A specific type of malware named WannaCry made international headlines in May after achieving an unprecedented infection rate. Using EternalBlue, a recently leaked tool from the US Intelligence community, it installed malicious software that encrypted files then required victims to pay a ransom to restore them. The timing of this tool’s release and subsequent use in such a widespread event has taught – and retaught - network administrators around the globe to revisit the basic lessons of security.

When you consider your bank’s security awareness training, what comes to mind? Maybe you think of an hour-long lecture you present (or attend) on an annual basis. Maybe you think of an online program you watched or a lengthy document you read. Whatever may come to mind, it is important to ask the question: How effective is this training?

An outbreak of the WCry (also known as WannaCry/WanaCrypt0r) ransomware began to be reported May 12, 2017. The attack was worldwide and deemed by some as “the biggest ransomware outbreak in history.” The goal of the attack, like all ransomware, is to encrypt computer files making them unavailable to the computer user. A payment is required to get the key which unlocks the files.

HP has a handy new “feature” on some of their newer model home and office printers that allows you to print wirelessly when a wireless network is not available. The printer does this by broadcasting its own SSID with a name something like “DIRECT-B7-HP ENVY 4520 Series”. This seems like a harmless (and pointless) feature, but it can wreak havoc on your wireless network.

We were having issues with screensaver security locking not working on Windows 8 clients.  At first we kept zeroing in on the GPOs being applied to the PCs.  After further evaluation and verification that the settings were configured in the registry from the GPOs appropriately, we began to look at application interference.

If Outlook says "This file cannot be previewed because there is no previewer installed for it" when you are trying to preview an attachment, this means that file type has no default program associated with it.  Try saving the attachment and then choose Open With... to associate a program.  After that, Outlook will use that program to preview attachment of that file type.

We had a customer who was experiencing slowness on their terminal servers and the slowness was keeping some reports in their core banking application from running.  We found that when we excluded the entire C: drive of the terminal server from all Symantec Endpoint Protection scans, the errors would not occur. Through trial and error, we tracked down the setting in SEP that was causing the performance problems. We changed the “Scan files when” setting from “Scan when a file is access or modified” to “Scan when a file is modified”. This solved the performance issues and reports in their core banking application are running properly now.

The Cisco-Linksys SRWxxxx series of switches have a simple web interface for management purposes. The interface lacks the ability to see the MAC address table. You can SSH or telnet to the switch, but the menu you get is no better. However there is a hidden CLI (called the lcli, I assume that stands for Linksys CLI) you can access that will allow you additional management capabilities. Once you are logged into an SSH or telnet session and are at the menu, do the following:

Windows 10 ships with the OneNote app. If you also have OneNote 2016 installed on your computer, you will end up having two OneNote applications installed. The Windows 10 OneNote app is quite often set as the default version, so when attempting to follow a link from someone else, the Windows 10 OneNote app opens and asks you to log in. People who are familiar with OneNote 2016 are completely lost and stuck at this point.

Intrusion Detection Systems (IDS) have been around for over thirty years, dating back to the Intrusion Detection Expert System (IDES) in the mid 1980’s. Intrusion detection technology continued to evolve with the introduction of Host-based, Network-based and Network behavior analysis systems. Additionally, systems capable of blocking malicious traffic, Intrusion Prevention Systems (IPS), originated from IDS.

  In 1982, a Coke machine at Carnegie Mellon University was modified to connect to the Internet and report inventory and temperature status. In 1985, the first alleged use of the term “Internet of Things” was by Peter T. Lewis before a technical panel organized by the FCC and U.S. Department of Commerce Minority Enterprise Telecommunications Seminars. It is only in recent years, however, that the Internet of Things, or IoT for short, has really taken off and influenced our daily lives.

  Assessing risk is all about extrapolating meaning from potential. In other words, look at what could happen and consider how those things would affect you. The process can be as complicated or as simple as you choose to make it. At the end of the day, risk assessments are a way to become aware of potential issues and of controls to alleviate those dangers. You do not have to think of every potential scenario. In fact, considering what is common covers the majority of threats.