Miscellaneous Tech News
-
SonicWall releases urgent notice about 'imminent' ransomware targeting firmware
Networking device maker SonicWall sent out an urgent notice to its customers about "an imminent ransomware campaign using stolen credentials" that is targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware.
In addition to the notice posted to its website, SonicWall sent an email to anyone using SMA and SRA devices, urging some to disconnect their devices immediately. They worked with Mandiant and other security companies on the issue, according to the release.
-
Clippy returns - as an emoji
Microsoft's much-maligned mascot Clippy is coming back from the dead - but only as an emoji.
Clippy the paperclip was a simplistic virtual assistant who offered tips and advice to Microsoft Office users, from 1997 and until the mid-2000s. Its constant pop-ups to suggest "help" with the simplest of tasks - such as writing a letter - annoyed many. But Microsoft says it is now bringing back the design, for its modern Office products. Clippy would replace the existing paperclip emoji in its Microsoft 365 products, including its cloud services and the modern, online version of Microsoft Office, the technology giant tweeted, but only it that tweet received 20,000 "likes" - and within hours, it had surpassed 100,000. -
@mlnews said in Miscellaneous Tech News:
Clippy returns - as an emoji
Microsoft's much-maligned mascot Clippy is coming back from the dead - but only as an emoji.
Clippy the paperclip was a simplistic virtual assistant who offered tips and advice to Microsoft Office users, from 1997 and until the mid-2000s. Its constant pop-ups to suggest "help" with the simplest of tasks - such as writing a letter - annoyed many. But Microsoft says it is now bringing back the design, for its modern Office products. Clippy would replace the existing paperclip emoji in its Microsoft 365 products, including its cloud services and the modern, online version of Microsoft Office, the technology giant tweeted, but only it that tweet received 20,000 "likes" - and within hours, it had surpassed 100,000.Links the Cat > Clippy
-
-
@scottalanmiller said in Miscellaneous Tech News:
https://securityaffairs.co/wordpress/120158/cyber-crime/hellokitty-ransomware-linux-variant.html
I'm assuming they must have harvested credentials to use the esxicli in the first place, I assume this because there's no mention of how they gain access to that service in the article.
-
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations. -
Apple Watch lead Kevin Lynch shifts focus to car development
Evan Doll will take over some responsibilities leading health product strategy.
Another executive shuffle is underway at Apple, according to Insider. Kevin Lynch, a key Apple VP overseeing health and the Apple Watch, is moving into a new role working on Project Titan, Apple's car project. Lynch has been one of the most visible Apple leaders at WWDC and the company's various product unveiling events. He is one of the faces of Apple's health initiatives and the Apple Watch. The report doesn't go into much detail about what Lynch will be doing on the car project. Recently, Apple's automotive product development has been led by the company's AI chief, John Giannandrea. -
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
-
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
-
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
-
-
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
-
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.
-
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.
Yep they love Linux that much now, that that want to use linux in a windows subsystem. If Linux was that insecure as you was making out why the hell is most of azure based on it now. Even Microsoft love it because it's durable and reliable, plus they got the help of the whole linux comminity helping them with the kernel.
-
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.
Yep they love Linux that much now, that that want to use linux in a windows subsystem. If Linux was that insecure as you was making out why the hell is most of azure based on it now. Even Microsoft love it because it's durable and reliable, plus they got the help of the whole linux comminity helping them with the kernel.
I never said I wasn't a Linux fan myself. My point was that neither OS is perfect and you'll easily find anecdotal evidence for absolutely any point anyone wishes to make.
-
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.
Yep they love Linux that much now, that that want to use linux in a windows subsystem. If Linux was that insecure as you was making out why the hell is most of azure based on it now. Even Microsoft love it because it's durable and reliable, plus they got the help of the whole linux comminity helping them with the kernel.
I never said I wasn't a Linux fan myself. My point was that neither OS is perfect and you'll easily find anecdotal evidence for absolutely any point anyone wishes to make.
Fair Enough, It just come across you was anti linux with your post. I could of read it wrong. Both have exploits but I'm saying id rather put my trust in linux because windows has a larger user base and is targeted more with exploits and malware. Windows is becoming a big pile of bloat for no reason as well. They got things right with windows 7 finally but this windows as a service has been one big fuck up and that's because Microsoft wasn't used to that update model.
-
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@stuartjordan said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Disable the Windows print spooler to prevent hacks, Microsoft tells customers
The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working
What is going on with companies that would intentionally continue to deploy this crap in a "business"?
Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.
At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.
We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.
Yep they love Linux that much now, that that want to use linux in a windows subsystem. If Linux was that insecure as you was making out why the hell is most of azure based on it now. Even Microsoft love it because it's durable and reliable, plus they got the help of the whole linux comminity helping them with the kernel.
I never said I wasn't a Linux fan myself. My point was that neither OS is perfect and you'll easily find anecdotal evidence for absolutely any point anyone wishes to make.
Fair Enough, It just come across you was anti linux with your post. I could of read it wrong. Both have exploits but I'm saying id rather put my trust in linux because windows has a larger user base and is targeted more with exploits and malware. Windows is becoming a big pile of bloat for no reason as well. They got things right with windows 7 finally but this windows as a service has been one big fuck up and that's because Microsoft wasn't used to that update model.
Man Windows 7 was horrible. It's never been easier to do deploy Windows and manage updates than it is currently. Your service desk doesn't even need to touch new devices anymore before giving them to an end user. It's ridiculously easy now, straight from the distributer to the end user, up and running within 10-15 minutes of unboxing. And that's with it being fully on boarded with the company, required apps, compliance, etc. I absolutely could not imagine going back to Win7 times. No more imaging or maintaining images or that Wsus bullshit. What a crazy time sink.
-
Pegasus: Spyware sold to governments 'targets activists'
Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm, media reports say.
They are on a list of some 50,000 phone numbers of people believed to be of interest to clients of the company, NSO Group, leaked to major news outlets. It was not clear where the list came from - or how many phones had actually been hacked. NSO denies any wrongdoing. It says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records. It said the original investigation which led to the reports, by Paris-based NGO Forbidden Stories and the human rights group Amnesty International, was "full of wrong assumptions and uncorroborated theories". -
@mlnews said in Miscellaneous Tech News:
Pegasus: Spyware sold to governments 'targets activists'
Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm, media reports say.
They are on a list of some 50,000 phone numbers of people believed to be of interest to clients of the company, NSO Group, leaked to major news outlets. It was not clear where the list came from - or how many phones had actually been hacked. NSO denies any wrongdoing. It says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records. It said the original investigation which led to the reports, by Paris-based NGO Forbidden Stories and the human rights group Amnesty International, was "full of wrong assumptions and uncorroborated theories".I thought this was pretty much known fact about nearly any spying software?
-
@dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Pegasus: Spyware sold to governments 'targets activists'
Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm, media reports say.
They are on a list of some 50,000 phone numbers of people believed to be of interest to clients of the company, NSO Group, leaked to major news outlets. It was not clear where the list came from - or how many phones had actually been hacked. NSO denies any wrongdoing. It says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records. It said the original investigation which led to the reports, by Paris-based NGO Forbidden Stories and the human rights group Amnesty International, was "full of wrong assumptions and uncorroborated theories".I thought this was pretty much known fact about nearly any spying software?
Right? What else would it be for? Targeting housewives to see if Dawn truly is the best at cutting stuck on grease?
