Reading Time: 17 minutes
Comodo One. Understanding Procedures
How to filter procedures
Step 1: Go to ITSM > CONFIGURATION TEMPLATES > ‘Procedures’ and click Filter icon
Step 2: Fill the form expanding from Filter icon (** User can fill any of the fields in the form and apply for filter the procedure)
1. Name – complete name or partial name of the procedure you would like to filter
Step 3: Select an appropriate value from the Type drop-down
1. All – The result includes all type of procedures
2. Custom – The result includes only the procedures which are created by users
3. Predefined – The result includes only the predefined procedures which are packed with ITSM
Step 4: Select appropriate value from the Status drop-down
1. All – Filters all available status of procedures
2. Created – The result includes only the procedures which are just created
3. Edited – The result includes only the procedures which are just edited
4. Ready to Review – The result includes all procedures which are ready for review
5. Approved – The result includes all approved procedures
6. Declined – The result includes all declined procedures
Step 5: Select appropriate value from the Content Type drop-down
1. All – both ‘script’ and ‘patch’ type of procedures become in the result
2. Script – ‘script’ procedures be filtered
3. Patch – ‘patch’ procedures only be filtered
Step 6: Fill the rest of the fields one by one and click “Apply” button from the form to get the result that matches the applied parameters
1. Created By – enter email id of the user who created the procedure
2. Created On – enter the date when the procedure was created
3. Last Modified By – enter email id of the user who lastly modified the procedure
4. Updated at – enter the date when the procedures was modified recently
5. Description – enter text to explain about the procedure
6. Script – enter any content that parts of the body of the script or code to filter out the contained procedures
How to create and run script procedure in devices?
Comodo python procedures are available in ‘Predefined Procedures’ Folder. Additionally, ITSM User can create custom python procedure and run the same over enrolled devices.
Step1: Go to “Configuration Templates” > “Procedures” > “Create” > “Create Script Procedure” and fill the form
- 1. Procedure name – Type procedure name
- 2. Description – Type description of the procedure
- 3. Folder – Choose folder from the drop-down [Default value is My Procedure]
- 4. Click Create button – To submit the form
Step 2: Go to “View Procedure” tab and Click the ‘Edit’ icon.
- 1. Paste or type your python script using the text editor
- 2. User can also use the existing procedure with the new procedure by the steps below
- a. Click Add Existing Script button
- b. Type the name of the existing script
- c. Choose the script and Click Add button
- d. Once the script gets loaded into the text editor, modify and save the procedure
- 3. Click Save button to save the script
Step 3. Review and Approve the procedure by Clicking Ready to Review and Approve icon one after another.
Step 4: To run the procedure over “Selected Devices” or “All devices”, follow the steps below.
- A) Go to ‘Configuration Templates’ > ‘Procedures’ and Choose the procedure from the list
- B) Click ‘Run’ icon
- C) Choose “All devices” to run the procedure over all devices or Choose Selected Devices to execute the procedure over selected devices.
- D) Select “Run as system user’ to run the procedure as ITSM user (Administrator privilege) or Select ‘Run as logged in user’ to run the procedure as logged in user from the local machine.
- E) Click ‘Run’ button to apply the procedure for the devices.
- F) To Check procedure logs, follow the below steps.
- a. Go to “Execution Log” tab
- b. Click ‘Details’ link for more details for the specific log
- c. Click (…) the Expand icon to view complete output of the execution
Step 5: To run the procedure from the specific device, follow the steps below,
- A) Go to “Devices” > “Device List”
- B) Click the specific device from the table
- C) Click “Run Procedure” button
- D) Once the popup form presents, Type and Choose required procedure from the search box.
- E) Select “Run as system user’ to run the procedure as ITSM user (Complete privilege) or Select ‘Run as logged in user’ to run the procedure as logged in user of the local machine.
- F) Click ‘Run’ to apply the procedure over devices.
- G) Technician can view procedure logs from the navigation “Devices” > “Device list” and by the
- a. Select the specific Device
- b. Click Procedure Logs
How to schedule the procedure using profiles
Technicians can schedule script procedures in profiles and apply it on desired devices.
Step 1: To schedule procedure, Go to “ITSM” > “Configuration Templates” > “Profiles”
- A) select the profile which you wish to schedule script procedure
Step 2: If “Procedure” tab not available in profile follow the step otherwise go to Step 3.
- A) Click ‘Add Profile Section’ icon and select “Procedures” menu from the drop down list
Step 3: Click “Add” button from “Procedures” tab. A popup screen will appear to add existing script procedure.
- A) Choose the script procedure from the search box Procedure Name, select the date from the Start Date field, select the value from Schedule drop-down, Select the time from the Scheduled Time and Select ‘End Date’ from Finish Date and Choose the date from the field next to Finish Date.
- B) Select “Run as system user’ to run the procedure as ITSM User (Administrator Privilege) or Select ‘Run as logged in user’ to run the procedure as Logged in User of the local machine.
Step 5: Click ‘Add’ button to successfully complete schedule of the procedure.
Once the steps are completed, the scheduled procedure will be run automatically on devices where the profile is applied.
How to use script categories and keep them organized?
Step 1: Go to ITSM -> Configuration Templates and then click “Procedures” menu.
Step 2: ITSM has two folder categories:
1. My Procedures folder – The Custom patch Procedures or Custom script procedure can be saved in this folder.
2. Predefined Procedures folder – Built-in patch procedure or script procedures were stored in this folder.
Step 3: Click Expand Icon to View the Sub-folders.
Example 1: Main Folder – My Procedures
Sub-folder – The My Procedures folder has inbuilt sub-folders namely
1. Ready For Review
Example 2: Main Folder – Predefined Procedures
Sub-folder – The Predefined procedure folder has inbuilt sub-folders namely:
3. File Operations
4. Task Scheduler
5. Log Collection
6. Patch deployment.
Step 4: A User can add, delete, edit the sub-folder in “My Procedure folder”.
Note: The User cannot the edit the predefined procedures and its sub-folder, but he can clone the procedure.
Step 5: To add a sub-folder to “My Procedure folder”, click the Add button.
1. Give a name for sub-folder and then click the add button.
Example: Log Script is added as a sub-folder for My Procedures.
Step 6: Click Edit icon to rename the sub-folder.
Step 7: Click delete icon to remove the sub-folder.
Step 8: Click the folder name to view the saved procedures.
Example: Click ” Ready for Review” Folder, the procedures which are be reviewed will be saved here.
Step 9: While creating a new procedure, follow below steps
1. [*=1]Click create procedure button and fill the form by providing a name and a description.
In the folder drop-down, choose the category folder to which the user want to add the procedure.
Example: Procedure Name: Restarts Service
Description: Service that has been stopped can be restarted.
Folder: To add the procedure to Service Child folder, select services from the drop down.
Step 10: For existing procedures, Click the name of the procedure and click edit button set,
1. Change the folder by clicking the drop down.
2. Choose the appropriate folder and save.
Example: “Network” child folder is being chosen from the drop down.
How to create and apply patch procedures to devices
Create a custom patch procedure
Step 1: Go to ITSM -> “Configuration Templates” menu and select “Procedures”.
Step 2: Click on the “Create” icon and click “Create Patch Procedure”.
Step 3: Click ”Add Profile Section” icon and select “Procedures” from the drop-down.
- 1. Patch procedure name – Enter the patch procedure name.
- 2. Description – Enter the description.
- 3. Folder – Select the folder to added the procedure under that folder.
Step 4: Select the patch procedure, to set and apply settings
- 1. General section – Modify Name, Description and folder and define the alert setting.
- 2. Exception options – Select your desired update option for your procedure from “choose the Microsoft software update”.
- 3. Restart Control – The “Restart Control ” provides three restart options, they are:
- i. “Force the reboot in” – The reboot operation will be applied to the device at the mentioned time without user’s permission. Example – 5 minutes.
- ii. “Suppress the reboot” – The reboot operation will be suppressed.
- iii. “Warn about the reboot and let users postpone it” – The warning message will be sent to user’s device and the reboot operation will be performed by his desire.
- Set the reboot options as per required.
- 4. Schedule – The list of profiles will be displayed if the procedure is being scheduled on that profile
- 5. Execution Log – The result of the procedure output are displayed in this section.
Apply patch procedures to Devices
You can run a patch procedure on a device in three different ways,
Apply patch procedures to Device via “Procedures” :
Step 1: Go to “Configuration Templates” and select “Procedures” menu.
Step 2: Select the checkbox of the patch procedure for which you want to apply to the device and click “Run” button.
Step 3: A ‘Run Procedure’ dialog box appears, choose appropriate options and click “Run” button.
- i) All Devices -The procedure will be applied to all enrolled devices.
- ii) Selected Devices – To add a device, enter the name of the device in which you want to apply the procedures. To remove the added devices click the x mark of the system.
- iii) Run as system user – The procedure will run as System user.
- iv) Run as logged in user – The Procedure will run as Logged in user.
Step 4: The patch procedure will be sent and executed in that devices. Go to “Execution Log” tab and click “Details” link to view the result.
Apply patch procedures to Device via “Device List”:
Step 1: Go to “Devices” and select the “Device List” menu.
Step 2: Select the device, in which you want to run the patch procedure.
- 1.Click the “Run Procedure” button, “Run Procedure” dialog box appears.
- 2.Type the patch procedure name in the text field and choose the procedure.
- 3.Choose either “Run as system user” or “Run as logged in user” based on the rights and Click “Run” button.
Step 4: The procedure will be sent to that device and executed.
Apply patch procedures to Device via “Profiles”:
A patch procedure can be scheduled to run on the devices using profiles. Thus the patch procedure run on the devices under that profile at the mentioned time. It saves the time of the user.
Step 1: Go to ‘Configuration Templates’ -> ‘Profiles’.
Step 2: Select the profile to which you want to add the profiles from the list.
Step 3: Click “Add Profile Section Icon” and Select “Procedures” from the drop-down.
Step 4: Add the procedure to the “Procedures” section of the profile by clicking the “Add” icon button. The “Add Existing Procedure Dialog” box appears. Fill the form:
- 1. Procedure name – Type the name of the patch procedure that you want to add to the profile.
- 2. Start Date – Give the start date of the schedule.
- 3. Schedule – Define the schedule frequency.
- 4. Scheduled Time – Set a time at which the procedure need to be run.
- 5. Run as system user – The procedure will run as System user
- 6. Run as logged in user – The Procedure will run as Logged in user and click the “Add” button.
Step 5: Click Save button in the “Procedures” tab. The procedure will be added to the profiles then the patch procedure will execute in the devices as scheduled.
How to generate an alert when patch procedure fails to execute as intended
In ITSM alert can be configured for scheduled procedures in profiles. Alert will be triggered when procedure fails to execute as expected.
Step 1: Go to ITSM -> “Configuration Templates” and click “Procedures”.
Step 2: Click existing patch procedure name to which you want to add the alert settings from the list. Example: “Windows Update” patch procedure.
Step 3: Go to “General” tab and click “Edit” button.
- 1. Select the checkbox of “Use alert settings when the procedure fails” option
- 2. Type the name of the alert that you want to trigger when the procedure fail in the text box below the “Use alert settings when the procedure fails” option
- 3. Select the procedure from the drop-down and click save button. Example: “Update Failed” Alert
Note: Only the existing alerts can be added to the procedure.
Step 5: The changes will be applied to the procedure. Thus the user will receive the alert based on the alert setting, if a patch procedure fails.
How to import, export and clone procedures
Procedures can be exported from ITSM application to a local computer. Similarly, a procedure can be imported from the local computer to ITSM application hence the both way helps the user to easily create a procedure on ITSM. Also as ITSM user, you can clone a procedure from a procedure that already exists in the ITSM so that user can use the existing procedure so quickly and easily.
Step 1: Launch ITSM and go to ‘CONFIGURATION TEMPLATES’ -> ‘Procedures’.
To Export a Procedure
Step 2: Select any procedure from the Procedure List Table and click ‘Export’ icon
Step 3: Click the Save button with choosing of the respective location
Step 4: A JSON file will be saved in the location you have chosen
To Import a Procedure
Step 2: Click the “Import” icon
Step 3: Click the ‘Save’ button with choosing of the respective location.
Step 4: A JSON file will be saved in the location you have chosen.
To Import a Procedure
Step 2: Click the “Import” icon.
Step 3: Click the ‘Browse’ button from the ‘Import Procedure’ popup window.
Step 4: Select a Script file (JSON) from the local computer and click the button “Open”.
Step 5: Check whether you have chosen the right file from the ‘Import Procedure’ window and click “Import” button
Step 6: Check the ‘Procedures’ List Table whether you have the Script file on the top of the list.
To Clone a Procedure
Step 2: Choose any procedure from the ‘Procedures’ Table List and click ‘Clone’ icon.
Step 3: Fill the ‘Clone Procedure’ form then click the button “Clone”.
You can change the name of the procedure, description, and folder while cloning a procedure otherwise keep the default values on the fields.
Step 4: Check the ‘Procedures’ List Table whether you have the Script on the top of the List.
How to combine procedures to build broader procedures
The guide explains and instructs that as an administrator, how I can combine more than one procedures suppose they collect data (to generate a whole report without having user interaction) and when they perform actions (to do some tasks silently) and to do etc in the endpoint
Step 1: Launch ITSM
Step 2: Go to ‘CONFIGURATION TEMPLATES’ -> ‘Procedures’.
Here is the two cases are available such as combining with selecting Existing Procedure and combining with new procedure.
If the user selects existing procedure then the steps below are followed.
Condition: Clone the existing procedure that you want to select is a safe idea suppose if you have any exception on combination.
Example Scenario: As a user, I would like to combine the script “Check and Fix Default Disk Problem” to another existing script “Copy and Install specific MSI package from valid Network Location”
Step 3: Select Existing Procedure from the table.
Example: Copy and Install specific MSI package from valid Network Location.
Step 4: Click ‘View Procedure’ tab.
Step 5: Click ‘Edit’ button.
Step 6: Click ‘Add Existing Procedure’.
Step 7: Type the specific Procedure Name you want to combine with the Procedure.
Step 8: Select the script from the drop down and click the ‘Add’ button.
Repeat the steps 6, 7 and 8 if you would like to add more scripts here.
As per the example scenario, you have the code for both the procedure now.
Step 9: Click ‘Save’ button to update the script and Run the script to get the desired outcome.
If the user create new procedure to combine the existing procedures then follow the steps below.
Example Scenario: As a user, I would like to combine the scripts “Check and Fix Default Disk Problem” and “Copy and Install specific MSI package from valid Network Location” in a new procedure.
Step 10: Click Create icon and Select “Create Script Procedure” from the drop down
Step 11: Fill the fields from the pop-up forms such as Name, Description, and Folder and click ‘Create’ button.
Step 12: Click ‘View Procedure’ tab.
Step 13: Click ‘Edit’ button.
Step 14: Click ‘Add Existing Procedure’ from the Editor.
Step 15: Select the Script you want to add here and click ‘Add’ button.
Repeat the steps 14 and 15 if you would like to add more scripts here.
Step 16: Click ‘Save’ button to save the script and Run the script to get the desired outcome.
USCYBERCOM Released New Malware Samples
New malware samples associated with the operations of Russian threat actors Turla and Zebrocy have been released this week by the United States Cyber Command (USCYBERCOM).
Turla was most recently observed attacking a European government agency with numerous backdoors, connected to malicious activities dating back two decades and often referred to as Rat, Waterbug, Venomous Bear, Belugasturgeon, and KRYPTON.
USCYBERCOM posted new samples of the ComRAT Trojan on VirusTotal on Thursday, which is suspected to be one of the oldest malware families employed by Russia-linked threat actors.
The FBI is extremely optimistic that ComRAT malware is being used by Russian-sponsored APT actor Turla, an intelligence organisation operating for at least a decade, to hack victim networks. A malware intelligence study from the Cybersecurity and Information Protection Agency (CISA) reports that the group is well known for its customised software and tailored operations.
The report shares knowledge about a PowerShell script that is used to mount another script that loads the ComRAT version 4 DLL in turn. CISA clarifies that the malware contains DLLs used as contact modules that are inserted into the default browser and that use a called pipe to communicate with the ComRATv4 code. In order to accept commands and exfiltrate files, a Gmail web interface is used.
A total of five ComRAT files and two samples identified with the Russian threat actor Zebrocy were posted by USCYBERCOM on VirusTotal.
The Russian hacker community, initially detailed in 2018, is considered part of the notorious Sofacy APT (also referred to as APT28, Fancy Bear, Pawn Storm, Sednit, and Strontium) by some security firms, while others see it as a distinct organisation.
New Zebrocy attacks were discovered in September 2020, demonstrating persistent targeting of countries connected to the North Atlantic Treaty Organization ( NATO).
Windows executables are the two examples that USCYBERCOM shared on VirusTotal that are suspected to be a new version of the Zebrocy backdoor. The malware gives remote access to a compromised device to attackers and facilitates multiple operations, CISA says.
CISA advises that security best practises be implemented by users and administrators to ensure that their devices stay safe from recently shared samples of ransomware or other risks.
The WordPress Core Team has Released an Emergency Release of WordPress 5.5.3
An emergency update of WordPress 5.5.3 has been released by the WordPress core team, just one day after version 5.5.2 was released. This emergency update was made to fix a problem implemented in WordPress 5.5.2, making it difficult to run WordPress without a database link installed on a brand new website. A second problem caused a number of pages to be erroneously upgraded to version 5.5.3-alpha while planning for this emergency upgrade.
According to the release notes, the WordPress auto-update framework upgraded some pages from version 5.5.2 to 5.5.3-alpha between about 15:30 and 16:00 UTC on October 30th. This happened because, in an effort to discourage new users from using this update, the WordPress Core team blocked the 5.5.2 release download. By deleting the 5.5.2 download, the wordpress.org API returned the 5.5.3-alpha-49449 alpha version as the version that WordPress can migrate to.
An overview of the release 5.5.3-alpha-49449 showed no distinction between the release 5.5.2 of WordPress and 5.5.3-alpha-49449 of WordPress, since much of the key features is the same. Owing to the mistake, no recorded site functionality was disabled. However, along with the Akismet plugin, a number of additional Twenty- themes were built with that autoupdate.
To fix both concerns, download 5.5.2 was originally re-enabled by the Core team to discourage sites from upgrading to the alpha version, followed by the WordPress 5.5.3 emergency release to resolve the issue that stopped new install.
What Should I Have Done?
If your WordPress 5.5.3-alpha site has been upgraded, you can have additional themes built on your site. You may have Akismet mounted as well. When installed as part of the pre-release kit, these themes and plugins were not allowed. Check the themes and installation of plugins. There will be no other plugins installed or deleted.
Upgrade the pages to WordPress 5.5.3 normally, just as you will on every other update to WordPress. If you want your site to auto-update, you will already have version 5.5.3 enabled.
If you haven’t upgraded to 5.5.2 for WordPress yet, upgrading to 5.5.3 is exactly the same version with a slight patch. It is secure to upgrade your site.
Hackers Continue to Target Zerologon Vulnerability
This week, Microsoft announced that it continues to obtain complaints of attacks targeting the Zerologon vulnerability from customers.
Patched on August 11, the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) found the security vulnerability. Tracked as CVE-2020-1472, to compromise Active Directory domain controllers and obtain domain administrator rights, the problem can be exploited.
After the DHS directed federal departments to quickly submit available fixes, the flaw came into the spotlight, with both Microsoft and CISA releasing reports on the attackers actively exploiting the bug.
Microsoft released a guide at the end of September to provide companies with all the required information to fix the problem inside their Active Directory implementations, but it seems that certain customers are already vulnerable.
“The vulnerability could cause an attacker to fake a domain controller account that could be used to capture domain credentials and take over the domain, if the original advice is not implemented,” Microsoft now says.
The technology giant also reiterates that downloading the available patches on each domain controller is the first step in fixing the vulnerability.
Responsive Directory domain controller and trust accounts will be secured alongside Windows domain-joined system accounts until they have been fully deployed. The business states that we highly urge everyone who has not adopted the upgrade to take this measure now.
Customers can use the upgrade to follow the previously released advice from Microsoft to ensure that they are completely covered. In that guide, for more clarification, the organisation has already revised the FAQs.
Following the upgrade, to ensure that CVE-2020-1472 is actually handled in their system, consumers are recommended to locate any devices that might still be vulnerable, fix them, and then allow compliance mode.
CISA issued a warning on Thursday to warn of continuing misuse of Zerologon and to encourage administrators to instal the patches available as soon as possible.
blocker steps down from FATE
Energy Inspectors Corporation Receives U.S. Environmental Protection Agency National WaterSense Provider of the Year Award For 2020
Chinese President Xi Jinping: Participate in Making Digital Currency and Digital Tax’s International Rule Actively
BIG qualify for BLAST Premier Fall Finals over Complexity
1 p.m. Update: Georgia Power working to restore remaining 68,000 customers after Hurricane Zeta
South Korean Hospitals to Usher in New Healthcare Era Using Blockchain Technology, AI and Big Data
[AWS Certified Developer] – Associate Practice Test Exam
Edward: “After three consecutive tournament victories in 2018, we could have become the best team in the world, but we chose to hang out”
VR Animation Baba Yaga Exclusive to Oculus Quest in 2021
Bitcoin-Themed NFT Card Set Launches On Anniversary Of Satoshi’s White Paper
Verizon’s New Blockchain Verification Tool ‘Full Transparency’ Combats Fake News
9 a.m. Update: Georgia Power working to restore remaining 78,000 customers after Hurricane Zeta
E-Bikes Catch on Outside China, Boosting Global Market Growth Through 2024
Chinese City Eyes Blockchain Applications for Urban Governance and Smart Education
USCYBERCOM Released New Malware Samples
The Bank of Russia Says CBDC Will Eliminate Challenges Caused by Cryptocurrencies
ESEA Season 35 Global Challenge canceled
The WordPress Core Team has Released an Emergency Release of WordPress 5.5.3
Exchange between ChantsWood (Beijing) Information Technology Co., Ltd. and ZHOU Qian, Renowned Chinese Expert on Electric Power Communication
Energy Fuels Announces Q3-2020 Results; Debt-Free with Strong Working Capital; Advancement of Uranium & Rare Earths; Webcast on November 3, 2020
7 p.m. Update: Power restored to nearly 741,000 Georgia Power customers after Hurricane Zeta’s path through Georgia
ACC: Plastic Waste Study In “Science Advances” Provides Incomplete Picture
Complexity eliminate FaZe from BLAST Premier Fall Series
TRAMS DEX Propels Global Adoption of DeFi with Automated Market Maker (AMM) protocol
AI Contact Tracer Awarded at UNLV
Bixin Ventures Announces $100M Proprietary Capital Fund to Support Global Blockchain Ecosystem
SHANGHAI, Oct 26, 2020 – (ACN Newswire)
CB Insights: Trends, Insights & Startups from The Fintech 250
Valarhash Launches New Service Series for its Mining Hosting Operations
Trends, Insights & Startups from The Fintech 250
The VR Game Launch Roundup: Time to Grapple With Zombies & Interior Design
Hackers Continue to Target Zerologon Vulnerability
Oculus Quest 2 Sales Surpass Facebook Expectations, Pre-orders 5x More Than Original Quest
Warning: This Is Cyber Criminals’ New Method of Attack
Current Research on Effect Specific Uses of Cannabis
Friday Charts: I Double Dare You To Ignore This Trend
Five Nights at Freddy’s AR: Special Delivery Update Expands Phone Compatibility, Adds New Modes
Hybrid Tower Defence/FPS Cyberspace VR Launches Kickstarter
How Telemedicine Can Help Keep Your Health on Track
Website Packages – Good or Evil?
Esports1 week ago
How to Play With Friends Online in Dynamax Adventures in Pokémon Sword and Shield The Crown Tundra
Esports1 week ago
How to Separate and Rejoin Calyrex from Glastrier or Spectrier in Pokémon Sword and Shield Crown Tundra
Esports5 days ago
FIFA 21 Global Series: Full List of FGS Swaps 1 Events
Esports1 week ago
How to complete Legendary Clue? 4 and catch Necrozma in Pokémon Sword and Shield’s The Crown Tundra expansion
Esports7 days ago
How to get Electabuzz and Electivire in Pokémon Sword and Shield’s The Crown Tundra expansion
Blockchain5 days ago
Top 10 Blockchain-as-a-Service (BaaS) Providers
Esports1 week ago
How to get Victini in Pokémon Sword and Shield’s The Crown Tundra expansion
Esports7 days ago
Where to Find the Electirizer and Magmarizer in Pokémon Sword and Shield’s The Crown Tundra expansion