Don’t forget that the Jumpies are open and live—you can submit your company’s story through June 8th.
Our design team is asking for some feedback on new features for our devices page, so make sure you take the survey and let them know what you think.
Recap this week:
Virtual meetups for our Chicago, DC, and Raleigh groups
Three really interesting and lively discussions about a day in the life of an IT admin - it was interesting to see common themes emerging across all of the groups. Namely, overcoming challenges of pushback when it comes to implementing practices that either higher ups or colleagues don’t understand. That led to discussions about friction and how it’s ultimately better to deal with those challenges now, that will result in longterm security.
We also talked a lot about upskilling and staying up to date on the latest releases when this is essentially a round the clock job. It was really great to hear different perspectives on this and have folks offer resources to help.
It also got me excited for the continuation of this series next week.
That said, next week, we have three more virtual meetups. These are for our Houston, New York, and San Francisco groups. However, as always, since these are virtual, feel free to register and attend these events if you’re interested in meeting fellow administrators and joining the conversation.
The target being to correct the somewhat disastrous Patch Tuesday security updates that caused multiple authentication failures for many Windows business users. Anyone who this issue has impacted must apply the update as soon as possible: but there's a catch
Those authentication failures were caused by installing the May 2022 Patch Tuesday updates on domain controllers. These included authentication failures on the server or client for services such as Network Policy Server and Extensible Authentication Protocol, to name but two. The issue, according to Microsoft, relates to "how the mapping of certificates to machine accounts is being handled by the domain controller."
The catch? - The updates are not available from Windows Update, so they will not install automatically. Instead, you will need to download manually from Microsoft's update catalog. You'll also need to search for the relevant knowledge base (KB) number to find them. Those numbers, and next step instructions, are referenced here.
The saga so far, if you haven't been following, is that Google has a custom-domain user account service, currently called "Google Workspace" and previously called "G Suite" and "Google Apps." The service is mostly a normal Google account that lets you use an email that ends in your custom domain name rather than "@gmail.com." Today this service is aimed at businesses and costs money each month, but that was not always the case. From 2006 to 2012, custom domain Google accounts were free and were even pitched at families as a geeky way to have an online Google identity.
This January, Google made an announcement that they would force these users that have been storing data and email for potentially 16 years to either pay up or lose their account. This of course cause a public outcry, I even posted on reddit about it and had some very reddit like conversations (if you know you know)
In May, Google finally told these users what would happen to their accounts. The new support page says, "For individuals and families using your account for non-commercial purposes, you can continue using the G Suite legacy free edition and opt out of the transition to Google Workspace." You'll need to confirm that your GSuite account is for personal use, and not business use, because businesses are still expected to pay for Workspace. If you already bent to Google's will and started paying for Workspace because of the January announcement, Google says you should contact support.
Snapchat is preparing to introduce a new parental control feature dubbed “Family Center,” which will allow parents to see who their teen is friends with on the app as well as who they’ve been messaging with over the past seven days, and more.
According to new screenshots of Snapchat’s forthcoming Family Center shared with TechCrunch by the product intelligence firm Watchful, the new Family Center feature allows parents to see who their teen is friends with on the app. This is useful for parents because, unlike many social networks, Snapchat’s friend lists aren’t public. Parents will also have visibility into who their teen has chatted with over the past seven days — but not the contents of those conversations. The screenshots additionally explain that parents will be able to assist their teen in reporting abuse and harassment, if needed.
On the 16th, Apple released macOS Big Sur 11.6.6 and a security update to macOS Catalina 10.15.7, bringing minor updates to the last-generation Mac operating systems likely focused on security fixes and under-the-hood improvements. At the time there was not much information on the release. You can find that information on the Apple support site. There was a substantial amount of patches that came in Monday’s update
The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.
Good-faith, according to the policy [PDF], means using a computer "solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability." Additionally, this activity must be "carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services."
Fraudulent domains masquerading as Microsoft's Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware.
"The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint," Zscaler said in a report. "These variants of Vidar malware fetch the C2 configuration from attacker-controlled social media channels hosted on Telegram and Mastodon network."
The ISO file, for its part, contains an executable that's unusually large in size (over 300MB) in an attempt to evade detection by security solutions and is signed with an expired certificate from Avast that was likely stolen following the latter's breach in October 2019. But embedded within the 330MB binary is a 3.3MB-sized executable that's the Vidar malware, with the rest of the file content padded with 0x10 bytes to artificially inflate the size
This is perfect timing since Windows 11 has been released for broad deployment. The “broad deployment” designation indicates that most systems supporting Windows will now run Windows 11. Without the super restrictive hardware requirements (Admin Magazine)