A macOS 0-day vulnerability let hackers take screenshots
A macOS 0-day vulnerability lets hackers take screenshots of your screen. Hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permissions from any users. However, this attack is finally getting patched with the latest macOS 11.4 update released on May 24th, 2021. If you haven’t already, update your machine today.
The zero-day was exploited by XCSSET, the malware was discovered by security firm Trend Micro. XCSSET used what at the time were two zero-days aimed at developers, specifically their Xcode projects, which then got passed on to regular users.
No one really knows how many Macs are infected, but in a statement from TechCrunch, Apple confirmed that the exploit is no longer an issue after updating to the latest version, the macOS Big Sur 11.4 update.
… Read the rest
VMware vCenter VMSA-2021-0010 Advisory
In this VMware vCenter VMSA-2021-0010 Advisory, VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986).
VMware Impacted Products?
- VMware vCenter Server (vCenter Server)
- VMware Cloud Foundation (Cloud Foundation)
Who is affected?
VMware Security Advisories always list the specific product versions that are affected. In this case it is vCenter Server 6.5, 6.7, and 7.0.
What’s Happening?
In this VMware Advisory they have discovered multiple vulnerabilities in the vSphere Client (HTML5). If the hacker has access to point 443 they could exploit a vulnerability that would allow commands to be executed with unrestricted privileges. VMware advised to update your servers right now!
How to protect your servers.
You can protect yourself by patching vCenter Server, this is the fastest way to resolve this problem and removes the vulnerability completely. From there you can update any plugins as vendors release new versions.
… Read the rest
STRRAT Malware Is At It Again
A recent post from the Microsoft Security Intelligence revealed that STRRAT Malware is at it again with a new version release. The STRRAT malware is an odd duck to say the least. This STRRAT Malware is a Java-based RAT that poses as ransomware. It changes the file names on the infected devices by appending the “.crimson” extension without actually encrypting the files.
About STRRAT
The STRRAT Malware is actively distributing itself through a phishing campaign which includes a malicious attachment. Downloading this attachment will allow the malware to connect with the server to download the payload onto your computer. Once the payload is injected onto the computer the malware will start stealing data like passwords and installs keylogging software. It will also run remote commands and PowerShell, and executes other activities though it’s backdoor access. On top of it all the malware will also start renaming files and making them … Read the rest
How to install Primavera P6 EPPM v20 Server and Client
In this tutorial you will be shown how to install Oracle Primavera P6 EPPM v20. We will start with server installation and then end with a working client installation.
Prerequisites
The following prerequisites are a must to be configured and available.
- Windows Server 2019
- Microsoft SQL Server 2019 Express
- Microsoft SQL Server Management Studio (SSMS)
- Windows 10 Workstation
Let’s Get Started With Server Installation
- Decide which server you want to use.
- If its a new server download and configure Windows Server 2019 and make sure its fully updated.
- Download and Install Microsoft SQL Server 2019 Express. On the server and use the basic installation.
- Download and install SQL Server Management Studio (SSMS) on the server.
- Log into the Oracle Account
- Go to your downloads section and search for Primavera. During the creation of this tutorial the latest is 20.12 that was used. Download all the packages.
- Transfer the file
What Your Out Of Office Message Tells Hackers
It’s time for a vacation or your going on a business trip and your super excited, naturally our out of office message may reveal some of this excitement to hackers. People don’t naturally think about how cybercriminals would benefit from the details of your Out Of Office Message (OOO). But this attack vector is a great social engineering opportunity.
What Can Hackers Learn From Your OOO Message?
If the company is being targeted an OOO message will raise a flag for the cyber criminal to take action to learn more about you. Many employees share information on social media publicly which can give them a painted picture to what you are doing. Many people would provide overly detailed leave notification in email signatures or add details about their time off in their OOO responses, even when they plan to return to work or the details of the conference they are … Read the rest
Configure Unifi Controller Ports On Ubuntu 20.04
In this tutorial you will be shown how to configure Ubuntu 20.04’s Uncomplicated Firewall (ufw) with the necessary Unifi Controller ports.
Lets Get Started
- First make sure that you have already have your Unifi Controller Installed and working.
- Log into your Ubuntu 20.04 using putty via SSH.
- We will now configure a proper firewall with rules for your Ubuntu 20.04 Server. We will be using the Uncomplicated Firewall (ufw). Before we turn on the firewall lets add some ports to the firewall rules.
sudo ufw allow 22 sudo ufw allow 8080 sudo ufw allow 8880 sudo ufw allow 8443 sudo ufw allow 80 sudo ufw allow 443 sudo ufw allow 3478/udp sudo ufw allow 10001/udp sudo ufw allow 6666/udp sudo ufw allow 47763/udp
4. Now that we have the rules in place we can enable the ufw firewall and set it to auto start.
sudo systemctl enable ufw sudo
Is A Comcast Business Modem HIPAA Compliant?
I know the reason your here is to find out if a stand alone Comcast Business Modem can be used in a Medical Practice and pass the HIPAA compliance security check for protecting a healthcare network. Well, first there are a few things we need to know about HIPAA and Firewall Requirements.
HIPAA Firewalls 101 
The internet is full of viruses and malicious software actively attempting to execute exploits and gain access to computers and networks. Without proper firewalls in place patient data will be vulnerable and accessible to bay guys.
Firewalls can provide a first line of defense. A firewall acts much like a solid brick wall around a building, complete with a gate and security guard. The security guard only allowing the specific things you have told him through.
What Would A Proper HIPAA Approved Firewall Do?
Can A Comcast Modem Reduce Risk And Impact Of Malware?
- A
Windows Server Pending Reboot Status Won’t Clear
You may have a problem with Windows Server Pending Reboot Status Won’t Clear because you may have installed new windows updates, new drivers or new windows features and windows server is throwing a fit about needing to reboot, even though you have reboot it dozens of times.
In comprehensive guide on troubleshooting the issue of a pending reboot status that won’t clear on a Windows Server. As a system administrator or IT professional, you might have encountered this frustrating situation where the server continues to show a pending reboot status even after a restart. In this article, we will explore the possible causes behind this issue and provide you with effective solutions to resolve it. So, let’s dive in and get your Windows Server back on track!
Solution 1: Check for Pending Updates
One of the common causes of the pending reboot status is incomplete update installations. To address this … Read the rest
How to clear all event logs with .bat file for CMD
In this tutorial you will be shown how to clear all event logs with a .bat for CMD. This Bat file will come handy to clear stuck events from the logs or if your event viewer is crashing cause by too much data.
Let’s get started.
- Open notepad or notepad++.
- Copy the contents blow and paste them into notepad.
- Save the file as clearevens.bat
- Right click on the newly created clearevens.bat and run it as administrator.
@echo off
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo.
echo All Event Logs have been cleared!
goto theEnd
:do_clear
echo clearing %1
wevtutil.exe cl %1
goto :eof
:noAdmin
echo Current user permissions to execute this .BAT file are inadequate.
echo This .BAT file must be run with administrative privileges.
echo Exit now, right click on this 
Loading ...