JumpCloud Community

Community Update Becky Scott

• Last call for JumpCloud beta signups, as we’ll probably close that thread at the end of next week. Watch for more from the PMs soon, as they’ll need some info from y’all to enable those betas.
• Yes, we added an IT Hour section on the community so you can find replays and our show notes. We’ll put the link in the chat. 
• As always, you can reach us in the Slack Lounge or via email: community@jumpcloud.com 

Community Spotlight

• @Fulgubbe  posted a great thread on how they solved a situation when their Mac JumpCloudService account app failed. Check it out. Thanks, Fulgubbe!
• @RyanBailey  added system uptime to a PowerShell script share that makes it even more useful.
• @krichard asked what TOTP hardware keys people are using in their environments—head on over and give your answers.

JumpCloud Product/News Updates

• Staged User State 
• Admins can easily identify users needing to be onboarded, assign the resources they will require without granting access until their start date, and control whether a user communication is sent. Benefits -
• User onboarding | puts users being onboarded in a distinct user state making it easy to identify them and complete the onboarding process. This allows the IT Admin to assign these users all their required JumpCloud managed resources, without giving them access until their start date. This is especially beneficial for ensuring new employees and contractors alike have immediate and appropriate access to all the resources when they start, creating a positive day 1 experience..
• One touch activation | transitions users from onboarding to activated, granting them access to all their assigned resources, with a simple change of their user state
• Communication control | choose whether an email is sent to a user when they transition for staged to active
• Logging | specific and auditable events for each user state. Track and report when a user is onboarding versus when they are active and have access to resources based on their user state.
• Foundational to automated onboarding | enables future functionality - scheduled activation on a specific date and time and then fully automated activation based on a specific data attribute (e.g. start date).
• Download Invoices for MTP
• The ability for our MSPs to self serve invoice viewing and download via the MTP console 
• Linux (Ubuntu) Patch Management
• JumpCloud - Patch Management enables our customers to easily schedule and manage all their macOS, Windows, and now Linux (Ubuntu systems) in a single console for greater visibility, automation, and reporting while strengthening their devices’ security posture and meeting their organizational compliance needs.
• What’s more? Our new Linux (Ubuntu) OS patch policies come just in time for the Ubuntu 22.04 release, which was yesterday in case you didn’t know.. This will help our customers easily and quickly automate their updates to the new Ubuntu 22.04 LTS release whenever they are ready. 
• JumpCloud Agent Support for Active Directory Joined Windows Devices
• If your organization has Active Directory joined Windows devices, you can install the JumpCloud agent on those devices and bring them into your JumpCloud org. Doing so enables the administrator to remotely and securely manage the device, as well as take advantage of JumpCloud’s System Insights feature. 
• Currently, if you bind users to a domain joined device, the binding will not take effect and you cannot implement multi-factor authentication (MFA) on devices, or send Windows Policies from the JumpCloud Admin Portal. However, if the device leaves the domain, the JumpCloud agent will automatically bind the user to the device. 
• Note: If a JumpCloud-managed device with JumpCloud users bound to it joins a domain, those user accounts will be suspended. This is expected behavior as user management is not supported on domain-joined devices. 
• JumpCloud Protect Push MFA for RADIUS
• JumpCloud Protect is adding Push for RADIUS and customers can now use JumpCloud Protect as a 2nd factor for VPN and/or WI-FI access. This release expands our supported authentication protocols to EAP-TTLS/ PAP, EAP-MSCHAPv2, EAP-PEAP/MSCHAPv2  and MSCHAPv2, putting JumpCloud Protect on par with other MFA solutions like Duo. 
• New User Import functionality
• Organizations using Namely as their HRIS solution can import new employee identities into JumpCloud from the Namely app.
• Organizations using BambooHR to onboard and manage employees can automatically create, update, and deprovision employee identities in JumpCloud from BambooHR using the JumpCloud app.

IT Trending Updates “Rapid Fire Round”

• 🎤End of the road: Apple is killing macOS Server, the place where Mac OS X began
• [watch Becky resist singing “end of the road” by Boys 2 Men]
  Apple announced today that it is formally discontinuing macOS Server after 23 years. The app, which offers device management services and a few other features to people using multiple Macs, iPhones, and iPads on the same network, can still be bought, downloaded, and used with macOS Monterey. It is also still currently available at its normal $20 retail price but will no longer be updated with new features or security fixes.
• Ubuntu OS sees 22.04 LTS Release
• Canonical has announced the availability of the latest LTS (long-term support) version of its operating system Ubuntu. Version 22.04, or Jammy Jellyfish, is the 36th release in the Linux distro’s history since 1994’s 4.10 Warty Warthog, generally considered to have kicked the whole thing off.
• Canonica alsol announced today that the latest version of Ubuntu supports Azure Confidential virtual machines and deeper integration with Active Directory. Ubuntu 22.04 also marks the first LTS release with desktop support on the Raspberry Pi 4.
• Plex Discovery
•  A new feature called Discovery brings services including Amazon Prime Video, Netflix, and Disney Plus together in a single interface. It might be enough for you to spend more time in Plex, or perhaps to give it a go for the first time.
• If you’re completely new to the Plex experience, you can think of it as a sort of private Netflix or Spotify that you run yourself. You provide the video and audio files, and Plex serves them up to all your devices, whether that’s a smart TV upstairs in your home or a smartphone on the other side of the world.
• QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities
• Network-attached storage (NAS) appliance maker QNAP on Thursday said it's investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month.
• The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated 9.8 for severity on the CVSS scoring system and impact Apache HTTP Server versions 2.4.52 and earlier -
• CVE-2022-22721 - Possible buffer overflow with very large or unlimited LimitXMLRequestBody
• CVE-2022-23943 - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server
• Both the vulnerabilities, alongside CVE-2022-22719 and CVE-2022-22720, were remediated by the project maintainers as part of version 2.4.53, which was shipped on March 14, 2022.
• Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers
• A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers.
• "More_eggs achieves execution by passing malicious code to legitimate windows processes and letting those windows processes do the work for them," Keplinger said. The goal is to leverage the resumes as a decoy to launch the malware and sidestep detection.
• A Year in Review of 0-days Used In-the-Wild in 2021
• Each yearProject Zero looks back at all of the detected and disclosed in-the-wild 0-days as a group and synthesized what they think the trends and takeaways are. The goal of this report is not to detail each individual exploit, but instead to analyze the exploits from the year as a group, looking for trends, gaps, lessons learned, successes, etc. If you’re interested in the analysis of individual exploits, please check out our root cause analysis repository.
• The 2021 report showed the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark when you consider that there were only 25 detected in 2020. We’ve tracked publicly known in-the-wild 0-day exploits in this spreadsheet since mid-2014.
• The report attributes the uptick not to there being more 0-days per-say but due to having better detection and more public disclosures.  Check out the full report on The IT Hour forum board after the show.
• RaidForums Gets Raided (Little late) April 12th
• Sorry for being a little late on this one. The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identity theft.

Closing Statements 

• 04/28/22 - Patch Management, Simplified: How to Build Efficiency and Secure Hybrid Work (Tom Bridge ...
• Senior Security Engineer - DevSecOps
• Technical Support Manager, U.S. Tier 2 and Partner Support
• Elevate Partner Bootcamp Tuesday, April 26, 2022 Anaheim, CA | Flightdeck 10:00 AM - 6:30 PM PST
• This Bootcamp will allow you time to network with other industry experts, learn best practices around marketing and sales as well as gain the skills to elevate your business to the next level with JumpCloud.