Archive for January 9, 2020

VPN Vulnerability Actively Being Exploited In The Wild…. Yikes!

Posted in Commentary with tags , on January 9, 2020 by itnerd

If you have a Pulse Secure VPN, you should be aware of an urgent patch that needed to be applied back in April of last year. The vulnerability that this patch fixes is CVE-2019-11510 and can basically be abused to extract plain-text passwords, and other secrets, from networks without any authentication. Or put another way, it allows people without valid usernames and passwords to remotely connect to the corporate network the device is supposed to protect, turn off multi-factor authentication controls, remotely view logs and cached passwords in plain text. And that includes Active Directory account passwords.

In case you are wondering, that’s very, very bad.

Now let’s pretend for a second that you did not apply this patch last April. Or you didn’t know about it. Well you might be in deep trouble as there’s a group that is now actively exploiting this vulnerability to pwn networks with ransomware. The latest victim to get pwned so far is UK based Travelex according to this article:

Travelex, the foreign currency exchange and travel insurance company, appears to be the latest victim of the group. On New Year’s Eve, the company was hit by Sodinokibi ransomware, also known as REvil. The ransomware operators contacted the BBC and said they want Travelex to pay $6m (£4.6m). They also claimed to have had access to Travelex’s network for six months and to have extracted five gigabytes of customer data—including dates of birth, credit card information, and other personally identifiable information.

“In the case of payment, we will delete and will not use that [data]base and restore them the entire network,” the individual claiming to be part of the Sodinokibi operation told the BBC. “The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base.”

The group who are behind these attacks have seven victims so far, and that number is likely to grow. Bad Packets Report’s Troy Mursch ran a vulnerability scan finding that thousands of Pulse Secure VPN servers worldwide remain vulnerable. Which means that the pwnage has the potential to be epic. Thus if you’re using a Pulse Secure VPN, you should get to patching it now. As in right now. Seriously. Drop everything and do it now.

Windows 7 & Server 2008 End Of Support Comes On January 14….. What Happens Next?

Posted in Commentary with tags on January 9, 2020 by itnerd

Windows 7 is reaching end of support on January 14 2020. What that means is that there will be no technical support, software updates or security fixes from Microsoft. Meaning that if you have a problem and the OS is the issue, it won’t be fixed. New or improved features will not be added. And most importantly there will be no software updates which means that the security of your PC will immediately come into question. And you can copy and paste what I just said for Windows Server 2008 and 2008 R2 which also go out of support on the same day.

So what do you do?

Well, Microsoft would really like it if you upgrade to Windows 10. If you go that route, I recommend doing a fresh installation of your programs and apps on your new Windows 10 PC. I would not just try to upgrade on top of your existing Windows 7 system as you may run into issues.

Here’s the minimum specifications for Windows 10:

  • Processor: 1 gigahertz (GHz) or faster processor or SoC.
  • RAM: 1 gigabyte (GB) for 32-bit or 2 GB for 64-bit.
  • Hard disk space: 16 GB for 32-bit OS 20 GB for 64-bit OS.
  • Graphics card: DirectX 9 or later with WDDM 1.0 driver.
  • Display: 800 x 600 resolution

Top Tip: If your hardware is more than a couple of years old, you may be better off buying a new PC and installing up to date apps as well as moving your files over to said new PC.

Another option is to stay with Windows 7. But you leave yourself open to becoming a victim of malware as well as the fact that nobody is going to fix anything in that OS. I will say that nobody is forcing you to go to Windows 10. But if I were you, I would make the jump.

The last option is to move to another OS such as Linux or macOS. In the case of the former, there are a number of Linux distros that are specifically designed to run on older hardware. Such as hardware that once ran Windows  7.  These distros can give your hardware a new lease of life, allowing it to run better than ever. There’s also a ton of free apps that should allow you to replicate your setup. However there is a catch. Linux is quite different to Windows in a number of ways, and that can create a bit of a culture shock. If you do go from Windows 7 to Linux you’ll need to spend some time learning how to use the new operating system and how it works. In the case of macOS, Apple has the advantage of making the hardware and software, and there are versions of applications like Microsoft Office available. But you’ll have to pay up for them, on top of the fact that Apple hardware isn’t exactly cheap. And like Linux, there’s a bit of a culture shock in terms of moving to macOS. That’s something that could be smoothed over with some help from your local Apple Store. But the shock still exists.

Whichever way you go, there are only a few days left to decide what to do if you run Windows 7. Regardless of what you do, my advice is that you act on a course of action ASAP.