In this issue:

This week in IT – datacenter jobs, HDD reliability problems, SSL/TLS certificates expiring, Spring4Shell worries. Microsoft Defender high memory consumption. Lots of webinars. Harden your Windows network. How to this and that. IT Bookshelf: Information Security Handbook. Google News fail. And Finally – Noooo!!! YES!!!!! Plus lots more — read it all, read it here on WServerNews!

 

Feeling overwhelmed with work? Thinking about quitting your job? There’s hope for stressed-out IT pros. Photo by Nik Shuliahin on Unsplash

Help spread the news!

Please tell all your colleagues and friends about WServerNews and let them know that they can subscribe to these and other TechGenix newsletters for free by going here. Thanks!!

Editor’s Corner

Hey there, IT pro, how’s your mental health?

If that seems like a somewhat rude or discourteous question, maybe you haven’t heard about the recent survey of several hundred IT security decision-makers in the UK which found that more than half of the respondents have been experiencing anxiety, anger and depression due to feeling overwhelmed with work and are ready to quit their jobs.

IT has become an increasingly demanding occupation with emerging new technologies we have to learn about and the constant, endless stream of cyberthreats we need to deal with. Coping is difficult, but one key to surviving in the IT game is prioritization. As IT pros we often feel like we just don’t have enough time to do all that we need to do, but feelings can deceive us. In general, the problem isn’t that we don’t have enough time, it’s that we lack proper prioritization. If we prioritize what’s actually important for us to perform our job—and spend 80% of our time on the 20% tasks with highest priority—we’ll accomplish critical tasks quickly and feel a sense of accomplishment (and relief) and be able to move on to giving attention to the next set of tasks whose priority has now bubbled up to the top.

Let me say it once more: people generally don’t lack time, they lack prioritization. So start getting your job priorities in order today.

Or quit your job and go on exotic walking expeditions like Levison Wood, which actually is probably a lot more fun than working with computers.

Hey, I might just do that! J

Enjoy this week’s issue of WServerNews.

–Mitch

This Week in IT

A compendium of recent IT industry news compiled by Your Editors. Feel free to email us if you find a news item you think our newsletter readers might be interested in.

Let’s start off this week with a couple of news items on the datacenter front. DataCenter Knowledge reports that there’s record data center construction going on and record demand for colocation facilities but that the datacenter industry continues to suffer from staffing shortages. If you’ve got an engineering background and looking for a new job you should check out these job postings on Data Center Frontier. And on the environmental concern side of the industry, look at how this datacenter in Hokkaido, Japan is raising eels within its walls (Tom’s Hardware). I tried a dish with eels once at a restaurant in Brussels and hated it.

More bad news on the semiconductor front I’m afraid. Tom’s Hardware reports that there may be delays of up to 18 months on the semiconductor manufacturing equipment needed for the planned capacity expansions by Intel and TSMC, so better hang on to that old hardware retired in the back closet beside your server room.

On the hardware end of things comes this report from Tom’s Hardware that some new HDDs are actually less reliable than SSDs. What’s the world coming to when you can’t trust spinning rust?

Has your organization ever had problems because someone forgot to renew an SSL/TLS certificate before it expired? BetaNews reports that this happens far more frequently than one might expect! Better take note of this and go check the expiry date on your organization’s certificates.

Now let’s get to the serious stuff. I hope all our readers have heard about Spring4Shell the new vulnerability discovered in the Java Framework. If you haven’t, start by reading this TechGenix article for an explanation and some mitigations you can perform. Microsoft has reported that it has seen only a low volume of exploit attempts targeting this vulnerability but you should keep tabs on developments via updates posted on the Microsoft Security blog. Other reports suggest that one sixth of organizations vulnerable to this attack have already been targeted (BleepingComputer) so stay on top of this one. More on this one as it develops.

BREAKING NEWS – And finally some late breaking news that highlights the fragility of our global Internet. U.S. Homeland Security Investigations is reported to have disrupted a cyberattack against an undersea cable linking Hawaii to critical telecommunications infrastructure that include the Internet and cellular services. Hawaii News Now has the story. Apparently about 99% of global Internet traffic runs over more than a million kilometers of submarine cables (Energy Industry Review). So with threats from undersea natural disasters, malicious and accidental damage from naval and commercial shipping, and malicious hackers everywhere, this might be a good time to think about investing in Starlink!

Windows news

Let me start off by saying that I have always—ALWAYS—kept my taskbar anchored to the bottom of my desktop in every version of Microsoft Windows since Windows 95. So we *won’t* say anything more here about how Microsoft gave indication this week that they likely won’t fix the problem of no longer being able to reposition the taskbar in Windows 11 (Windows Insider webcast). Let’s leave this matter behind and talk about more important Windows news, like the fact that Windows 3.1 is officially 30 years old (Windows Central). Happy Birthday Win3.1! Let’s all play a few rounds of Solitaire to celebrate J

Mark the date May 10th on your calendar, it’s the day when Windows 10 20H2 and Windows 10 1909 reach end of service (BleepingComputer).

If you’ve been looking forward to using the Smart App Control security feature in Windows 11 (Windows Support) you might be disappointed. You’ll need to do a full reset of your computer in order to enable this new feature (Tom’s Hardware).

Microsoft also has some details about what’s coming for Cloud PC experiences with Windows 365 that involve deeper integration with their Windows 11 operating system. Find out more about this on the Microsoft Mechanics Blog.

Windows Server news

Several colleagues have reported seeing high memory consumption happening with Microsoft Defender on Windows Server. Günter Born says on his blog that it is likely caused by problems with the latest signature files downloaded for Defender. This Twitter thread suggests the problem may have been resolved by the most recent updates for Defender, but if you’re still experiencing problems you could disable Defender using Group Policy as a temporary workaround.

Whenever we think Windows Server we also think System Center since the two are closely tied together, so here’s a bit of news for you on the System Center front: Microsoft has commercially released System Center 2022 by announcing that the platform has reached General Availability (GA) (Redmond Channel Partner Magazine). The RCPmag article has a good summary of the new features and components of the platform.

And if you like hunting for bugs (we do this in our basement every spring) you might be excited to learn that Microsoft offers awards of up to USD 26k for identifying bugs in their on-premises products which now include Exchange, SharePoint and Skype for Business (Microsoft Security Response Center). Who says on-prem is dead? J

Upcoming webcasts, events and conferences

Got an event, conference or webcast you want announced in our newsletter? Email us!

Webinar from Data Center Frontier – Disruptive Innovation: Innovating Beyond Technology ­– April 19th – Register

Free SANS Webinar on April 20: Start Your ICS/OT Cybersecurity Journey – Register on the SANS website.

Thomas Maurer will be speaking at AzureLive 2022 which is coming up this week on April 21!

AWS Summit London on April 27 – Still time to register!

DeveloperWeek is Europe’s largest developer & engineering conference. It’s a virtual event and is coming up soon on April 27-28, get tickets here!

VMware Live Webinar: Deconstructing Destructive Attacks to Separate Fiction from Facts – May 3 – Register today!

Here’s an update concerning the upcoming Microsoft Inspire conference: it’s been pushed back one week to July 19-20, more info on the Microsoft Partner Network blog.

Also be sure to check out Redmond Channel Partner’s calendar of upcoming Microsoft conferences for partners, IT pros and developers!

Got comments about anything in this issue?

Email us! We love hearing from our readers!

Got questions? Ask our readers!

WServerNews goes out each week to almost 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? You can Ask Our Readers for help by emailing us your problem or question. Do it today!

Meet the Editors!

MITCH TULLOCH is Senior Editor of WServerNews and is a widely recognized expert on Windows Server and cloud technologies. He has written more than a thousand articles and has authored or been series editor for over 50 books for Microsoft Press and other publishers. Mitch has also been a twelve-time recipient of the Microsoft Most Valuable Professional (MVP) award in the technical category of Cloud and Datacenter Management. He currently runs an IT content development business in Winnipeg, Canada that produces books, ebooks, whitepapers, case studies, courseware, documentation, newsletters and articles for various companies.

 

INGRID TULLOCH is Associate Editor of WServerNews. She was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press and collaborated on developing university-level courses in Information Security Management for a Masters of Business Administration (MBA) program. Ingrid also manages Research and Development for the IT content development business she runs together with Mitch.

Subscribe today to WServerNews!

Subscribe today and join almost 200,000 other IT professionals around the world who subscribe to our newsletter! Just go to this page and select WServerNews and you’ll receive it every Monday in your inbox.

IT Workshop – tools, whitepapers and more

Got a product or solution or some other resource you’d like to tell our readers about? Email us!

Our TOOL OF THE WEEK is Exinda Network Orchestrator from GFI Software. Exinda Network Orchestrator enables you to manage network performance by focusing on the user experience of key applications through key features that include real-time network performance monitoring, breakdown of app traffic, automatic traffic orchestration and single app prioritization.

Need help hardening your Windows network against cybertheats? Check out these resouces:

• Awesome Windows Domain Hardening – a curated list of awesome security hardening techniques for Windows (GitHub)
• Rapid Active Directory Hardening Checklist – ideas for tools to deploy and areas to check that are abused by Ransomware gangs and ATP (PwnDefend)

Here are some MORE TOOLS our IT pro colleagues have recently recommended:

• Permissions Analyzer for Active Directory lets you unravel your tangled mess of permissions for Active Directory, network shares, folders, and files for users and groups (SolarWinds)
• PingPlotter Cloud delivers the network insight required to support work-from-anywhere and includes tools for helping end users troubleshoot independently.
• Ecora from IgniteTech lets you manage server and workstation configurations across your entire IT environment.

Tips and Tutorials

Hybrid work may be the future, at least for the next while until the world changes again. If you’re planning on upgrading to Windows 11 you might want to check out this post on the Windows Experience Blog that details how Microsoft is positioning Windows 11 as “the operating system for hybrid work” which can give you guidance on some of the innovative new features of the platform. Also check out What’s next in Windows 365 for hybrid work on the Windows IT Pro blog for more.

Another interesting innovation in Windows 11 is its ability to let you run Android apps, or as TechGenix author Brien Posey says “a limited number of Android apps compared with the Google Play store” (TechGenix). We’d be interested in hearing from any of our readers who have found this new capability useful—email us.

Need to build a testbed network in Microsoft Azure that has virtual machines running Windows Server 2016, Windows Server 2019 and Windows Server 2022? This blog post by Wim Matthyssen shows you how to do it with PowerShell.

A few “how to” tips:

• • How to enter into BIOS or UEFI in Windows 10 or Windows 11 (OnMSFT)
  • How to Use Docker to Package CLI Applications (CloudSavvy)
  • How to Learn PowerShell in 2022 (ITProToday)
  • How to Fix VirtualBox Error: Kernel Driver Not Installed (rc=-1908) (TechGenix)

Freebies!!

Got a freebie you want to offer our readers? You can reach almost 200,000 IT pros worldwide with our newsletter—email us!

Get the Google Cloud cheat sheet 2022 edition with all 200+ services from one interactive chart!

Thomas Maurer tells us that there is a free Azure account offering which allows you to try out Microsoft Azure!

Try out this free online Strong Password Generator from F-Secure!

Learn about social engineering techniques, technical hacks, combined strategies and, most importantly, the key takeaways that will help you better secure MFA solutions with this free PDF ebook from KnowBe4!

IT Bookshelf: Information Security Handbook

Information Security Handbook (CRC Press, 2022) is a collection of papers by various researchers in the field of information security. The book describes itself in the Preface as “an attempt to collect and publish innovative ideas, emerging trends, implementation experience, and use cases” on computer security, cybersecurity, networking security and so on. The range of subjects covered is quite broad and includes developments in software-defined networking (SDN), wireless sensor networks, Blockchain-based supply chain management, DDoS attack mitigation, Big Data security, PDF malware analysis, and so on. IT pro readers will likely only be interested in a few of these topics, but on the other hand the book may open windows into new areas of interest for the technologically curious.

The chapters are mostly academic in their presentation and most have an extensive list of references at their conclusion. I found the chapter on SDN security concerns fairly understandable in its explanation of different kinds of potential anomalies and security issues that can arise in implementations of SDN. Some background knowledge in OpenFlow is needed when reading this chapter.

The chapter on Big Data security is well-written and easy to follow, and the discussion of the challenges associated with Big Data security is useful reading for organizations considering implementation of vendor solutions for handling large quantities of nonrelational data.

The chapter on the prevention of DoD/DDoS attacks was one I found quite illuminating. I’m a novice in this area as far as practical solutions are concerned, and I was quite surprised to discover how honeypots can be used to mitigate DDoS attacks. I always thought these were mostly used by security researchers and didn’t have any commercial value, but I was clearly under a wrong impression in this regard. The researchers behind this chapter also describe in detail how they set up an “expert honey-mesh system” for detection and prevention of DDOS attacks, and then they validated their implementation using DDOSIM simulation software and present the results in graphical display. I would be very interested to hear about any vendors or service providers offering real-world solutions using this scheme.

Some of the book goes over my head, or let’s say I don’t have the time or patience to gain enough background knowledge to benefit from reading many of the chapters. With books like this however anyone who has a solid tech background and a nerdy sense of curiosity will probably learn some neat, cool stuff by reading it—and may even get an idea or two that might turn into a commercial product or service you could develop and get rich selling since the information security world is pretty much the wild, wild west nowadays—lots of wide open spaces to range around and conquer.

You can buy Information Security Handbook from Amazon here.

Factoid: Google News fail

Our previous factoid garnered no responses so let’s move on to this week’s factoid:

Fact: Google News sometimes mysteriously fails to return meaningful results for even the most commonplace search queries.

Source: Here’s an example of what happened to me recently. I have a collection of favorites that bring up specific news item searches that I use each morning to inform me as I drink my morning coffee. Yesterday as I was opening these links, one of them unexpectedly returned zero results:

 

Now I know that not much of interest happens in our country, but this is ridiculous. Needless to say, when I hit F5 to reload this Google News page, lots of results appeared.

Question: Has this kind of thing ever happened to you? What do you think might be causing it?

Email us your answer and we’ll include it in our next issue!

And Finally

The odd, the stupid and the remarkable. Great for your mental health—enjoy.

Walgreens replaced some fridge doors with screens. And some shoppers absolutely hate it (CNN)

https://www.cnn.com/2022/03/12/business/walgreens-freezer-screens/index.html

[What do shoppers know, anyways? They just buy stuff.]

Asteroid impacts Earth just two hours after it was discovered (The Jerusalem Post)

https://www.jpost.com/science/article-701110

[Remember thiotimoline? I guess this would have been more interesting news if it had said the asteroid impacted the earth two hours before it was discovered.]

Just 3% of employees cause 92% of malware events (ITPro)

https://www.itpro.co.uk/security/malware/366011/just-3-of-employees-cause-92-of-malware-events

[The other 97% of employees never do any work anyways.]

Raspberry Pi Pico Receives Playable Doom Port (Tom’s Hardware)

https://www.tomshardware.com/news/raspberry-pi-pico-runs-doom

[Finally something useful for the Pi platform!]

Military-Spec Raspberry Pi Mission Computer Revealed (Tom’s Hardware)

https://www.tomshardware.com/news/military-spec-raspberry-pi

[It weighs only 3.14 kg.]

UFC fighter takes down gunman at restaurant (Toronto Sun)

https://torontosun.com/news/world/ufc-fighter-takes-down-gunman-at-restaurant

[And he doesn’t even get a free dessert for his efforts.]

Google introduces ‘Related search for content’ to add associated search terms to web pages (BetaNews)

https://betanews.com/2022/03/17/google-introduces-related-search-for-content-to-add-associated-search-terms-to-web-pages/

[Noooo!!! Please, NO!!!!!]

Google will cull out-of-date Play store apps in bid to improve Android security (ITPro)

https://www.itpro.co.uk/mobile/google-android/367356/google-to-cull-out-of-date-play-store-apps-android-security

[Yes!!! YES!!!!!]

Hey reader! Got an amazing or weird or funny link you’d like to suggest for this section of our newsletter? Email us! But please make sure that it’s G-rated as in “Gee whiz”, “Golly!”, Good grief!”, “Gaaahh!!” and so on. Thanks!

Please tell others about WServerNews!

We hope you enjoyed this issue of WServerNews! Feel free to send us feedback on any of the topics we’ve covered—we love hearing from our readers! And please tell others about WServerNews! It’s free and always will be free—and they can subscribe to it here. Thanks!!!