Palo Alto: Unable to Receive Scheduled Reports

If you are not able to generate the scheduled reports in your Palo Alto, you might want to restart the Palo Alto device.

Palo Alto: Unable to Schedule Dynamic Updates

If you are not able to schedule the Dynamic Updates in your Palo Alto, you might want to restart the management service by applying the following commands:
1. debug software restart process device-server
2. debug software restart process management-server

IT Security: First OS X Ransomware Detected in The Wild, Will Maliciously Encrypt Hard Drives on Infected Macs

Version 2.92 of Transmission has now been released. This claims to actively remove the ‘KeyRanger’ malware files from the infected Mac.

OS X users have today been hit with the first known case of Mac ‘ransomware’ malware, found in the Transmission BitTorrent client released last week. Infected versions of the app include ‘KeyRanger’ malware that will maliciously encrypt the user’s hard drive after three days of being installed. The malware then asks for payment to allow the user to decrypt the disk and access their data — the ‘ransom’.

As reported by Palo Alto Networks, Apple has already taken steps to curb the spread of the malware through its Gatekeeper security system. This means the infected version of Transmission will no longer install, but it does not help those who have already been affected. Transmission is urgently recommending people upgrade to the latest version of its software, 2.91.

Unlike ‘friendly’ system encryption services, it is becoming increasingly common on Windows for viruses and malware to maliciously encrypt user data. The aim is for the virus maker to raise money by holding the user data ransom until payment is provided, in exchange for the malware to decrypt the drive once again.

The KeyRanger malware currently circulating is the first known instance of ransomware targeted at OS X users. It is not recommended to actually pay the malware as it only encourages further malicious action and there is no guarantee the virus maker will actually do the decryption as promised.

Users worried about being impacted by the ransomware should look for the ‘kernel_service’ process in Activity Monitor. This process is named like a kernel system program as a disguise, but it is actually the KeyRanger malware. If you are impacted, the recommendation is to restore to an earlier backup of your system before you installed Transmission. This is the best way to ensure the virus has been completely removed from the system.

It’s worth noting that the malware has only been detected in the Transmission app to date. It is unknown if it is more widespread, affecting other common apps.

Palo Alto Networks suggests a few other methods to check for the presence of the malware. Their post also includes a lot more detail on the technical implementation of the virus, so check out their post for more information. The security researchers suggest checking for the existence of the file ‘/Applications/Transmission.app/Contents/Resources/General.rtf’ or ‘/Volumes/Transmission/Transmission.app/Contents/Resources/ General.rtf’. If this file exists, the Transmission app is likely infected. You can also check for the existence of “.kernel_pid”, “.kernel_time”, “.kernel_complete” or “kernel_service” files in the ~/Library directory. Delete the files if they exist.

NetApp: Show NetApp Serial Number with Command

The following command allows you to show the serial number of your NetApp storage:
sysconfig -a

Google: Autofill Numbers and Related Data in Google Spreadsheets

Google Spreadsheets can autofill cells with sequential numbers and other related data, like rivers and countries. It's still not an advanced Excel, but this feature can save you some time when you're numbering a column.

This feature works with both rows and columns. For example, start out by numbering your column with 1, 2, and 3 in three cells next to each other. Then select those three cells and move your cursor the the bottom right-hand corner of the selection. (You should see a blue dot.) Hold your Ctrl key (Alt/Opt on Mac), then click and hold the dot, and drag your cursor down—or across if you're filling in rows. (Note: This isn't strictly necessary with numbers, but with related data like countries, it is.)

It works for sequential numbers (1, 2, 3...), even numbers (2, 4, 6...), and more. Adding to the niftiness of it all, you can also autofill countries, car manufacturers, and other related sets of data. Try it out, and we'd love to hear about any other sets of data that you come across that this autofill works for.

BlueCoat: View Event Logs and Syslog of BlueCoat PacketShaper

To view the event logs and Syslog of your BlueCoat PacketShaper, please refer to the following steps:

1. Click the Info tab.

2. Click file browser.

< View Event Logs >

3. Go to the unit's data disk, 9.258/

4. Go to the LOG/ directory. The event logs are listed. The file named EVENTS is the current set of log entries. The EVENTS.n files, where n is a sequential number, contain archived event records.

5. To view the contents of the current log file, click EVENTS.

< View Syslog >

3. Go to the unit's data disk, 9.256/

4. Go to the LOG/ directory. Then, go to the SYSLOG/ directory. The files named pshaper and messages are the Syslog files that you can refer to.

5. To view the contents of the syslog file, click pshaper or messages.

Microsoft: Remove Extra Spaces in a Cell in Excel

The following formula allows you to remove the unwanted spaces in a cell:
Substitute(A1," ","")