Cybersecurity, Troubleshooting, IoT, Cloud Tech, Tools, Tips, News for MSPs and IT Professional
This article outlines all the resolution steps for common error and issues such as startup, performance, network, black screen, etc. occur in VMware Fusion.
Capella uses AWS to analyse data from space. Capella Space, a provider of on-demand Earth observation data via satellite-based radar, is running its entire IT infrastructure on Amazon Web Services (AWS) to automate and scale its operations, including satellite command and control. Source: AWS > Capella uses space to bring you closer to Earth
Nesten and Semtech partner on LoRa node platform. California companies Semtech and Nesten, a developer of blockchain and IoT technology for communications networks, are collaborating to support the rollout of a LoRa-based node platform. Source: Semtech and Nesten Deploy LoRa®-based Wireless Infrastructure Nationwide
BICS and Avnet accelerate IoT deployment. Belgian communications enabler BICS has joined forces with technology provider Avnet Silica to deliver IoT connectivity to OEMs, devices and applications. Source: IoT Now > BICS and Avnet Silica combine huge cellular connectivity with hardware expertise
Telit module integrates wifi and Bluetooth LE. Telit has announced the WE310F5, an integrated, single-band wifi and Bluetooth Low Energy 5 module that provides high-speed wireless connectivity to an embedded microcontroller over uart, SPI and SDIO interfaces. Source: Automation.com > Telit introduces WE310F5 Wi-Fi and Bluetooth Low Energy (BLE5) module
Arm pulls out of IoT services to focus on core IP. UK chip designer Arm is transferring its two IoT service group (ISG) businesses to Japanese parent company SoftBank so it can focus on its core semiconductor IP technology. Source: CRN > Arm Seeks To Offload IoT Units To SoftBank
Quantum leaps into IoT platform for hobbyists. California-based Quantum Integration has launched an IoT platform for electronic hobbyists. Makers can create custom apps and firmware without coding through a graphic interface and control any wireless device through a central server. Source: Quantum Integration Launches the First IoT Platform Designed Specifically for Electronic Hobbyists
Ordr improves system control engine software. Ordr, a California-based specialist in security for enterprise IoT and unmanaged devices, has added capabilities to its SCE systems control engine software. Source: Ordr Redefines IoMT and Enterprise IoT Security with Broader, Deeper Classification and Insights
Renesas embedded controller suits compact IoT devices. Japanese electronics company Renesas has introduced an embedded controller for use in compact IoT devices for sensor control in applications such as smart homes, smart buildings, environmental sensing, structure monitoring, trackers and wearable devices. Source: Renesas RX Wireless Solution for Today’s IOT Society
Delta modular data centres speed 5G and IoT deployment. Taiwanese firm Delta has introduced an all-in-one modular data centre offering for 5G and IoT edge computing. The SmartNode infrastructure provides flexible power and cooling designs. Source: Delta Introduces SmartNode All-in-one Modularized Data Centre Solution for 5G and IoT Edge Computing in EMEA
Eurotech software framework qualified to AWS IoT Core. Eurotech has announced the software qualification of its Everyware Software Framework (ESF) with AWS IoT Core. Source: MC.AI > Eurotech announces software qualification of Everyware Software Framework with AWS IoT Core
HPE helps enterprises digitally transform from edge to cloud. Hewlett Packard Enterprise (HPE) has introduced Ezmeral, a brand and software portfolio to help enterprises accelerate digital transformation across their organization, from edge to cloud. Source: Express Computer > HPE unveils HPE Ezmeral, new software portfolio and brand
Digi router supports remote monitoring. Digi has introduced a router to provide adaptable, right-sized connectivity. The IX20 is for industrial infrastructure, location monitoring, and unattended retail applications that require manageability, flexibility, reliability, and security. Source: Digi International Introduces Versatile Digi IX20 Router for Industrial, Remote Location Monitoring and for Unattended Retail and Digital Signage Applications
Qualcomm integrates DT NuSim on the chipset. Deutsche Telekom, Qualcomm Technologies, module maker Quectel, and Redtea Mobile are introducing an implementation of NuSim, an integrated SIM for IoT applications. Source: Deutsche Telekom’s nuSIM now integrated on first Qualcomm Technologies chipset
Intel and NSF fund ML wireless research. Intel and the National Science Foundation (NSF) have announced award recipients of joint funding for research into the development of machine learning in future wireless systems. Source: AiThority > Intel And National Science Foundation Invest In Wireless-Specific Machine Learning Edge Research
Laird modem combines Bluetooth 5, LTE-M, and NB-IoT. Ohio-based Laird Connectivity has launched the Pinnacle 100 series of cellular modems and development kits that combine Bluetooth 5, LTE-M, and NB-IoT in a small form factor device. Source: The RTOS for the Future of the IoT: Laird Connectivity and The Zephyr Project
Etsi standard secures consumer IoT devices. Etsi has published a standard for IoT cybersecurity that establishes a security baseline for internet-connected consumer products and provides a basis for future IoT certification schemes. Source: ETSI releases world-leading Consumer IoT Security standard
TCG software stack boosts IoT security. Security for millions of devices worldwide has been enhanced as the Trusted Computing Group (TCG) releases its latest specification for the Trusted Platform Module 2.0 technology: the Feature Application Programming Interface (Fapi) standard. Source: IoT Architects Guide: Published on page 28 of the IoT 2020 Design Guide
US CYBERCOM Warning on Palo Alto Technologies OS Vulnerability; Patch Now! On June 29, US Cyber Command issued a cybersecurity alert regarding a critical flaw affecting Palo Alto Networks PAN-OS, the operating system that runs on the company’s firewalls and VPN appliances. The alert urges users to “patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use.” US Cyber Command expects that foreign adversaries will likely begin to exploit the vulnerability soon.
Read more in:
Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use. Foreign APTs will likely attempt exploit soon. We appreciate @PaloAltoNtwks’ proactive response to this vulnerability.
— USCYBERCOM Cybersecurity Alert (@CNMF_CyberAlert) June 29, 2020
NSA Issues Guidance on Securing IPsec VPNs. The US National Security Agency (NSA) has released guidance to help organizations secure their IPsec virtual private networks (VPNs). Many organizations are using these to allow their employees to work from home. The BNSA has also released a document with information about configuring IPsec VPNs.
Read more in:
New macOS Ransomware ThiefQuest Found on Torrent Sites. Researchers at Malwarebytes have detected new ransomware that targets devices running macOS. Dubbed ThiefQuest, the ransomware also has spyware capabilities: it can exfiltrate files, search for cryptocurrency wallets and passwords, and log keystrokes. ThiefQuest has been detected bundled with other software on torrent sites.
Read more in:
#macOS #ransomware impersonating as Google Software Update program with zero detection.
MD5:
522962021E383C44AFBD0BC788CF6DA3 6D1A07F57DA74F474B050228C6422790 98638D7CD7FE750B6EAB5B46FF102ABD@philofishal @patrickwardle @thomasareed pic.twitter.com/r5tkmfzmFT— Dinesh_Devadoss (@dineshdina04) June 29, 2020
Managed Service Provider Xchanging Hit by Ransomware. In an 8-K form filed with the US Securities and Exchange Commission (SEC), DXC technologies disclosed that systems at one of its subsidiaries were hit with a ransomware attack. The company, Xchanging, is a managed service provider that focuses primarily on the insurance industry but has customers in other sectors as well. According to the filing, “DXC is actively working with affected customers to restore access to their operating environment as quickly as possible.”
Read more in:
Barclays Website Was Calling Javascript File from Internet Archive. The Barclays Bank website appears to have been calling a Javascript file from the Internet Archive’s Wayback Machine. This meant that if the Internet archive went down, the Barclays website would be down as well. Barclays has fixed the issue.
Read more in: Barclays Bank appeared to be using the Wayback Machine as a ‘CDN’ for some Javascript
F5 Releases Patches for Flaws in BIG-IP Networking Devices; POC Exploit Code Released. F5 has released fixes to address a critical flaw in its BIG-IP networking equipment that could be exploited to take complete control of vulnerable devices. US Cyber Command tweeted last week that patching this vulnerability is urgent. On Sunday, July 5, CISA Director Christopher Krebs tweeted. “If you didn’t patch by this morning, assume compromised.” Proof-of-concept exploit code for the critical vulnerability, which has been given a CVSS score of 10, has been released. Hackers have begun exploiting the vulnerability. F5 has also released fixes for a high-severity cross-site scripting vulnerability in the BIG-IP Configuration utility.
Read more in:
European Authorities Infiltrated Encrypted Communication Platform Used by Criminals. Law enforcement authorities in Europe countries were able to infiltrate EncroChat, an encrypted communication platform frequented by criminals. Hundreds of people have been arrested; large quantities of luxury items and illegal drugs and nearly EUR 20 million in cash have been seized.
Read more in:
Cisco Fixes XSS Flaw in Small Business VPN Router Firmware. Cisco has released fixes for a cross-site scripting vulnerability that affects two of its small business VPN routers. The flaw is the result of “insufficient validation of user-supplied input by the web-based management interface of the affected software.” The issue affects Cisco Small Business RV042 and RV042G Routers running firmware releases older than 4.2.3.14.
Read more in:
Cisco Releases Firmware Updates for Vulnerability in Small Business Switches. Cisco has released a security update to fix a high-severity flaw in its Small Business Smart and Managed Switches. The vulnerability, which “is due to the use of weak entropy generation for session identifier values,” could be exploited to gain administrator privileges. The issue is fixed in version 2.5.5.47 of the firmware release for affected products that ae still supported.
Read more in:
Apple’s Decision Forces Shortening of Digital Certificate Lifespans. Starting September 1, 2020, Apple software, Chrome, and Firefox will identify new TLS certificates that are valid for more than 398 days as invalid. The changes arises from a unilateral decision Apple made earlier this year, bypassing the expected practice of bringing issues like this one to the CA/B Forum, “a voluntary group of certification authorities (CAs), vendors of Internet browser software, and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS and code signing.” The intent of reducing certificates’ lifespans is to force websites and apps to issue new certificates every year. This will introduce more certificates that use the newest cryptographic standards.
Read more in:
Microsoft Releases Two Out-of-Cycle Patches for Windows. On June 30, Microsoft released two unscheduled patches to address remote code execution vulnerabilities in the Windows Codecs Library. Microsoft took the unusual step of delivering the fixes through the Microsoft Store rather than through Windows Update. The advisories for the vulnerabilities say, “Affected customers will be automatically updated by Microsoft Store. Customers do not need to take any action to receive the update.”
Read more in:
Home Router Study Finds “Alarming” Security Issues. A study of 127 home routers from seven manufacturers found numerous security issues. The Fraunhofer Institute for Communication (FKIE) in Germany looked at each router’s most current firmware, focusing on five security aspects: when the firmware was last updated; which operating systems are used and how many known flaws they have; what exploit mitigation techniques the vendors use; whether the firmware images contain private cryptographic key material; and whether there are any hard-coded login credentials. Among the report’s findings: 46 of the routers had not had a security update in the past year; some vendors ship firmware updates that contain known vulnerabilities, and just one of the seven vendors did not publish private cryptographic keys in its firmware.
Read more in:
Top Three Network Intrusion Signatures Used Against Federal Agencies in May 2020. The top three network intrusion signatures detected by the US Department of Homeland Security’s (DHS’s) EINSTEIN intrusion detection system during May 2020 are the NetSupport Manager Remote Access Tool (RAT) – legitimate software that is also being used in phishing campaigns; the Kovter fileless Trojan; and the XMRig cryptocurrency miner. EINSTEIN gathers and analyzes traffic flowing into and out of federal civilian organizations systems and networks.
Read more in:
California’s Top Medical Research University Pays Ransomware Actors. The University of California, San Francisco (USCF) has paid a ransomware demand of more than $1.4m. A “limited number of servers” at the public health research facility were encrypted by Netwalker ransomware. UCSF disclosed the incident on June 3. BBC News was able to observe a live chat on the dark web involving UCSF ransom negotiations.
Read more in:
Hackers are Wiping Old Lenovo/Iomega NAS Devices and Demanding Ransom. Hackers have been breaking into old LenovoEMC/Iomega network-attached storage (NAS) devices, wiping them, and demanding between $200 and $275 in ransom for the return of the data. The attacks targeted NAS devices that exposed their management interface on the Internet with no password protection. Similar attacks were reported a year ago. The LenovoEMC and Iomega NAS lines were discontinued in 2018.
Read more in: A hacker gang is wiping Lenovo NAS devices and asking for ransoms
Magecart Card Skimming Malware Found on Government Websites in Eight US Cities. Researchers at Trend Micro found that local government websites in eight US cities were infected with Magecart card skimming malware. The common factor appears to be that all the affected sites were using the Click2Gov municipal payment software. The attacks began on April 10 and appear to still be active. This is not the first time that Click2Gov has been the target of attacks.
Read more in:
British Tech Companies Urge Reworking Computer Misuse Act. A group of British technology organizations and individuals have signed a letter to Prime Minister Boris Johnson, urging him to act to reform the Computer Misuse Act (CMA). The law was created 30 years ago, when less than one percent of the UK’s population used the Internet and “the concept of cyber security and threat intelligence research did not exist.” The letter also notes that “the CMA inadvertently criminalises a large proportion of modern cyber defence practices.”
Read more in:
Michigan House of Representatives Passes Bill Prohibiting Employers From Requiring Implanted Microchips for Workers. The Michigan State House of Representatives has passed a bill that would prohibit employers from requiring workers to have RFID chips implanted. The measure is proactive; there have not been instances in which employers have actually imposed this requirement. A Wisconsin company has used implantable ID chips for their employees on a voluntary basis. The Microchip Protection Act now heads to the Michigan State Senate for consideration.
Read more in:
Magento 1.x EOL is June 30; Merchants Urged to Upgrade. Magento 1.x will no longer be supported after June 30, 2020. Payment processors are urging merchants to update; Visa informed merchants that failing to update to Magento 2.x will eventually cost them PCI DSS (Payment Card Industry Data Security Standard) compliance. Adobe’s Security Bulletin for Magento updates last week included a reminder: “Support for Magento Commerce 1.14 and Magento Open Source 1 is ending in June 2020. This will be the final security patches available for these editions.”
Read more in:
Tax Software Required by Chinese Bank Installs Backdoor on Companies’ Systems. At least two western companies opening offices in China were forced to install tax software on their systems; the software has been found to download and install a backdoor. The companies said that a bank in China “required that they install a software package called Intelligent Tax produced by the Golden Tax Department of Aisino Corporation, for paying local taxes.” The backdoor, which has been named GoldenSpy, operates with SYSTEM-level privileges.
Read more in:
Cardplanet Operator Aleksei Burkov Sentenced to Nine Years in Prison. Aleksei Burkov has been sentenced to nine years in prison for his role in operating the Cardplanet carding website, which sold payment card information that was used to make millions of dollars in fraudulent transactions. Burkov was arrested in Israel in December 2015; he was extradited to the US in 2019. Earlier this year, he pleaded guilty to access device fraud, conspiracy to commit access device fraud, identity theft, computer intrusions, wire fraud, and money laundering.
Read more in:
Medvedev Guilty Plea. Sergey Medvedev has pleaded guilty to RICO conspiracy for his role in “an Internet-based cybercriminal enterprise” known as Infraud. The group’s activity resulted in more than $586m in losses. US authorities have indicted 36 people in connection with Infraud.
Read more in:
Cyber Flag 20-2 Participants Used New Remote Cyber Training Tool. US Cyber Command’s Cyber Flag 20-2 training exercise took place earlier this month. More than 500 people participated; there were 17 teams from five countries. For the first time, participants had access to a new remote access training tool. The Persistent Cyber Training Environment (PCTE) “is an online client that allows Cyber Command’s cyber warriors, as well as partner nations, to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal.” The Cyber Flag exercise is run by US Cyber Command.
Read more in: This training tool could be the answer to stop mass cyberattacks
Palo Alto Networks Fixes Critical Flaw in Firewall Operating System. Palo Alto Networks has released fixes for a critical authentication bypass vulnerability that affects PAN-OS, the operating system used in many its firewalls. According to the Palo Alto Advisory, “Security Assertion Markup Language (SAML) authentication is enabled and the ‘Validate Identity Provider Certificate’ option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources.” If SAML authentication is not enabled, the flaw cannot be exploited. The affected versions of the operating system are PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). PAN-OS 7.1 is not affected.
Read more in:
We are living in the most exciting times when everything you need can be found within several clicks and accessed in a matter of seconds. Unfortunately, your identity can be as well found on the deeper layers of the Internet without your knowledge. While we might ask ourselves, for instance, how good is Kaspersky protection, we must ask how AV-solution can help us to protect our identity from stealth? What exactly AV-solutions deal with these types of threats or malware is somehow associated with identity and data breaches? Let’s see together how AV-solution can save you a bit of time, and in what cases, you should be alerted that your identity was compromised.
In the past 40 years, 500 million logical applications have been created. The IDC predicts that 500 million more will be built from just 2018 to 2023. This is all to say that applications are growing at lightning speed, and businesses need to strategize application architecture now – or yesterday – to keep up.
Check out 6 ways that application requirements drive your infrastructure designs in this article.
Continue reading “How Application Requirements Drive Infrastructure Design Decisions”
Most organizations use varied IT stacks within their business. You may have a Linux server farm and use a Microsoft Active Directory cluster to provide identity services. Or you may maintain a cross-platform environment that builds software for multiple targets. As environments become more and more complex, manually managing each of the different components can be tedious and error-prone.
You can now manage Linux systems like Linux and Windows systems using the same automation tools with the Red Hat Ansible Automation Platform. This article reviews 10 functions you can automate Windows systems using the Red Hat Ansible Automation Platform within the organization.
Continue reading “10 ways to automate Windows admin tasks using Red Hat Ansible Automation Platform”