‘BlueKeep’ Windows Remote Desktop flaw gets PoC exploits

Microsoft patched a critical Windows Remote Desktop vulnerability last week and the risks of attacks in the wild have since grown as multiple researchers have created proof-of-concept exploits.

The Windows RDP flaw, dubbed “BlueKeep” by British security researcher Kevin Beaumont, gained notoriety because when Microsoft patched it, Simon Pope, Microsoft Security Response Center director of incident response, wrote in an advisory that malware exploiting the vulnerability could spread in the same worm-like fashion as WannaCry because an exploit would require no user interaction. Microsoft even took the rare step — as it did with WannaCry — to release patches for otherwise unsupported Windows XP and Server 2003 systems.

Since the BlueKeep patch was released on May 14, Beaumont has tracked the progress of security researchers. Although fake proof of concept (PoC) exploits were uploaded to GitHub almost instantly, it wasn’t until the 19th that working denial-of-service exploits were created by McAfee and Zerodium, followed by Kaspersky Labs researcher Boris Larkin on the 20th.

On May 21, McAfee researchers described a BlueKeep PoC exploit it created capable of remote code execution (RCE), but did not release the code under concern that it would “not be responsible and may further the interests of malicious adversaries.”

“With our investigation we can confirm that the exploit is working and that it is possible to remotely execute code on a vulnerable system without authentication. Network Level Authentication should be effective to stop this exploit if enabled; however, if an attacker has credentials, they will bypass this step,” McAfee researchers wrote in a blog post. “We are urging those with unpatched and affected systems to apply the patch for CVE-2019-0708 as soon as possible. It is extremely likely malicious actors have weaponized this bug and exploitation attempts will likely be observed in the wild in the very near future.”

Beaumont said on Twitter that McAfee, Zerodium and Qihoo 360 all have RCE BlueKeep PoC exploits — though they have only been demoed and no PoC code has been released — but he noted that Qihoo 360 security researcher Zheng Wenbin, known as MJ0011, was a step ahead because that RCE exploit could run on Windows 7. Earlier today, Wenbin showed off a stable RCE demo running on Windows 7 x64.

As yet, no BlueKeep attacks have been seen in the wild, but researchers at Proofpoint have seen low levels of scanning activity looking for vulnerable systems.

“We have started to observe BlueKeep CVE-2019-0708 scanning activity, likely due to the public release of a scanner and/or Qihoo360’s CERT tool going live. Beginning (roughly) around May 22nd, 2pm UTC-7. Nothing to be majorly concerned about right now, volume is incredibly low,” Proofpoint researcher sudosev tweeted. “Since volume is so low, I wouldn’t be surprised if this is scanner testing as opposed to somebody genuinely mass hunting for vulnerable servers, don’t get into a panic over this.”

Go to Original Article
Author:

For Sale – Probably selling mid 2011 iMac – any interest?

Thinking it is time for me to upgrade my current iMac:

iMac (27-inch, Mid 2011
3.4 GHz Intel Core i7
16 GB 1333 MHz DDR3
AMD Radeon HD 6970M 2048 MB

I am pretty sure this was the top of the line when purchased, prior to the hybrid or SSD drives – so 1TB fixed drive.

Can come with the Magic Mouse 1 – takes 2 x AA batteries – would rather hang on to the keyboard as it has there extended number board. I have the box and cannot see any damage to the main screen/computer at all. No known issues. Fans run quiet. Currently on High Sierra (10.13.6)

So I will need for the new one to arrive and get my data transferred over so not going to be available for a week or two – just feeling for any interest.

Price and currency: £395
Delivery: Goods must be exchanged in person
Payment method: Cash
Location: Huntingdon, Cambridgeshire
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

Working together to bring broadband to rural Veterans – Microsoft on the Issues

Our nation’s Veterans have contributed to our country in so many ways, in countless locations around the globe. When they return home, many Veterans who reside in rural areas are not able to access broadband internet which is critical to using telehealth services, gaining educational opportunities, and growing a small business or running a family farm.

There are 2.7 million Veterans enrolled in Veterans Affairs (VA) who are living in rural communities, 42% of them do not have internet access at home which could support their use of VA telehealth services, according to the U.S. Department of Veterans Affairs’, Veterans Health Administration’s Office of Rural Health. These rural Veterans live in areas where access to fast, reliable internet service may be limited or inaccessible and are facing higher rates of unemployment, longer drives to reach the nearest clinics and medical centers, and lower levels of educational attainment compared to their urban counterparts. Connectivity has the potential to improve this reality — with broadband, they can access telehealth services offered by the VA, identify and compete for well-paying jobs, improve and grow their own businesses, and take advantage of online education classes.

Microsoft and VA have been strategic partners, working together to improve the lives of Veterans, for more than 20 years. Today, I’m excited to share that Microsoft will begin expanding that work by helping VA to help bring connectivity to many Veterans living in rural towns and communities. Microsoft and its partners will be working with VA to provide capital, technology expertise, and training resources to bring broadband access to people in these underserved communities. Our hope is that this effort will unlock new economic opportunities, while also enhancing quality of life.

Through the partnership, we’ll help VA identify communities with Veterans in need and work with our internet service provider (ISP) partners across the nation to bring broadband services to those regions. Following our Airband Initiative model, we’ll also provide the Veterans in these newly connected communities with digital skills training so they can take advantage of the tools and services connectivity enables, including critical telehealth services provided by VA.

In the past 22 months, through the Microsoft Airband Initiative, we have seen firsthand just how many communities lack connectivity at broadband speeds and how this can hinder growth and new opportunities. We’ve also seen that partnering with ISPs to serve those most in need is an effective strategy to make progress quickly on this important issue. Our work with VA builds on those lessons and approach, which has resulted in partnerships that will bring connectivity to 1 million unserved rural residents in 16 states to date, with a plan to reach 3 million by 2022.

This also builds on our commitment to the military and Veteran community. We’re passionate about our work with this community and take a holistic approach to helping Veterans gain the critical career skills required for today’s digital economy through career training and re-training, soft-skills support, and hiring. The company’s cornerstone Veteran program, Microsoft Software & Systems Academy (MSSA), provides the Veteran community with an 18-week (or two nine-week terms) training for high-demand careers, with graduates gaining an interview for a full-time career at Microsoft or one of the company’s more than 400 hiring partners. We’re also proud of our strong network of partners, all of whom champion our same vision to assist the community.

We owe it to the men and women who have sacrificed so much for our nation. Veterans living in rural communities deserve to have the broadband internet access enjoyed by many who live in urban areas. Addressing the broadband gap across the country requires innovative solutions from both the public and private sectors, and we hope this partnership will help us make significant progress toward closing the connectivity gap for the Veteran community.

Tags: , , ,

Go to Original Article
Author: Microsoft News Center

Cloud hosting may be the future, but on-premises hosting is the present

ATLANTA — The opening keynote speech at Citrix Synergy 2019 featured actress Sonequa Martin-Green, who opened the speech saying, “The future starts right now.”

For many Citrix customers, however, the cloud-centric future that Citrix is building is still years away because they need to maintain their day-to-day operations. Some use cases lend themselves to cloud hosting, but other uses dictate that IT maintains some on-premises hosting as a hybrid approach or even exclusively on-premises hosting.

Factors such as resource shortage for IT, legacy applications, cost of hosting desktops and security compliance have some organizations wary of shifting to a cloud hosting approach.

Existing infrastructure and legacy apps

Washington University in St. Louis recently invested $8 million to build up its VDI, so a migration away from this new data center and on-premises hosting isn’t the top priority of Tom Courtney, Citrix engineer for the university.

“The VDI is modern, and it’s performing well for us; the users aren’t reporting any issues with lag or latency,” Courtney said.

Courtney’s users in the School of Medicine access resource-intensive applications to view CT (computerized tomography) scans, MRI results and other images that are crucial to providing patient care.

“I absolutely see some of the benefits of moving some hosting workloads to the cloud, but we’ve already made this investment and things are going well so far,” Courtney said.

Some organizations need to focus on maintaining existing processes and don’t have the resources to undertake a major project. A migration away from existing back-end infrastructure and management methods takes time, and some IT departments don’t have the time to maintain current operations while running a proof of concept for new technologies.

“It’s too hard to jump right in and put everything in the cloud [because] there’s too much legacy stuff in users’ workflow; IT needs to keep the doors open today,” industry analyst Jack Gold said.

If IT wants to bring a new application onto its users’ desktops or mobile devices, it can host it on the cloud, subscribe to a SaaS offering that hosts the application for the organization or use on-premises hosting. With existing legacy applications, such as old, custom line-of-business applications, IT professionals don’t have that flexibility.

We have to follow HIPAA, so there are a lot of aspects of our deployment that can never move to the cloud.
Tom CourtneyCitrix engineer, Washington University

“On-premises legacy apps are still going to be a major component of enterprise application management moving forward,” Gold said.

Compliance and cost

Certain industries, such as finance and healthcare, are highly regulated, which limits IT departments in these organizations from hosting desktops, applications and data on the cloud.

“We have to follow HIPAA [Health Insurance Portability and Accountability Act], so there are a lot of aspects of our deployment that can never move to the cloud,” Courtney said.

One aspect of healthcare IT that is unregulated by HIPAA and could move to the cloud is disaster recovery (DR) desktops that don’t store sensitive data. DR is critical in healthcare because it is a 24-hour business that can’t afford a failure to deliver desktops to healthcare professionals.

“We’re based out of Houston, which is flood central, so DR is critical in situations like that,” said Alisharoz Mohammed, Citrix engineer at Kelsey-Seybold Clinic.

The current Kelsey-Seybold Clinic DR data center is about 100 miles away from Houston, but Mohammed was considering moving some of these to cloud hosting. The challenge he sees is the potential added cost of hosting all those desktops in the cloud.

“Hosting DR in the cloud doesn’t automatically provide savings, especially when you’re an organization that needs to keep about 60% of its desktops backed up,” Mohammed said.

Moving forward

Just because organizations aren’t adopting cloud hosting quickly doesn’t mean that cloud hosting isn’t the way of the future. Organizations can’t afford to overlook a potential opportunity to improve their IT management processes.

“The fact is, if you’re not thinking about the future, you’re going to be stuck with these difficult-to-manage legacy applications forever,” Gold said.

Go to Original Article
Author:

For Sale – Intel Skull Canyon – Core i7, 16gb, 512Gb Windows 10Pro

I built this intending to game and edit video, but I have an iPad and XPS13 and tbh this sits unused 99% of the time so time to sell on.

This is a great system that I used in conjuction with a TB3 Graphics card which offered great performance and flexibilty for its size.

System comes fully populated and with Windows 10 Pro license installed and activated, as can be seen in the images (I’ll unlink the key from my ID before shipping)

Basic Spec
Core i7 –6770HQ Quad Core with HT
16gb Kingston DDR4
512Gb – NVME Sandisk SSD
1 x HDMI, 1 x DP, 1 x Optical out
1 x Thunderbolt 3, 4 x USB 3, 1 x SD Reader
1xGbE
Windows 10 Pro License (Currently Running 1809)

Full Spec can be found

HERE . AnandTech Review can be found HERE

Price and currency: £450
Delivery: Delivery cost is not included
Payment method: PPG or Bacs
Location: Basingstoke
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author: