SSRF Vulnerability In VMware Authentication
Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.
This serious security vulnerability was found in a popular service called VMware Workspace ONE Access. It’s used to provide multi-factor authentication, conditional access, and single sign-on to web and mobile apps. The vulnerability could enable malicious actors to read the full response of HTTP requests. This vulnerability is tracked as CVE-2021-22056. It has a severity score of 5.5, or ‘moderate’.
Security researchers Shubham Shah and Keiran Sampson discovered the bug that could lead to the leaking of JWTs. This would give malicious actors full access to vulnerable systems. JWTs are strings that act as a way to identify users. They contain JSON-encoded data, making them convenient for embedding information. They are typically used as session identifiers for mobile and web … Read the rest
How To Uninstall Atera Agent Software
So we have bumped into the Atera Agent Software and we wish to uninstall it from all the computers. You cannot find the uninstaller in add or remove programs so the next best solution would be to run a Command Script to remove the Atera Agent Software.
What is Atera anyways?
Atera provides a great an all-in-one management platform. It brings together remote IT monitoring and management, powerful ticketing and customer satisfaction surveying, billing and invoicing, and much more. Atera is used by IT support companies and MSPs in the US, Europe, and Asia.
In a few steps we will have the Atera Agent Software removed.
- Open Notepad.
- Copy and paste the following into notepad.
msiexec /x {EFB51F01-9805-4293-BB16-6F17EF4CEDF2} /qn
timeout /t 5 /nobreak >nul
sc stop AteraAgent > nul 2> nul
sc delete AteraAgent > nul 2> nul
taskkill /f /im TicketingTray.exe > nul 2> nul
REG DELETE "HKEY_CURRENT_USER\Software\ATERA Networks" 
Unifi VPN – L2TP Connection Attempt Failed After Installing KB5009543
Microsoft released a path KB5009543 during Patch Tuesday of 2022 which is resulting in Unifi VPN connections presenting you with the message, L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer. Other vendors besides Unifi like, Sonicwall, Ciso Meraki and WatchGuard Firewalls are experiencing the same VPN connection access error.
Microsoft confirmed the issue, saying:
“After installing KB5009543, IP Security (IPSEC) connections which contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected.”
Microsoft has released an out-of-band fix for the issue and adding the following statement.
… Read the restOut-of-band update to address issues after installing the January Windows update
Microsoft is releasing Out-of-band (OOB) updates today, January 17, 2022, for some versions of Windows. This update addresses issues related to VPN connectivity, Windows Server
Online Awareness Challenge: Social Media Red Flags Crossword
Introduction
Vertical
How to track file change events on your Windows File Server
In this tutorial you will be shown how to configure group policy to track file change events on your windows file server.
In the event of a data breach, businesses often want to know who accessed the data and when. They also want to know what kind of changes were made. With this method you can track file changes in your Windows file server. This will help you prevent insider threats by knowing who is accessing files they don’t need access to. Plus, it can help during data breach investigations by proving who changed what.
Step 1: Enabling the ‘Audit object access’ policy
-
Remote connect to your DC and Launch the Group Policy Management console (Run –> gpedit.msc)
-
Create a new GPO named “Server Audits” and apply it to the root of your domain.
3. Right click “Server Audits” policy followed by clicking on Edit within the menu.
4. Navigate … Read the rest
KB5009624 or KB5009595 Virtual Machine could not be started.
This month’s Patch Tuesday (January 11th, 2022) has featured two updates that appear to break Hyper-V on Windows Server 2012 R2 servers. If you installed either KB5009624 or KB5009595 and are receiving “Virtual Machine {VM NAME} could not be started because the hypervisor is not running”, then you should uninstall both updates and restart.
The following events will also be visible in the System Event Logs:
Source: Hyper-V-Hypervisor
Error ID: 80
Hypervisor launch failed; The operating systems boot loader failed with error 0xC00000BB.
Source: Hyper-V-VMMS
Error ID: 15350
The virtualization infrastructure driver (VID) is not running.
Source: Hyper-V-VMMS
Error ID: 15160
‘MACHINE NAME’ failed to restore virtual machine state.
Workaround
There is no permanent solution currently available. To fix this problem, you need to remove the update from the Hyper-V host by doing the following:
1) Open elevated command prompt on the Hyper-V Host
2) Run “wusa /uninstall /kb:5009624”
3) … Read the rest
How To Enable Root Login And SSH For Ubuntu 20.04
In this tutorial you will be shown how to enable Root login and SSH for Ubuntu 20.04. Root access is the administrative user that you can use to access and edit all of the files on your server (this includes system-critical files). In some situations, for proper installation of software on Ubuntu 20.04 using root access will make things easier.
Let’s get started
- Log into your Ubuntu 20.04 server and run the following command to apply a password to the root user.
sudo passwd root
2. Now, let’s edit your SSH config to allow root to be able to SSH into your Ubuntu 20.04 server.
sudo nano /etc/ssh/sshd_config
3. Move down towards the end of the config file and type in the following.
PermitRootLogin Yes
4. Use CTRL+X and you will be prompted to save the config.
5. You should be prompted with the question to Save Modified Buffer? Type … Read the rest
How To Install Plex Media Server On Ubuntu 20.04
In this tutorial you will be shown how to install Plex Media Server on Ubuntu 20.04. Plex Media Server is a convenient way to organize and enjoy your media. Used in combination with modern technology, it is easy to navigate and access your content anywhere — whether at home, in the car, or on a boat in the ocean.
Ubuntu 20.04 Server Requirements
- A local physical server or VPS with Ubuntu 20.04.
- Minimum of 4 CPU cores.
- Minimum of 4GB ram.
- Minimum of 30GB storage.
- Minimum of 1 Network Adapter
- Ability to SSH into server as Root user.
- Fully Patched Ubuntu 20.04 Server
Things To Note
- Single 720p transcode: Intel Core i3 3.0 GHz
- Single 1080p transcode: Intel Core i5 3.0GHz
- Single 4K transcode: Intel Core i7 3.2GHz
There is a great development for Ubuntu Linux users. Snaps , makes it possible to simplify the entire process of … Read the rest
How To Install Nessus On Ubuntu 20.04
In this tutorial you will be shown how to install and configure Tenable’s Nessus Vulnerability Scanner on Ubuntu 20.04.
Nessus is a tool that checks computers to find vulnerabilities that hackers COULD exploit. Nessus works by testing each port on a computer, determining what service it is running, and then testing this service to make sure there are no vulnerabilities in it that could be used by a hacker to carry out a malicious attack.
Server Requirements
- A local physical server or VPS with Ubuntu 20.04.
- Minimum of 4 CPU cores.
- Minimum of 4GB ram.
- Minimum of 30GB storage.
- Minimum of 1 Network Adapter
- Ability to SSH into server as Root user.
- Fully Patched Ubuntu Server
Now Let’s Install Nessus on Ubuntu 20.04
- Open your Browser and click on Nessus Downloads to review latest releases. In my case the latest release for this tutorial is Nessus-10.0.2-ubuntu1110_amd64.deb. Download the latest
This Year You Should Expect Stronger Cyber Security Regulations
The government is cracking down on cyber security. According to The Wall Street Journal, and companies are expected to comply with the more stringent cyber security regulations.
In early 2021, a SolarWinds and Microsoft hack occurred. They have been linked to Russia and China, respectively. President Joe Biden has issued a presidential executive order that mandates cyber attack reporting in some critical infrastructure sectors. The confirmation of a new National Cyber Director has also occurred. He is Chris Inglis and will oversee the cybersecurity efforts of the U.S. government.
Later in 2021, Kaseya and JBS SA were hit by ransomware. This is a big deal for critical infrastructure companies, because more regulation will likely follow. According to Sidley Austin LLP Partner Sujit Raman: “I think we’re going to see more regulations, because the government is going to have to step in and say, ‘Look, this is a national security … Read the rest
Loading ...