Tag Archives: light

For Sale – PC Specialist Ultranote Laptop 14″ 1080p, i7 8550u, 8gb, 500gb

Great laptop. Perfect for working from home. It’s nice and light too so easy to take out and about with you – once we’re out of lockdown!

Here’s the spec:

i7 8550u processor
8gb ram (upgradable)
500gb HDD (upgradable)
14″ 1080p screen

snappy little laptop

Good condition, there are some scratches to the top of the lid which I’ve tried to show in the photos and a couple of super minor marks on the edges. No impact on use and price is reduced to reflect them. Screen is lovely, no marks, and the keyboard is super nice to type on. Really like it.

Reason for sale, person I got this for has decided they prefer a desktop.

I’d like £300 for it

Go to Original Article
Author:

For Sale – Desktop PC (Beginners Gaming PC/HomeServer)

For Sale is my old homeserver, ran 24/7 (light to medium use) for the past 2 years and never had any issues with it.

Fractal Design Node 804 (Holds a max 10x 3.5″ + 2x 2.5″ Hard Drives)
i5 4570 (Arctic Cooler 7 Pro)
Asus H81-Plus
16GB (2x*8GB) Crucial Ballistix @ 1600Mhz (Think I got them off these forums, 0 errors in Memtest)
MSI 390x 8GB (Recently removed from my main PC, again never any issues, has recently had fresh Thermal Grizly applied)
Samsung 840 128GB
Windows 10 Pro 64bit (This was purchased off ebay for a couple of quid so how legit it is who knows but it has re-activated today when I’ve done a clean install, selling as no Product Key though for the above reason)
Corsair HX750w
6x Akasa 120mm fans

PC is in full working condition, the case has a couple of minor marks (mostly the perspex windows)
The Corsair comes only with 1x 4 way Sata Power cable, 1x 4 way Molex cable, 2x 8pin cables (GPU) … these were enough to max hard drive capacity on the case.

I have the box for the case so I am willing to post at the buyers expense.

Go to Original Article
Author:

December Patch Tuesday resolves Windows zero-day

Administrators got an early holiday present with a fairly light patching workload on December Patch Tuesday, but they will have one Windows zero-day to wrap up as soon as possible.

Microsoft corrected 36 vulnerabilities on December Patch Tuesday in Microsoft Windows, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server, Visual Studio and Skype for Business.

The Win32k elevation of privilege vulnerability (CVE-2019-1458) is rated as important and is being actively exploited in the wild. This Windows zero-day, discovered by Kaspersky Lab researchers, affects most supported versions of Microsoft’s operating system on both the client and server side. The attacker needs authentication to access the system to run malicious code in kernel mode to take control of a system. The attacker could then perform a range of tasks, including create new accounts with full user rights and install programs.

Administrators who base their patching priority on a combination of vendor severity and the Common Vulnerability Scoring System (CVSS) score might miss these types of vulnerabilities if they don’t account for additional factors. CVE-2019-1458 has a CVSS score of 7.8.

Chris Goettl, director of product management and security, IvantiChris Goettl

“If you’re not patching vulnerabilities rated important and above with a CVSS score lower than 8.0, then you could miss things being actively exploited,” said Chris Goettl, director of product management and security at Ivanti, a security and IT management vendor based in South Jordan, Utah.

If you’re not patching vulnerabilities rated important and above with a CVSS score lower than 8.0, then you could miss things being actively exploited.
Chris GoettlDirector of product management and security, Ivanti

Multiple zero-day bugs this year met the same criteria as this most recent Windows zero-day, so companies need to make sure they examine additional metadata with the vulnerabilities as they formulate their patching prioritization, Goettl said.

Microsoft closes multiple Git-Visual Studio flaws

Microsoft resolved several security issues related to Git functionality and Microsoft Visual Studio. The company corrected six bugs (CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1354 and CVE-2019-1387) with most of them remote-code execution flaws rated critical. Companies that use Visual Studio for software development and connect to Git repositories will want to apply the December Patch Tuesday updates in short order.

Goettl said an enterprising attacker could do some investigative work to gather email addresses for developers in an organization, then construct a spear-phishing campaign to direct developers to a malicious repository that appears legitimate. Then the attacker could gain administrative rights to modify code in the organization’s development environment. While this scenario is theoretical, Goettl said, it’s not that far-fetched.

“Vendors are becoming a significant target as a way to attack many companies,” he said

Goettl cited a recent incident in which about 400 dentist offices were hit with ransomware through a vendor that handled data backups for the offices. Threat actors have learned that hitting multiple targets at once is a more effective and lucrative option than the piecemeal approach used in the early days of ransomware, he said.

“If I’m an attacker and I find a vertical that I want to go after, such as a vendor for a bunch of health care providers, and I get as much intel as I can about them, their developers and their development platform and any information about their repositories, then I could put together a valid spear-phishing attack,” Goettl said. “And if I can get into their code base, then I can construct an attack that hits all of their customers and makes for a more painful and more profitable ransomware scenario.”

Microsoft issues more servicing stack updates

Microsoft issued an advisory (ADV990001) related to servicing stack updates for Windows 7, Windows Server 2008, Windows Server 2008 R2 and Windows Server 2012. The first three operating systems will leave mainstream support after the next Patch Tuesday, on Jan. 14, 2020, and move into the extended support phase. Companies that have not migrated off these legacy systems will need to sign up for extended security updates (ESU) to receive support when the end-of-life (EOL) date passes.

“My guess is that these servicing stack updates for these older platforms are preparing for that switchover so the systems can check and get continued updates if you’ve got that [ESU] key,” Goettl said.

A recent survey from Ivanti indicates many organizations have lagged in their Windows 7 migration efforts for several reasons, such as lack of time and lack of application support. In the survey of more than 500 IT professionals published in October, 39% of the respondents indicated they would not have completed migrations off of Windows 7 before the EOL date.

Microsoft makes unusual move with bug for unsupported OS 

In an unusual twist, Microsoft released information for a Remote Desktop Protocol information disclosure vulnerability (CVE-2019-1489) rated important for Windows XP — an unsupported Windows operating system — but did not provide a patch.

“This one was kind of odd,” said Goettl, who noted Microsoft gave the CVE an exploitability assessment of 0, which typically means it is an actively exploited vulnerability, but Microsoft modified the designation to read “0 – unknown.”

“Microsoft took the time to create a CVE advisory for Windows XP. We can assume there was a reason to trigger that activity, ” Goettl said. “There is no update available, so people really need to get off XP unless they have an absolute necessity to keep it around.”

An attacker could exploit this flaw by connecting remotely to an XP system and running a specially crafted program. The Windows XP operating system went out of mainstream support in April 2009 and left extended support in April 2014.

Other security updates of note for December Patch Tuesday include:

  • A fix for a spoofing flaw (CVE-2019-1490) rated important for Skype for Business Server 2019, cumulative update 2. In the attack scenario, a user would have to click on a malicious link to a server that has been exploited. The threat actor could then launch cross-site scripting attacks on affected systems and run code in the security context of the exploited user. Microsoft’s update closes the loophole by properly sanitizing web requests.
  • A patch for a Win32k graphics remote code execution vulnerability (CVE-2019-1468) rated critical for supported Windows client and server operating systems related to improper handling of specially crafted embedded fonts. An attacker who exploits this bug — by getting a user to click on a link to a malicious site or open a specially crafted document — can take control of a system and run tasks based on the privilege level of the affected user. The update corrects how the Windows font library handles embedded fonts.
  • A fix for a Hyper-V remote code execution vulnerability (CVE-2019-1471) rated critical on Windows 10 and Windows Server 2019 that could allow an attacker to run a malicious application on a guest operating system to force the Hyper-V host to run arbitrary code. The update corrects the user input validation process.
  • A correction for a cross-site scripting vulnerability (CVE-2019-1332) rated important in the Microsoft SQL Server Reporting Services (SSRS) feature. To trigger the exploit, an authenticated user would need to click on a malicious link to an affected SSRS server. The attacker could then perform a range of tasks from deleting content to running malicious code. The patch corrects SSRS URL sanitization.
  • A patch for an information disclosure vulnerability (CVE-2019-1400) rated important in Microsoft Access related to a failure to handle objects in memory properly. The attacker would need to be authenticated on the system to run a malicious application to gather information on the user’s system.

Adobe and Google also release patches

Google updated its Chrome web browser on Tuesday to version 79, resolving 51 vulnerabilities.

Adobe released updates for Adobe Acrobat Reader, Flash Player, Photoshop, Brackets and ColdFusion. Administrators will want to patch Acrobat Reader to close 21 vulnerabilities, 14 of which are rated critical. The company released an update for Flash Player but not for security reasons.

“Adobe is really winding down their focus on Adobe Flash,” Goettl said. “I think it’s safe to say that rather than it just no longer being vulnerable, Adobe is putting so little effort into it that it’s not getting attention anymore. People should be focused on getting Flash Player out of their environments.”

Go to Original Article
Author:

For Sale – Msi GTX1060 gaming X 6G and RX580 gaming X 8G

Have the following for sale… Gigabyte G1 GTX1060 6GB – Light use. Barely any gaming – £100 Palit GTX1060 3GB – Purchased from this forum last week. Not been used by me. Went for a 1660Ti – £80 LSI RAID 9240-8i – Perfect working order – £40 Asus Essence STX “Audiophile grade” sound card – £40

Go to Original Article
Author:

For Sale – HTC Vive Headset and 2 controllers

please note that I am not selling the light houses.

I have a vive headset for sale – excellent condition (it has a new face cover which is sealed)

£200 plus postage

photos upon request

Location
aberdare
Price and currency
200
Delivery
10
Prefer goods collected?
I have no preference
Advertised elsewhere?
Not advertised elsewhere
Payment method
BT or paypal gift

Go to Original Article
Author:

For Sale – GTX 1060 (6GB), GTX 1060 (3GB), LSI 9240 8i RAID card & ASUS Essence STX

Have the following for sale…

Gigabyte G1 GTX1060 6GB – Light use. Barely any gaming – £100

Palit GTX1060 3GB – Purchased from this forum last week. Not been used by me. Went for a 1660Ti – £80

LSI RAID 9240-8i – Perfect working order – £40

Asus Essence STX “Audiophile grade” sound card – £40

Location
North Kent
Price and currency
Various
Delivery
£5 per item
Prefer goods collected?
I have no preference
Advertised elsewhere?
Not advertised elsewhere
Payment method
BT or PPG

Last edited:

Go to Original Article
Author:

For Sale – NUC 8i3BEK 240gb 8gb & Deskmini110 275gb 8gb

Baby on the way so starting to clear my gadget empire as it’s becoming serious obsession.
Very light usage as doing most of my browsing on phone these days and vero 4k in charge of media.
Fantastic condition and full working order. Original boxes, etc etc etc

At the moment I am looking to sell only one and have no preference as very happy with both.

NUC8I3BEK with PSU, bios up to date. Warranty until Feb 2022
Adata SX8200 M.2 NVME 240gb, warranty until Aug 2023
2x4gb 2400mhz Ram, matched sticks for dual channel

Deskmini 110 with PSU, bios up to date.
Intel I3 7320 4.1Ghz, Warranty until Aug 2020
Crucial MX300 275gb SSD, Warranty until Sep 2020
2x4gb 2400mhz Ram, matched sticks for dual channel
Intel AC 7265 wireless card with external antennas
VESA mount

Both come with Windows 10 PRO, fresh with all drivers installed.
Please note, windows is not activated, but you can purchase activation key should you wish.

Thanks for looking, any questions please let me know.

Price and currency: 280 & 220
Delivery: Delivery cost is not included
Payment method: Bacs/Cash
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – NUC 8i3BEK 240gb 8gb & Deskmini110 275gb 8gb

Baby on the way so starting to clear my gadget empire as it’s becoming serious obsession.
Very light usage as doing most of my browsing on phone these days and vero 4k in charge of media.
Fantastic condition and full working order. Original boxes, etc etc etc

At the moment I am looking to sell only one and have no preference as very happy with both.

NUC8I3BEK with PSU, bios up to date. Warranty until Feb 2022
Adata SX8200 M.2 NVME 240gb, warranty until Aug 2023
2x4gb 2400mhz Ram, matched sticks for dual channel

Deskmini 110 with PSU, bios up to date.
Intel I3 7320 4.1Ghz, Warranty until Aug 2020
Crucial MX300 275gb SSD, Warranty until Sep 2020
2x4gb 2400mhz Ram, matched sticks for dual channel
Intel AC 7265 wireless card with external antennas
VESA mount

Both come with Windows 10 PRO, fresh with all drivers installed.
Please note, windows is not activated, but you can purchase activation key should you wish.

Thanks for looking, any questions please let me know.

Price and currency: 300 & 240
Delivery: Delivery cost is not included
Payment method: Bacs/Cash
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – NUC 8i3BEK 240gb 8gb & Deskmini110 275gb 8gb

Baby on the way so starting to clear my gadget empire as it’s becoming serious obsession.
Very light usage as doing most of my browsing on phone these days and vero 4k in charge of media.
Fantastic condition and full working order. Original boxes, etc etc etc

At the moment I am looking to sell only one and have no preference as very happy with both.

NUC8I3BEK with PSU, bios up to date. Warranty until Feb 2022
Adata SX8200 M.2 NVME 240gb, warranty until Aug 2023
2x4gb 2400mhz Ram, matched sticks for dual channel

Deskmini 110 with PSU, bios up to date.
Intel I3 7320 4.1Ghz, Warranty until Aug 2020
Crucial MX300 275gb SSD, Warranty until Sep 2020
2x4gb 2400mhz Ram, matched sticks for dual channel
Intel AC 7265 wireless card with external antennas
VESA mount

Both come with Windows 10 PRO, fresh with all drivers installed.
Please note, windows is not activated, but you can purchase activation key should you wish.

Thanks for looking, any questions please let me know.

Price and currency: 300 & 240
Delivery: Delivery cost is not included
Payment method: Bacs/Cash
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – NUC 5i5RYH – I5, 16gb ram, 64gb SSD

Selling my Intel NUC 5i5RYH. Been used for general light browsing and movies. Will come with 16gb sodimm ram already installed and a 64gb sandisk ssd. Drive will be fully formatted so NO OS WILL BE INSTALLED.

Unit itself is in good condition with no visible cosmetic marks on the sides – the lid has swirl marks from cleaning but thats it.

I might have the original box but please assume a suitable box will be used for sending if I cant find the original.

systemInfo.png

IMG_20180902_113232.jpg

Price and currency: 250
Delivery: Delivery cost is included within my country
Payment method: Bank Transfer
Location: Birmingham
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.