Unifi UAP-AP AC DHCP Not Working Using Firmware 4.3.24
If you are having problems your Unifi UAP-AP AC DHCP Not Working Using Firmware 4.3.24 follow these steps to rollback back the firmware.
How to rollback 4.3.24 firmware.
- Log into your Unifi Controller.
- Make sure that Auto Update is disabled
- Settings > Site > Services , uncheck Automatically Upgrade Device Firmware.
- Also check scheduled upgrades. Settings > Services > Scheduled Upgrades and remove them.
- On the left hand side menu Click on Unifi Device Icon
- Click on the the wireless access point you would like to start with so the side menu expands to display a gui like below.
- Click on the gear\config icon
- Scroll down to the bottom and expand MANAGE DEVICE
- In the Custom upgrade section use the copy/paste the following known working firmware provided: https://dl.ui.com/unifi/firmware/U7PG2/4.3.20.11298/BZ.qca956x.v4.3.20.11298.200704.1347.bin
- Click Custom Upgrade
- Wait a few and you should be good to go!
Microsoft.com is being Spoofed to Phish Office 365 Users
As the title said, the microsoft.com domain is being spoofed to phish office 365 users. This is quite alarming for one, why is Microsoft allowing its domain to be spoofed is beyond me. They can easily fix this with proper SPF, DKIM, and DMARC records within their DNS.
In a recent report posted online by Lomy Ovadia, Ironscales vice president of research and development said that many industries are being targeted and lots of damage is being done.
The email phishing attack is so realistic looking that victims fall for the scam. It sure doesn’t help that the domain Microsoft.com is being spoofed.
The email is also composed in a way that will lure you into making a bad decision.
… Read the rest“Specifically, the fraudulent message is composed of urgent and somewhat fear-inducing language intended to convince users to click on what is a malicious link without hesitation,” Ovadia wrote. “As inferred
How To Restart Veeam Backup Services With Powershell
Veeam Backup is great but once you run into a problem Veeam backup can be quite tricky.
There are some cases that you may happen to get jobs stuck or the console just won’t open up for you, you always can rely on restarting eventually the services and avoid an unnecessary server restart.
You can either make a script or use line by line the following commands.
Why Restart Veeam Backup Services With Powershell?
Before we delve into the details of restarting Veeam Backup services with PowerShell, let’s understand why you might need to perform this action. Restarting the Veeam Backup services can help resolve certain issues such as:
-
Performance degradation: If you notice a significant decrease in the performance of your Veeam Backup, restarting the services can help alleviate the issue.
-
Error messages: Sometimes, error messages may occur within the Veeam Backup services. Restarting them can help clear any
Hackers Bypassing cPanel 2FA All Day Long
Researchers have discovered quite a big issue with cPanel which Hackers can exploit your 2FA authentication to obtain access to your cPanel Hosting service.
What was found by Digtial Defense, Inc.
“Digital Defense, Inc., a leader in vulnerability and threat management solutions, today announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform.” reads the post published by Digital Defense. “c_Panel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable to brute force attack, resulting in a scenario where an attacker with knowledge of or access to valid credentials could bypass two-factor authentication protections on an account.”
This exploitation can have a big impact towards web hosting providers and the 70 million domains around the world if not dealt with quickly. However there is some good news even though they can … Read the rest
Dell Switch n2024 and n2048 Default Login
If you are looking for a default Login Account and Password you have come to the right place because there is no Default login for the Dell Switch n2024 or the n2048.
How to Access Dell Switch n2024 and n2048 Without a Password
- Grab your console cable and your computer.
- Make sure to install Putty which would be used to connect to the Dell n2024 or n2048 Switch.
- Manually reboot the switch and also have putty open and connected.
- When the Dell switch n2024 or n2048 loads you will get a message to select an option.
-
- 1- Start Operational Code
- 2- Display Boot Menu
-
- When you see the Dell Networking Boot Options, type “2” and press “Enter” to select within 3 seconds. If you miss this step the switch will need to be powered on again.
- Once the boot menu is loaded you will see options 1 through 12. Type
How To Migrate SYSVOL From FRS to DFSR
You are most likely here because you have encountered an issue during your Active Directory Domain Controller migration. Most likely your active directory is old, FRS was released back in Windows Server 2000 and was only supported up to Windows Server 2012. With Windows Server 2016 and Windows Server 2019 you must run DFSR instead of FRS. In this tutorial you will learn how to migrate SYSVOL from FRS to DFSR.
During your migration to the new environment, you may run in the following error if still using FRS and upgrading to new Domain Controller.
Windows Server version can no longer be added as an Active Directory domain controller (DC) to an existing domain that is still using File Replication Service (FRS) for replication of the SYSVOL share.
When you try to add a New Windows Server 2016- 2019 as a DC to the domain, you receive the following error … Read the rest
Phishing for Microsoft Teams Credentials
Phishing continues to be a pain in everyone’s rear end. This particular Phishing scam aims to rob you from your Microsoft Teams Credentials.
Since Microsoft Teams has become a favorable communication tool throughout the world of course hackers are now aiming to phish you into giving them your login information.
Abnormal Security said “Because Microsoft Teams is an instant messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification.”
What to look for
- The attack impersonates an automated message from what you think would be from Microsoft Teams.
- The from field would state “Theres new activity in teams”.
- The message from the teammate would craft a message with a sense of urgency.
- The email will have clickable URL’s and Buttons that direct you to a fake Office365
Cyber-Response Ethical Guidelines is a must read.
Now this was an interesting read from the website ethicsFIRST. They guide you through 12 ethical duties which are listed and explained. Of course some of it seems to be a little on the nose and why did you not ethically choose this path to begin with? Regardless these steps are great for people that seen to lack a cyber security ethics plan and path and could bring some confidence to your teams decision making.
The guidelines were launched on Oct. 21, Global Ethics Day, by FIRST.
For more, read here.
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
- How to Automate Ubuntu Server System Updates and Package Installation
- Introducing Zevonix: Your Pathway to Smarter IT
Mobile Users Falling Victims To URL Spoofing
Yikes, aren’t there enough mobile vulnerabilities already? Now we have to tend to URL Spoofing and determining if the website is real or not?
A Rapid7 researcher named Tod Beardsley, which disclosed the vulnerability, said this flaw, is an instance of CWE-451 from the Common Weakness Enumeration. It is cause for concern because these victims on mobile devices can’t tell the difference between a real site and the fake site victims land on.
In its most common cases a user would get lured to click on a link from a social media site, or receive a text on their mobile device with a link that would take them to the fraudulent site. In just about every instance, once the user clicks, he’s asked to give up something, whether it’s credentials or credit card information.
… Read the rest“I can’t really tell the difference,” Beardsley said. “The mobile address bar is so small that
Hackers From Iran Are Spreading Dharma Ransomware Via RDP Ports
A group of hackers from Iran are targeting worldwide companies that use public-facing Remote Desktop Protocol (RDP) and infecting them with the Dharma Ransomeware.
The attackers would lunch their campaign by first scaning ranges of IPs for hosts that contained these vulnerable RDP ports like 3389 which is the default RDP port, afterwards attempt weak credentials. They have been using a scanning software called Masscan.
Once vulnerable hosts were identified, the attackers deployed a well-known RDP brute force application called NLBrute, which has been sold on the dark web forums. Using this tool, they are able to brute-force their way into the system, and then check the validity of obtained credentials on other accessible hosts in the network.
Attackers also attempted to elevate privileges using an exploit for an elevation privilege flaw. This medium-severity flaw (CVE-2017-0213), which affects Windows systems, can be exploited when an attacker runs a … Read the rest
Loading ...