Posts

Showing posts from June, 2017

Disable Macros in MS Office

Image
Disabling Macros in Excel 2010 Disabling Macros from running in MS Office is one of many important steps worth taking in order to keep your computer secure. Please see here for details on how to do this: https://support.office.com/en-ie/article/Enable-or-disable-macros-in-Office-documents-7b4fdd2e-174f-47e2-9611-9efe4f860b12?ui=en-US&rs=en-IE&ad=IE

Petya ransomware/attack!

Image
By now you may have heard of the Petya (or NotPetya) ransomware. This is a yet another high profile malware which has spread like wildfire but is only one in an increasing array of Ransomware attacks that threaten IT systems all around the world. As with WannaCry before, please, please, please be extra careful with the following: Email attachments – do you know the sender? Are you expecting an attachment from them? Does the attachment have an unusual name? Website links in emails or from other websites whose reputation you can’t be sure of Those of you who are my customers will already have ESET Antivirus, Automatic Windows Updates, and won’t have Windows XP (especially vulnerable). However, this does not mean you can be in any way complacent.  This kind of infection is very hard to prevent and ultimately safety can be at the mercy of a user opening an infected attachment. I advise doing the following as soon as you can: Backup, backup, backup!  To an external har

Protect your computer against Petya ransomware:

From ESET... Use reliable antimalware software: This is a basic but critical component. Just because it’s a server, and it has a firewall, does not mean it does not need antimalware. It does! Always install a reputable antimalware program and keep it updated. Make sure that you have all current Windows updates and patches installed Run ESET’s EternalBlue Vulnerability Checker to see whether your Windows machines are patched against EternalBlue exploit, and patch if necessary. For ESET Home Users: Perform a product update For ESET Business Users:   Send an Update Task to all Client Workstations or update Endpoint Security or Endpoint Antivirus on your client workstations .

How to disable SMBv1

SMBv1 is an old network file system protocol and is used by the ex-NSA's hacking tool EternalBlue to spread ransomware throughout networks.  Disabling it is advised but use with caution. Windows 8, 10, and Server 2012 Open an administrator-level PowerShell window Type the following: Set-SmbServerConfiguration -EnableSMB1Protocol $false To confirm changes: Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol Windows XP, Vista, 7, and Server 2008 and 2008 R2: Open an administrator-level PowerShell window Type the following: Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force Restart your PC To disable SMB1 server and/or client via Group Policy: https://support.microsoft.com/en-za/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and-windows