remote-support

Home

Digitalwelcomemat industry news, PC hints, IT tips and more

CrowdStrike Falcon outage

There is an international IT outage that is currently evolving. There is VERY little hard information this but popular reporting indicates that it is apparently caused by a product called CrowdStrike Falcon.

None of digitalwelcomemat's customers use this product that I am aware of.

Some companies, that you possibly utilise as third party services may be down which may be affecting you. An example of this is Office 365/Microsoft 365 which apparently was down (although I had not reports or experience of this), but is apparently back up again now.

This link provides some good information:
https://www.abc.net.au/news/2024-07-19/what-is-crowdstrike-outage-explained/104120260

Apparently, its reported, if you do have this issue this is the fix (image below) consider this AT YOUR OWN RISK having said that if your PC is down with a 'blue screen of death' (BSOD) it is a relativity easy fix. Assuming this is a valid fix.

Again based on current information digitalwelcomemat customers should NOT pre-emptively attempt this fix. You will know that you have the issues if you have the BSOD. If you don't have CrowdStrike Falcon installed you should not be directly affected.

  782 Hits
  0 Comments
782 Hits
0 Comments

Its 'patch Tuesday' time and Microsoft will be re-releasing a LOT of updates

 Its 'patch Tuesday' time (US time) and Microsoft will be releasing a LOT of updates addressing 151 vulnerabilities.

Expect your updates soon.. Consider leaving your PC/Laptop on overnight for the next few evenings to allow these updates to apply while your not using your PC and to ensure that your getting the latest security fixes.

If your setup for managed updates using a product like Action1 you may be set for a 48 hour delay to mitigate the risk of bad updates.

  1113 Hits
  0 Comments
1113 Hits
0 Comments

'New version of Outlook', no thanks

If your using Microsoft Outlook, (i.e. the ~$250 value product that comes with Microsoft office) and you get an option to 'Try the new Outlook' I strongly suggest you don't do that, if you do you you will possibly lose a LOT of functionality and go from the business grade $250 value product to essentially the free web based version that everyone with a Hotmail or outlook.com email account gets for free. A lot of features will disappear including Outlook add-in utility's and any secondary emails you may have setup. 

You can see more detail here on this email from a Microsoft outlook add-in developer.

  2015 Hits
  0 Comments
2015 Hits
0 Comments

Phishing "review document" scam email

A number of people have reported receiving a "review document" email.

This email looks like a scam from my perspective and several organisations are reporting that this is the case. (Example https://us.norton.com/blog/online-scams/docusign-phishing-scams)

Don't click on the links in this email, just delete it

  1910 Hits
  0 Comments
1910 Hits
0 Comments

Office 2013 no longer 'supported' by Microsoft

Microsoft Office 2013 has moved out of being officially supported this month. That means no more security updates and eventually, Outlook will stop working with office 365 at some point (no indication of when that will be). 

If your still running Office 2013 (or older) you need to make a plan to move to a supported version for security sake at least.

Office 2016 is no longer supported after October 2025

  2090 Hits
  0 Comments
2090 Hits
0 Comments

 LastPass Data Breach

People who know about these things are getting a bit worried about the LastPass data breach. If you use LastPass you need to evaluate what action to take.

Late last year a hacker broke into LastPass and stole their entire data vault, that included all your logons and passwords if you use LastPass (or even have an old account that you don't use anymore).

LastPass say that they, and consequently the hackers, don't have access to your logon data because its encrypted and protected by the master password that only you know. They have advised that it would take 'millions of years' to crack open the vaults and get access to your data.

However, as time has gone on, we have been hearing that there are caveats to this and it depends on the length of the master password and some of the default settings that you had setup in LastPass, some of those settings have changed their defaults over time so If you have an older account, you may have less protection. The end result of that is that some online security sites are saying in reference to the 'millions of years' claim that in actuality "it may be a lot less than that!"

Advice is extremely varied about what to do, here are some examples:

  • LastPass are saying 'millions of years' to crack open, assuming you have a 12 digit complex password, your PBKDF2 iterations is set to 100,100 or more and [OBVIOUSLY] you never reuse your master password on other websites
  • Almost all are saying change the LastPass master vault password
  • Some are saying change all your passwords for any accounts that are stored in LastPass and change the LastPass master vault password
  • Some are saying dump LastPass altogether and move to another password manager, plus changing all your passwords as above


Whatever action you decide on, do it soon as the clock is ticking if the hackers are trying to brute force crack the data. Some sites are reporting that LastPass have been very coy about the details including when the data was even stolen and as such how long the hackers may have been working on the data, and some say that general communication about the whole event has been poor which brings about a loss of confidence in the service.

The LastPass notice:
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

Some other sites information:
https://www.wired.com/story/lastpass-breach-vaults-password-managers/

https://www.bostonglobe.com/2023/01/09/business/lastpass-security-breach-was-worse-than-youve-heard-heres-what-do/

https://blog.1password.com/not-in-a-million-years/

Finally, almost all security experts still recommend a password manager for managing your passwords. The general consensus is that having strong complex passwords for all your sites and services that you don't have to remember, all stored within a very secure service, protected by a single unique, strong password still provides the best protection compared to the alternatives.

This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  2309 Hits
  0 Comments
2309 Hits
0 Comments

New .au domain names and advice from ACSC

ACSC (Australian [Government] cyber security centre) are recommending that all business purchase their equivalent domain name to prevent "...to help protect your business from opportunistic cybercriminals" before 20 September 2022.

To help protect your business from opportunistic cybercriminals, the Australian Cyber Security Centre (ACSC) recommends that all Australian businesses with existing domain names register their .au equivalents before 20 September 2022. If a business does not reserve their .au equivalent direct domain name during this six-month period, that name will become available to the public on a first come, first served basis. 

https://www.cyber.gov.au/acsc/view-all-content/alerts/new-domain-name-changes-could-leave-your-business-or-organisation-risk

  2963 Hits
  0 Comments
2963 Hits
0 Comments

Pre-order for new .au domains now open

Digital pacific is reporting that the pre-order process for new .au domains now open now go here: https://digitalpacificdomains.com.au for details.

If you have reallylongdomainname.com.au this may be your opportunity to purchase imshort.au instead or to secure your business identity and reputation by purchasing mydomainname.au as well as your existing mydomainname.com.au (before your competitors do) I don't know what the allocation process is but I strongly suggest you act quickly if your interested.

  2814 Hits
  0 Comments
2814 Hits
0 Comments

Older Office apps accessing 365 services

In the continuing saga of older "perpetual license" MS office apps accessing Microsoft 365 services here is a good article:

https://www.computerworld.com/article/3569435/microsoft-points-to-october-end-of-support-for-older-office-apps-accessing-365-services.html

Some points from the article:

"Microsoft has long played with the support of Office applications connecting to Office 365 services. Three years ago, the company said that perpetual-license versions of Office would be able to connect to Microsoft's cloud-based services only during the first half of their 10-year support lifecycle. It set Oct. 13, 2020 as the date when the new policy would take effect."....

......Mcrosoft softened the blow considerably. "We won't take any active measures to block other versions of the Office client, such as Office 2013, from connecting to Office 365 services, but these older clients may encounter performance or reliability issues over time," the Redmond, Wash. developer stated in the support document."

  3027 Hits
  0 Comments
3027 Hits
0 Comments

Office 64 bit version

MS is pushing Office *64 bit* version as the default install now for office 365 installs and its creating havoc with many customers. A major software update is meant to be carefully planned and not just forced on us by Microsoft.. 

If you are looking for maximum compatibility install the 32 bit version of Office (regardless of your Windows version) details here https://digitalwelcomemat.com/index.php/how-to-guides/51-how-to-install-microsoft-office-from-the-web-office-365-version


  4598 Hits
  0 Comments
4598 Hits
0 Comments

"Microsoft is readying multi-session support for Windows 10"

 Tech journalists have been reporting in the last few days that:

"Microsoft is readying multi-session support for Windows 10 [for remote desktop/remote access]
Microsoft looks poised to add a new Multi Session option to Windows 10, likely this fall, which will allow IT to provide multiple users with remote access to desktops/apps without relying on Windows Server [for that role]…"

http://www.zdnet.com/article/microsoft-is-readying-multi-session-support-for-windows-10/

More information as it comes to hand later in the year, at the end of the day its really all about the total licensing cost so we will have to see if there is any real change for business.

  5340 Hits
  0 Comments
5340 Hits
0 Comments

Migrate to the NBN then... snip

Take away message: Find out when your traditional phone services are being cut off due to the NBN and take some action well before then.

NBN Co which is (from my understanding) the new owner of the Australian cabling network that once was owned by Telstra have been saying as follows since the rollout of NBN has begun:

"Homes and business have 18 months to migrate to the NBN once it is available to them, after which traditional copper and cable services in the area are severed — cutting off fixed-line phone and internet access."
https://www.nbnco.com.au/learn-about-the-nbn/device-compatibility/services-that-will-be-switched-off.html

You can check your address here (https://www.nbnco.com.au/connect-home.html) and you may see advice similar to as follows:
"The disconnection process for the old phone and internet network in this area is scheduled to begin on July 2018"

You can also find additional information about timing via the Telstra wholesale website which has some downloadable spreadsheets searchable by suburb.
https://www.telstrawholesale.com.au/nbn/nbn-rollout-schedule.html

For some information on what will be turned off the following web sites list services that will be cut of or need to be considered:
https://www.acma.gov.au/Citizen/Phones/Landlines/The-NBN-and-you/phone-and-internet-disconnection-schedule
https://www.finder.com.au/nbn-copper-cut-off

What will be turned off?

  • Home/business PSTN landline phone services
  • All ADSL, ADSL2 and ADSL2+ Internet services from all providers
  • Telstra BigPond cable Internet services
  • Optus cable Internet and cable phone services


"As well as phone and Internet, it's important to consider other services running off the old copper-based network that will be affected after the switch-off date. These include:"

  • Medical alarms, auto diallers or emergency call buttons
  • Security alarms
  • EFTPOS or health-claim terminals
  • Monitored fire alarms
  • Lift emergency phones
  • Fax and teletypewriter devices


Of most concern for most businesses is the phone lines and existing phone system. Note that you almost universally do NOT need to purchase a new phone system or sign a new contract with Telstra to maintain your lines regardless of what Telstra the sales people may tell you. In fact with the Telstra demotion from network owner and maintainer to "Just another player in the marketplace" I would suggest that Telstra may not be the best provider for phone line services going forward (mobile services excluded from that statement).

Once the NBN has rolled out and your phone lines have been converted, phone calls will be made over the internet. In reality you should not notice any difference you can typically use the same phones or phone system that you have now.

For your existing phone system (PABX) you will need to look at getting a SIP gateway device, which is similar to a set-top box when we moved from analogue to digital TV. Once you have this in place, the new phone lines connected, and the number(s) transferred over. Your old phone system should be able to make and receive calls just as you always have but using SIP or Voice Over IP (VoIP) as the underlying technology.

If you do need or want a new phone system for whatever reason a more sensible approach to replacing a system where the concept hasn't really changed much since the 1970's, is a virtual PABX. There are a number of significant benefits to this and it will probably work out a *lot* less expensive upfront and ongoing.

I will be contacting all of my customers individually to discuss this further.



This blog post has been provided for the benefit of digitalwelcomemat IT customers.
Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  6027 Hits
  0 Comments
6027 Hits
0 Comments

Windows 10 Fall creators update available now

The Windows 10 Fall creators update is available now if you don't want to wait for the staged automated install .

For a single PC just go to the following web site and click "update now". If you have multiple PCs you can also create an install disk either on USB or ready to burn to DVD.

https://www.microsoft.com/en-us/software-download/windows10

This will need to be done from an administrative account and I suggest you plan to let it run overnight. As always make sure you have good backups if you store data on the PC that's getting updated.

  5418 Hits
  0 Comments
Tags:
5418 Hits
0 Comments

NBN 100/40

 When you log on to work remotely and your connection speed is 34 times faster than it was yesterday you know its going to be  a good day...

Good quality 100/40 speed FTTN NBN is a wonderful thing even if you are a long way out of a metro area. (Exetel in this case)

  5205 Hits
  0 Comments
5205 Hits
0 Comments

WannaCryptor Ransomware

Over the weekend, news broke of a new ransomware threat called WannaCryptor. 

WannaCryptor is a worm that was developed thanks to the release of a hacking tool developed by the US NSA in the called EternalBlue. 

If you PC becomes infected, normally by one of the common methods, opening an infected email, an infected USB disk, or an infected website the worm will infect any PC on the network that does not have the appropriate security patch installed. The end result is that all your files will be encrypted and you will have to undertake a massive clean-up and restore from backup or consider dealing with the ransomware creator (with no guarantee of getting your files back). 

Microsoft patched that vulnerability in March this year in supported systems. But PC's and servers that are not patched either automatically or manually will be vulnerable including (and of particular concern) is always those operating systems that are no longer supported. Microsoft has released a one-time update for Windows XP, Server 2003, and Windows 8 even though these operating systems are no longer supported and are in most cases well over 10 years old: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

Nod32/Eset antivirus provider have provided this brief statement: "ESET products can detect and block this malware" (http://support.eset.com/alert6442/) However, there will be new variants released over the coming weeks so you should have multiple layers of protection. 

The usual security precautions apply to try to prevent getting this (or any other) virus or malware: 

  • Don't open attachments from email where you don't know and trust the sender and be careful what links you click on 
  • Have a good antivirus product and make sure its up to date
  • Be carefully when browsing the web and don't browse to unscrupulous websites 
  • Ensure that your PC's and servers are patched/updated (normally PC updates should be automated and servers are manually updated on a schedule) 
  • Don't be an administrator on your own PC for everyday use
  • Have a good backup that is rotated off the PC or server so that there is always a backup not connected to your server or PC 
  • Don't use outdated and unsupported versions of Windows 
  • Have a disaster recovery strategy
  6279 Hits
  0 Comments
6279 Hits
0 Comments

Microsoft product launch

Microsoft had a big product launch in the US overnight I haven't had time to fully digest it yet but here are some of the highlights: 

  • MS is doing a big push on the education market 
  • A new [additional] version of Windows 10 will be available, Windows 10 "S", its normal windows that is locked to only Windows store apps only, (I'll be checking the fine print!). However, this can be upgraded to Windows Pro which will run all apps. https://tinyurl.com/kos5hmb 
  • MS Office will soon be available as a Windows store app (as well as current options) to suit the scenario above. 
  • MS has released a Surface laptop in a traditional "clamshell" design, 13.5" screen, very slim and excellent battery life (Up to 14.5 hours of video playback!). https://tinyurl.com/ldkbgnn. This fits in alongside the surface tablet (with magnetic clip-on keyboard and kickstand) and the surface book (similar thing but with a "hard" connection between the 2 removable parts) and the surface studio an all in one desktop PC. Note that all of these products are *premium* products incredibly sleek sexy and expensive.
  • No new Windows phone release this time, this is expected next year. Rumour has it that this will be very close to a full PC in your pocket that acts like a phone when it's handheld but acts like a full PC running all PC apps when docked with your keyboard mouse and big monitor.
  5482 Hits
  0 Comments
5482 Hits
0 Comments

Win7 - Win10 free upgrade... still (?)

[Updated 26/05/17 this still works]

Reportedly you can still get a Windows 7 (or 8) - Windows 10 free upgrade the following way: 

(Requires **erasing your PC** and some advanced knowledge of boot selection and install procedures, only for power users and make your own investigations before attempting this) 

  • Ensure that you have your Windows 7 install product key, normally on a sticker on your PC or laptop case 
  • Download the Windows 10 Creators edition install disk image here: https://www.microsoft.com/en-au/software-download/windows10 (make sure you get the correct version based on the version that you are upgrading from Pro or Home for example) 
  • Make the DVD or USB boot device using the tool that you downloaded above 
  • Boot from the DVD or USB Erase the drive and Install Windows entering your Windows 7 product key when prompted 
  • When windows finishes installing Windows 10 should activate with the windows 7 key 

I expect this opportunity will only be for a limited time MAKE YOUR OWN INVESTIGATIONS BEFORE ATTEMPTING THIS. 

THIS INFORMATION PROVIDED WITHOUT WARRANTY OR OFFER OF FREE SUPPORT.

  4963 Hits
  0 Comments
4963 Hits
0 Comments

LastPass now free on mobile

From LastPass...

Get LastPass everywhere, for free!

We know you're a person on the go. That's why, starting today, you can use LastPass on any device, from anywhere, for free.

For convenient access to your passwords on all your devices, download LastPass to any computer and get our app for your phones and tablets:

  5097 Hits
  0 Comments
5097 Hits
0 Comments

“AGL Energy” malware

A number of sources in the media are reporting a bogus email purporting to come from AGL Energy that contains malware. This malware typically installs some type of ransomware on your computer that will encrypt all the data files that it has access to (including network shares) and demand a ransom before they [promise to] unlock them.

It's been reported that this has affected over 10,000 Australians in a week. Here are some links for more information:

smh.com.au

heraldsun.com.au

www.yourlifechoices.com.au


So "I guess", be on the lookout for this one however that's in some ways a bad approach. Being on the lookout for an AGL email when the same thing has been coming from emails purporting to be from Australia post, DHL, Telstra and others for some time now isn't very effective. A better approach is to be careful with ALL emails and have the proper prevention and mitigation strategies in place. 

Here are three things you can do as a starting point: 

  • DON'T BE AN ADMINISTRATOR ON YOUR OWN COMPUTER (I may have mentioned that before)
  • Have good backups in pace that are isolated from the system (a single USB drive plugged in to the system isn't adequate)
  • Be thoughtful and careful with what you open or what links you follow, if it doubt don't open it 

Bonus point: 

  • Have a really good quality antispam service that will; 
  1. Identify most bogus messages as being not legitimately from the company in question 
  2. Prevent casual access to suspect emails, suspect emails should be quarantined by default 

(for your information I can recommend that dedicated antispam product for about $3.50 per user per month)


This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  5737 Hits
  0 Comments
5737 Hits
0 Comments

Windows 10 updates

Q: Now that I have Windows 10 can I stop it from updating at the most inopportune times? 

A: Yes and no, go to start -> settings -> "update & security" -> "Windows update" -> advanced options -> defer updates

This will defer them for a while but does not affect security updates:

"Defer upgrades in Windows 10 - Some Windows 10 editions let you defer upgrades to your PC. When you defer upgrades, new Windows features won't be downloaded or installed for several months. Deferring upgrades doesn't affect security updates. Note that deferring upgrades will prevent you from getting the latest Windows features as soon as they're available.

http://windows.microsoft.com/en-au/windows-10/defer-upgrades-in-windows-10

However that's probably not want you are after. The intended approach is to leave the PC *on* overnight but *not* logged in same way Windows has handled updates for years. That way it will handle all that stuff overnight when you are not using it and restart around 3am - 4am if needed. This would require sleep setting to be set appropriately (I always recommend that sleep is turned off on PC's and laptops anyway), bear in mind that with a Windows tablet that's probably not feasible. 

One of the big changes that Microsoft made in windows 10 is that it WILL do its updates eventually regardless, its created a bit of angst within the industry but the problem they were facing is that people never allowed Windows to update (mostly by turning the PC off overnight every night) and as such Windows didn't get the security fixes and PC's were often vulnerable to the bad guys long after Microsoft had released the patch. 

There are a couple of ways of "hacking" this so that it won't do updates unless you manually force it, but for the reasons above it's not recommend because you really want to get the security fixes without manual intervention. 

Consider leaving your laptops and desktop PC's on overnight (and logged out) or at least over "a" night during the week.

  4957 Hits
  0 Comments
4957 Hits
0 Comments

Welcome:

digitalwelcomemat now has a blog!

Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/

Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.

Search

Articles

Contact:

Give me a call: 0404 493770

Go to top