• A note of caution when using proxies, VPNs or TOR to get to AskWoody

    Proxies/VPNs /Tors encrypt the data from the source to the server, but on the other end it’s not encrypted from the server to the destination. That means if you use a VPN to get to AskWoody, which is perfectly fine, the IP address we see here may be from a known-spammy (or known-aggressive) source.

    The purpose (for “normal” people) is to disguise the source to avoid tracking, but the “bad guy” use it for the same purpose.

    Consequently, the IP addresses issued by the proxies/VPNs /Tors may have a dirty history.

    Firewalls and Spam filters (both of which AskWoody has, and employs vigorously) build blacklists of the series of IP addresses used by bots, spammers and hackers for nefarious purposes.

    If the proxies/VPNs /Tors connect you to AskWoody with bad IP addresses, you can be rejected/refused connection.

    Please be sure your proxies/VPNs /Tors service provides you with “clean” IP addresses because we have no control over the blocking.

  • What is a VPN good for?

    Just got this question from reader J:

    I need some advice. With all the hacking going on around us (two members of my family received scam emails from friends or relatives whose computers were hacked), I’ve been considering signing up with a VPN service. What’s your take on these? Are they worth it? And, if so, which one would you recommend? If not, is there anything else that would help with cybersafety?

    VPNs are good for cloaking your access to web sites, but they won’t do much to help with hacked emails.
    Best thing to minimize the amount of infected email that you receive is to use a Hotmail or Gmail account. They both devote enormous resources to filtering out bad mail.
    You’re using Apple’s mail.com, which is well filtered too.
    None of them are infallible. You have to keep on your toes, and not click anything unless you know what it is, and that the person who sent you the mail knows that they sent it!
  • Microsoft posts Fixit for KB 3023607, the POODLE patch that clobbers Cicso’s AnyConnect VPN

    Cisco says that Microsoft will release an honest-to-goodness patch on March 10 to roll out the fix automatically

    InfoWorld Tech Watch

  • Microsoft’s SSL 3.0 Poodle-busting patch KB 3023607 breaks popular Cisco VPN client AnyConnect

    If you use AnyConnect for VPN, and it isn’t working, now you know why

    InfoWorld Tech Watch

  • Are you travelling this summer?

    (Inspired by this post)

    So are you travelling this summer?  And if so, what technology are you taking with you? Often one of the most costly part of travel is the connectivity you need. Often the most concerning part of travel is questioning… is it safe?  I’ll have a full article about that second topic (is connecting to THAT safe and revisiting the VPN question) in a newsletter in the coming weeks, but tonight I want your opinion about what technology you take with you.

    Once upon a time I’d pack a camera, but now with smartphones having such good cameras and taking such good photos I don’t. My sister packs her smallest mini ipad, however I bring my smallest Surface because there are times I do have to connect back to the office and while it’s not impossible to use an ipad to connect to a windows desktop remotely, it’s easier for me to have a true Windows desktop should there be any emergency in the office.

    So what about you? What tech do you make sure you ALWAYS take when you travel whether it’s local or abroad?

  • Final patches for 2022

    #PatchTuesday and MicrosoftCentric

    It’s the final patches for 2022 for those of you in the Microsoft centric world

    But don’t just think operating systems….. Firefox is out with Version 108

    Citrix is recommending you update Citrix ADC and Gateway 

    Fortinet is patching a zero day in FortiOS SSL VPNs

    No matter what OS you have, take this week to review your vulnerabilities.

    I’ll link up to the patches once they come out – and remember I’ll have full detailed guidance in the next newsletter.

    Looks like .net security updates this month.

    Our dear dear friend the lovely secure boot patch KB5012170 has been released to apply to Windows 10 22H2.

    PK reports that searching in the Microsoft catalog site appears to be wonky – you can search by KB but searching by 2022-12 gives you results that don’t make sense. Apparently the Outlook search team is branching out to the Catalog site?

  • Microsoft is releasing an OOB update to address Arm devices issue

    Microsoft is releasing Out-of-band (OOB) updates today to address an issue with Azure Active Directory services on Arm-based devices. These cumulative updates are available on Windows Update and other channels.

    Consumer impact:  None

    Business impact: Only needed for Arm-based devices

    Microsoft is releasing Out-of-band (OOB) security updates today, June 20, 2022, only for Arm-based Windows devices. This update addresses a known issue that only affects Windows Arm-based devices and might prevent you from signing in using Azure Active Directory (AAD). Apps and services that use AAD to sign in, such as VPN connections, Microsoft Teams, and Microsoft Outlook, might also be affected.
    Important This issue only affects Windows devices that use Arm processors. No other platforms will receive this out-of-band update. This OOB update is cumulative. We recommend that you install this OOB update instead of the June 14, 2022 security update for affected devices.
    All updates listed below are available on Windows UpdateWindows Server Update Services (WSUS), and Microsoft Update Catalog. For instructions, see the release notes for your OS listed below.

    Susan comment:  Reminder This will only offer or install on Windows Arm-based devices.

    Thus for many of us you won’t see it/you won’t care about it.

    We are still tracking an issue where Internet connection sharing /being able to surf at the same time is impacted.  No ETA of a fix at this time but Microsoft has acknowledged the issue. Also tracking issues with RRAS and VPN but not sure if something third party vpn is triggering the problem?

  • Are you prepared?

    It’s Saturday night or Sunday morning where you are and I’d like to challenge you to test that you can restore a file that has been damaged, deleted or removed or worse yet, you got hit by ransomware.

    So first step is to move a file to a different location on your computer. Next launch your backup software. Launch the recovery window and see if you can restore that file.

    Ransomware is now being used by commercial attackers and they are using zero days to gain access into systems.

    One-third of all hacking groups exploiting zero-days in 2021 were financially motivated criminals as opposed to government-backed cyberespionage groups, according to Mandiant’s research. During the last decade, only a very small fraction of zero-days were deployed by cybercriminals. Experts believe the rapid change has to do with the illicit, multibillion-dollar ransomware industry.

    For businesses, they are going after VPN software, Exchange on premises software among other vulnerabilities.

    So I challenge you tonight/tomorrow to test a backup and restoration process.