Tips to track down and neutralize PowerShell malware

Some organizations feel more secure keeping their servers hosted in their own data centers rather than the cloud. However, many in IT might not realize this makes their machines very attractive targets for hackers.

Malicious actors actively target servers in the data center to tap into the sheer amount of bandwidth and processing power they can use for their own nefarious deeds. In this article, we will look at how we uncovered and disabled PowerShell malware that ran its workload on a specific schedule.

System performance takes a nosedive

We knew something was wrong because the issues were obvious. The machine, whether it was a physical or a virtual server, would slow to a halt. We launched Task Manager and checked the details to see multiple instances of PowerShell.exe consuming as much CPU as possible.

We killed the PowerShell.exe processes, but it was a temporary fix, as the processes would respawn every two hours to restart its cryptomining operation.

To stop the PowerShell malware from running, we used this command to stop the automated process:

taskkill /IM PowerShell.exe /F

A look at Task Scheduler yielded no obvious clues. Normally, malware modifies a Windows file or creates a similar one that the antivirus does not pick up in a hidden folder. In this case, there were no hidden folders and all the system files looked normal when checking the creation date.

To dig deeper into the cause, we turned on PowerShell logging with Group Policy using the administrative templates. Within 30 minutes, we checked the logs and found the machine talking to several external IP addresses.

PowerShell administrative templates
Use the Group Policy editor to apply templates for PowerShell logging to uncover the details of the mysterious events behind the PowerShell.exe process.

After identifying the external IPs, we created a new static route to send the traffic to nowhere. To do this, we launched an elevated command prompt and ran the following command, replacing X.X.X.X with the default gateway address:

route ADD 105.27.177.210 MASK 255.255.255.255 X.X.X.X if 1 -p

We ran the same command for the other external IPs found in the logs. Now, when the PowerShell malware tried to start, it would stop because it could not talk to the internet.

We removed the default gateway on servers that didn’t require access to the internet. This offered the same result as null routing the IP and killed the process immediately after it launched.

Remove the infection from the WMI database

[embedded content]
Ways to defend your infrastructure from
PowerShell-based malware

Next, we checked Windows Management Instrumentation (WMI) because a lot of WMI alerts appeared in the event log during the high CPU spikes when PowerShell.exe launched.

Run these PowerShell commands to check for a corrupt or infected WMI database — gwmi is the alias for Get-WmiObject:

gwmi -Namespace “root/subscription” -class __FilterToConsumerBinding -Filter “Filter = “”__EventFilter.Name=’SCM Event Filter'”””

gwmi -Namespace “root/subscription” -Class __EventFilter | Where Name -eq “SCM Event Filter”

gwmi -Namespace “root/subscription” -Class __EventConsumer | Where Name -eq “SCM Event Consumer”

If there is anything amiss, encrypted text will appear. Due to this obfuscation, the operating system may not recognize the PowerShell malware as a threat.

To remove the malware, we had to delete those entries from the WMI database using the Remove-Object pipe.

gwmi -Namespace “root/subscription” -class __FilterToConsumerBinding -Filter “Filter = “”__EventFilter.Name=’SCM Event Filter'””” | Remove-WMIObject

gwmi -Namespace “root/subscription” -Class __EventFilter | Where Name -eq “SCM Event Filter” | Remove- WMIObject

gwmi -Namespace “root/subscription” -Class __EventConsumer | Where Name -eq “SCM Event Consumer” | Remove- WMIObject

Take extra steps to be safe

We also discovered the malware used IPv6 to tunnel traffic to IPv4. If you have a server that does not require IPv6, I suggest removing it by updating the registry and then removing the pass-through with the following commands:

reg add hklmsystemcurrentcontrolsetservicestcpip6parameters /v DisabledComponents /t REG_DWORD /d 0xFF /f

Get-NetAdapterBinding -ComponentID “ms_tcpip6” | disable-NetAdapterBinding -ComponentID “ms_tcpip6” -PassThru

After rebooting the server, the multiple instances of PowerShell.exe stopped.    

CenturyLink service offers self-serve connection to AWS

CenturyLink has launched a self-serve, pay-as-you-go service that lets companies create a temporary virtual Ethernet connection between AWS and a colocation facility or office location.

The new CenturyLink service, called Cloud Connect Dynamic Connections, is available to businesses that use any of the 2,200 colocation data centers with CenturyLink optical fiber. The service is also accessible by companies with offices located in more than 100,000 commercial buildings with the carrier’s fiber.

Geographically, Cloud Connect Dynamic Connections is available in North America, Asia Pacific and Europe. The broad accessibility stems from CenturyLink’s $34 billion acquisition of Level 3 Communications in 2017.

Level 3’s software-defined networking technology powers Cloud Connect Dynamic Connections, which creates a private Layer 2 connection to AWS. A corporate engineer would create the link by logging into the CenturyLink portal and choosing the location he wants the carrier to connect to the AWS data center where his company’s applications are running.

New CenturyLink service bills by the hour

CenturyLink charges by the hour for the virtual circuit, which the engineer would delete when it’s no longer needed. If the link remains after five to 10 days — CenturyLink hasn’t decided on the exact time — the carrier will switch the connection from the hourly rate to a monthly subscription.

Companies sometimes need temporary circuits to transfer data to or from applications running on AWS. Companies can choose circuit speeds ranging from 5 Mbps to 3 Gbps, depending on the amount of data headed to the cloud provider. CenturyLink plans to up the maximum speed to 30 Gbps soon, said Chris McReynolds, vice president of core network services at CenturyLink.

Dynamic Connections is a part of CenturyLink’s Cloud Connect service, which provides long-term links to AWS through the cloud provider’s private network connection, called Direct Connect. Companies use the CenturyLink service when corporate policy or government regulations prohibit them from using the public internet.

Last month, CenturyLink used the broader fiber optic coverage it received with Level 3 to make its software-defined WAN service available in more than 30 countries.

The acquisition resulted in CenturyLink exiting the colocation business. Less than a week after announcing the Level 3 takeover, CenturyLink sold its 57 colocation data centers to private equity consortium BC Partners for $2.15 billion in cash. The carrier used the money to help finance the Level 3 deal.

Wanted – Quad Core PC

Discussion in ‘Desktop Computer Classifieds‘ started by hamez101, Sep 27, 2018.

  1. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    My PC just died on me and will not boot up so need a replacement but it has to be fast with a decent graphics card and hard drive notTB or anthing like that and no fancy cases. can pay straight away by BT.

    Location: Scotland

    ______________________________________________________
    This message is automatically inserted in all classifieds forum threads.
    By replying to this thread you agree to abide by the trading rules detailed here.
    Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

    • Landline telephone number. Make a call to check out the area code and number are correct, too
    • Name and address including postcode
    • Valid e-mail address

    DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

    Last edited: Sep 28, 2018

  2. blackmesa

    Active Member

    Joined:
    Jun 19, 2007
    Messages:
    2,067
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    51
    Ratings:
    +80

    Budget? decent graphics card? to do what. i guess you need to be a bit more specific.

  3. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    essentially a PC that will play most recent games.

  4. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    my budget is £200 but I could push the boat out a bit.

  5. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    after reading reviews and suff I need a PC that can play Fifa 19, PRO EVO 19, NHL 19 and the likes staight off the bat.

    what yous got?

    Last edited: Oct 1, 2018

  6. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    any availble?

  7. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2
  8. GingerRocky

    Active Member

    Joined:
    Sep 30, 2016
    Messages:
    535
    Products Owned:
    0
    Products Wanted:
    1
    Trophy Points:
    31
    Location:
    chelmsford
    Ratings:
    +58

    you’ll need to go higher than £200 for those kind of pc’s. possibly double that.

  9. hamez101

    hamez101

    Novice Member

    Joined:
    Sep 27, 2018
    Messages:
    23
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    3
    Location:
    Scotland
    Ratings:
    +2

    probably yes but we’re talking 2nd hand here so I might just stick with my trusty Xbone.

  10. GingerRocky

    Active Member

    Joined:
    Sep 30, 2016
    Messages:
    535
    Products Owned:
    0
    Products Wanted:
    1
    Trophy Points:
    31
    Location:
    chelmsford
    Ratings:
    +58

    so was i dude!

    however, you may pick up a 2nd gen 2500k system for £200 with an older gpu.

Share This Page

Loading…

October’s #MSFTEduChat TweetMeet gets you ready to go global with #skypeathon |

In celebration of the 48-hr Skype-a-Thon event beginning on November 13, our 22 educators and experts are going the extra (virtual) mile and preparing a new #MSFTEduChat TweetMeet on Global Collaboration. Paired with the resources made by our Skype in the Classroom team, this event will help you prepare your students to travel far and wide and learn everything in-between during Skype-a-Thon.

You can join our special #MSFTEduChat TweetMeet on Tuesday, October 16, at 10:00 a.m. PDT (check your time zone here) and start absorbing ideas from our hosts – they’re well-seasoned travelers as far as Skype-a-Thon goes! (Sounds great, but what’s a TweetMeet?)

In the spirit of collaboration across continents, we have 3 brand-new language tracks this month: Русский (Russian), বাংলা (Bangla) and 日本語 (Japanese). We also offer Español (Spanish), Français (French), Italiano (Italian), Polski (Polish), Português (Portuguese), Svenska (Swedish),اللغة العربية   (Arabic), sprski (Serbian), Tiếng Việt (Vietnamese), Deutsch (German) and Nederlands (Dutch).

For each language track, we have one or more hosts to post the translated questions and respond to educators. As always, we’re super grateful to all current and former hosts who are collaborating closely to provide this service.

The #TweetMeetXX hashtags for non-English languages are to be used together with #MSFTEduChat so that everyone can find the conversations back in their own language. For example: French-speaking people use the combination #TweetMeetFR #MSFTEduChat. English-speaking educators may all use #MSFTEduChat on its own.

Our #MSFTEduChat TweetMeet is getting ready to go ’round the globe with Skype-a-Thon. Join us on Tuesday, Oct. 16 from 10 a.m. to 11 a.m. PDT. #skypeathon #globaled Click To Tweet

New this month

  • Post-event summary: Starting this month, we will publish a new post after each #MSFTEduChat event to summarize the key learnings from the conversations during the TweetMeet. The hosts will collaborate to curate a top selection of the tweets and trends  they found most significant. For even more highlights from the TweetMeet, the blog post will offer multiple Twitter Moments – curated stories and conversations from Twitter.
  • TweetMeet fan? Show it off on your Twitter profile: Every month more people discover the unique nature of the TweetMeets and become passionate about them. Well, you can now show your passion for the TweetMeets right from your Twitter page. The dimensions of our Twitter Header Photo are 1500×500 – the perfect size for your Twitter profile. Get this month’s image here: #MSFTEduChat Twitter Header Photo.

Why join the #MSFTEduChat TweetMeets?

TweetMeets are monthly recurring Twitter conversations about themes relevant to educators, facilitated by Microsoft Education. The purpose of these events is to help professionals in education to learn from each other and inspire their students while they are preparing for their future. The TweetMeets also nurture personal learning networks among educators from across the globe.

We’re grateful to have a support group made up exclusively of former TweetMeet hosts, who volunteer to translate communication and check the quality of our questions and promotional materials. They also help identify the best candidates for future events, provide relevant resources, promote the events among their networks, and, in general, cheer everybody on.

When and how can I join?

Join us Tuesday, October 16 from 10 a.m. to 11 a.m. PDT on Twitter using the hashtags #MSFTEduChat, #skypeathon, #globaled and #MicrosoftEDU (which you can always use to stay in touch with us). To find the event time for your specific location, use this time zone announcer.

From our monthly surveys we know that you may be in class at event time, busy doing other things or maybe even asleep – well, no problem! All educators are most welcome to join after the event. Simply take a look at the questions below and respond to these at a day and time that suit you best. You can also schedule your tweets in advance. In that case, be sure to quote the entire question and mention the hashtag #MSFTEduChat, so that everyone knows the right question and conversation to which you are responding.

How can I best prepare?

To prepare for the #MSFTEduChat TweetMeet, have a look at the questions we crafted this time.

You can also equip yourself with a special Skype-a-Thon Teacher Toolkit in OneNote, and get a free activity plan to get your whole class primed for the global event.

Later in the month, join a training webinar on Monday, October 22 with VP of Education Anthony Salcito and Skype Master Teacher Stacey Ryan to learn how your class can participate and how you can organize your Skype-a-Thon activities from start to finish. REGISTER HERE.

If this time doesn’t work for you, please register so we can send you the on-demand video.

Our TweetMeet hosts have also assembled a great Flipgrid to help – and don’t forget that you can add your own video as well.

TweetMeet Questions

Time # Question
10:05 1 What does it take to be a global collaborator?
10:16 2 Why is global collaboration important for teaching and learning?
10:27 3 How do you embrace cultural differences and similarities?
10:38 4 Which resources and tools should be in any global collaborator’s toolkit?
10:49 5 Where will you be taking your students during
Skype-a-Thon on Nov 13-14?

Hosts

All hosts have been carefully recruited from across the globe based on their expertise in and passion for engaging their students in Skype-a-Thon, Skype in the Classroom, Mystery Skype and other global collaboration projects.

  • Arnaud Perrier @arperrier (MIE Expert, Skype Master Teacher, eTwinning ambassador, Flipgrid Certified Educator, 4th Grade Teacher – Montauroux, France)
  • Atef Elbatal @battal_teacher (MIE Expert, MIE Fellow, Skype Master Teacher, Global Minecraft Mentor2018, Ministry of Education Certified Trainer  – Doha , Qatar)
  • Elena Degtyareva @leadegtyareva (MIE Expert, Skype Master Teacher, Global Minecraft Mentor 2018 – Verkhoturye, Russia)
  • Flor Irod @Flor_Irod (MIE Expert, Skype in the classroom passionate, Class Dojo Mentor, Flip Grid fever and eTwinning teacher – Valencia, Spain)
  • Gudrun Edhofer @GudrunEdhofer (MIE Expert, passionate 5th – 12th grade Math and History Teacher, Hollabrunn, Austria)
  • Gustavo Calderón @gustavocdeanda (Skype Master Teacher, Director of Technology and Learning Innovation / AP Computer Science Principles Teacher – Guadalajara, Mexico)
  • Joanna Waszkowska @joawaszka (MIE Expert, Edmodo Ambassador and Certified Trainter, 9th – 12th grade Polish Language Teacher, Superbelfrzy and eTwinning member – Katowice, Poland)
  • Josie McKay @MrsJosieMcKay (MIE Expert, Skype Master Teacher, PBS Digital Innovator, Flipgrid Certified Educator, Class Dojo Mentor, and 4th grade Teacher – Indiana, United States)
  • Karin Ericson @kelisabet1 (MIE Expert, CINO and teacher at MTH Utbildning, a Microsoft Showcase School. I am also leading international Erasmusplus projects – Hudiksvall, Sweden)
  • Kimee Reed @msclift (MIE Expert, Skype Master Teacher, Flipgrid Certified Educator, Epic! Certified Teacher, avid reader- Arkadelphia, Arkansas, USA)
  • Loretta Proietto @LorettaProietto (MIE Expert, Math and Science teacher, Carbonia, Italy)
  • Manuela Correia @musicadc2013 (Skype Master Teacher, MIEExpert, awarded eTwinner and an Erasmus+ project overall coordinator, Music teacher, Skype in the Classroom fan – Espinho, Portugal)
  • Megan Lipinczyk @LipEdTech (MIE Expert, Skype Master Teacher, ScreenBeam Expert, District Reading Resource Teacher, Tampa, Florida, United States)
  • Mio Horio @mibra_mio (MIE Expert, Skype Master Teacher, Flipgrid Certified Educator, hundrED Ambassador English Teacher – Shiga, Japan)
  • Ngoc Dieu Nguyen @NgocDieuNguyen4 (MIE Expert, Skype Master Teacher, English Instructor – Hanoi, Vietnam)
  • Odeogbola Ayodele @Ebunayo (Global Teacher Prize Finalist, Forbes List Top African Educator 2018, MIE Expert, Skype Master Teacher – Abeokuta, Nigeria)
  • Olivier Dijkmans @OlivierDijkmans (Passionate Teacher in P5 in Omnimundo,  MIEE, E2 Toronto Winner Gamification, Telly Award Winner 2018, Surface Expert, i3 All Star, Antwerp, Belgium)
  • Raihana Haque @HaqueRaihana (MIE Expert, MIE Trainer,  National Geography Certified teacher – Kishoreganj, Bangladesh.)
  • Seema Duggal @seemaduggal1 (MIE Expert, MIE Fellow, Skype Master Teacher, Minecraft Global Mentor, Microsoft Certified Educator, Math Teacher –  Delhi, India)
  • Shannon Miller @ShannonMMiller (Future Ready Librarian Spokesperson, Skype Master Teacher, Flipgrid Certified Educator, Canva TL Advisor & K12 Teacher Librarian in Van Meter – Iowa, United States)
  • Todd Flory @Todd_Flory (MIE Expert, Skype Master Teacher, 2018 Kansas Master Teacher, Buncee Ambassador, PBS Digital Innovator, TeachSDGs Ambassador, 4th grade teacher – Andover, Kansas, USA)

Special thanks to Francisco Texeira (@fcotexeira), who helps us coordinate the TweetMeet every month. 

What are #MSFTEduChat TweetMeets?

Every month Microsoft Education organizes social events on Twitter targeted at educators globally. The hashtag we use is #MSFTEduChat. A team of topic specialists and international MIE Expert teachers prepare and host these TweetMeets together. Our team of educator hosts first crafts several questions around a certain topic. Then, before the event, they share these questions on social media. Combined with a range of resources, a blog post and background information about the events, this allows all participants to prepare themselves to the full. Afterwards we make an archive available of the most notable tweets and resources shared during the event.

Please connect with TweetMeet organizer Marjolein Hoekstra @OneNoteC on Twitter if you have any questions about TweetMeets or helping out as a host.

Next month’s topics: Computer Science and Hour of Code

Working with the VSCode PowerShell extension

Administrators have a choice of multiple scripting tools, but the VSCode PowerShell extension could sway IT pros to a relatively new code editor.

In the early years of Windows PowerShell, there were several editors to use with the language, with the Integrated Scripting Environment (ISE) being perhaps the most popular. ISE is a built-in tool on Windows designed for use with PowerShell scripts. Microsoft no longer develops ISE in favor of Visual Studio Code (VSCode), which runs on platforms other than Windows. VSCode, officially released in 2016, is a free code editor that works with many different programming languages, making it an attractive option for admins who script. With help from the VSCode PowerShell extension, IT pros on Linux can write PowerShell scripts to use with PowerShell Core, the open-source version of Microsoft’s scripting and automation tool.

Administrators who prefer to work in ISE should explore some of the features in VSCode. In addition to the VSCode PowerShell extension, VSCode uses Git for version control and comes with built-in PowerShell snippets, an integrated terminal and the PowerShell Script Analyzer which sets rules straight from the command palette to produce cleaner code.

How to set up the VSCode PowerShell extension

Install the PowerShell extension through the extensions panel in VSCode, then configure user settings, such as specific versions of PowerShell in VSCode, to customize the development experience. VSCode works on Mac, Linux and Windows, unlike the Windows-only PowerShell ISE. Linux and Mac users must use the cross-platform PowerShell Core.

The VSCode integrated terminal makes switching between editing scripts and running PowerShell commands seamless. The editor and integrated terminal can share data, such as variables, because they run in the same PowerShell session.

With the VSCode PowerShell extension installed, the editor provides a modern development experience for PowerShell users with many features and customizations unavailable in other editors. The video that accompanies this article goes into further detail on the benefits of using VSCode.

View All Videos

Google security audit begets product changes, German probe

A Google security audit called Project Strobe was tasked with assessing third-party access to Google account and Android device data and the initial findings uncovered a “glitch” that sparked the shutdown of Google+ and a probe by a German data protection agency.

The Google security audit found issues in different Google products, leading the company to limit the data that apps have access to when connected to Gmail, limit the data available through the Android Contacts API and to give users more control over what data is shared with apps that connect to a Google account.

But, the biggest issue found by the Google security audit was a bug in the Google+ API that gave third-party apps access to certain fields in a user’s profile that weren’t explicitly marked as “public.” Google claimed this only included a user’s name, email address, occupation, gender and age and did “not include any other data you may have posted or connected to Google+ or any other service, like Google+ posts, messages, Google account data, phone numbers or G Suite content.”

“We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any profile data was misused,” wrote Ben Smith, Google fellow and vice president of engineering, in a blog post. “We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks. That means we cannot confirm which users were impacted by this bug. However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,000 Google+ accounts were potentially affected. Our analysis showed that up to 438 applications may have used this API.”

Google fixed the bug, and said Google+ for consumers will be shut down in August 2019, though the enterprise version of the app will remain. But the issue was present from 2015 until March 2018 and the company has come under fire because affected users were never notified of the issue after the Google security audit.

Paul Bischoff, editor at Comparitech, said Google was “pleading ignorance in order to shield itself from legal ramifications.”

“It has conveniently left out some crucial figures in its response that would give us a more clear picture of the scope of this incident. For example, Google says 438 applications had unauthorized access to Google+ profile data, but it doesn’t say how many of its users used those apps. And while Google says it performed a cursory investigation and found nothing suspicious, it also notes that it didn’t actually contact or audit any of the developers of those apps,” Bischoff wrote via email. “As popular and high-profile as Google is, and due to the fact that this vulnerability existed for the better part of three years, it would be reasonable to assume the number of occurrences in which Google+ data was obtained and misused is non-zero.”

Baber Amin, CTO West at Ping Identity, said although “both the recent Facebook breach and the Google+ data incident stemmed from API vulnerability issues, there is a fundamental difference between the two.”

“On the one hand, Facebook issued tokens for apps to access user data without checking if an app was authorized to get such access in the first place. In Google’s case, the incident was a result of an API programming error. Google granted permission for developers to access certain information, but the user had to give their consent,” Harguindeguy wrote via email. “The issue arose because Google’s APIs also granted access to a user’s friend’s private information. An important layer was lacking: consent from the user’s friends.” 

Ilia Kolochenko, CEO of High-Tech Bridge, said the timeline of the Google security audit and disclosure “is incomprehensibly long and will likely provoke a lot of questions from regulatory authorities.”

Inability to assess and quantify the users impacted does not exempt from disclosure.
Ilia KolochenkoCEO, High-Tech Bridge

“Inability to assess and quantify the users impacted does not exempt from disclosure. Although, a security vulnerability per se does not automatically trigger the disclosure duty, in this case it seems that Google has some reasonable doubts that the flaw could have been exploited,” Kolochenko wrote via email. “Technically speaking, this is one more colorful example that bug bounty is no silver bullet even with the highest payouts by Google. Application security is a multi-layered approach process that requires continuous improvement and adaptation for new risks and threats. Such vulnerabilities usually require a considerable amount of efforts to be detected, especially if it (re)appears on a system that has been already tested. Continuous and incremental security monitoring is vital to maintain modern web systems secure.”

The first regulatory authority to begin asking questions was Johannes Caspar, data protection and freedom of information commissioner, based in Hamburg, Germany, according to a report by Bloomberg. Caspar noted that no investigation has begun and he had no more information on the Google+ exposure than anyone else.

However, Tyler Moffitt, senior threat research analyst at Webroot, said Google might not face too harsh a penalty for the data exposure discovered by the Google security audit.

“Although it seems that Google has shut down an entire line of business due to this breach, from a GDPR perspective, the company appears to have gotten off light. Had this breach occurred just a few months later, Google could be subject to strict GDPR fines for not keeping user data safe,” Moffitt wrote via email. “It’s important for consumers to realize that connecting apps in social media platforms only increases the amount of valuable information that could potentially be breached, as well as increases attack vectors that hackers can leverage.”

For Sale – 2x eMachines ER1401

Hi….

I have 2x eMachines ER1401 for sale. They are in good condition, a few scratches on the case due to their age. Everything working fine. They come with the power supply only.

Specs:

1.3 GHz AMD Athlon II Neo Processor K325
nVidia nForce 9200 Chipset
250GB 5400rpm SATA hard drive
Multi-in-One Digital Media Card Reader: MultiMediaCard, Secure Digital Card, Memory Stick, xDPicture Card
10/100/1000 Gigabit Ethernet LAN (RJ-45 port), integrated 802.11b/g/n wireless

£40 each.

Will sort pictures out if there is any interest in them. Thanks for looking.

Price and currency: £40 each
Delivery: Delivery cost is included within my country
Payment method: PPG or BT
Location: Liverpool
Advertised elsewhere?: advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.