Windows2003 security updates end Jul2015

US-CERT (Computer Emergeny Readyness Team)  reminds us that Support is ending soon(July 14, 2015). Microsoft says there are 24 million instances still running 2003 server. It is time to upgrade, for those of you still running Windows Server 2003, or at least put in a plan to replace the system with a 2012 machine by … Read more

Website Phish hijacks email accounts

Garwarner Blog post reveals some details of  various posts on the Internet that discuss the paper written by Google and other University of San Diego residents Here is the Abstract: “Online accounts are inherently valuable resources—both for the data they contain and the reputation they accrue over time. Unsurprisingly, this value drives criminals to steal, … Read more

Patch Tuesday Report November 2014

Patch Tuesday has passed, but the ramifications have not.  All over sysadmins are deciding what patches to apply and when.   Here is the report of what is happening: https://support.microsoft.com/kb/2992611    MS14-066 Schannel vulnerability is a bad remote code execution bug (must be patched) Internet Storm Center recommends this is a patch now kind of … Read more

Before patching IE11 install EMET5.1

Microsoft Security research and Defense Blog has the scoop:  Also Internet Storm center Post “If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the … Read more

Cyberattack Lessons for Companies and People

I am going to list various events and their lessons that we “should” learn from(my weekend reading): Home Depot hack from KrebsonSecurity Nov7 post: 56 million emails were harvested as well as the 53 million credit card numbers. “Home Depot said the crooks initially broke in using credentials stolen from a third-party vendor. The company … Read more