security

I was talking with an insurance adjuster when he asked me what I do for a living. I explained that I help companies make sure they’re doing a good enough job of updating their computers. That visibly disturbed him. “So should I install updates on my computer or not?” he asked.

Security experts agree that installing updates on your computer is one of the top three things, if not the most important thing, you can do to protect your security and privacy. It’s also one of the easiest, and the most practical thing home users can do.

Read more

Someone asked me recently why hackers hack the government. That’s a little more complex question than why they hack other people. Governments are complex, so that means there’s more reason to hack a government than to hack a corporation or a citizen.

Government hackers generally have three motivations behind them: Money, activism, or espionage. The motivations depend based on who is doing the hacking.

Read more

It happens every year when Daylight Savings Time (Summer Time in Europe) starts kicking in. Qualys displays weird times in its user interface and it gets hard to figure out what time scans outside your local time zone are actually going to run. So here’s what to do about Qualys showing the wrong time in its user interface.

Qualys factors Daylight Savings Time into scheduled scans as long as you select the DST checkbox, but it doesn’t factor it into the user interface if you specify your local timezone. Setting your timezone to Auto will fix that.

Read more

I helped a company troubleshoot its vulnerability scans recently. They had multiple Windows domains because of their line of business. This made scans difficult, but we found some solutions. Here are some tips for authenticated scans across multiple domains.

Scanning multiple domains in a single scan can cause account lockouts if the usernames and passwords don’t all match. Three possible solutions include separating each domain into its own scan, using completely unique accounts to scan, or syncing up the accounts so they have the same username and password.

Read more

My son had problems with his computer. Any time he went to Youtube, instead of getting video, he got a prompt that said “Click to enable video converter.” Virus is a strong word, but video converter is software you don’t want. Here’s how to fix it.

Run Malwarebytes, let it scan your system, quarantine everything it doesn’t like, then reboot. That’s all it takes to remove Video Converter. Don’t waste your time with those other websites that give generic information that doesn’t work.

Read more

Sometimes you have a long list of IP addresses and need to know which ones are in a particular CIDR range. That’s easy enough to do by hand if it’s a nice, even multiple of 8. But usually it isn’t, so I wrote a simple script to determine if an IP is in a CIDR range.

In days of yore, computer magazines would publish short, useful programs and explain how they worked. That doesn’t happen anymore. Consider this a throwback post.

Read more

When you work with Qualys long enough, it’s inevitable that you’ll eventually find them: Zero-day vulnerabilities in software that’s several years old, with no patch available. There’s no easy answer about what to do with them, but here’s some advice for old Qualys zero-day vulnerabilities.

Zero-day vulnerabilities by definition have no vendor-supplied patch. Typically a vendor issues a patch a few days or weeks after a zero-day comes out, but there are a few zero-days from the 2007 timeframe that never got patches released, and those vulnerabilities require another type of mitigation.

Read more

Qualys Assetview is the vendor-preferred way to search in Qualys. Admittedly, its Elasticsearch interface is slick. But Assetview doesn’t usually let you search by MAC address even though the field exists. So here’s how to search by MAC address in Qualys using other functionality in the tool.

Qualys Asset Search has the ability to search based on the presence of a QID and its results. So you can search on QID 43007 containing the results of the MAC address you want. If Qualys finds a match, it pulls up the machine you are looking for.

Read more

Any time Congress makes it illegal to robocall you, they exempt political calls. That makes it hard to stop unwanted political calls and it pretty much means your phone is going to ring off the hook in the runup to the election. But you can still get peace regardless. Here’s how to stop phone calls from political parties if you don’t want them.

Most robocall services or apps block political robocalls along with all the others. Many of them work with landlines and cell phones. If you have a landline phone that doesn’t work with robocall services, you can still use a device to block the calls.

Read more