Blogs

Antivirus creator John McAfee reportedly found dead in prison cell

Former antivirus software creator John McAfee has died in what is reported to be a suicide as he waited for extradition to face tax evasion charges in the USA. McAfee was arrested in Spain in October 2020, where he was awaiting extradition to the US for allegedly not paying taxes on cryptocurrency, consulting, and other business arrangements. Hours after extradition was approved by Spanish courts, El Pais reported that McAfee was found dead in his cell from an apparent suicide where resuscitation attempts failed to revive him. “Prison officials have found him hanging in his cell, according to police sources, who say they treat the event as a suicide,” reports El Pais. For years, McAfee has been claiming that the US government wanted to kill him. A later tweet while he was in jail continued to show McAfee’s believe that people were out to get him. McAfee rose to fame after creating the antivirus firm McAfee Associates in 1987, which was later acquired by Intel in 2010. After leaving McAfee Associates in 1994, McAfee was involved in numerous other companies, such as Tribal Voice and Zone Labs, and more recently, the cryptocurrency company Luxcore. In more recent times, McAfee’s exploits, lifestyle, political beliefs, and zest for cryptocurrency have made him a cult figure for many. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only
Read more

Migration to Plesk from Other Hosting Platforms

Nowadays, a server operating system might host some of the following services: Web service and associated applications used by websites Mail service Database services DNS service Often there’s also an installed control panel software that helps to facilitate the deployment and management of these services. So migration of the data and services from one server to another one is, in this case, the process of transfer of the hosting control panel data and content (such as websites, mail, databases, DNS zones) to the new server. Disadvantages of Manual Backup/Restore Generally, the migration procedure backs up some data on the old server. Then, transfers the backup file to the new server and restores it there. For such a complex environment, the transfer of data to another server isn’t the easiest option. You can, of course, move all the data piece by piece using the native backup/restore tools for each server component and file copy. However, it often takes an unreasonable amount of work-time and manual operations. The other disadvantage is that it’s not possible to make a seamless transition if the services on the old server are active. Some data will be lost in transfer staying on the old server or some services will be down during the transfer. Migration to a Server with Plesk Let’s now suppose you have Plesk Obsidian on the new server. In this case, it will be easier to transfer all the data (web/mail/databases/DNS/Control Panel data). Because Plesk provides a special tool, the Plesk Migrator Extension, which automates the process. This is the migration tool that Plesk provides for migration to the latest, recommended Plesk Obsidian versions. You install it via Plesk Panel like any other Plesk Extension and it has a handy user interface too. There can be different reasons for migrating services and/or data from one server to another. Let’s go through the typical server migration scenarios and see how Plesk makes the whole process simple. Moving your services to the Cloud with Plesk and our hyperscaler partners Migration from another control panel/hosting environment to Plesk Migration to the new Plesk and Operating System versions Moving Your Services to the Cloud with Plesk It’s become popular to move onto cloud services and scale your business. You can easily install Plesk on the most-loved cloud platforms, like: Amazon AWS Microsoft Azure DigitalOcean Vultr Google Compute Engine (we have yet not blogged about this yet, but you can install Plesk on a Google Cloud VM the same way as a regular stand-alone Plesk server) And once you install Plesk, you can migrate to the cloud instance with Plesk from anywhere, in a standard way. There will practically be no difference as it doesnt depend on where Plesk is installed (cloud instance, virtual container/ machine or a physical server). You always migrate to Plesk using the Plesk Migrator Extension (this is the number one tool for Plesk migration). Migration From Another Hosting Panel/Hosting Environment to Plesk If you have any control panel you would like to leave for Plesk – check out our list of supported hosting panels. Specific versions of Plesk for Windows and Linux: 8.6, 9.5, 10.4, 11.0, 11.5, 12.0, 12.5, 17.0, 17.5, 17.8. cPanel 11.5 Helm 3.2 Confixx 3.3 Parallels Pro Control Panel for Linux 10.3.6 Plesk Expand 2.3.2 DirectAdmin 1.51 (just custom migration is supported when you switch from DirectAdmin installed on Ubuntu 10.x) These objects, settings, and data will be transferred during migration: Plesk Migrator moves the following: service plans, websites featuring content (e.g. mail, files), and subscriptions with related domains for your convenience. In the case of customer and reseller accounts without domains, these won’t be migrated. Additionally, Plesk service settings will not be transferred. These include Fail2Ban settings, firewall configurations, and installed PHP handlers. How to Install Plesk Migrator You can complete Plesk Migrator’s installation via Plesk’s interface. Here’s how: Log in to Plesk as the administrator, on the destination server Navigate to Tools & Settings, go to Updates & Upgrades, then Add/Remove Components Hit Install beside the Plesk Migrator component Prefer to process the Plesk Migrator’s installation with a command line instead? In Linux, you can sign in to the destination server through SSH as the root user, or in Windows through RDP as the administrator user Follow these steps: On Linux, run this command: plesk installer On Windows, go to the command prompt and run "%plesk_bin%\ai.exe" --console. Continue with the installation wizard, and follow the directions provided until you’re invited to choose components Pick the “Plesk Migrator” component to be installed and run through the rest of the procedure, following the instructions as they appear on-screen What if none of the supported hosting platforms are installed on the source server? You can migrate from a server running an unsupported hosting platform (or none at all) with custom migration. With custom migration, you’ll create a hosting description file written in JSON or YAML and detail the objects to be migrated (such as mailboxes, domains, etc.). You can perform custom migration even if you lack administrative access to the source server. How to Migrate from a Linux Server with Custom Hosting This topic covers migration to a Linux server running a control panel that isn’t one of the supported source platforms, or one with hosting but without a control panel. These scenarios are supported: Migrating from a server with custom hosting (with administrative access): This situation requires you to create a hosting description file including a list of subscriptions, clients, mailboxes, etc. and defines where mail and web content data can be found on the source server. The file’s format is readable by humans and covers the majority of popular hosting services. It could be in JSON or YAML. Migrating from a server with custom hosting (without administrative access): In this scenario, it’s presumed that you’ll manually transfer database dumps and web content data from the destination server to the source one. You’ll need to make a hosting description file, but it will specify where database dumps and web content data will be located on the destination server. Please be aware that you can only use the command line to migrate from servers with custom hosting,
Read more

Idle Worker Process Page-Out in IIS 8.5

In IIS 8.5, the administrator has the option of suspending an idle worker process rather than terminating it. Compatibility COMPATIBILITY Version Notes IIS 8.5 and later Idle Worker Process Page-Out was introduced in IIS 8.5. IIS 8.0 and earlier Idle Worker Process Page-Out was not supported prior to IIS 8.5. Problem Internet Information Services (IIS) on Windows Server 2012 provides the administrator with the option of timing out a worker process that is idle for a specified period of time. This is a good option for sites that are not accessed very often because it frees up system resources when the site is idle. The disadvantage is that the next time the site is accessed, the user will need to wait for the worker process to start again. Solution In IIS 8.5 and later, the administrator has the option of suspending an idle worker process rather than terminating it. A suspended worker process remains alive but is paged-out to disk, reducing the system resources it consumes. When a user accesses the site again, the worker process wakes up from suspension and is quickly available. When an idle worker process is terminated, the worker process is shut down, and the startup period will be longer when the site is subsequently accessed. Terminating the process is the default behavior, and the same behavior that has been used in previous versions of IIS prior to IIS 8.5. The idleTimeoutAction attribute can be configured either for a single application pool or as a default for all application pools. Step by Step Instructions Configure Idle Worker Process Page-Out for a Single Application Pool Open IIS Manager. Select Applications Pools in the Connections pane, select an application pool in the Application Pool pane, and then click Advanced Settings… in the Actions pane. In the Advanced Settings dialog box, under Process Model, select Suspend for the value of Idle Time-out Action to suspend a worker process when the time-out value is reached, paging it out to disk. Select Terminate to shut down the worker process. Optionally set the Idle Time-out value from the default 20 minutes to a different time period. Click OK. Configure Idle Worker Process Page-Out as a Default for Application Pools Open IIS Manager. Select Applications Pools in the Connections pane, and then click Set Application Pool Defaults… in the Actions pane. In the Application Pool Defaults dialog box, under Process Model, select Suspend for the value of Idle Time-out Action to suspend a worker process when the time-out value is reached, paging it out to disk. Select Terminate to shut down the worker process. Optionally set the Idle Time-out value from the default 20 minutes to a different time period. Click OK. View Resource Use in Suspension You can view suspended worker processes in Task Manager and see that they use very little memory or CPU. Verify Idle Time-out Action Configuration in applicationHost.config The idleTimeoutAction configuration can be entered in two places in the applicationHost.config file: For a single application pool, in the <processModel> child element of the <add> element, which sets the idleTimeoutAction attribute only for that pool. This is what is happening for DefaultAppPool in the screenshot of applicationHost.config file below, in which idleTimeoutAction is set to “Suspend”. For all application pools, in the <processModel> child element of the <applicationPoolDefaults> element, which makes a default setting for all the pools. If idleTimeoutAction is not set for a specific pool, e.g., the .NET v4.5 pool below, the default idleTimeoutAction value is used for that pool, in this case “Terminate”. If idleTimeoutAction is set for a pool, that setting overrides the default. Summary In this guide, you have configured IIS to suspend or terminate worker processes that have been idle for a specified amount of time.  
Read more

Microsoft adds Automatic HTTPS in Edge for secure browsing

Microsoft Edge now can automatically switch users to a secure HTTPS connection when visiting websites over HTTP after enabling Automatic HTTPS. This new feature is in preview in the Canary and Developer preview channels and is rolling out to select users of Microsoft Edge 92. The announcement made today by the Microsoft Edge Team comes after the company added the feature to the Microsoft 365 roadmap in April, with an estimated release in July. “Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol,” Microsoft said today. “The list of HTTPS-capable websites is based on Microsoft’s analysis of the web, and helps enable a more secure connection on hundreds of thousands of top domains.” Blocks MITM attacks, web traffic tampering The automatic switch to an HTTPS connection will protect Edge users from man-in-the-middle (MITM) attacks attempting to snoop on data exchanged with websites over unencrypted HTTP connections. Data sent and received over HTTP (including passwords, credit card info, and various other sensitive info) can also be harvested by malicious programs running on a compromised computer. Ensuring that you’re always using HTTPS when browsing the web helps secure your data while in transit by encrypting the connection to the sites’ servers. HTTPS also makes sure that threat actors trying to intercept your web traffic will not be able to alter the data exchanged with Internet sites without being detected. How to test it right now If you want to test it right now, you have to open edge://settings/privacy and turn on “Automatically switch to more secure connections with Automatic HTTPS.” If the experiment hasn’t reached you yet, you can enable it by going to edge://flags/#edge-automatic-https, toggling on the ‘Automatic HTTPS’ experimental flag, and restarting the browser. The HTTPS upgrades will be automatic with no alerts to allow you to browse the web just as you usually do, but over a secure connection wherever possible. While, by default, Automatic HTTPS will only switch to HTTPS on sites likely to support this secure protocol, you can also choose to have all connections switched, which will likely lead to connection errors if the website is missing HTTPS support. Microsoft is not the first major web browser vendor to add an option to enable HTTPS on all websites automatically. For instance, Google Chrome defaults to HTTPS for URLs typed in the address bar if no protocol is specified. Mozilla has also added an HTTPS-Only Mode designed to secures web browsing by rewriting URLs to use the HTTPS protocol (even though disabled by default, it can be enabled from the browser’s settings). NOTE:: This article is copyright bybleepingcomputer.com and we are using it for educational or Information purpose only    
Read more

SonicWall urges customers to ‘immediately’ patch NSM On-Prem bug

SonicWall urges customers to ‘immediately’ patch a post-authentication vulnerability impacting on-premises versions of the Network Security Manager (NSM) multi-tenant firewall management solution. The vulnerability tracked as CVE-2021-20026 affects NSM 2.2.0-R10-H1 and earlier and it was patched by SonicWall in the NSM 2.2.1-R6 and 2.2.1-R6 (Enhanced) versions. SonicWall rated it with an 8.8/10 severity score and authenticated attackers can exploit it for OS command injection in low complexity attacks that don’t require user interaction. “This critical vulnerability potentially allows a user to execute commands on a device’s operating system with the highest system privileges (root),” SonicWall explains. “This vulnerability only impacts on-premises NSM deployments. SaaS versions of NSM are not affected.” While the company did not mention an immediate danger of attackers exploiting this vulnerability or active in the wild exploitation, SonicWall is urging customers to patch their devices immediately. “SonicWall customers using the on-premises NSM versions outlined below should upgrade to the respective patched version immediately,” the company said. When asked to comment earlier today, SonicWall refused to provide any details regarding CVE-2021-20026 active exploitation and replied with the information available in the security advisory. Several SonicWall zero-days abused in the wild this year Threat actors have targeted multiple SonicWall appliance vulnerabilities this year, several of them zero-days actively exploited in the wild before the company released patches. In February, SonicWall patched an actively exploited zero-day impacting the SMA 100 series of SonicWall networking devices. A financially motivated threat actor, tracked by Mandiant threat analysts as UNC2447, exploited another zero-day in SonicWall SMA 100 Series VPN appliances to deploy newly discovered FiveHands ransomware on the networks of North American and European targets. The same zero-day bug was also abused in attacks targeting SonicWall’s internal systems in January and later indiscriminately abused in the wild. In March, SonicWall patched three more zero-days exploited in the wild and affecting the company’s on-premises and hosted Email Security (ES) products. As Mandiant found while investigating the attacks, these zero-days were abused by a group tracked as UNC2682 to backdoor systems using BEHINDER web shells which allowed the attackers to move laterally through their victims’ networks and access emails and files. NOTE:: This article is copyright bybleepingcomputer.com and we are using it for educational or Information purpose only Click Here to visit the official store of SonicWall in Pakistan      
Read more

Office 365 bug: Exchange Online, Outlook emails sent to junk folder

Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients’ inboxes and being sent their junk folders instead. “We’re investigating an issue in which email is being sent to the junk folder,” Microsoft shared on the company’s Microsoft 365 Status Twitter account. “We’re investigating a potential issue and checking for impact to your organization,” Microsoft added in the admin center. The company added that more information will be shared within 30 minutes under EX258373 in the Microsoft 365 admin center. The Microsoft 365 Service health status page is currently directing customers to the Microsoft 365 Status Twitter account for more details regarding this ongoing incident. Microsoft fixed another issue today caused by a recently deployed spam rule that prevented users from forwarding email messages using Exchange Online. Earlier this month, another Office 365 issue resulted in legitimate emails sent from multiple domains (including Google and LinkedIn) getting tagged as malicious and quarantined. Last month, a Microsoft 365 outage prevented Exchange Online users from sending and receiving emails, with messages being stuck in transit and not reaching the recipients’ inboxes. Exchange Online was also knocked down by a widespread authentication outage in March, preventing users from logging into their accounts due to an Azure Active Directory (Azure AD) configuration issue. The March massive outage affected multiple other Microsoft services at the time besides Exchange Online, including Microsoft Teams, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more. In September, Microsoft users experienced another worldwide outage showing “transient” errors that knocked down Office 365 and several other related services, including Microsoft Teams, Office.com, Power Platform, and Dynamics365. Update 1: Microsoft is reverting the change behind email incorrectly being routed to the junk folder. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only  
Read more

Microsoft Exchange admin portal blocked by expired SSL certificate

The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website. Starting at 8 AM EST today, Microsoft Exchange admins who attempted to access the admin portal at admin.exchange.microsoft.comsuddenly found that their browsers were issuing warnings that the connection was not private due to an expired SSL certificate. Depending on the browser, users are blocked from accessing the site as a security precaution or shown an alert that the data may not be secure. For example, Google Chrome will stop you from accessing the site altogether, while Firefox will warn you about the insecure connection. According to Qualys’ SSL Labs, the certificate expired today, Sun, 23 May 2021, at 12:00:00 UTC. For those on the east coast of the United States, that is is equivalent to Sun, 23 May 2021 08:00:00 EST. Microsoft states that they are aware of the issue and are working on a fix. As a temporary workaround, Microsoft states you can access the admin portal from the https://outlook.office.com/ecp/ URL as well. Unfortunately, outages caused by expired certificates are becoming all too common as almost all online services have now switched over to secure connections. With encrypted communications come additional complexity and human error, such as forgetting to renew an SSL certificate. In August 2020, an expired certificate for California’s CalREDIE infectious disease reporting system led to an underreporting of COVID-19 cases in the state as data was prevented from being uploaded. We have also seen expired SSL certificates affecting consumer-facing services, such as Spotify, Microsoft Teams, and Facebook’s Tor server. Reached out to Microsoft to learn more about when they expect the SSL certificate to be renewed but has not heard back at this time. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only  
Read more

Google Chrome is crashing worldwide on Windows 10 PCs, how to fix

Google Chrome has suddenly started crashing yesterday for many Windows users worldwide making the browser unusable. Google released Chrome 90.0.4430.212 on May 10th, and for the most part, there have been no reported issues with the release until yesterday. As first reported by Windows Latest, starting yesterday morning, users began reporting that Google Chrome extensions and tabs suddenly began crashing while using the browser. Due to these crashes, the Chrome subreddit and Chrome product forums have begun filling up with posts from people experiencing these issues.   “Seemingly out of nowhere ~15 minutes ago, Google Chrome stopped working for me. My extensions crashed and all pages (including Chrome pages like settings) refuse to load. The screen is completely blank, and the tab is simply labeled “Untitled” with a frowning folder next to it,” a user posted yesterday to Reddit. Furthermore, users are reporting that these crashes happen in both the regular and Incognito browsing modes. It is believed that the crashes are caused by an issue with the Google Chrome ‘%UserProfile%\AppData\Local\Google\Chrome\User Data’ folder, which is used to store your data, extensions, and configuration settings for the browser. A Google Product Expert recommends that users create a backup of the ‘User Data’ folder and then perform one of the following steps to fix the crashes: As this only seems to be happening on Windows I will provide such instructions, but this will be operating system dependent:  Ensure your Sync data is accurate at https://chrome.google.com/sync and passwords appear at https://passwords.google.com (If you have a passphrase they will not but they should be reflected in the sync data link) Close any open Chrome instance Open File Explorer and navigate to: %LOCALAPPDATA%\Google\Chrome\User Data Delete the “Local State” file from the directory (ensure you have a backup!) Re-Open Chrome If the above steps don’t resolve the problem then try the following Open File Explorer and navigate to: %LOCALAPPDATA%\Google\Chrome\User Data Take a copy of everything in this directory and store it somewhere such as your desktop Rename the “User Data” folder to something other than User Data Re-Open Chrome Some users have reported that after performing these steps, the Google Chrome crashes have stopped. Others state that once you restart Google Chrome the issue occurs again. It is not clear what is causing the crashes, but it is likely a change pushed out to some users by Google since the latest browser release. It is common for Google to push out configuration changes or new features to Google Chrome users in limited tests. One of these tests or configuration changes may be causing the issues seen by so many users. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only
Read more

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

WhatsApp on Friday disclosed that it won’t deactivate accounts of users who don’t accept its new privacy policy rolling out on May 15, adding it will continue to keep reminding them to accept the new terms. “No one will have their accounts deleted or lose functionality of WhatsApp on May 15 because of this update,” the Facebook-owned messaging service said in a statement. The move marks a turnaround from its previous stance earlier this year when the company outlined plans to make the accounts inaccessible completely should users choose not to comply with the data-sharing agreement and opt not to have their WhatsApp account information shared with Facebook. “If you haven’t accepted by [May 15], WhatsApp will not delete your account. However, you won’t have full functionality of WhatsApp until you accept,” the company had previously said. “For a short time, you’ll be able to receive calls and notifications, but won’t be able to read or send messages from the app.” While the revised privacy policy is set to go into effect in exactly a week from today, WhatsApp won’t disable the features for people who don’t accept the changes. Instead, it will continue to push users into accepting the updates with a “persistent reminder” in return for a “limited functionality.” “You won’t be able to access your chat list, but you can still answer incoming phone and video calls,” WhatsApp said. “If you have notifications enabled, you can tap on them to read or respond to a message or call back a missed phone or video call.” Ultimately, users failing to agree to the revised terms even after a few weeks of limited functionality will be prevented from receiving incoming calls or notifications, as well as messages to their devices. Accounts rendered inactive in the process — i.e., users not connected to WhatsApp — are expected to be deleted after 120 days, according to its standard policy for removing inactive accounts from its platform for privacy and security reasons. Originally planned to take effect on Feb. 8, WhatsApp’s updated privacy policy has faced fierce backlash over concerns about the exact kind of information that will be shared with Facebook, forcing it to delay the roll out until May 15. WhatsApp has since clarified that the update does not expand on its ability to share personal user chats or other profile information with Facebook and is instead simply providing further transparency about how user data is collected and shared when using the messaging app to interact with businesses. NOTE:: This article is copyright by thehackernews.com and we are using it for educational or Information purpose only  
Read more

Microsoft announces end of life for multiple .NET Framework versions

Microsoft today announced that multiple .NET Framework versions signed using the legacy and insecure Secure Hash Algorithm 1 (SHA-1) will reach end of support next year. The .NET Framework is a free software development framework that helps developers build .NET applications, websites, and services and users to run them on many operating systems (including Windows), using different implementations of .NET. “.NET Framework 4.5.2, 4.6, and 4.6.1 will reach end of support on April 26, 2022,” said Jamshed Damkewala, .NET Principal Engineering Manager. “After this date, we will no longer provide updates including security fixes or technical support for these versions.” The only exception is the .NET Framework 4.6 version that ships with Windows 10 Enterprise LTSC 2015, which will get its support extended to October 2025, when the OS reaches its end of life. No recompiling or retargeting after move to 4.6.2 or later .NET developers are recommended to migrate their applications to at least .NET Framework 4.6.2 or later before April 26, 2022, to continue receiving security updates and technical support. Developers who haven’t already deployed .NET Framework 4.6.2 or later versions of their apps are only required to update the runtime on which the apps are running to at least version 4.6.2 to stay supported. .NET Framework 4.6.2 (shipped almost five years ago) and .NET Framework 4.8 (shipped two years ago) are both stable runtimes and compatible in-place replacements already “broadly deployed to hundreds of millions of computers via Windows Update (WU).” “If your application was built to target .NET Framework 4 – 4.6.1, it should continue to run on .NET Framework 4.6.2 and later without any changes in most cases,” Damkewala added, without a need to recompile or retarget. “That said, we strongly recommend you validate that the functionality of your app is unaffected when running on the newer runtime version before you deploy the updated runtime in your production environment.” Retired after switch to SHA-2 signing Microsoft is retiring these .NET Framework versions because they are digitally signed with certificates that use the legacy SHA-1 cryptographic hashing algorithm, which is now insecure. Security researchers released a report in 2015 on SHA-1’s vulnerability to collision attacks that could enable threat actors to forge digital certificates to impersonate companies or websites. These forged digital certificates can be used to spoof companies, add legitimacy to phishing messages, or in man-in-the-middle attacks to snoop on encrypted network sessions. Starting next month, on May 9, all major Microsoft services and processes (including code signing, file hashing, and TLS certificates) will use the SHA-2 algorithm exclusively. Microsoft also retired all Windows-signed SHA-1 content from the Microsoft Download Center in August 2020, after changing the signing of Windows updates to use the SHA-2 algorithm one year before. It’s also important to note that, although Microsoft only supports SHA-2-signed content for official content, Windows executables signed using manually installed enterprise or self-signed SHA-1 certificates can still run in the operating system. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only The Best Internet & e-Mail Security Suite 2021      
Read more
Cart

No products in the cart.