Category Archives: Security

Meltdown and Spectre

Google’s Project Zero team( researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications.) discovered serious security flaws caused by “speculative execution,” a technique used by most modern processors (CPUs) to optimize performance.

These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.

Desktop, Laptop, and Cloud computers may be affected by Meltdown. Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013)
Because Meltdown and Spectre are flaws at the architecture level, it doesn’t matter whether a computer or device is running Windows, OS X, Android, or something else — all software platforms are equally vulnerable.

CVE-2017-5715 (branch target injection)
CVE-2017-5753 (bounds check bypass)
CVE-2017-5754 (rogue data cache load)

Windows Servers-based machines (physical or virtual) should get the Windows security updates that were released on January 3, 2018, and are available from Windows Update. The following updates are available:

Operating system version Update KB
Windows Server, version 1709 (Server Core Installation) 4056892
Windows Server 2016 4056890
Windows Server 2012 R2 4056898
Windows Server 2012 Not available
Windows Server 2008 R2 4056897
Windows Server 2008 Not available

More read from below links

https://googleprojectzero.blogspot.in/2018/01/reading-privileged-memory-with-side.htmlhttps://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.htmlhttps://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/

Advertisements

How to Activate or Renew Symate License

After your Symantec  trial expired what need to be do.Below the document shows how will activate or renew license.

How to Activate Symate License

License Types and Policy

SEP EE Licensing guide

Datasheet

symantec-endpoint-protection

Windows Authenticator(WinAuth)

WinAuth is a portable, open-source Authenticator for Windows that can

be used as a 2FA including Bitcoin / crypto-currency websites, any

service that requires the Google Authenticator, and games such as

World of Warcraft, Diablo III, Guild Wars 2, Rift, ArcheAge. WildStar,

Runescape and Steam.

YubiKey
WinAuth can use a YubiKey to encrypt its data, ensuring your

authenticators’ information cannot be read by anyone even when they

have physical access to your computer.

A YubiKey Standard or NEO 2.2.x or later is required.

HOTP / Counter-based Authenticator
A HOTP authenticator can be Adding a normal “Authenticator” and either

pasting in a counter-based KeyUri or choosing the counter option.

Code
CodeIssues
IssuesPull requests
Pull requestsPulse
PulseGraphs
GraphsHTTPS clone URL
Copy to clipboard Subversion checkout URL Copy to clipboard
You can clone with HTTPSor Subversion. Get help on which URL is right

for you.Clone in Desktop Download ZIP Authenticator for Battle.net /

Steam / Guild Wars 2 / Glyph / WildStar / Runescape / SWTOR / Bitcoin
https://winauth.com 367 commits 5 branches 55 releases 2

contributors C# 97.3% C 2.5% Other 0.2% C# C Other
Quickly jump between filesCompare, review, create a pull

requestBranch: master Switch branches/tags  Branches Tags 2.x MONO

master origin/master wiki Nothing to showWM6_0.5.1018 3.2.15

3.2.13 3.2.12 3.2.6 3.2.5 3.2.4 3.2.3 3.1.8 3.1.6 3.1.5

3.0.22.2 3.0.21 3.0.20 3.0.17 3.0.14 3.0.12 3.0.11 3.0.10

3.0.8 3.0.7 3.0.6 3.0.5 3.0.0 2.0.10 2.0.9 2.0.8 2.0.7 2.0.6

2.0.5 2.0.4 1.8.1323 1.7.1314 1.7.1311 1.5.1116 1.5.0 1.4.1170

1.4.1168 1.4.1166 1.4.1163 1.4.1161 1.4.1159 1.4.1156 1.3.1051

1.2.1045 1.2.1041 1.1.1035 1.0.1030 0.9.1025 0.8.1016 0.8.1010

0.7.107 0.5.103 0.4.1 0.4 Nothing to showwinauth /  You must be

signed in to make or propose changesFix #226: upgrade to .Net 4.5 and

force TLS

Copy SHA latest commit 618f11fbef
winauth authored Sep 23, 2015
Permalink  Failed to load latest commit information.
  Authenticator  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23,

2015
  Third Party  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23,

2015
  WinAuth.YubiKey  Clear password field.  Jul 1, 2015
  WinAuth  Fix #226: upgrade to .Net 4.5 and force TLS  Sep 23, 2015
  packages  Add Steam authenticator  May 28, 2015
  LICENSE  Initial upload of beta version.  Jul 27, 2010
  README.md  Add 3.2.16  Sep 17, 2015
  WinAuth.sln  Issue#201: don’t decode URI on TextChanged but on

button  Jun 18, 2015
  winauth3-preview.png  Update v3 preview  Jul 18, 2013

README.md
Windows Authenticator
WinAuth is a portable, open-source Authenticator for Windows that

provides a time-based RFC 6238 authenticator and common

implementations, such as the Google Authenticator. WinAuth can be used

with many Bitcoin trading websites as well as games, supporting

Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm,

Diablo), Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape,

SWTOR and Steam.

———————————————————————-

———-

Download Latest Version
The latest stable version is WinAuth 3.1.8, and is available to

download from this source repository to compile yourself, or as a

pre-compiled binary from WinAuth downloads.

———————————————————————-

———-

WinAuth 3.2 (development)
The next version of WinAuth is in development. This release includes

both the new Steam Guard Mobile Authenticator, integration with

YubiKey to enhance your authenticator security and a HOTP

implementation.

Steam Guard
WinAuth can be registered as a new mobile device to create a Steam

authenticator and displays the appropriate 5 character codes.

Please read about the Steam Guard Mobile Authenticator for more

information.

YubiKey
Anyone with a YubiKey can now use it with WinAuth to further protect

their data. This will help ensure the authenticators’ secret keys

cannot be read by anyone even when they have physical access to your

computer.

A YubiKey Standard / NEO 2.2.x or later is required.

WinAuth 3.2.16 is available to download.

This is a pre-release version and should not be used with live

accounts. The configuration file updated by 3.2 is not backward

compatible with 3.1. Please make a backup of your current

authenticator data first, which is store in c:\Users<username>

\AppData\Roaming\WinAuth\winauth.xml.

WinAuth 3.1 (stable)
WinAuth provides an alternative solution to combine various two-factor

authenticator services in one convenient place.

Download Latest Version (WinAuth-3.1.8)

License
This program is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 3 of the License, or (at

your option) any later version.

This program is distributed in the hope that it will be useful, but

WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

General Public License for more details.

You should have received a copy of the GNU General Public License

along with this program. If not, see http://www.gnu.org/licenses/.

Features include:

•Support for time-based RFC 6238 authenticators, and common

implementations such as Google Authenticator.
•Supports Battle.net (World of Warcraft, Hearthstone, Heroes of the

Storm, Diablo III), GuildWars 2, Trion / Glyph (Rift, ArcheAge),

RuneScape, WildStar, SWTOR and Steam
•Supports many Bitcoin trading websites such as Bitstamp, BTC-e,

Coinbase, Cryptsy
•Displays multiple authenticators simultaneously
•Codes displayed and refreshed automatically or on demand
•Data is encrypted with your own personal password and can be locked

to Windows machine or account
•Additional password protection per authenticator
•Restore features for supported authenticators, e.g. Battle.net and

Rift
•Selection of standard or custom icons
•Hot-key binding with standard or custom actions, such as code

notification, keyboard input, and copy to clipboard
•Portable mode preventing changes to other files or registry settings
•Export in UriKeyFormat
•Importing authenticators in UriKeyFormat and from Authenticator Plus

for Android

Download software from
https://github.com/winauth/winauth

Step by step
https://www.maketecheasier.com/google-authenticator-windows/

%d bloggers like this: