day I got an alert that my Xfinity had been logged in from an Ubuntu device.  I do HAVE an ubuntu device but I sure wasn’t logging into Xfinity from it.  I quickly added two factor it that account as well.

    Need two factor for remote desktop?  Check out duo.com

    Need a third party app that supports multiple vendors?  Check out authy.com

    Bottom line make sure that you protect accounts and log ins that you can’t live without and make sure they have extra protections.

    They are out to get you.

  • Patch lady – Alexa should be on her own network

    Posted on December 7th, 2019 at 19:50 Susan Bradley Comment on the AskWoody Lounge

    As a geek I use Alexa enabled devices to turn on and control turning on and off the Christmas Tree and other lights in the house.  “Hey Alexa, turn on the Christmas tree” is all I have to do to turn on the tree rather than crawling underneath and turning on the tree.  I have Internet enabled outdoor controls that turn on the outdoor Christmas lights at exactly sunset and then turn it off at 11 p.m.  But the one thing I do is ensure that my Alexa enabled devices are on a separate router away from my computers and other devices.  My Alexa devices are on a separate IP addressing scheme and thus can’t browse or talk to the devices on my other network.  The Portland FBI office recommends in fact that you separate out the Internet of Things from the rest of your sensitive devices and laptops.

    They also recommend that you review what features your smart TV has and ensure it’s patched and set to update automatically.  Unlike Windows, most smart tvs and internet of things are based on Linux, not Windows and thus installing updates and rebooting are typically less of an issue.

    Finally, be aware of Holiday scams this time of year.  As they note, keep an eye on your credit card and bank account and always monitor the use of both.  Use a credit card, not a debit card when shopping online.  If you see any fraudulent charges, contact your bank immediately.  Sign up for and turn on fraud alerts on your bank accounts.  It may be a slight bother if they deny a large purchase that you really wanted to get, but it saves you from having fraudulent transactions posted to your account.

    Be aware this holiday season…. they are out to get us.

  • The web has a padlock problem

    Posted on November 30th, 2019 at 13:29 Kirsty Comment on the AskWoody Lounge

    Danny Palmer (ZDNet) has just written about recent changes to websites showing “security padlocks” in browser bars, in a very easy-to-digest article.

    Internet users are being taught to think about online security the wrong way, which experts warn might actually make them more vulnerable to hacking and cyberattacks.

    HTTPS encrypts that information, allowing the transmission of sensitive data such as logging into bank accounts, emails, or anything else involving personal information to be transferred securely. If this information is entered onto a website that is just using standard HTTP, there’s the risk that the information can become visible to outsiders, especially as the information is transferred in plain text.

    Websites secured with HTTPS display a green padlock in the URL bar to show that the website is secure. The aim of this is to reassure the user that the website is safe and they can enter personal information or bank details when required. Users have often been told that if they see this in the address bar, then the website is legitimate and they can trust it.

    “This is why phishers are using it on phishing sites, because they know that people who use the websites think that means its OK when it’s not,” said (Scott) Helme. “The padlock doesn’t guarantee safety, it never has, that’s just a misunderstanding of the interpretation of what this actually means.”

    …the (cybersecurity) industry needs to improve its messaging, because cybersecurity can be complicated for the average web user and changing advice all the time isn’t going to help, especially if people stick to adhering to the first thing they were told – like believing the padlock automatically means the website is safe.

    I’m sure many of us will have seen information by Troy Hunt and Scott Helme in recent months, on browser security. Changes are afoot in how browsers indicate websites’ security; e.g. Firefox’s recent changes on how padlocks work is related.

    WSJ indicate the depth of the problem here:

    The use of security certificates, once a badge of authenticity for the internet, among phishing websites has almost doubled, rising to 15% in 2019 from 8.5% in 2018

    Even CASC (Certificate Authorities Security Council) recently published, in a very interesting article:

    The padlock is putting users in danger

     
    We all need to get used to these changes, for our own safety.
     

  • Microsoft is enabling Win10 version 1903 “Tamper Protection”

    Posted on October 15th, 2019 at 07:50 woody Comment on the AskWoody Lounge

    Yesterday, Microsoft program manager Shweta Jha posted an announcement on the Microsoft Tech Community blog, saying that a feature called “Tamper protection” has reached general availability for Win10 version 1903. Permit me to parse that sentence:

    • Tamper protection is a switch that prevents programs from altering Defender security settings. (You may be surprised to know that programs can alter Defender settings.)
    • General availability in this case means that Microsoft will be turning on the switch on updated Win10 version 1903 machines. The precise mechanism for turning it on isn’t described, and we don’t explicitly know which build number will be required, but “We’re currently turning on the feature gradually; some customers will start seeing the setting on their devices.”

    To me, the rollout sounds a whole lot like the remote feature enabling we’ve been warned about in Win10 version 1909, which is due next month.

    At any rate, the feature sounds worthwhile (should I say “long overdue”?) and it’s easy to set manually if you’re so inclined.

    For details, Lawrence Abrams at BleepingComputer has a good rundown.

  • Office 365 ProPlus to get support on Windows 7 after January 14, 2020

    Posted on October 7th, 2019 at 17:25 joep517 Comment on the AskWoody Lounge

    Microsoft has decided to give Office 365 ProPlus users running Windows 7 some grace time after Windows 7 goes out of support on January 14, 2020. Office 365 ProPlus users will continue to get security updates for Office 365 ProPlus until January 2023. According to Microsoft this is to transition to a “support operating system”.

    See Windows 7 end of support and Office 365 ProPlus for details and more information.

  • Patch Lady – 31 days of security

    Posted on October 1st, 2019 at 23:59 Susan Bradley Comment on the AskWoody Lounge

    October is the national cyber security awareness month and I’m kicking off the month by linking to another author.  John Opdenakker posts about why everyone should care about online security.

    Are you making any changes to your online security due to what’s going on?  I know that I’m adding more multi-factor authentication to my accounts.  What about you?

     

  • Patch Lady – we have an “out of band” release

    Posted on September 23rd, 2019 at 14:03 Susan Bradley Comment on the AskWoody Lounge

    https://www.zdnet.com/article/microsoft-releases-out-of-band-security-update-to-fix-ie-zero-day-defender-bug/

    We get them so rarely these days it probably needs a bit of explanation:

    For those of you that use Windows update, you will get a security patch pushed out to your machine and it will demand a reboot.

    Susan update:  The KBs state that these will not be pushed out via Windows update, but instead come down only if you go to the catalog.  Thus totally BREAKING the definition of “out of band update”.  Geeze Microsoft.

    For those on Windows 10 it will be a cumulative update:

    4522016 for 1903

    4522015 for 1809

    4522014 for 1803

    4522012 for 1709

    4522011 for 1703

    4522009 for RTM of Windows 10

    4522010 for Windows Server 2016

    4522015 for Windows Server 2019

    4522007 for Windows 8.1, Windows 7, Server 2012, Server 2012 R2 it’s a patch JUST for Internet explorer – so both A and B patchers can install it.

    For those of you with WSUS updating rules or quality update deferrals, this will respect those settings.

    Bottom line, there’s a security issue for which Microsoft sees active targeted attacks to their customers and thus they’ve determined it should be pushed out now rather than waiting for the second week of next month to fix it. 

    Bottom line, there’s a security issue for which Microsoft has apparently deemed it an “out of band” but not enough of an “out of band” to be pushed out to automatically update.  Confused?  I am.  Should you install it?  Obviously not given how they are handling this update.

    Updated note:  Per Nick from the patchmanagement.org list, Microsoft has told Enterprise customers that this will be on Windows update and WSUS on Tuesday, September 24 Redmond time (aka the D week release).  So unless you have deferrals in place you will be getting it tomorrow on your Windows 10 machines.  I’ve always been informed that attackers can call a specific program so even though you aren’t using IE, that doesn’t mean it’s not embedded into the software.

     

  • Patch Lady – Avast does…what?

    Posted on August 29th, 2019 at 05:05 Susan Bradley Comment on the AskWoody Lounge

    Spying on HTTPS

    Spotted that post.  Read it.  Now why this appears to be the RIGHT way for the vendor do to this inspection process, it still makes me shudder.  As is pointed out in the post, all it takes for a vulnerability to be introduced into the implementation or some other extension or add in that is nefarious to slither in and get this information and there’s your encrypted info out the door.

    While antivirus can be great as Symantec showcased lately it can also be our worst enemy.