Let’s plant some trees with Ecosia
Ecosia is all about planting trees. 15 million users have planted over 120 million trees, for free. Just by searching the web. Ecosia donates all of its charitable contributions to tree planting charities that work to plant trees in South America, Africa and Indonesia, where the cost of planting trees is lower.
Ecosia knows each tree can remove around 50 kg of carbon dioxide from the atmosphere over a 15 year period, this equates to around 5 million metric tones of CO2 removed from the atmosphere. Since 2020 Ecosia has removed around 0.01% of the CO2 in the atmosphere.
Ecosia donates 80% of their profits to tree-planting charities – nice and simple! It is worth noting that this is far in excess of the 50% donation percentage offered by most other charities. It is important to note that the tree-planting projects that Ecosia supports will help to give paid work … Read the rest
Keep Old Server Name During File Server Migration
In this complete guide I will show you how to migrate a old Windows File Server 2008, 2012, 2016, 2019 and windows server 2022 to a new Server Host Name while keeping the OLD Server Host Name.
Step 1 : Stand up your new file server, mine is called FS2.
Step 2 : Make sure to keep the same folder structure if possible as you see in your old server, in my case it is called FS1.
Step 3 : I like to use software called SyncFolders , it can be used to transfer all your files with NTFS permissions from Source (FS1) to Detestation (FS2)
Step 4 : In my case I configured the SyncFolders Software to Point my FS1 D:\ drive TO \\FS2\D$ or you can just share the D drive from FS2. You can also schedule this software to run hourly or nightly it will sync the … Read the rest
Download Windows Server 2022 preview
Dust off your home labs or get your CC out for Azure. Get a leg up by making yourself familiar with Windows Server 2022.
Download Windows Server 2022 it is now available in preview. This is Microsoft’s next release which will be available later this year. It builds on Windows Server 2019 by including advanced multi-layer security, hybrid capabilities with Azure, and a flexible platform to modernize applications with containers.
Windows Server 2022 Features
Microsoft stated that Windows Server 2022 and SQL will now support large-scale applications that would require 48tb of Ram and 2,048 cpu cores.
Kuberneties will have a smaller foot print which would be better for performance and deployment speeds.
Windows Server 2022 will have adequate built-in security capabilities that will be using https and TLS 1.3 by default. What is really being focused on right now is that Windows Server 2022 will also have … Read the rest
HIPAA Requirements For Passwords
Did you know, within the HIPAA security requirements there are guidelines for deploying and creating a passwords management policy, this would include: creating, changing and protecting passwords? These guidelines were established under the HIPAA Security Rule and within the HIPAA Security Rule it is required to provide Security Awareness and Training for creating policies and procedures on how to preform the storing, changing and creation of passwords.
Complying With HIPAA Security Policies
Many security professionals tend to argue over the HIPAA best practices for passwords but they are all in agreement that there should be a minimum of 8 characters, include upper and lower case letters, numbers, and special characters, this practice has been challenged in recent years, as has the practice of enforcing changes to passwords regularly. However keep in mind that many healthcare organizations are choosing to make it a minimum of 12 characters.
Keeping up with randomly … Read the rest
Purple Fox Malware Evolves With Worm Capabilities
The Windows malware called Purple Fox Evolves with worm capabilities. Purple Fox in the past the malware targeted Windows machines through a various attack methods like phishing and exploits before the software was evolved.
Guardicore Labs revealed that Purple Fox can now breach windows machines through SMB Brute-Force attacks. The Purple Fox malware would compromise various IIS7.5 servers to push rootkit’s which would then allow Purple Fox to hide itself within the Windows machine.
Once the payload is deployed, an MSI installed launches.
… Read the rest“The installer pretends to be a Windows Update package along with Chinese text which roughly translates to ‘Windows Update’ and random letters,” which Guardicore Labs explained. “These letters are randomly generated between each different MSI installer to create a different hash and make it a bit difficult to tie between different versions of the same MSI.”
“This is a ‘cheap’ and simple way of evading various detection
Three Linux vulnerabilities provided root access to hackers since 2006
Three Linux vulnerabilities provided root access to hackers since 2006 in the iSCSI module used for getting to shared data storage. This flaw could allow root access to any hacker with a user account.
The three vulnerabilities – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – were in the Linux code since 2006 going unnoticed until the researchers from GRIMM discovered them.
… Read the restAdam Nichols, Software Security Principal at GRIMM said. “If you already had execution on a box, either because you have a user account on the machine, or you’ve compromised some service that doesn’t have repaired permissions, you can do whatever you want basically,”
Even though the flaw “are in code that isn’t remotely accessible, so this isn’t like a remote exploit,” said Nichols. However they can take “any existing threat that might be there. It just makes it that much worse,” he explained. “And if you have users on the system
Microsoft released one-click solution for Exchange Vulnerability
To combat the severe vulnerability facing exchange servers, Microsoft has released a one-click solution to help server administrators mitigate the problem.
Microsoft Stated “We realized that there was a need for a simple, easy to use, automated solution that would meet the needs of customers using both current and out-of-support versions of on-premises Exchange Server,”
It has been reported by RISKIQ that over 80,000 servers are still vulnerable. Microsoft decided to take action and create a solution to mitigate the problem quicker. The one-click application should resolve the issues with exchange server 2013, 2016 and 2019.
You can find the download and more details on Microsoft’s Security Response Center.
Has your computer been hijacked with cryptojacking?
There are so many ways that hackers can use your computer to make themselves money and cryptojacking is one of them. Worst part about it is if you don’t have proper security in place you wont even know that your infected.
What is Cryptojacking?
Well the term cryptojacking refers to the unauthorized use of someone’s computer for mining cryptocurrency, for example bitcoin. Cryptojacking is a big deal because the hackers are stealing your computing power and making your systems slower. All the computing power they are using up will have a tangible effect in your power consumption and could cost you double in your power bill.
How does Cryptojacking work?
There are a few methods that you can be infected with Cryptojacking.
- Hackers can send you an email and trick you into clicking the link that loads the malicious software on your computer.
- Hackers can compromise a website or an
Importance of Cyber Security in the Workplace
Organizations need to elevate their security posture at the workplace and put in place a cyber security policy to better protect their data and their client’s data. Most company’s these days have a database containing confidential information such as:
- Private financial data of company assets.
- Personal details of customers, executives, employees, vendors and partners of the firm.
- Unfinished or ongoing projects, new software developments and patents of primal importance that are exclusive to the company.
- Confidential information about existing or potential clients of the company.
Cyber Security is absolutely a requirement these days and should no longer be over looked. All company’s should at least follow simple cyber security practices and employees should be aware of cyber security threats by providing them cyber security awareness training.
It is best to have a workplace security policy in place because your aren’t just protecting your employees’ but also the personal credentials … Read the rest
How To Protect Your Healthcare Institutions Against Cyber Attacks
Healthcare has become a top priority due to the pandemic and with so many wheels turning to keep up with demands several things fall through the cracks and one of them being cyber security.
Healthcare cyber attack breaches and leaks not only hurt the institutions financially but also hurt its patients for the rest of their lives. Therefore, everyone needs to do their part and take the necessary precautions and try to keep ahead of threats. Here are some simple cyber security measures you can take.
Vulnerability Management
Hackers love to find exploits and unpatched vulnerabilities in the IT infrastructure they are attacking so they can ensure the success of their attempt. You will need to make sure that all the security patches and device firmware are updated regularly. Overlooking even a small vulnerability in your healthcare’s IT security can have severe ramifications. Conducting periodic Vulnerability Assessment and Penetration Testing … Read the rest
Loading ...