Tech Friday with Dave Hatter- March 13th 2020 - SPONSORED BY INTRUST IT


  • Beware growing Coronavirus scams:
    • Sadly, scammers and cyber criminals are using COVID-19 to launch a wide variety of online scams and attacks
    • For example, a malware based threat reported by MalwareHunterTeam is an app that purports to be a "map of infections" showing real-time coronavirus infections. In actuality, it exfiltrates sensitive information and can create a backdoor for remote access
    • If you have downloaded Corona-virus-Map.com.exe, you have been infected. You should run an full scan with your AV immediately to try to remove it
    • And the FTC recently warned about these types scams on their website: "They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information."
    • Several Coronavirus phishing scams have been launched including one in which malicious links and PDFs that claim to contain information on how to protect yourself are being sent.
    • The email claims to be from a virologist and says "Go through the attached document on safety measures regarding the spreading of corona virus," and "This little measure can save you."
    • And the FDA is issuing warning letters to firms for selling fraudulent products with claims to prevent, treat, mitigate, diagnose or cure Coronavirus disease 2019 (COVID-19)
    • What you should do:
      • Be especially skeptical of any emails, texts, or social media postings about Coronavirus
      • Rely only on reputable sources such as:
  • Work from home productively and securely:
    • As technology improves, more people are working from home at least part-time even without the advent of COVID-19
    • With schools and businesses closing temporarily to contain COVID-19, there are many things you can do to make working from home more productive and secure:
  • If your employer does not provide a technology stack for you to use, or you have a BYOD policy, the following is essential:
    • A good notebook PC. Something that will work for most typical office use can be had for less than $400. For example:http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6005704&Sku=41677689
    • A docking station for your notebook will save time and reduce frustration
    • Endpoint protection (anti-virus) software
    • Virtual Private Network (VPN) software for encryption of data transmitted over the Internet. For example, NordVPN
    • Bitlocker for encryption of data on the PC
    • A high quality WiFi router. Change default password and ensure that you are using WPA2 or higher security
    • Regular patching of your devices
    • Backup - cloud or external drive
    • Use a privacy oriented browser like Firefox
    • Consider a password manager (vault) like LastPass
    • A surge protector and/or UPS
    • Upgrade your Internet connection
    • Only install carefully vetted apps on a device that contains work related information
    • Ask your IT/security team for help/advice
  • Check out cloud based platforms such as O365
    • Collaborate easily with co-workers with SharePoint, Teams and OneDrive
    • Backup and share files with SharePoint and OneDrive
    • Microsoft offers 6 month free trial of paid Teams tier in light of Coronavirus
  • March 2020 Patch Tuesday (and Thursday this month):
    • The March 2020 Microsoft update corrects 115 security flaws
    • This was the largest bunch of fixes to date
    • 26 bugs were deemed critical, 88 important and one moderate
    • The fixes covered a large number of products including Windows, Office, Azure, Edge, Internet Explorer, Exchange, Windows Defender and Visual Studio
    • At the time of the release, none of the vulnerabilities were known to be under attack in the wild
    • One thing Microsoft pointed out was an issue with Remote Desktop Connection Manager (RDCMan). They said, "Microsoft is not planning on fixing this vulnerability in RDCMan and has deprecated the application. Microsoft recommends using supported Remote Desktop clients and exercising caution when opening RDCMan configuration files (.rdg),"
    • On the very next day, Microsoft issued an advisory warning Windows users of a critical vulnerability affecting Server Message Block 3.0 (SMBv3) protocol. It only impacts machines running Windows 10, version 1903 and 1909, and Windows Server Server Core installations, versions 1903 and 1909
    • There is speculation that Microsoft pulled this fix from the March release at the last minute
    • Some researchers called this bug "SMBGhost" or "EternalDarkness".An attacker could exploit this vulnerability to take control of an unpatched system
    • Microsoft then released an out-of-band update to fix it and said "While we have not observed an attack exploiting this vulnerability, we recommend that you apply this update to your affected devices with priority"
    • To install the latest updates, go to Start \ Settings \ Update & Security \ Windows Update & the click "Check for updates"