efs-network-management-security-update-08l

Linux’s 25th Birthday!

August 25, 2016 Linux turns 25 years old. Linus Torvalds asked the community to help him with a free operating system he was developing as a hobby. It has become one of the most widely used operating systems in the world in everything from smartphones, routers, servers and desktops.

We at EFS Network Management wish Linux a very Happy Birthday!

cake-308576_1280

efs-network-management-security-update-08k

Security Now 573: Memory & Micro Kernels

Steve Gibson of GRC discusses the latest in security issues. He talking about the Microsoft “Golden Key”, AdBlock, unblock, counter-unblock and counter-counter-unblock. Leo talks about Avast A/V. Steve talks about a mistake with the Internet IP Protocol, a change to Microsoft Windows Update Policies, a cool way for developers to decrypt and inspect local TLS traffic, trouble with the Windows Identity leak mitigation, micro kernels and Intel’s memory breakthrough.

Details of this episode with links and more information are found in the Security Now #573 show notes. A transcript and audio versions of the show are also available.

Steve talks about how there has been a lot of misreported hack of Microsoft’s golden key. The hack was about the Microsoft Secure Boot and how it affects older Microsoft Operating systems. Facebook is trying to bypass Adblock. Adblock has defeated Facebook’s bypass.

Steve reviews the Linux TCP side channel attack that is part of RFC 5691 from a third-party which could allow hijacking of traffic and data injection.

Microsoft simplifies Windows Update by rolling all updates into large updates. However it will no longer allow individual selection of individual updates. It is and all or nothing approach. Microsoft will now support Skylake for all security updates, which previously were not.

Wireshark will not allow the ability to decrypt TSL traffic.

EFS Network Management encourages administrators and users to check the latest video podcast of Security Now.

If you need tech support with a security issue please open a EFS Network Management Support Request and we will take a look at the issue or you can contact us for help.

efs-network-management-security-update-08i

Security Now 572: Defcon & Blackhat, Part 1

Steve Gibson of GRC discusses the latest in security issues with Windows 10 AU (Anniversary Update), Apple’s Bug Bounty policy change, new Android takeover flaws, another way of tracking web visitors, hackers spoof Tesla auto sensors, Firefox, LastPass, and issues HTTP.

Details of this episode with links and more information are found in the Security Now #572 show notes. A transcript and audio versions of the show are also available.

There are known issues with the Windows Anniversary Update with McAfee and Avast antivirus software. Edge browser is hanging on websites that have lots of ads. There are reports of damages to Dual boot partitions. The update also comes with a new bundle of crapware such as Solitaire, Candy Crush Soda Saga, Pandora, Asphalt 8, Age of Empires Castle Siege, FarmVille 2, and Minecraft.

Windows 10 AU re-enables all privacy related features if previously disabled by users. Group Policy editor and certain policies were removed from Window 10 Pro AU and the corresponding registry keys no longer work either. So Pro users have no ability to make Group Policy changes. Examples of changes are users are no longer able to disable, crapware installs from third parties, cannot disable Cloud Content features, turn off Windows Tips, no longer customize logon screen, or disable the Windows Store.

Apple will begin offering cash bounties of up to $200,000 to researchers who discover vulnerabilities in its products.

There is lots of security news from Defcon and Black.

There are four newly disclosed ‘Quadrooter’ flaws affect over 900 million Android phones.

EFS Network Management encourages administrators and users to check the latest video podcast of Security Now.

If you need tech support with a security issue please open a EFS Network Management Support Request and we will take a look at the issue or you can contact us for help.

Security Now 571: Phishing & Filtering

Security Now 571: Phishing & Filtering

Steve Gibson of GRC discusses the latest in security issues with LastPass vulnerabilities, new wireless keyboard headaches, deprecating SMS as a second authentication factor, obtaining Windows 10 for free after July, the pervasive problem with website spoofing, and the power and application of multi-interface packet filtering.

Details of this episode with links and additional information can be found in the Security Now # 571 show notes. A transcript and audio versions of the show are also available.

We are on the eve of DEF CON 24, Aug 4-7, 2016, which is a black hat, white hat and grey hat hacker convention in Las Vegas. It has been traditional that during the conference and after a conference a number of new exploits are revealed. It is important that users and administrators update their systems to the current known security patches to mitigate issues that may come from new exploits.

EFS Network Management encourages administrators and users to check the latest video podcast of Security Now.

If you need tech support with a security issue please open a EFS Network Management Support Request and we will take a look at the issue or you can contact us for help.

EFS Network Management Bi-Weekly Antivirus Review

Bi-Weekly Antivirus Review

EFS Network Management encourages users and administrators to check your antivirus software for desktops and servers.

The antivirus software should be reviewed bi-weekly for known security issues and known stability issues. Your antivirus software should be checked to ensure that it is functioning correctly. We tend to get complacent and not think to check our antivirus software.

Sometimes the software may stop getting its daily updates for various reasons. The antivirus software might be expired and it needs to be renewed with the vendor. A firewall setting may have been enabled and now the firewall is blocking the updates. It could be the desktop firewall or the network firewall. A group policy might have been enabled that blocks the updates, by accident. Malware maybe blocking the updates. A new security update might have broken the antivirus updates software. The service could have been disabled during a troubleshooting session and never turned back on. The antivirus software might have been uninstalled to address an issue and the antivirus software never got re-installed. The antivirus software may no longer be compatible with the current version of software that your are running.

There are many more reasons why the antivirus software may not be working. So it is very important to check that it is working and that it is up to date.

  • Check the antivirus definition files and they should be within a few days of the current date.
  • Check the last time that the operating system had a full virus scan.
  • Check the antivirus history files and logs.
  • Check the antivirus quarantine and delete all files if they are not critical.
  • Check the antivirus expiration date, if the one being used is not a free version.
  • Check the antivirus exclusion paths and make sure that they are not excluding critical systems.
  • Check the antivirus software for services that may not be working, especially if you are running an antivirus/malware suite.
  • Search the web or Youtube on “How to’s” for your version of antivirus software” make sure the information is coming from a reputable source. This will empower you with working knowledge of your antivirus software.
  • If it has been a while since your last deep scan, update your antivirus software, boot into safe mode for Windows computers and run a full system scan.
  • If you suspect you have malware, then a bootable antivirus software may be needed in order to deal with the malware.
  • While checking for antivirus, check for the last good backup of the operating system and create recovery disks or jump drives if you do not have them.

If issues do arise from checking your antivirus or you need assistance please open a EFS Network Management Support Request and we will take a look at the issues or you can contact us for help.