Update Firefox Now!
Jan 14, 2020
IT Known Issues with Latest macOS Catalina
Nov 26, 2019
Multi-Factor Authentication Countdown
Nov 22, 2019
CCleaner Not Authorized On Lab Computers, Must Be Removed
Nov 04, 2019
[Completed] Indico was upgraded to v2.2 on Sept 27 at 2PM
Sep 18, 2019
Malwarebytes Enterprise License Retired
Sep 06, 2019
IT Best Practices
Sep 05, 2019
Update Your iOS Devices Now!
Sep 04, 2019
[Resolved] Intermittent DNS Failures Aug 30 2019
Aug 30, 2019
[Resolved] Networking Outage Impacting Telephone Services
Aug 19, 2019
Multiple Microsoft Remote Desktop Vulnerabilities
Aug 16, 2019
[Resolved] Smartsheet Outage
Jul 31, 2019
Just as your operating systems need to be patched, so do your browsers. Mozilla recently disclosed a critical vulnerability in Firefox, and advises all users to patch it immediately:
If Firefox is configured to update automatically, patching is as simple as restarting your browser. Users should verify they are running at least version 72.0.1. For your reference Mozilla provides instructions for updating and verification here.
Thanks to BigFix, IT User Support is able to identify vulnerable software running on LBL systems. If you wish to receive proactive communications regarding the health of your computer, you can Download BigFix and install it. If you have further questions about BigFix, please Request Help.
Lastly, users should follow IT Best Practices to ensure computer health.
IT Workstation Support has catalogued the recent issues users have encountered when upgrading their system to the latest macOS Catalina. They are:
32-bit applications will not run on Catalina, see table below
Top 10 32-bit Applications in-use
Microsoft Word, what version?
Microsoft Excel, what version?
Microsoft Powerpoint, what version?
mdworker32 (Office365 process)
Adobe Acrobat XI Pro (This software is out of compliance and must be upgraded to the subscription version, see Adobe Acrobat Pro DC)
Carbonite (This software is no longer the Lab’s enterprise backup software, see Druva inSync)
Adobe Application Manager
Applications will request proper permissions to run
Chrome Remote Desktop
Download and install latest driver (beta release), https://www.displaylink.com/downloads/macos
Toshiba copiers fail to print with a “filter failed” error message
On Mac OS 10.15 Catalina, you need to allow Zoom access to Screen Recording to share your screen.
As with any major operating system upgrade, users should always do the following:
Perform a hardware assessment and check for compatibility
Mac compatibility list - see https://support.apple.com/en-us/HT210222
User must check with the hardware vendor for any external equipment
Perform a software assessment and check for compatibility - users can check https://roaringapps.com/ for software compatibility
Ensure you have all software licensing information if you need to reinstall software
Perform a data assessment and backup all data
Perform upgrade in place or from scratch
If you upgrade to macOS Catalina and something stops working, contact IT User Support at x4357 or email to help@@lbl.gov and we will be glad to help.
December 9th, the beginning of MFA enforcement for all staff, affiliates, and contractors is quickly approaching.
All LBL users must activate MFA for their Berkeley Lab enterprise accounts by this date, or risk losing access to email, LETS, and all other services protected by their Berkeley Lab Identity.
Visit go.lbl.gov/mfa to get started today.
As of Oct 17, 2019 Workstation Support is under guidance from LBL cybersecurity to remove CCleaner from all Lab systems.
Computers that have BigFix (Active Mode) installed will have a pop-up appear informing the user of the action and provide a button to click for easy uninstallation.
We are looking at other options to handle the functions that CCleaner provides, but in the short term, we need to remove it from all Lab systems. Workstation Support will be removing CCleaner beginning Friday, Nov 1, 2019.
Additionally, the free version of CCleaner cannot legally be installed on Laboratory computers.
CCleaner can be removed either via BigFix or via the Windows standard "Add and Remove" programs menu.
If you don't have BigFix installed on your system please see our IT Software Download Page at https://software.lbl.gov/.
If you need help removing CCleaner please contact the Help Desk at xHELP (x4357).
The LBL Indico instance (https://conferences.lbl.gov) was upgraded from v1.2 to v2.22 which provides a new interface and features in addition to bug fixes after being inaccessible from 10AM-2PM on Friday, September 27, 2019.
You can now log into Indico with your Berkeley Lab Identity credentials using single sign-on (SSO). The first time you login, you may notice a message letting you know it is the first time you have used this form of authentication to login.
This and other changes are highlighted in the Commons page here: https://commons.lbl.gov/x/FgGoCg
Just a reminder that on June 1, 2019, Malwarebytes was no longer being offered by Berkeley Lab IT. Existing clients will continue to function, but will not receive updates. IT recommends that users uninstall Malwarebytes. This can be done manually, or users can wait until they see a BigFix Offer from IT, which will remove the application automatically. For further information, refer to our Malwarebytes FAQ site.
Berkeley Lab computers are constantly under attack, but what should we, as users, do to protect ourselves and our systems? According to research conducted by Google, users and security experts often have different ideas as to what the best steps are to be taken.
To make it easier, Berkeley Lab IT has developed a series of IT Best Practices that all staff should follow when using Lab computers. These best practices address the most important security recommendations, data protection, and performance optimization.
IT Best Practices include:
Install BigFix on ALL computers. BigFix is used to help keep your operating system and common applications up to date. There is even a Passive mode that you can use if don’t want any updates done automatically.
To make sure that updates are installed, it is also essential that you REBOOT your computer regularly! BigFix will also tell you when your system needs a reboot.
Use LastPass, a password manager which IT provides for free. LastPass makes it easy to make sure you always use strong, unique passwords.
Enroll in the Lab’s Multi Factor Authentication (MFA) system. With MFA enabled, an attacker who knows your Lab password still won’t be able to log in.
Install Sophos on all workstations. Sophos is provided for free by Berkeley Lab IT.
Use Druva inSync to backup your workstation data, $51/yr for up to 10 computers
Use VPN when on public networks (including LBL’s Visitor Wireless) or on travel. It is a good idea to use VPN whenever possible while offsite.
As most people know, keeping your software updated is the number one thing you can do for cyber security. What is less well known is how important this is on mobile devices, such as iPhones and Android devices. A recent set of vulnerabilities announced in iPhone devices both makes it a priority to update now and serves as a reminder of the importance of updating regularly.
You can read more about newly accounced vulnerablities at https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
There is good news, update and reboot your iOS devices now to ensure they are secure.
This outage was resolved at ~2pm Aug 30.
Prior Information Follows:
Outage: Intermittent DNS failures are causing slow network response times and intermittent application outages
General Impact: Our DNS servers are having trouble responding to queries. The servers are having longer than normal response times for those queries to increase and some queries are failing. These failures may manifest themselves as slow web pages, login failures, and slow server response times.
we are investigating the cause of the issue and will update you as we have more information
Resolved at approx 2:10PM Monday Aug 19
A networking switch failure is impacting the following services:
Internal Telephone Calls to/from some buildings.
Inbound Telephone Calls to some buildings.
Verizon Coverage in Building 59
There is not an ETA for resolution at this time.
On August 13, 2019 Microsoft released a warning to update and reboot your system due to new Microsoft Remote Desktop Services vulnerabilities:
This affects the following operating systems:
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Windows 10
Microsoft Windows 8
Microsoft Windows 7
Berkeley Lab IT suggests all Windows users patch and reboot all systems immediately. Updates will also be released using BigFix for systems that were not patched through normal operations.
Advice: Always keep your system and all software up to date and REBOOT at least once a month.
Smartsheet is reporting that Smartsheet application, mobile app, and API are offline. For more information please see: https://status.smartsheet.com/.
During the renewal process, Adobe made a provisioning error, which impacted the Lab’s Adobe DC Pro licenses. Adobe has acknowledged that this was their mistake and apologizes for the inconvenience.
To correct this error, and reactivate your Acrobat Pro DC license, follow the instructions below:
Did you receive a message similar to those below?:
1) Launch Acrobat Pro DC by clicking the Acrobat icon or selecting it from your product list.
2) If Acrobat access is successful, Sign Out of Acrobat by clicking the (1) Help menu and (2) “Sign Out” (see image below):
3) Otherwise, you should see the “Sign In Required” dialog box like the one below. Click the blue “Sign In Now” button in the lower-right (see image below):
4) You should see the login dialog box below. If you know the Adobe ID that is associated with your Acrobat Pro DC license, enter the email address (typically your LBL email address) and your password. If you don’t know your password, click on the “Forgot password?” link in the lower-right of the dialog box (see image below):
5) If you clicked on “Forgot password?” you will see the forgot password box below. Just enter the Adobe ID email address associated with your Acrobat Pro DC license (your LBL email address) and click the blue “Next” button and follow the instructions.
IF FOR SOME REASON THE STEPS ABOVE DON’T WORK OR DO NOT COVER WHAT YOU ARE SEEING, TRY THE WORKAROUND BELOW:
1) Click on https://www.adobe.com/ or type it into your browser.
2) Click the (1) Icon in the upper-right corner and then (2) click “Sign Out” (see image below):
3) Then click “Sign In” and enter the Adobe ID that is associated with your Acrobat Pro DC license (typically your LBL email address) and your password. If you don’t know your password, click on the “Forgot password?” link (see images below):
If you are still experiencing difficulties after completing these steps, please Request Help.
Berkeley Lab Cyber Security has discovered bad guys exploiting Apple’s Remote Management service to conduct reflected denial-of-service (DoS) attacks. In response, they have temporarily blocked port 3283 UDP at the network border to prevent further abuse. This should have no noticeable impact to anyone.
What to do?
In order to protect Berkeley Lab computers from participating in this hostile activity, we require all users to disable Apple Remote Management Service. To disable this service:
- In Apple Menu, select System Preferences
- Select Sharing
- Uncheck Remote Management
This change will not have any adverse effects for most users and in fact is the Apple default. You can still use Apple Remote desktop and VNC to connect if you enable "Screen Sharing". If you believe disabling Remote Management will create an adverse situation for you, please contact firstname.lastname@example.org.
IT will use BigFix to prompt users to automatically disable the Apple Remote Management Service on all systems running in Active Management Mode. For systems in Passive Management Mode, a BigFix Offer will be provided for users to disable it manually.
- You can read more about reflected denial-of-service (DoS) attacks at https://www.us-cert.gov/ncas/alerts/TA14-017A.
- For more information on this threat, please see Netscout’s article “A Call to ARMS: Apple Remote Management Service UDP Reflection/Amplification DDoS Attacks.”
LabTech Everyday Event Coming To You
You asked, we listened! We’re bringing LabTech to you!
Monday, July 22, 2019 @ 10AM
Outside patio between Bldg. 62 and Bldg. 66
Come see us to learn how IT can help you with all your computing needs. We will be offering no-cost consulting on:
Scaleable, cost efficient centralized IT services
High Performance Computing
Backup and Multi Factor Authentication guidance
For more information, see scienceit.lbl.gov.