Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Credit to Author: BrianKrebs| Date: Thu, 24 Sep 2020 17:00:51 +0000

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.

Read more

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Credit to Author: BrianKrebs| Date: Wed, 23 Sep 2020 23:06:38 +0000

Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.

Read more

Pandemic gives VDI a new lease on life

Credit to Author: Andy Patrizio| Date: Wed, 23 Sep 2020 03:00:00 -0700

The COVID-19 pandemic and subsequent shift to working from home have brought about numerous technological disruptions, many centered around how organizations deliver IT services to their workforce. Technologies that were dabbled in before, like videoconferencing, have suddenly become standard practice.

Such is the case with Virtual Desktop Infrastructure (VDI), also known as desktop virtualization or thin-client computing. Led by vendors such as Citrix, Microsoft, Cisco, and VMware, it has been around for decades and hasn’t changed much in that time. But with companies’ entire workforces now connecting to corporate networks from home, sometimes without a company-issued laptop with a VPN and all the necessary settings for secure access, VDI is getting a second look.

To read this article in full, please click here

(Insider Story)

Read more

How IT can keep remote workers’ Windows 7 PCs safe

Credit to Author: Preston Gralla| Date: Tue, 22 Sep 2020 03:00:00 -0700

In the time of COVID-19, with so many people working from home, it’s inevitable that many will be using Windows 7 devices. And that’s a big security problem for IT. As of January 2020, Windows 7 is no longer supported by Microsoft. That means no security patches — particularly dangerous at a time when many people are connecting to enterprise networks from their Windows 7 PCs.

It adds up to one of the biggest security risks many companies have seen for some time. Unpatched systems can be more easily hacked than ones that regularly receive security patches. Hackers go after low-hanging fruit — and right now Windows 7 is the lowest fruit there is. As the FBI stated in an August 2020 warning to businesses:

To read this article in full, please click here

(Insider Story)

Read more

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Credit to Author: BrianKrebs| Date: Thu, 17 Sep 2020 22:03:21 +0000

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.

Read more

Why you need Apple support to secure the C-suite

Credit to Author: Jonny Evans| Date: Thu, 17 Sep 2020 06:27:00 -0700

I get it. You’re one of those enterprises that doesn’t (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I’m willing to bet it does not, and that’s why even Windows-only IT must learn how to secure Apple’s products.

Ignore the fantasy, this is reality

The reality is that Apple’s products are popular in the enterprise. And while there are many businesses that don’t officially support them, one section of civic society that pretty much always do their own thing no matter what they ask others to do are the boys and girls in the C-suite. I can still recall the number of CFO’s I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did.

To read this article in full, please click here

Read more

Windows 10 upgrades are rarely useful, say IT admins

Credit to Author: Gregg Keizer| Date: Thu, 17 Sep 2020 03:00:00 -0700

A majority of IT administrators polled this summer said that the twice-a-year Windows 10 feature upgrades are not useful – or rarely so – a stunning stance considering how much effort Microsoft puts into building the updates.

About 58% of nearly 500 business professionals who are responsible for servicing Windows at their workplaces said that Windows 10 feature upgrades – two annually, one each in the spring and fall – were either not useful (24%) or rarely useful (34%).

Only 20% contended that the upgrades were useful in some fashion, while a slightly larger chunk – 22% – choose a noncommittal neutral as a response, claiming that the operating system’s updates were neither useful nor not useful. (It might be best to consider this answer as undecided since in this binary world if something is not not useful, that must mean it is useful.)

To read this article in full, please click here

Read more

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Credit to Author: BrianKrebs| Date: Wed, 16 Sep 2020 20:53:17 +0000

U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Read more