Bad Rabbit ransomware attack

A new ransomware named Bad Rabbit is spreading mostly in Europe and Russia and is spreading to other countries, according to ZDNet.com. It infects websites and prompts users to install a fake Flash update.  The ransomware will attempt to spread across networks once it is installed on one computer.

Windows Defender can remove this threat with update 1.255.29.0 and higher, so make certain that Windows Updates are current.

US-CERT (U.S. Computer Emergency Readiness Team) has logged the issue.

Security vulnerability found in Wi-Fi WPA2 protocol

A security weakness named “Krack Attack” was found in the popular WPA2 protocol used for Wi-Fi access on computers, tablets and smartphones.  This would allow a hacker to spy on data sent via Wi-Fi under these conditions:

  • The website currently being used is not secured (no https:// used in web address)
  • The hacker is in range and connected to the same Wi-Fi network.

Microsoft stated that it issued a security update on October 10th 2017 to fix this issue and should have been installed as part of standard Windows Updates .

The CERT Vulnerability Notes Database has logged this issue as Vulnerability Note VU#228519.

More information can be found at www.krackattacks.com.

T-Mobile Web API bug reportedly exposed customer data

ARS Technica reported that cell phone carrier T-Mobile had a web API bug that exposed customer data for a time but is now fixed.   The bug was contained in the wsg.t-mobile.com API and it allowed users to pull customer data by entering the customer phone number as a parameter.

T-Mobile has stated that it has no evidence that customer accounts were affected by this and that the issue was quickly resolved, according to cnet.com.

SQL Server 2017 released on October 2nd 2017

On October 2nd, Microsoft released SQL Server 2017 for Windows, Linux, and Docker in the following editions:

A list of new features can be found at docs.microsoft.com/en-us/sql/sql-server/what-s-new-in-sql-server-2017SQL Server PowerShell has also been updated.

SQL Server 2017 has updated Transact-SQL (T-SQL) syntax.  Recommended updates and configuration options for high-performance workloads are also available.

Additional information regarding SQL Server 2017 may be found here.