News

Kaspersky lawsuits over government ban, dismissed

Last year, the US government made moves to ban the use of Kaspersky security software in federal agencies, claiming the company’s ties to the Russian government represented a security risk. In September, the Department of Homeland Security issued an order that required federal departments and agencies to remove the company’s software from their systems. Then, Congress passed and President Trump approved a bill — the National Defense Authorization Act (NDAA) — that also banned Kaspersky software from federal government use. Kaspersky subsequently filed two lawsuits combatting both bans, but a judge has now dismissed them.

CyberScoop reports that Colleen Kollar-Kotelly, US District Judge for the District of Columbia, rejected Kaspersky’s claims that the bans were unconstitutional. Kaspersky argued that the NDAA inflicted an unconstitutional “punishment,” but Judge Kollar-Kotelly disagreed. She said the act wasn’t a punishment but instead, “eliminates a perceived risk to the nation’s cybersecurity and, in so doing, has the secondary effect of foreclosing one small source of revenue for a large multinational corporation.”

Further, because she dismissed the lawsuit against the NDAA, the suit against the Department of Homeland Security’s order was rendered moot since the act would supersede any change to the order. “These defensive actions may very well have adverse consequences for some third-parties,” she said in her opinion. “But that does not make them unconstitutional.”

The NDAA’s Kaspersky ban goes into effect on October 1st.

This article originally appeared on Engadget.

Tech News: VMware PowerCLI 10.0.0! Released

VMware just released PowerCLI 10.0.0. and before you ask; I thought they were just on version 6?  I wondered the same and here is the answer: The decision to move to version ten was a marketing choice as the PowerCLI project recently celebrated its 10th birthday.

Let’s get into the how to install or update to the latest

Requirments:

The only pre-requisite is to have PowerShell Core 6.0 installed. This adds support for Mac OS and Linux.

Installation Steps:

  1. Get yourself to a powershell prompt with administrative privileges
    In my case, I am on Windows 10 and prefer to use PowerShellISE
  2. Enter the following: Install-Module -Name VMware.PowerCLI -Scope CurrentUser
    This will initiate the install of the latest PowerCLI modules.

    If you receive a warning, use the -Force comamnd:

    “WARNING: Version ‘6.5.1.5377412’ of module ‘VMware.PowerCLI’ is already installed at ‘C:\Users\sysadmin\Documents\WindowsPowerShell\Modules\VMware.PowerCLI\6.5.1.5377412’. To install version ‘10.0.0.7895300’, run Install-Module and add the -Force parameter, this command will install version ‘10.0.0.7895300’ in side-by-side with version ‘6.5.1.5377412’.”

  3. Next enter: Set-PowerCLIConfiguration -InvalidCertificateAction Ignore

    This version of PowerCLI changes the way certificates are handled when connecting to a vCenter server or ESXi host with the Connect-VIServer cmdlet. If your connection endpoint is using an invalid certificate (self-signed or otherwise), PowerCLI would previously return back a warning. The handling has been updated to be more secure and now return back an error.If you are using an invalid certificate, you can correct the error with the ‘Set-PowerCLIConfiguration’ cmdlet. The parameter needing to be configured is ‘InvalidCertificateAction’ and the available settings are Fail, Warn, Ignore, Prompt, and Unset.

For more info ref: https://blogs.vmware.com/PowerCLI

 

 

Saving Lives: American Heart Association! Please Donate

The following message is from my son: 

Hi, I’m Anthony and my friends and family call me AJ for short.  I’ve joined millions of others to help save lives alongside the American Heart Association!

At my school, I’m learning how I can help make a difference by raising lifesaving donations to help kids with heart disease.  I’m also learning about my own heart, and how to keep it healthy, by being active!

I’m excited to have the opportunity to help others, especially other kids who’s hearts don’t exactly work to their full potential.

Please help me make a difference

Thank you!

Donation Link

 

 

 

Please Note:  Many employers sponsor matching gift programs and will match any charitable contributions or volunteer hours made by their employees. To find out if your company has a matching gift policy please check the following page for additional details: http://matchinggifts.com/aha 

 

Important: Update Your Mozilla Web Browser to Firefox 58.0.1

Mozilla has released an important update for its Firefox web browser to patch a critical vulnerability that could allow remote attackers to execute malicious code on computers running an affected version of the browser.

Affected web browser versions include Firefox 56 (.0, .0.1, .0.2), 57 (.0, .0.1, .0.2, .0.3, .0.4), and 58 (.0). The vulnerability has been addressed in Firefox 58.0.1

Security fix

When using certain non-default security policies on Windows (for example with Windows Defender Exploit Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065).

Reference link to 58.0 release notes

Known Issues of Security fix

  • Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions.
  • Users running certain screen readers may experience performance issues and are advised to use Firefox ESR until performance issues are resolved in an upcoming future release.

 

According to a security advisory published by Cisco, Firefox 58.0.1 addresses an ‘arbitrary code execution’ flaw that originates due to ‘insufficient sanitization’ of HTML fragments in chrome-privileged documents (browser UI).

 

Hack Details:

Hackers could exploit this vulnerability (CVE-2018-5124) to run arbitrary code on the victim’s computer just by tricking them into accessing a link or ‘opening a file that submits malicious input to the affected software.’

The advisory states.

“A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely,”

This could allow an attacker to install programs, create new accounts with full user rights, and view, change or delete data. However, if the application has been configured to have limited rights the impact is less on the system itself and should only impact the current session logged in.

 

News: Canonical Releases Ubuntu Kernel Updates for Meltdown / Spectre

No need to go into the back story on this.  If you are reading this, there is a chance you’ve already read other reports on what Meltdown / Spectre and the perceived risks.

Cononical made a public statement last week to provide a patch for supported Ubuntu releases against Meltdown and Spectre security vulnerabilities, and the first set of patches are now available in the stable software repositories of Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.

ref: https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

For Ubuntu 17.10 (Artful Aardvark), the updated kernel also patches four other security issues related to the Berkeley Packet Filter (BPF) implementation in the Linux kernel, which could allow a local attacker to execute arbitrary code or crash the system by causing a denial of service (CVE-2017-17863, CVE-2017-16995, CVE-2017-17862, and CVE-2017-17864).