Windows Security PSA

[sgt_zim]

In August every year in Vegas, the nerdiest of all nerd conferences occur - Black Hat (more of a vendor trade show in the IT security world) and on its heels is Defcon. Defcon is the conference where the hackers go.

One of the lectures I attended at defcon this year was about a HUGE flaw in Windows Defender, the MS excuse for anti-virus. The lecture was given by the guy who actually discovered the flaw, he disclosed it responsibly to MS, and they released a patch for it this past April of 2023. The flaw MS had in Defender is about as bad as can be done. I'll spare you guys the nerdy details entirely, and just say it's critical that if you haven't patched your Windows 10 PC recently, you need to. Defender can be easily tricked into ignoring malware if it hasn't been updated since April.

I've said it before in other threads here: patch your PC/Apple on the regular. Yes, I understand it's a PITA. Yes, sometimes those patches break things and it's an even bigger PITA to have to go back and try to fix them. But a patched system is invulnerable to known malware, which is 99.99% of all malware. Your anti-virus exists to deal with the unknown stuff that nobody knows about yet. And the odds of you, Joe Average User, being the victim of novel malware is exceedingly low (not zero, just close to it).

Yes, Mac Book people, your shit is every bit as vulnerable as Windows. If you don't patch, you're just as vulnerable to malicious actors as Windows users are. Don't believe Apple's marketing bullshit. It isn't harder to attack OSX, just different. If I ever decided to forego my ethics, I'd focus on you people exclusively. The odds of running across a mac book user who has money, good credit, and doesn't know jack shit about computers is high (this describes most of my family, so don't feel too bad). You're mostly pretty easy pickings.

For the Winblows users, if you're on an OS older than Windows 10, there's no patch. Spend the money and upgrade to W10.

I feel like I have to say something to the guys on Linux. What can I say? Your a bunch of uber nerds with no life, and you probably take care of business anyway. When W10 is end-of-life, I'll be joining you. I've seen Windows 11, don't want any part of that spyware masquerading as an OS. Windows 10 is bad enough. I'll have to run a W11 VM because there are a few things I have to have that only run in Windows. But most of the time, it'll be powered off.

 

[BourbonTrail]

I feel like I have to say something to the guys on Linux. What can I say? Your a bunch of uber nerds with no life, and you probably take care of business anyway.

It’s so true!

Thanks for the PSA

 

[CoElkHunter]

I'm technologically illiterate for the most part. What do you mean by "patch"? Consistently load every update when one's devise prompts you to?

 

[sgt_zim]

I'm technologically illiterate for the most part. What do you mean by "patch"? Consistently load every update when one's devise prompts you to?

Exactly. Some patches include feature updates, but the vast bulk of them are security updates.

 

[wesheltonj]

. . . Yes, Mac Book people, your shit is every bit as vulnerable as Windows. If you don't patch, you're just as vulnerable to malicious actors as Windows users are. Don't believe Apple's marketing bullshit. It isn't harder to attack OSX, just different. If I ever decided to forego my ethics, I'd focus on you people exclusively. The odds of running across a mac book user who has money, good credit, and doesn't know jack shit about computers is high (this describes most of my family, so don't feel too bad). You're mostly pretty easy pickings . . .

Well, at least I have one of the three.

 

[Bob Nelson 35Whelen]

In August every year in Vegas, the nerdiest of all nerd conferences occur - Black Hat (more of a vendor trade show in the IT security world) and on its heels is Defcon. Defcon is the conference where the hackers go.

One of the lectures I attended at defcon this year was about a HUGE flaw in Windows Defender, the MS excuse for anti-virus. The lecture was given by the guy who actually discovered the flaw, he disclosed it responsibly to MS, and they released a patch for it this past April of 2023. The flaw MS had in Defender is about as bad as can be done. I'll spare you guys the nerdy details entirely, and just say it's critical that if you haven't patched your Windows 10 PC recently, you need to. Defender can be easily tricked into ignoring malware if it hasn't been updated since April.

I've said it before in other threads here: patch your PC/Apple on the regular. Yes, I understand it's a PITA. Yes, sometimes those patches break things and it's an even bigger PITA to have to go back and try to fix them. But a patched system is invulnerable to known malware, which is 99.99% of all malware. Your anti-virus exists to deal with the unknown stuff that nobody knows about yet. And the odds of you, Joe Average User, being the victim of novel malware is exceedingly low (not zero, just close to it).

Yes, Mac Book people, your shit is every bit as vulnerable as Windows. If you don't patch, you're just as vulnerable to malicious actors as Windows users are. Don't believe Apple's marketing bullshit. It isn't harder to attack OSX, just different. If I ever decided to forego my ethics, I'd focus on you people exclusively. The odds of running across a mac book user who has money, good credit, and doesn't know jack shit about computers is high (this describes most of my family, so don't feel too bad). You're mostly pretty easy pickings.

For the Winblows users, if you're on an OS older than Windows 10, there's no patch. Spend the money and upgrade to W10.

I feel like I have to say something to the guys on Linux. What can I say? Your a bunch of uber nerds with no life, and you probably take care of business anyway. When W10 is end-of-life, I'll be joining you. I've seen Windows 11, don't want any part of that spyware masquerading as an OS. Windows 10 is bad enough. I'll have to run a W11 VM because there are a few things I have to have that only run in Windows. But most of the time, it'll be powered off.

@sgt_zim
You lost this technofobe after in August every year I never understood a word apart from malware. We run Norton anti virus or trend micro.
Bob

 

[sgt_zim]

@sgt_zim
You lost this technofobe after in August every year I never understood a word apart from malware. We run Norton anti virus or trend micro.
Bob

Reader's Digest Version:
Windows Defender sucks. It has always sucked, it will always suck. If somebody is relying on it, they need to run Windows Updates if they haven't since April or earlier. It will still suck, but 1 major point of suckage will have been eliminated.

 

[CoElkHunter]

@sgt_zim
You lost this technofobe after in August every year I never understood a word apart from malware. We run Norton anti virus or trend micro.
Bob

Bob,
Try the Whelen Supreme anti virus. It'll keep the undesirable stuff from popping up like .243s, Creedmoors and the like when your computer or cell monitors what your saying inside your home.
CEH

 

[CoElkHunter]

Reader's Digest Version:
Windows Defender sucks. It has always sucked, it will always suck. If somebody is relying on it, they need to run Windows Updates if they haven't since April or earlier. It will still suck, but 1 major point of suckage will have been eliminated.

My wife is an accountant and she worked for a small company which was bought by a larger company. Anyway, apparently a hacker(s) have accessed the "password" file from the guy she replaced over FIVE years ago and it's now a clusterf*** with files being compromised or deleted. She's really stressed out but I told her this happens to MANY larger companies every day and there's nothing she can do about it. The company's IT/Cyber Security department is working on the issue, but she's the one having to waste her time in Zoom meetings with them and not being able to do her accounting stuff. Just one small example of how hackers can affect a business's operation.

 

[sgt_zim]

My wife is an accountant and she worked for a small company which was bought by a larger company. Anyway, apparently a hacker(s) have accessed the "password" file from the guy she replaced over FIVE years ago and it's now a clusterf*** with files being compromised or deleted. She's really stressed out but I told her this happens to MANY larger companies every day and there's nothing she can do about it. The company's IT/Cyber Security department is working on the issue, but she's the one having to waste her time in Zoom meetings with them and not being able to do her accounting stuff. Just one small example of how hackers can affect a business's operation.

When bad guys gain a foothold, one of the first things they start doing is to scour the hard drive(s) (via an automated, custom script written by said bad guy) for excel and word files.

We are required by corporate policy to change our passwords periodically. Easy enough to look up when your password is set to expire (plus you start getting automated harassment emails when your password is 30 days away from expiring) . Anyway, if your password has expired, next time you try to log in, the network is going to require you to change your password then and there. We have a pretty long minimum length requirement, and full complexity (minimum of one UPPER character, one lower character, one numeral, and one special character).

We have a lot of security guard rails built around authentication, so it's a long stretch between required password changes. But if we didn't have those guard rails in place, we'd require a password change every 90 days.

A text file filled with passwords that are 5 years old and still work tells me your wife's company either doesn't have very good IT security, or they are good but the c-suite is hamstringing them. Either way, this is an executive-level problem. Somebody in the c-suite should lose their job over this.

 

[Puddle]

... I feel like I have to say something to the guys on Linux. What can I say? Your a bunch of uber nerds with no life, and you probably take care of business anyway. ...

Hey! I happen to represent that remark.

And it's Mr. Uber Nerd ...

 

[Tanks]

... I've seen Windows 11, don't want any part of that spyware masquerading as an OS. Windows 10 is bad enough. I'll have to run a W11 VM because there are a few things I have to have that only run in Windows. But most of the time, it'll be powered off.

If you configure Windows 11 as English worldwide it will not install most of the spyware. Also, install as a local user instead of MS login. After installation is complete switch config back to English USA and then uninstall Windows 11 software you don't want.

After that, install WSL and never look back except when you specifically have to run Windows apps. Even then, I run a lot of VMs.

Oh, yeah you also need a cat.

 

[sgt_zim]

If you configure Windows 11 as English worldwide it will not install most of the spyware. Also, install as a local user instead of MS login. After installation is complete switch config back to English USA and then uninstall Windows 11 software you don't want.

After that, install WSL and never look back except when you specifically have to run Windows apps. Even then, I run a lot of VMs.

Oh, yeah you also need a cat.

View attachment 559136

I'll probably run with either Mint or Ubuntu. Mint is pretty easy to attach to a Windows Domain. And speaking of which, I need to update my domain controller from 2012R2 to 2019.

My other gripe about W11...it's sort of turned into an OS as a service.

I can see by your keyboard that you're at least as big of a nerd as I am. I'd get a split one like that, except I'm too much of a skinflint.

 

[Tanks]

WSL is Ubuntu.

 

[Bob Nelson 35Whelen]

If you configure Windows 11 as English worldwide it will not install most of the spyware. Also, install as a local user instead of MS login. After installation is complete switch config back to English USA and then uninstall Windows 11 software you don't want.

After that, install WSL and never look back except when you specifically have to run Windows apps. Even then, I run a lot of VMs.

Oh, yeah you also need a cat.

View attachment 559136

@Tanks I understand you need a cat but the rest is gobbly dook to me.
Bob

 

[Bob Nelson 35Whelen]

Bob,
Try the Whelen Supreme anti virus. It'll keep the undesirable stuff from popping up like .243s, Creedmoors and the like when your computer or cell monitors what your saying inside your home.
CEH

@CoElkHunter
Mate 243s still pop up now and then.
I think we need a factory recall for all 243s . The advertising is misleading. There's still people that think that with the wrong bullet you can kill anything with it.
Bob

 

[375 Ruger Fan]

Just thought I'd share a snapshot of a fake and probably malicious email I just received. What's interesting about this, is I received my first suppressor recently. So it the email has some validity to it. However, the email address doesn't look right. A federal government email should end in .gov

 

[sgt_zim]

Just thought I'd share a snapshot of a fake and probably malicious email I just received. What's interesting about this, is I received my first suppressor recently. So it the email has some validity to it. However, the email address doesn't look right. A federal government email should end in .gov



View attachment 590555

That's actually a legit domain - it's fedramp authorized.

Way better to exercise an abundance of caution than to be a clickopotomaus.

 

[375 Ruger Fan]

What is Fedramp authorized?

 

[sgt_zim]

Certified by the federal government to offer cloud services to the government.

My employer is fedramp certified.

if you really want to nerd out...

How to Become FedRAMP Authorized | FedRAMP.gov

The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment

www.fedramp.gov