Spear Phishing is a targeted email attack and the message will typically come from someone you know.  We’ve been seeing this type of attack more frequently and the latest one had an interesting twist.  Using our domain, sevenlayers.com and changing the names to protect the innocent, the email was crafted as follows:

Read more: Spear Phishing

On more than one occasion, I've been remote to a machine and needed to pull the service tag.  Dell has a mechanism on their site which can get that information for you but I seem to recall it only works when you're physically on the machine and not accessing it through an RDP connection.

Since I access almost every machine while being remote, you can see how that poses a problem.

Read more: Dell Service Tag Remote Lookup

You've run a tool, such as ZAP, against your web site in an attempt to harden it and you discover your site is prone to 'clickjacking'. 

A quick search reveals:


The malicious practice of manipulating a website user's activity by concealing hyperlinks beneath legitimate clickable content, thereby causing the user to perform actions of which they are unaware.

Read more: Apache - Prevent Clickjacking

Seems I've encountered this issue several times over the last few weeks with Windows Server 2012.  I attempt to install updates and the progress bar will hang, essentially stalling out.  I cancel, I restart but I end up in the same place.

When I first saw this issue, I read something about setting updates to install automatically in the middle of the night which managed to get the updates installed but it doesn't actually solve the problem.

Read more: Windows Update error 0x800F081F

We have several clients using OpenVPN in one form or another but I was playing around with the OpenVPN appliance available for download here:


As a side note -- they warn you against using VMWare Player.  While I didn't use Player, I was testing it out in VMWare Workstation 11 and it works perfectly. 

Read more: OpenVPN WebUI Login Issue

While attempting to install .NET Framework 3.5 from Add Roles and Features fails with the error:  "The source files could not be found".  Attempting to install from the .NET 3.5 Framework install fails pointing you back to Add Roles and Features.

Read more: .NET Framework 3.5 feature install fails on Windows Server 2012