In this issue
Important announcement! Ask Our Readers: Windows 10 screen lock settings not working. The truth about WiFi FragAttacks. Another reason to hate search engine ads. The Gray Lady on web browsers and privacy. Vulnerability in Logix PLCs. Should you trust Apple with your Bitcoin? Sasha on staying secure. Short break. Emails not reaching Outlook.com. Tech nostalgia. Plus lots more — read it all, read it here on WServerNews!
Locks are important, even on computers. Photo by iMattSmart on Unsplash.
Important announcement!
We discovered that we’ve been experiencing a problem with the email address for sending us feedback about our newsletter. So if you recently sent an email to us at [email protected] and never got a reply, try to dig it out from your Sent Mail folder and resend it to our more general email address of [email protected]. And going forward please address any comments or questions regarding this newsletter to [email protected] to ensure that we receive your email. Thank you!
Ask Our Readers: Windows 10 screen lock settings not working (new question)
A reader named Andrey who works as the Director of Technology for a company sent us the following question seeking help from our readers with a problem:
I’m having a heck of a time with Windows Screen Lock settings. Tried just about everything I can think of. Power Settings, etc. It’s very inconsistent. It appears that “too much’ activity is happening for the Windows 10 1909 OS to lock the screen. I updated the machine to Windows 10 20H2 and it locks as long as no one is touching the mouse or keyboard unlike the 1909. This is a stickler that required us to shorten the time frame it locks the screen after to help with compliance but boy would I love to solve this issue as it even has our ‘experts/consultants’ stumped, essentially blaming Microsoft.
I asked Andrey to describe it for us in more detail. He replied as follows:
Thank you for getting back to me. Basically the computer will not lock on the usual 10 minute timer. This is a Win 10 1909 OS. We determined that it appears that Microsoft defines an IDLE Lock as CPU and GPU have to be under a certain threshold. In the past it seemed that it would be triggered simply from no keyboard or mouse activity. I tried updating to Win 10 20H2 OS on this same laptop and it started locking very consistently even with high CPU usage as long as the mouse or keyboard isn’t touched. The other issue is we tried adjusting the power settings to force the lock and it appears to trigger the network disconnect at the same time when it locks, dropping connections to applications, etc. Essentially, it appears that the simply Screen Lock settings don’t work in Windows 1909.
Have any other readers of our newsletter been experiencing anything similar to what Andrey is seeing? Have you found, or can you suggest, a possible solution to his problem? Email us at [email protected] with your comments. Thank you!
Got questions? Ask our readers!
WServerNews goes out bimonthly to almost 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? You can Ask Our Readers for help by emailing us your problem or question. Do it today!
Editor’s Corner
Our focus for this issue of our newsletter is news about cybersecurity issues and associated privacy matters, starting with the buzz over bugs potentially leaving zillions of WiFi devices vulnerable to protocol-level exploits called FragAttacks . Enjoy this issue and let us know if you have any comments or questions about anything, we love hearing from our readers!
The truth about WiFi FragAttacks.
So there’s been a blizzard of tech news items this last week that have spilled over into the mainstream media saying that anyone who uses WiFi is doomed to have their business hacked and bank account drained. A few examples:
All Wi-Fi devices impacted by new FragAttacks vulnerabilities (Bleeping Computer)
‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices (ThreatPost)
https://threatpost.com/fragattacks-wifi-bugs-millions-devices/166080/
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything (MalwareBytes)
Decades-Old Flaws Affect Almost Every Wi-Fi Device (Wired)
https://www.wired.com/story/frag-attack-wi-fi-vulnerabilities/
A security researcher found Wi-Fi vulnerabilities that have existed since the beginning (The Verge)
https://www.theverge.com/2021/5/12/22433134/fragattacks-wi-fi-vulnerabilities-update-security
The added emphasis above is mine.
So just how serious is this new discovery? Here is the original paper from the researcher who uncovered the problem:
Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation (PDF)
https://papers.mathyvanhoef.com/usenix2021.pdf
From my quick reading of this paper it sounds like the adversary first needs to “make the victim connect to a server under the adversary’s control, allowing the adversary to inject IPv4 packets over this connection” as the author states, which of course is pretty much a standard approach used these days by malicious actors trying to launch attacks against computers and phones. There are of course already various ways of mitigating such attacks, ranging from proper security hygiene to utilizing intrusion protection software to possibly using WPA3-Enterprise with EAP-TLS authentication if your environment can support this protocol combo — see this FAQ from CommScope for more info.
Additionally, in the research paper’s section titled Vulnerable Clients the authors state that “the TCP or UDP checksum of the forged packet only has a 2E-16 chance of being correct, meaning the packet will likely be dropped.” This suggests to me that while a Frame Aggregation and Fragmentation Attack (FragAttack) is possible against devices using WiFi, the chances of it succeeding are very small.
Finally, in the section titled Discussion the authors say, “A limitation of our attack is that it can only be used when one or more devices send fragmented frames. However, we conjecture that dynamic fragmentation can be abused to induce the transmission of fragmented frames.” The added emphasis in that sentence is mine.
So what’s the big deal?
Well I guess it is a big enough deal that you should get in touch with vendors of your WiFi-enabled devices to inquire what they’re doing or plan to do to address this vulnerability in the products of theirs you have deployed at your business. It’s likely that updates will be released for some WiFi chipsets, but it’s also likely that many chipsets won’t be updated, either because they’re legacy devices that have reached EOL/EOS or because they’re devices simply can’t be easily updated via software updates. (Cisco rates high marks for disclosure in this regard, see their security advisory on this matter; advisories from other affected vendors can be found in this ICASI bulletin.) So going forward you may need to start looking into migrating to WiFi-enabled products from other vendors that the ones you’re currently buying from.
All in all though, I don’t think that all this is really *that* big of a deal. Not like the recent Microsoft Exchange vulnerabilities for example. If you’re an IT admin you’ve probably got much more important things to worry about.
Still, keep it on your radar and plan/implement remediation if the risk profile looks too high for your organization.
Another reason to hate search engine ads.
Phishing continues to be a major headache for companies and organizations of all kinds and sizes. And with the rise in remote work and online purchasing due to the pandemic, individuals are spending more time on their computers and mobile devices searching for the latest deal or researching some work-related topic.
And this means they’re being presented with more ads in their search results. Unfortunately some of these ads are actually doorways into phishing attacks:
FBI warns of cybercriminals abusing search ads to promote phishing sites (The Record)
https://therecord.media/fbi-warns-of-cybercriminals-abusing-search-ads-to-promote-phishing-sites/
Isn’t that nice?
The Gray Lady on web browsers and privacy.
Privacy is becoming such a big thing these days for most of us that deciding which web browser to use is becoming something we should consider. The New York Times has even entered into this discussion:
If You Care About Privacy, It’s Time to Try a New Web Browser (The New York times)
https://www.nytimes.com/2021/03/31/technology/personaltech/online-privacy-private-browsers.html
We’ve been using Brave for the last couple of years as our web browser but we’re always open to considering other options if they enhance functionality and privacy. What do our privacy-conscious readers recommend as the right browser to use nowadays? Let us know!
Vulnerability in Logix PLCs.
A small portion of our newsletter readership manage IT in industrial and manufacturing environments where programmable logic controllers (PLCs) are frequently used to control equipment and processes on assembly lines. If this is you and your company uses Logix brand PLCs then you probably want to know about this:
Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 (Ars Technica)
Should you trust Apple with your Bitcoin?
Some of our readers have likely waded into the Bitcoin universe and either trade cryptocurrency on an exchange or keep them in a Trezor or similar hardware wallet. If this is you then be careful, be very careful, about using an app from Apple’s App Store to handle your currency. The following news item has details:
He believed Apple’s App Store was safe. Then a fake app stole his life savings in bitcoin (The Washington Post)
What makes this really hard to swallow (especially for the guy who lost is savings) is that Apple explicitly advertises their App Store as a “safe and trusted place” as you can see here:
https://www.apple.com/mz/ios/app-store/principles-practices/
So should you trust Apple with your coin? Or Google? Or Microsoft? What are your thoughts about this? Email us!
Sasha on staying secure.
And finally I want to put in a plug for a tech news site run by our colleague Sasha Kranjac. Sasha is CEO and cloud security architect at Kloudatech and he delivers Microsoft, EC-Council, and his own custom Azure and Security courses and PowerClass workshops, consulting and architecting cloud solutions internationally. If cybersecurity is your thing (and it’s a big part of the job for all of us in IT these days) then you’ll want to follow his paper.li site called Be Secure, Stay Secure. Sasha also has another paper.li site called The Azure Daily and he’s contributed a number of articles on various Azure topics for my section on our TechGenix website.
Short break.
And with that said we’re taking a short break — our WServerNews newsletter will return to your Inbox on Monday June 7th. Enjoy the nice warm Springtime (unless you’re one of our many readers Down Under) and get outside and walk your dog! I can’t believe how many of the people in our neighborhood have bought dogs to keep them company during COVID lockdown. Life must be pretty ruff, right?
Bad joke, sorry. Stay healthy.
Got comments about anything in this issue?
Email us! We love hearing from our readers!
Please tell others about WServerNews!
Enjoy this issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers! And please tell others about WServerNews! It’s free and always will be free — and they can subscribe to it here. Thanks!!!
Tip of the Week
>> Got any IT pro tips you’d like to share with other readers of our newsletter? Email us at [email protected]
Emails not reaching Outlook.com
If you’re experiencing problems delivering email to Outlook.com then check out the following page from Microsoft:
https://sendersupport.olc.protection.outlook.com/pm/troubleshooting.aspx
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us your recommendations!
MailStore Server is an email archiving solution which complements your backup software by storing emails in a form that is authentic, tamper-proof and accessible over many years.
WinRAR is a powerful archive manager that can backup your data and reduce the size of email attachments, decompress RAR, ZIP and other files:
Thunderbird is an email client with minimalistic design:
https://www.thunderbird.net/en-US/
Duplicati is free backup software to store encrypted backups online For Windows, macOS and Linux:
Factoid – Tech nostalgia
Here is this week’s factoid:
Fact: Nostalgia Drives Users to ICQ
Source: https://www.wsj.com/articles/dropping-whatsapp-nostalgia-drives-users-to-icq-11611502516
Question: What old software do you still have a nice warm fuzzy feeling towards, and why? Could it be FTP? Gopher? Netscape? VisiCalc?
Email us your answer and we’ll include it in our next issue!
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Conference Calendar 2021
NOTE: Conference dates and locations (real/virtual) are subject to change
European SharePoint, Office 365 & Azure Conference — June 1-2 (virtual)
https://www.sharepointeurope.com/
European Collaboration Summit — June 14-16 in Wiesbaden, Germany
https://www.collabsummit.eu/en/
Microsoft Inspire — July 14-15 (virtual)
https://partner.microsoft.com/en-US/inspire
Black Hat USA — Jul. 31-Aug. 3 in Las Vegas
https://www.blackhat.com/upcoming.html#usa
Open Source Summit — Aug. 4-6 in Vancouver, Canada
https://events.linuxfoundation.org/open-source-summit-north-america/
DEF CON 29 — Aug. 5-8 (location TBA)
European Cloud Summit — Sept. 27-29 in Frankfurt, Germany
https://www.cloudsummit.eu/en/
Open Source Summit — Sept. 29-Oct. 1 in Dublin, Ireland
https://events.linuxfoundation.org/open-source-summit-europe/
VMworld — Oct 5-7 (virtual)
https://www.vmworld.com/en/index.html
Black Hat Europe – Nov 8-11 (virtual)
https://www.blackhat.com/upcoming.html#europe
Podcast Corner
Looking at the Windows Server 2022 Preview with Robert Smit (RunAsRadio)
Deception And Canaries In Network Security (Heavy Networking)
https://packetpushers.net/series/weekly-show/
VMware Cloud Disaster Recovery (Virtually Speaking)
https://www.vspeakingpodcast.com/
Troubleshooting Common Wi-Fi Problems with RUCKUS (Clear To Send)
GitHub weighs exploit ban (Risky Business)
https://risky.biz/netcasts/risky-business/
hTWOo: A Pure HTML & CSS Fluent Design System with Stefan Bauer (Microsoft Cloud Show)
http://www.microsoftcloudshow.com/podcast
New on Techgenix.com
Restoring previous versions of Microsoft 365 documents
We’ve all experienced the trauma of deleted files. Fortunately, there are several ways of restoring previous versions of Microsoft 365 documents.
https://techgenix.com/restoring-previous-versions-of-microsoft-365-documents/
Unable to connect to Public Folder after Database Portability in Exchange 2013
Here are solutions to connect a disconnected Exchange 2013 Public Folder after Database Portability.
Troubleshooting PowerShell Direct errors
PowerShell Direct normally works the way it is supposed to, but things can go wrong. Here’s some troubleshooting tips to find and fix problems.
https://techgenix.com/powershell-direct-troubleshooting/
Exchange Server hack aftermath: How to update while running Symantec
The major Exchange Server hack uncovered in March has admins scrambling to update their systems. If you also running Symantec antivirus, read this.
https://techgenix.com/exchange-server-hack-update-with-symantec/
Creating a Microsoft 365 cloud policy configuration
IT pros can now use the Microsoft 365 Office cloud policy service on devices that are running Microsoft Office apps, even if they are not domain-joined.
https://techgenix.com/microsoft-365-cloud-policy/
Fun videos from Flixxy
Magician Muthukad – The Great Indian Rope Trick
Magician Muthukad performs The Great Indian Rope Trick – a stage magic trick sometimes described as ‘the world’s greatest illusion’.
https://www.flixxy.com/magician-muthukad-the-great-indian-rope-trick.htm
World’s Greatest Animal Escape Artists Home Daily Popular
It takes a lot of determination, patience and skill to finally achieve freedom.
https://www.flixxy.com/worlds-greatest-animal-escape-artists.htm
Crazy Juggler – Emile Carey
One of the most impressive juggling act by Emile Carey performed for the French television show ‘The World’s Greatest Cabaret.’
https://www.flixxy.com/crazy-juggler-emile-carey-the-worlds-greatest-cabaret.htm
Incredible Drone Show In Shanghai
Thousands of drones perform an amazing light show over Shanghai to promote the Japanese video game ‘Princess Connect.’
https://www.flixxy.com/incredible-drone-show-in-shanghai.htm
More articles of interest
Fortify Docker image security with these 5 tips
Docker images are complex by many measures, but strengthened security alleviates plenty of worry during runtime. Implement these best practices to fortify images.
Why and when to use Windows Virtual Desktop
Organizations considering Windows Virtual Desktop should take a step back and evaluate when it makes sense to use WVD, and when to consider alternative options.
SCCM vs. Intune: A closer look at the capabilities of each
Microsoft Endpoint Manager packages the two well-known administration tools, which have grown closer in functionality but still have some unique capabilities.
Establish a business continuity team to get the full picture
Business continuity teams provide insight and focus that can keep an organization on its feet when disaster strikes. Don’t rely on a disaster recovery team to reduce downtime.
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us!