ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Miscellaneous Tech News

    Scheduled Pinned Locked Moved News
    7.4k Posts 83 Posters 3.8m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dafyreD
      dafyre @dbeato
      last edited by

      @dbeato said in Miscellaneous Tech News:

      @dafyre But they have said it doesn't fix it 😞
      https://arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/

      I guess we'll be doing this again next week then...again. lol.

      travisdh1T 1 Reply Last reply Reply Quote 1
      • travisdh1T
        travisdh1 @dafyre
        last edited by

        @dafyre said in Miscellaneous Tech News:

        @dbeato said in Miscellaneous Tech News:

        @dafyre But they have said it doesn't fix it 😞
        https://arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/

        I guess we'll be doing this again next week then...again. lol.

        That's what I told the boss this morning!

        1 Reply Last reply Reply Quote 0
        • mlnewsM
          mlnews
          last edited by

          Microsoft discovers critical SolarWinds zero-day under active attack

          Flaws allow attackers to run malicious code on machines hosting Serv-U products.
          SolarWinds, the company at the center of a supply chain attack that compromised nine US agencies and 100 private companies, is scrambling to contain a new security threat: a critical zero-day vulnerability in its Serv-U product line. Microsoft discovered the exploits and privately reported them to SolarWinds, the latter company said in an advisory published on Friday. SolarWinds said the attacks are entirely unrelated to the supply chain attack discovered in December.

          dbeatoD scottalanmillerS 2 Replies Last reply Reply Quote 0
          • dbeatoD
            dbeato @mlnews
            last edited by

            @mlnews Yeah, not the first from Serv-U won't be the last lol

            https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/
            That was back in February 3rd, 2021.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @mlnews
              last edited by

              @mlnews said in Miscellaneous Tech News:

              Microsoft discovers critical SolarWinds zero-day under active attack

              Flaws allow attackers to run malicious code on machines hosting Serv-U products.
              SolarWinds, the company at the center of a supply chain attack that compromised nine US agencies and 100 private companies, is scrambling to contain a new security threat: a critical zero-day vulnerability in its Serv-U product line. Microsoft discovered the exploits and privately reported them to SolarWinds, the latter company said in an advisory published on Friday. SolarWinds said the attacks are entirely unrelated to the supply chain attack discovered in December.

              What idiot still has SolarWinds deployed? Anyone breached now was asking for it.

              1 Reply Last reply Reply Quote 0
              • mlnewsM
                mlnews
                last edited by

                Microsoft announces Windows 365, a subscription cloud PC

                Microsoft has announced a new "cloud PC" product where users can stream a Windows device from anywhere.
                Windows 365 will work similarly to game streaming - where the computing is done in a data centre somewhere remotely and streamed to a device. That means all sorts of devices - including tablets or Apple Macs - can stream a full Windows desktop PC. It is being sold to businesses to begin with, as many firms move to a mix of office and remote working. Microsoft is marketing the new way of using a PC as "hybrid Windows for a hybrid world". The company says that every user's apps and settings will boot instantly from any device - allowing personalised Windows PCs to be accessed from anywhere.

                DashrenderD 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @mlnews
                  last edited by

                  SonicWall releases urgent notice about 'imminent' ransomware targeting firmware

                  Networking device maker SonicWall sent out an urgent notice to its customers about "an imminent ransomware campaign using stolen credentials" that is targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware.

                  In addition to the notice posted to its website, SonicWall sent an email to anyone using SMA and SRA devices, urging some to disconnect their devices immediately. They worked with Mandiant and other security companies on the issue, according to the release.

                  1 Reply Last reply Reply Quote 0
                  • mlnewsM
                    mlnews
                    last edited by

                    Clippy returns - as an emoji

                    Microsoft's much-maligned mascot Clippy is coming back from the dead - but only as an emoji.
                    Clippy the paperclip was a simplistic virtual assistant who offered tips and advice to Microsoft Office users, from 1997 and until the mid-2000s. Its constant pop-ups to suggest "help" with the simplest of tasks - such as writing a letter - annoyed many. But Microsoft says it is now bringing back the design, for its modern Office products. Clippy would replace the existing paperclip emoji in its Microsoft 365 products, including its cloud services and the modern, online version of Microsoft Office, the technology giant tweeted, but only it that tweet received 20,000 "likes" - and within hours, it had surpassed 100,000.

                    EddieJenningsE 1 Reply Last reply Reply Quote 0
                    • EddieJenningsE
                      EddieJennings @mlnews
                      last edited by

                      @mlnews said in Miscellaneous Tech News:

                      Clippy returns - as an emoji

                      Microsoft's much-maligned mascot Clippy is coming back from the dead - but only as an emoji.
                      Clippy the paperclip was a simplistic virtual assistant who offered tips and advice to Microsoft Office users, from 1997 and until the mid-2000s. Its constant pop-ups to suggest "help" with the simplest of tasks - such as writing a letter - annoyed many. But Microsoft says it is now bringing back the design, for its modern Office products. Clippy would replace the existing paperclip emoji in its Microsoft 365 products, including its cloud services and the modern, online version of Microsoft Office, the technology giant tweeted, but only it that tweet received 20,000 "likes" - and within hours, it had surpassed 100,000.

                      Links the Cat > Clippy

                      1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller
                        last edited by

                        https://securityaffairs.co/wordpress/120158/cyber-crime/hellokitty-ransomware-linux-variant.html

                        DashrenderD 1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender @scottalanmiller
                          last edited by

                          @scottalanmiller said in Miscellaneous Tech News:

                          https://securityaffairs.co/wordpress/120158/cyber-crime/hellokitty-ransomware-linux-variant.html

                          I'm assuming they must have harvested credentials to use the esxicli in the first place, I assume this because there's no mention of how they gain access to that service in the article.

                          1 Reply Last reply Reply Quote 0
                          • mlnewsM
                            mlnews
                            last edited by

                            Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                            The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                            Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                            CloudKnightC 1 Reply Last reply Reply Quote 0
                            • mlnewsM
                              mlnews
                              last edited by

                              Apple Watch lead Kevin Lynch shifts focus to car development

                              Evan Doll will take over some responsibilities leading health product strategy.
                              Another executive shuffle is underway at Apple, according to Insider. Kevin Lynch, a key Apple VP overseeing health and the Apple Watch, is moving into a new role working on Project Titan, Apple's car project. Lynch has been one of the most visible Apple leaders at WWDC and the company's various product unveiling events. He is one of the faces of Apple's health initiatives and the Apple Watch. The report doesn't go into much detail about what Lynch will be doing on the car project. Recently, Apple's automotive product development has been led by the company's AI chief, John Giannandrea.

                              1 Reply Last reply Reply Quote 0
                              • CloudKnightC
                                CloudKnight @mlnews
                                last edited by

                                @mlnews said in Miscellaneous Tech News:

                                Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                scottalanmillerS 1 Reply Last reply Reply Quote 1
                                • scottalanmillerS
                                  scottalanmiller @CloudKnight
                                  last edited by

                                  @stuartjordan said in Miscellaneous Tech News:

                                  @mlnews said in Miscellaneous Tech News:

                                  Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                  The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                  Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                  What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                  What is going on with companies that would intentionally continue to deploy this crap in a "business"?

                                  ObsolesceO 1 Reply Last reply Reply Quote 1
                                  • ObsolesceO
                                    Obsolesce @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Miscellaneous Tech News:

                                    @stuartjordan said in Miscellaneous Tech News:

                                    @mlnews said in Miscellaneous Tech News:

                                    Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                    The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                    Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                    What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                    What is going on with companies that would intentionally continue to deploy this crap in a "business"?

                                    Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...

                                    https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

                                    CloudKnightC 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      https://www.engadget.com/cyber-ark-microsoft-windows-hello-trick-173547832.html

                                      1 Reply Last reply Reply Quote 0
                                      • CloudKnightC
                                        CloudKnight @Obsolesce
                                        last edited by CloudKnight

                                        @obsolesce said in Miscellaneous Tech News:

                                        @scottalanmiller said in Miscellaneous Tech News:

                                        @stuartjordan said in Miscellaneous Tech News:

                                        @mlnews said in Miscellaneous Tech News:

                                        Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                        The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                        Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                        What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                        What is going on with companies that would intentionally continue to deploy this crap in a "business"?

                                        Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...

                                        https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

                                        Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.

                                        At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.

                                        ObsolesceO 1 Reply Last reply Reply Quote 1
                                        • ObsolesceO
                                          Obsolesce @CloudKnight
                                          last edited by Obsolesce

                                          @stuartjordan said in Miscellaneous Tech News:

                                          @obsolesce said in Miscellaneous Tech News:

                                          @scottalanmiller said in Miscellaneous Tech News:

                                          @stuartjordan said in Miscellaneous Tech News:

                                          @mlnews said in Miscellaneous Tech News:

                                          Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                          The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                          Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                          What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                          What is going on with companies that would intentionally continue to deploy this crap in a "business"?

                                          Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...

                                          https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

                                          Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.

                                          At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.

                                          We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.

                                          CloudKnightC 1 Reply Last reply Reply Quote 0
                                          • CloudKnightC
                                            CloudKnight @Obsolesce
                                            last edited by

                                            @obsolesce said in Miscellaneous Tech News:

                                            @stuartjordan said in Miscellaneous Tech News:

                                            @obsolesce said in Miscellaneous Tech News:

                                            @scottalanmiller said in Miscellaneous Tech News:

                                            @stuartjordan said in Miscellaneous Tech News:

                                            @mlnews said in Miscellaneous Tech News:

                                            Disable the Windows print spooler to prevent hacks, Microsoft tells customers

                                            The third serious Windows print flaw in 5 weeks prompts new Microsoft warning.
                                            Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

                                            What an earth is going on at Microsoft. Too busy with UI changes to get the basics sorted/working

                                            What is going on with companies that would intentionally continue to deploy this crap in a "business"?

                                            Yeah really. Especially crap with 7 year old privilege escalation vulnerabilities that was totally open for anyone to find at any time...

                                            https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

                                            Yeah fair enough, not great for privilege escalation. Someone will need access to the system shell already. No different then renaming the accessibility app in windows then launching a system shell user to be able to create a administrator account.

                                            At least ssh with keys provides is a lot more secure management then leaving port 3389 open for example with the amount of exploits for RDP. Or linux hasn't had all these printer issues with these current windows updates being pushed out. Linux is far from perfect but I would trust it tenfold then windows.

                                            We'll then it's a good thing Win10 has SSH by default now, and you have a choice whether or not you want 8839 open. Not sure why you need either of them when managing Windows desktops, but whatever floats your boat.

                                            Yep they love Linux that much now, that that want to use linux in a windows subsystem. If Linux was that insecure as you was making out why the hell is most of azure based on it now. Even Microsoft love it because it's durable and reliable, plus they got the help of the whole linux comminity helping them with the kernel.

                                            ObsolesceO 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 5
                                            • 6
                                            • 7
                                            • 8
                                            • 9
                                            • 372
                                            • 373
                                            • 7 / 373
                                            • First post
                                              Last post