How to decrypt, unlock and restore Cryptolocker malware for free

Posted on August 7, 2014 by Mark Pace

Cryptolocker is a particularly nasty type of ransomware that criminals have used to encrypt files on a victim’s computer before demanding a ransom for the encryption key to unlock the files. Without the key, the encryption renders the victim’s files useless so many people lost files or paid the ransom.

Two security firms, Fireeye and Fox IT have partnered to provide a solution which may help many people. The website Decrypt Cryptolocker can now be used to try and unlock files encrypted by the Cryptolocker malware.

Use of the Decrypt Cryptolocker service is free and simply requires you to upload a sample encrypted file to the website. If the website is able to decrypt your files, you can then download its recovery program and receive the unlocking master key by email.

Please note that this tool may not be able to decrypt some affected files.

Synology® Continues to Encourage Users to Update – Synolocker attack on NAS

Posted on August 6, 2014 by Mark Pace

We’d like to provide a brief update regarding the recent ransomware called “SynoLocker,” which is currently affecting certain Synology NAS servers.

We are fully dedicated to investigating this issue and possible solutions. Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. Furthermore, to prevent spread of the issue we have only enabled QuickConnect and Synology DDNS service to secure versions of DSM. At present, we have not observed this vulnerability in DSM 5.0.

For Synology NAS servers running DSM 4.3-3810 or earlier, and if users encounter any of the below symptoms, we recommend they shutdown their system and contact our technical support team here: https://myds.synology.com/support/support_form.php

When attempting to log in to DSM, a screen appears informing users that data has been encrypted and a fee is required to unlock data.

A process called “synosync” is running in Resource Monitor.
DSM 4.3-3810 or earlier is installed, but the system says the latest version is installed at Control Panel > DSM Update.

For users who have not encountered any of the symptoms stated above, we highly recommend downloading and installing DSM 5.0, or any version below:

For DSM 4.3, please install DSM 4.3-3827 or later
For DSM 4.1 or DSM 4.2, please install DSM 4.2-3243 or later
For DSM 4.0, please install DSM 4.0-2259 or later
DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from our Download Center here: https://www.synology.com/support/download.
If users notice any strange behavior or suspect their Synology NAS server has been affected by the above issue, we encourage them to contact us at security@synology.com.
We sincerely apologize for any problems or inconvenience this issue has caused our users. We will keep you updated with the latest information as we address this issue.

eBay confirms security breach, password change recommended: Alert Priority High

Posted on May 22, 2014 by Mark Pace

eBay has confirmed that an attack on its systems earlier this year compromised a database containing encrypted passwords, customer names, email addresses, physical addresses, phone numbers and date of birth information.

It has stated that the database did not contain any financial information and that it has undertaken testing, finding no evidence of unauthorised activity for eBay users. It added that data stored with PayPal (owned by eBay) such as your credit card information, is encrypted and stored separately on a secure network.

eBay has advised it will begin contacting users to change their passwords.

Regardless of whether you receive notification from eBay, if you use eBay, you should change your password immediately.

If you use the same password to log in on any other website, you should change those as well, choosing something unique and strong.

SBS 2011 Devices or Users cannot relay even after setting anonymous to the connector in Exchange Management

Posted on May 21, 2014 by Mark Pace

After spending hours trying to rectify our send connector to allow our accounting program to send invoices out, we stumble across an article from Mark Berry at https://www.mcbsys.com.

We had run the Fix My Network Wizard in SBS 2011 and after that Exchange 2010 would not accept email from non authenticated users even if the anonymous was selected.

Can’t Anonymously Send External Email

Once I had made those changes, the accounting system wouldn’t send email external, only internally to our domain/network.

When the application tried to send an email to a recipient outside the network, it failed with a 5.7.1 error:

The Persits knowledge base has a helpful article identifying the problem: it means that “the SMTP server you are using is configured to reject messages sent to outside email addresses and originating from unauthorized IP addresses or users.”

So it’s a separate setting to be able to send mail outside the organization?

Yup, and for some reason it can only be enabled from the Exchange Management Shell, not from the Console. Once I found and executed the command at the bottom of this Petri article, sending mail to external recipients worked as well:

`Get-ReceiveConnector "Default SBS" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"`

Never in a million years would I have figured that one out. Thanks Mr. Petri! (no, thank you Mark Berry for reposting in a clean easy format)

NOTE: If you need to re-run the Internet connection wizard, it will overwrite most of the above settings, and my mail wasn’t going out. So either don’t run that wizard, or make a note of your Exchange Hub Transport settings first.

ClamCase Pro for Apple iPad mini with bluetooth keyboard case – Don’t need a laptop anymore – Great for education, business and home

Posted on May 16, 2014September 20, 2017 by Mark Pace

The iPad keyboard… minified

Capable. Powerful. Portable.
The all new keyboard case pushes your device’s productivity into overdrive while maintaining its sleek and lightweight package.
Add unmatched levels of efficiency without compromising your typing experience.
Introducing ClamCase Pro for iPad mini.

With a responsive keyboard, protective polycarbonate shell and a versatile 360° stand, ClamCase has your iPad covered with unmatched versatility, style and protection. Snaps easily into the ClamCase when you want it and out when you don’t. Connectivity is easy: one touch pairing automatically syncs the keyboard case in seconds. Elevated, island style keys provide a crisp and responsive typing experience. Stunning aluminum: sleek, thin and remarkably light. Patented 360° hinge: enjoy your favorite games, movies and apps at any angle. Automatic wake and sleep function.

*Click Image for Prices – All prices Excludes GST

SBS 2011 Can’t connect to the remote computer because no certificate was configured – Remote workplace certificate error

Posted on April 28, 2014 by Mark Pace

Problem:
When connecting to Windows SBS 2011 Remote Web Access, the following error appears when trying to connect to a remote computer.

Your computer can’t connect to the remote computer because no certificate was configured to use at the
Remote Desktop Gateway server. Contact your network administrator for assistance.

Solution:
You need to repair the Remote Desktop Gateway (RD Gateway) service in the the RD Gateway Manager management console.

By default, SBS 2011 does not have the RD Gateway Manager management console enabled, The following command will properly install the RD Gateway Manager management console:

dism /online /Enable-Feature:Gateway-UI

Run this command from an elevated command prompt.

Then follow these steps

Open the Remote Desktop Gateway Manager from Administrative Tools > Remote Desktop Services.
Right-click your server name and choose properties.
Select the SSL Certificate tab.
Click the Import Certificate… button.
Choose your trusted certificate and click Import.
Click Ok.

note: you may need to assign a different certificate, then reassign the desired certificate to force RD Gateway Manager to take effect

SOURCE: Thanks to stevehardie.com – This is used for reference and internal use.

Can’t Anonymously Send External Email

Get-ReceiveConnector "Default SBS" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

The iPad keyboard… minified

Capable. Powerful. Portable. The all new keyboard case pushes your device’s productivity into overdrive while maintaining its sleek and lightweight package. Add unmatched levels of efficiency without compromising your typing experience. Introducing ClamCase Pro for iPad mini.

`Get-ReceiveConnector "Default SBS" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"`

Capable. Powerful. Portable.
The all new keyboard case pushes your device’s productivity into overdrive while maintaining its sleek and lightweight package.
Add unmatched levels of efficiency without compromising your typing experience.
Introducing ClamCase Pro for iPad mini.