Help each other out of non-Webroot technical jams and discuss tech-related stuff in general.
- 4,786 Topics
- 12,193 Replies
Apple releases new version of macOS Catalina Supplemental Update
What Apple has changed is unclear, but it's available if you didn't grab the first.Samuel Axon - 10/21/2019Apple has released a new version of its macOS Catalina Supplemental Update. The first iteration of the update was made available to Macs running Catalina on October 15. Like last week's update, of which this is apparently a new version, this Supplemental Update promises to fix problems some users encountered when there was limited disk space available. It also fixes issues with saving Game Center data that users faced when playing Apple Arcade games offline, a Setup Assistant bug, and a problem that prevented users from being able to accept iCloud terms when logged into multiple iCloud accounts on the same machine.Full Article.
Russia successfully disconnected from the internet
December 23, 2019 By Catalin Cimpanu The Russian government announced on Monday that it concluded a series of tests during which it successfully disconnected the country from the worldwide internet. The tests were carried out over multiple days, starting last week, and involved Russian government agencies, local internet service providers, and local Russian internet companies. The goal was to test if the country's national internet infrastructure -- known inside Russia as RuNet -- could function without access to the global DNS system and the external internet. Full Article.
Weekly Threat News: 24 October, 2019News
Our favorite Sr. Threat Researcher, @FredFunk, is back with another round of Weekly Threat News. Google Will Now Let You Know If Your Password Has Been Hacked Google Chrome has a very popular password manager built into it. One recent feature addition lets you know if your password has been leaked. It does this by checking from lists of known password breaches maintained by Google and haveIBeenPwned. Users of Chrome can check here to get a password audit. Bitcoin CrimeFake Tor Browser Steals Bitcoin from Dark Web UsersThe Tor browser is what most people use to access the Darkweb. A fake update to the browser has been floating around online recently that maliciously alters the browser to steal cryptocurrency.Cryptocurrency Executives Charged with Running $11 Million Ponzi Scheme “Executives of a US company are being accused of raising at least $11 million through a cryptocurrency-based Ponzi scheme.These funds were taken from investors on the promise that their 'investment' would be t
Leaving Symantec? Don't give up. Level up!
Beta 4 of MacOS Catalina 10.15.2 Released for Testing
Beta 4 of MacOS Catalina 10.15.2 Released for Testing Dec 6, 2019 Apple has released the fourth beta version of MacOS Catalina 10.15.2 for Mac users involved in the beta testing programs. MacOS 10.15.2 Catalina presumably focuses on bug fixes and improvements to the latest Mac operating system, perhaps addressing some of the issues and problems with Catalina that have been reported by some users. There does not appear to be any major new changes or features introduced in MacOS Catalina 10.15.2 beta so far. Full Article
LastPass is in the midst of a major outage
January 20, 2020 By Catalin Cimpanu Password management service LastPass is currently going through a major outage as users are reporting being unable to log into their accounts and autofill passwords, with some users reporting issues going back for days. User reports about login issues have been flooding Twitter, but also the company's forum, Reddit, and DownDetector. Users are reporting receiving the following error when trying to log in: "An error has occurred while contacting the LastPass server. Please try again later." Both home and enterprise users are impacted. Full Article.
Semi-necropost - 64-bit Webroot
I googled ‘webroot 64-bit’ and found answers relating to the fact that the WSA drivers are native 64-bit but that the UI and management tools are 32-bit because the developers couldn’t think of a reason why they should make a 64-bit version.I’m necroposting to say there is a reason - 32-bit (WoW) support is an optional extra. When hardening a server, (especially something like a domain controller,) being able to remove 32-bit support would be a security win.Yes, I am aware that there are *other* dependencies on WoW, but that could be because they’re using the same excuse (well, antivirus products require 32-bit support -> so you can’t disable it easily -> so few people do → so I’m not coding it.)I’m old enough to remember the 16-to-32 bit era, and antivirus vendors were one of the last holdouts that made that jump take forever. Don’t be part of the chain holding us back from being able to run fully 64-bit native.Also, right now, disabling 32-bit support would also disable a lot o
Smart scale goes dumb as Under Armour pulls the plug on connected tech
A lesson here for all those who like IOT devices. Under Armour is making a pile of pricey devices into so many useless bricks. Kate Cox - 1/21/2020 Any smart device comes with its own set of benefits and trade-offs, but there's one huge shoe waiting to drop with every single one of them: anything you connect can be disconnected at the other end, and there's absolutely nothing you the consumer can do about it. Today's example of smart stuff going dumb comes courtesy of Under Armour, which is effectively rendering its fitness hardware line very expensive paperweights. The company quietly pulled its UA Record app from both Google Play and Apple's App Store on New Year's Eve. In an announcement dated sometime around January 8, Under Armour said that not only has the app been removed from all app stores, but the company is no longer providing customer support or bug fixes for the software, which will completely stop working as of March 31. Full Article.
Dark web Grey Market still down, users speculate possible Exit Scam
December 31, 2019 By Pierluigi Paganini Exit scam – Bad news for Grey Market users, one of its administrators revealed that another administrator had emptied the cold storage wallets. According to one of the admins of the Grey Market marketplace one of the admins, ‘theiving‘, has stolen all the users’ funds the platform stored for the escrow service. “ you can mark Market as scam exited and ban all our official accounts” reads the message published by the Market admin. During the last week, the black marketplace was often unreachable before going completely offline. Full Article.
Chrome 78 Disables Code Integrity Check to Mitigate "Aw Snap!" Crashes
October 30, 2019 By Ionut Ilascu Google decided to temporarily disable the Code Integrity feature activated in Chrome as users report more "Aw Snap!" crashes caused by incompatible software on the system.The issue was initially identified on systems with outdated versions of Symantec Endpoint Protection (SEP) and was pinned to incompatibility with the Renderer Code Integrity feature from Microsoft that had been just enabled in Chrome 78.Full Article.
[Discussion] Webroot Internal Security Training Courses
Webroot is happy to announce the release of our Internal Security Training Courses! We’d love to hear from you about these courses once you’ve completed the training. What security gaps do you find to be challenging to attend to? What techniques do you use to bolster your network security? Got network security tips? Share your expertise with the community! Let us know in the comments below!
10 days, 10 gifts, 1 grand prize 🎁Contest
It’s that time again: MSP Nifty Gifty! We want to round out 2019 with cool presents for you and yours. That’s why we’re partnering with other businesses in the channel to bring you 10 days of fun, business-building gifts that will help MSPs like you kick-start the new year.What’s the MSP Nifty Gifty? It’s 10 days of cool and valuable gifts in December—just for MSPs.How does the Nifty Gifty work? Each day, you’ll receive a special gift from one of the channel sponsors. It might be a free software subscription, a book, a gift card, or any number of other items.There’s also a grand prize—worth $1,900 in nifty gear—to help you kick off 2020 right. Click here to enter!
Weekly Threat News: 2nd JanuarayThreat News
Our Senior Threat Research Analyst, @FredFunk, is back from holidays and has a fresh batch of 2020 threat news for you. General News Mirai Variant ECHOBOT Resurfaces with 13 Previously Unexploited Vulnerabilities Mirai was one of the biggest botnets ever seen. It consisted of millions of compromised IoT and other connected devices including routers. This army of devices was put to criminal use launching huge DDoS and other attacks. The Mirai model was so successful it spawned many variants and one of these variants, ECHOBOT, was discovered in mid-2019. Whereas the original Mirai compromised devices using a small amount of likely passwords (such as typical hardcoded router credentials) and exploits ECHOBOT uses a staggering amount of different device vulnerabilities and affects a wide range of devices. By targeting web and networking software as well as the classic Mirai targets of embedded IoT OS, ECHOBOT has greatly increased its ability to spread. There has been a lot of researc
Anyone else seeing a lot of DROP packets due to WRSA firewall on WIndows?
I have begun to notice something disconcerting with the WRSA firewall. It has a tendency to drop what are perfectly valid outbound packets. If you are reading this and are game to spend a few minutes to see if you have the same problem, feel free to follow along(But first a quick aside - the WRSA firewall and the Windows Firewall are meant to be run together by design. If you for some reason turned off the Windows Firewall …. well, just don’t do that!)Go to a administrative command promptRun "netsh wfp show filters"Open resulting filters.xml fileSearch for the 10 instances of <name>Webroot SecureAnywhere Filter</name>You should find the items shown below. In each case, note the FilterID value a dozen or so lines below the layerKey value.<layerKey>FWPM_LAYER_INBOUND_TRANSPORT_V4</layerKey><layerKey>FWPM_LAYER_INBOUND_TRANSPORT_V6</layerKey><layerKey>FWPM_LAYER_OUTBOUND_TRANSPORT_V4</layerKey><layerKey>FWPM_LAYER_OUTBOUND_TRANSPORT_V
Lockdown Lessons: A Webroot PodcastPodcast
Webroot returns with another podcast series, this time exploring how MSPs can mitigate risks and boost cyber defenses within their own businesses. ChannelE2E and MSSP Alert editor Joe Panettieri is joined by Webroot experts for a miniseries that looks at the trends and threats facing today’s MSPs. NIST Cybersecurity Framework Joe Panettieri and Webroot’s Nick Emanuel discuss how MSPs can adapt the National Institute of Standards (NIST) Cybersecurity Framework as a blueprint for mitigating risk for both themselves and their clients. Automated Detection & Response Host Joe Panettieri and Webroot's George Anderson contrast traditional endpoint protection with the surging popularity of Automated Detection and Response (ADR) and Managed Detection and Response (MDR) approaches to threat hunting. FBI Warning To MSPs Webroot’s George Anderson returns to discuss a pointed warning issued to MSPs by the FBI about being a vector for attacks against their customers. With host Joe Paniettier
Payments giants abandon Facebook's Libra cryptocurrency
[b]October 11, 2019 By Dave Lee[/b] Mastercard, Visa, eBay and payments firm Stripe have pulled out of Facebook’s embattled cryptocurrency project, Libra. Their move, [url=https://www.ft.com/content/a3e952dc-ec5c-11e9-85f4-d00e5018f061]first reported in the Financial Times[/url], follows the withdrawal of PayPal, announced last week. It represents a huge blow to the social network’s plans to launch what it envisions as a global currency. The project has drawn heavy scrutiny from regulators and politicians, particularly in the US. [url=https://www.bbc.co.uk/news/technology-50023008]Full Article.[/url]
MacOS Catalina 10.15.2 Beta 3 Available for Testing
MacOS Catalina 10.15.2 Beta 3 Available for TestingNov 20, 2019 MacOS Catalina 10.15.2 beta 3 has been released by Apple for testing by Mac users enrolled in the Mac system software beta testing program.Usually a developer beta build becomes available first, soon followed by the same beta build as a public beta version.MacOS Catalina 10.15.2 beta 3 is likely to focus on bug fixes, improvements, and enhancements to the MacOS Catalina operating system. It’s unclear if any new features will be included in the release.See Full ArticleWhen Apple releases macOS Catalina 10.15.2 It will be time for me to upgrade to and enjoy the eye candy.
Planting tiny spy chips in hardware can cost as little as $200
[h2]Proof-of-concept shows how easy it may be to hide malicious chips inside IT equipment.[/h2]Andy Greenberg, - 10/13/2019 More than a year has passed since [i]Bloomberg Businessweek[/i] grabbed the lapels of the cybersecurity world with a bombshell claim: that Supermicro motherboards in servers used by major tech firms, including Apple and Amazon, [url=https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies]had been stealthily implanted with a chip the size of a rice grain[/url] that allowed Chinese hackers to spy deep into those networks. [url=https://www.reuters.com/article/us-china-cyber/apple-amazon-deny-bloomberg-report-on-chinese-hardware-attack-idUSKCN1ME19J]Apple, Amazon, and Supermicro[/url] all vehemently denied the report. The [url=https://www.cyberscoop.com/rob-joyce-bloomberg-story-supply-chain]National Security Agency dismissed it[/url] as a false alarm. The Defcon hacker conference awarded it [u
Weekly Threat News: 22nd November, 2019Threat News
Our favorite Sr. Threat Researcher, @FredFunk, is back with another round of Weekly Threat News. This week, Kelvin discusses the Monero hack, a brand new term DDoSAS (DDoS as a service) thanks to Sergiy P. Usatyuk, and ransomware continues to plague hospitals and governments. General News Booter Boss Banged Up for 13 Months DDoS attacks can be used for many malicious purposes. Whether it’s bringing down major British political party websites or cheating at online games, DDoS attacks have been making headlines recently. The arrest and conviction of Sergiy P. Usatyuk should worry other criminals who sold DDoS for hire services. As is often the case in the cybercrime sphere, justice hasn’t been swift and the charges related to events in August 2015 to November 2017 where Usatyuk is said to have earned a little over half a million US dollars. More: Infosecurity Magazine Webroot Part of Top Ten in Windows Anti-Malware Market Share More: ZD Net Cryptocurrency Coin Stealer Found in
Chrome’s data disaster: Browser update wipes out Android app data
Google changed where Chrome stores data. Chrome handles data for HTML apps. Uh oh. December 17, 2019 By Ron Amadeo Google's latest Chrome update is causing a headache for users and developers of some Android apps. Chrome 79, which is rolling out across desktop and mobile OSes, has been causing data loss for some other seemingly unrelated Android apps. Thanks to this bug, specifically on Android, updating your browser can now do something like wipe out the data in your Finance app. The connection between Chrome and Android app data might not be obvious, but Chrome on Android isn't always just the browser that starts up when you press on the Chrome icon. For some versions of Android, the Chrome app can also provide the built-in HTML render for the entire OS. Apps can call on the system render to display in-app Web content (the API is called "WebView"), and, in this case, an instance of Chrome would seamlessly start up and draw HTML content inside your app. Whether you want to call
MacOS Catalina 10.15.1 Beta 2 Released for Testing
Oct 17, 2019 Apple has released MacOS Catalina 10.15.1 beta 2 for Mac users enrolled in the system software beta testing program.MacOS Catalina 10.15.1 beta presumably focuses on bug fixes and other enhancements and improvements to the MacOS Catalina operating system.Users who are participating in the beta testing programs for MacOS will find “macOS Catalina 10.15.1 beta 2” available to download now from the Software Update section of System Preferences.The new beta build is 19B77a and arrives first to developers and is typically soon followed by the same build being issues to public beta users as well.Full Article.
Chinese hackers bypass 2FA authenticationAlert
We’ve seen reports that Chinese hackers have figured out a way to bypass two-factor authentication. Obviously, this is concerning. Reported via Information Age, the article dives into how one cybersecurity firm believes how it was done. A Chinese government-backed hacking group has found a new way to bypass two-factor authentication, according to a new report. The report by Dutch cybersecurity firm Fox-IT attributes a range of cyber attacks on government entities and managed service providers to APT20, a hacking group linked to the Chinese government that has been on the radar for nearly 10 years. The report tracks the attacks of the group over the last two years and details the method behind them. Read the rest of the article on Information Age @TylerM , Webroot Security Analyst, had this to say: This is pretty scary and just shows that the different types of 2FA implementation have varying degrees of security. SMS text and phishing has always been the most vulnerable, but now it
The Y2K bug is back, causing headaches for developers again
Twenty years ago, some developers dealt with the millennium bug by postponing it until... now. January 8, 2020 By Daphne Leprince-Ringuet Twenty years ago, as the world celebrated the start of a new millennium, IT professionals across the globe were getting cold sweats at the prospect of the Y2K bug kicking in: the fear that important systems relying on two-digit date logs would come to a standstill if computers interpreted the 1 January 2000, registered as 01/01/00, as the first day of the year 1900. No major incident happened, because developers had seen Y2K coming and prepared well. But two decades later, it has become apparent that some resorted to a quicker fix than others, and simply postponed the problem to 2020. A series of incidents seem to have confirmed that Y2020 is tech's latest unwelcome blast from the past. Full Article.
Air Force finally retires 8-inch floppies from missile launch control system
"Solid state storage" replaces IBM Series/1's floppy drive.Sean Gallagher - 10/18/2019Five years ago, a CBS 60 Minutes report publicized a bit of technology trivia many in the defense community were aware of: the fact that eight-inch floppy disks were still used to store data critical to operating the Air Force's intercontinental ballistic missile command, control, and communications network. The system, once called the Strategic Air Command Digital Network (SACDIN), relied on IBM Series/1 computers installed by the Air Force at Minuteman II missile sites in the 1960s and 1970s.Full Article.
Despite clear warnings, Europe is out of IP addresses—again
Last year, RIPE ran out of new IPs—but this week, the used ones are gone, too. Jim Salter - 11/26/2019 Monday afternoon, RIPE—Réseaux IP Européens—or the regional Internet Registry for Europe, the Middle East, and parts of Central Asia—announced that it's out of IPv4 addresses. What this means is that the organization has handed out its last available /22 (1,022 address) netblock. If you need European public IP addresses of your very own, you must get on a waiting list and hope for some other company to die on the vine and relinquish its address space when it does. Full Article.
Join the Conversation
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.