Apple iTunes Bug Exploited To Deliver Ransomware
The Hackers have been exploiting the “unquoted path” flaw in the Bonjour updater in iTunes for Windows to deliver BitPaymer/iEncrypt ransomware.
The Researchers from Morphinsec Labs have identified this flaw with Bonjour updater back in August the team from Morphisec immediately disclosed the vulnerability to Apple. Apple has recently patched the flaw for Windows. Windows desktops will still need to rely on iTunes for the foreseeable future even though Apple is dropping iTunes in their own ecosystem.
The type vulnerability allowed a combination of BitPaymer/iEncrypt ransomware to be exploited. The attack exploits an unquoted path vulnerability in Bonjour, which is a software that organizations may not even know is running on their systems, the firm said in a Thursday posting.
This vulnerability makes it easy for attackers to evade common detection because most of the Antivirus programs now a days are based on behavior monitoring, and the Bonjour component … Read the rest
SonicWall SOHO Wireless-N TOTALSECURE 1YR
The Sonicwall TZ SOHO offers small offices big-business protection and uncompromising security. These affordable firewalls let small businesses and home offices take full advantage of high-speed broadband, without compromising the highly effective protection needed to stop cyberattacks.
The SonicWall TZ series enables small to mid-size organizations and distributed enterprises realize the benefits of an integrated security solution that checks all the boxes.
Features
✅ Flexible, integrated security solution
✅ Superior threat prevention and performance
✅ Easy deployment, setup and ongoing management
- SOHO Wireless-N TotalSecure 1 YR Bundle
- Includes Appliance and Comprehensive Gateway Security Suite (CGSS) which includes: Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, Content Filtering Service, Application Intelligence & Control and 24×7 Support
- Firewall throughput : 300 Mbps, IPS throughput : 100 Mbps, VPN throughput : 100 Mbps, SonicPoints supported (max) : 2
- Dimensions (in) 1.4×5.6×7.5 Weight 0.48 kg / 1.06 lbs
- Services and Add-Ons eligible
How to fix VSS Error ID 513
How to fix VSS Error ID 513. During backup a VSS process running under NETWORK_SERVICE account calls cryptcatsvc!CSystemWriter::AddLegacyDriverFiles(), which enumerates all the drivers records in Service Control Manager database and tries opening each one of them. , The function fails on MSLLDP record with “Access Denied” error.
Turned out it fails because MSLLDP driver’s security permissions do not allow NETWORK_SERVICE to access the driver record.
The binary security descriptor for the record is located here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsLldp\Security
It should be modified, I used SC.EXE and Sysinternals’ ACCESSCHK.EXE to fix it.
The original security descriptor looked like below:
>accesschk.exe -c mslldp
mslldp
RW NT AUTHORITY\SYSTEM
RW BUILTIN\Administrators
RW S-1-5-32-549 <- these are server operators
R NT SERVICE\NlaSvc
No service account is allowed to access MSLLDP driver
The security descriptor for the drivers that were processed successfully looked this way:
>accesschk.exe -c mup
mup
RW NT AUTHORITY\SYSTEM
RW BUILTIN\Administrators
R NT … Read the rest
How To Fix Windows Update Patching Issues
If your running into some problems with windows Update and Patching, here are a few options you can take to fix the issue.
Option 1:
- Disable everything antivirus.
- Reinstall patches through windows update if that does not work move to step 3
- Manually download the path that is having an issue from http://www.catalog.update.microsoft.com/home.aspx
Option 2:
- Log in as local administrator
- Run disk cleanup. Click on Cleanup System Files. Make sure All files are selected.
- we will now create a .bat file
- open notepad
- type the script
- @ECHO OFF
echo Simple Script to Reset / Clear Windows Update
echo.
PAUSE
echo.
attrib -h -r -s %windir%\system32\catroot2
attrib -h -r -s %windir%\system32\catroot2\*.*
net stop wuauserv
net stop CryptSvc
net stop BITS
ren %windir%\system32\catroot2 catroot2.old
ren %windir%\SoftwareDistribution sold.old
ren “%ALLUSERSPROFILE%\application data\Microsoft\Network\downloader” downloader.old
net Start BITS
net start CryptSvc
net start wuauserv
echo.
echo Task completed successfully…
echo.
PAUSE - save to desktop as wureset.bat
What Firewalls To Use To Be HIPAA Compliant
Do you know what firewalls to use to be HIPAA compliant? Is your Network Secure? How is your organization doing with logging? If you don’t know the answer to these questions, you’re not alone.
I am going to bluntly state that medical offices need to have a UTM Firewall (Unified Threat Manager Firewall) appliance. These types of Firewalls will make it more simpler for you to pass a HIPAA audit. Inspectors from Health and Human Services (HHS) Office of Civil Rights (OCR) check that patient health information (PHI) is secure in its storage, transference, and disposal. A firewall allows or denies access to anywhere PHI is kept.
Your Firewalls should have application-level inspection
To protect PHI data the UTM Firewall can authenticate access within applications that healthcare uses to provide care. In networking terms, layer 7 of the OSI is the application layer. The UTM firewall is smart enough to … Read the rest
Does A Office Printer Have To Be HIPAA Compliant?
Ensuring that your office printer is HIPAA compliant isn’t only important for the security of your patients but it’s also the law. That being said, all printer technology must be secured and maintained according to the standards outlined in HIPAA.
Types of print technology defined:
Print technology is defined as printers, copiers, multifunction printers, fax machines, and all other devices with similar functions.
How to know if my printer is HIPAA Compliant?
I have some advice here for you when it comes to HIPPA compliance security and the print technology devices your office uses.
One of the BIGGEST weaknesses I continue to see when working with healthcare organizations is the lack of attention and knowledge of printing technologys play in HIPAA compliance.
As you know the confidentiality of health information of all your patients is vital, and the craziest part is that you might not even know your putting your … Read the rest
End of life for Windows 10 1803 so update to 1903 now
Microsoft has been alerting their users running Windows 10 1803 also known as the April 2018 Update that this version of windows is nearing end of life and that they should update to the latest version of Windows.
When and how am I affected?
Windows 10 1803 will reach end of support on November 12th, 2019, which means Microsoft will no longer be pushing out security updates and you will be vulnerable to any new security threats that are discovered.
How do I update to the latest version?
Click here if you need assistance with updating to Windows 10 1903 which is the latest version of windows.
- PowerShell Script to Force Uninstall Umbrella Roaming Client
- How to Install Moodle on a Ubuntu 24.04 VPS with a Scripted Guide
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove
Google Warns Zero-Day Bug For Android Under Active Attack
Google has stated a warning of an Android zero-day flaw actively being exploited in the wild. This flaw impacts 18 Android models including Google’s flagship Pixel, Samsung, Huawei and Xiaomi.
Project Zero member Maddie Stone wrote in a technical post . which said the unpatched vulnerability(CVE-2019-2215) can be exploited in several ways. In one scenario, a target is enticed to download a rogue app. The second method of infection includes chaining the bug with an additional vulnerability in code the Chrome browser uses to render content.
“It is a kernel privilege escalation [bug] using a use-after free vulnerability, accessible from inside the Chrome sandbox,” Stone said. “The vulnerability is exploitable in Chrome’s renderer processes under Android’s ‘isolated_app’ SELinux domain, leading to us suspecting Binder as the vulnerable component.”
A patch for the vulnerability is expected in the next few days as part of Google’s October Android security … Read the rest
The Benefits Of Managed IT Service Providers
Managed IT Services is a term that refers to the practice of outsourcing your company’s IT computer network support and management to improve business operations. Companies that provide these managed services are called Managed Services Providers (MSP).
These MSP companies would take the place of a full-time IT professionals that you would normally have on staff. But that’s not the only advantage of managed services.
1. REDUCE RISK
Every investment your business makes carries a certain risk. Government regulations, technologies, markets, financial conditions and markets all change at a rapid pace. When you utilize an outsourcing provider, they tend to manage a lot of this risk for you because of our industry knowledge in areas such as compliance and security issues.
2. PROACTIVE SOLUTIONS
When you choose to outsource your IT as a proactive effort, you receive better performance, nearly zero downtime and fewer glitches. They help detect problems to … Read the rest
FBI Released Public Announcement About Ransomware Threat
The FBI released a new public announcement about the ongoing ransomware threat. They stated that the attacks are becoming more targeted and with losses increasingly more damaging.
HOW DOES RANSOMWARE INFECT ITS VICTIMS?
The new public message lists the common infection vectors; namely, email phishing campaigns, Remote Desktop Protocol vulnerabilities and software vulnerabilities.
IF MY SYSTEM IS INFECTED, SHOULD I PAY THE RANSOM? SHOULD I CONTACT THE FBI?
You should avoid paying the ransom at all costs. This also emboldens the criminals to target other organizations and attempt to hold them for ransom as well. Remember just because you paid the ransom does not guarantee they will give you your data back.
HOW CAN I PROTECT MYSELF AGAINST RANSOMWARE?
The FBI Stated the following: “As ransomware techniques and malware continue to evolve and become more sophisticated, even the most robust prevention controls are no guarantee against exploitation. This makes … Read the rest
Loading ...