December 2019

Microsoft will be requiring 2-factor authentication for Office 365 accounts with email or shared files (Sharepoint or OneDrive for business). This is not optional. It will be enabled automatically, and you will have 14 days to set it up if it has not already been enabled. It will be rolled out over the next few months. Please contact us if you are not already set up for this.  This is in response to the large number of customers who have had their email hacked, often leading to financial loss. We are also encouraging users with sensitive email or admin rights to Office 365 to sign up for a P2 security license which provides additional protection for their account.

Microsoft reports there are over 300 million fraudulent sign-in attempts every day.

As mentioned last month, if you have already installed Windows 10 version 1903, the next version (1909) will be much easier to install.

On systems already running version 1903, this feature update is being delivered as a small “enablement package” (KB4517245) that takes only a few minutes to download and install. If you’re running Windows 10 version 1809 or earlier, you’ll get the full feature update.

Very little has changed in Windows 10 Version 1909. The Windows Search now includes content from OneDrive. There is currently a bug in Search: copy/paste may no longer work in some situations.  There are some security improvements useful to network admins.

An update to Active Directory Group Policy is required on networks with a Windows server in order to match the updated Windows 10 version. We will be installing these server updates for clients who are affected when they update to the latest Windows 10.

Microsoft plans to release two major feature updates for Windows 10 in 2020.

Users of Windows 7 Pro will get messages regarding end of support for Windows 7 (support ends January 14, 2020), Devices that are domain-joined as a part of an IT-managed infrastructure will not receive the notifications, but should still be planning to update.

OneNote 2016 is coming back to MS Office.  From March 2020, it will be included in downloads of desktop programs for Office 365 and Office 2019.  This is a reversal of previous plans.

OneNote 2016 is currently an optional free install.  Download OneNote from the free download link.

The OneNote app is the ‘modern’ or UWP app that’s available from the Microsoft Store.  It only runs on Windows 10 and forces all OneNote notebooks to cloud storage. It has fewer features than OneNote 2016 for Windows.

MS Office app for iOS and Android combines Word, Excel, and PowerPoint

Microsoft has had separate versions of Word, Excel, and PowerPoint available on both iOS and Android for years. The new Office app is designed to combine them into a single download.

Microsoft recently decided to include Teams with the Office ProPlus suite by default.

If you don’t want Teams installed automatically, here’s how to disable it:  Have your Office 365 admin go to There’s a selection for “Download the Teams app in the background for Skype for Business users” which can be disabled.

Here are the instructions for Stopping Microsoft Teams for a Single User

Tech Gift suggestions from Esquire, Huffington Post, NY Times, Wirecutter, Wall Street Journal.

Amazon has a big problem with fake products

“…in early 2018, Amazon began aggressively adding merchants, regardless of whether they were authorized by brands to sell their products, the former executive said.  …Letting so many sellers in with few limitations has also created a marketplace for fakes that were more often found on street corners or flea markets. It’s easy for sellers to sign up for an account…”

Míocar is an electric vehicle (EV) car sharing service – now serving Visalia.

Members have access to a Chevy Bolt or BMW i3 for rent by the hour or by the day.

PayPal acquires maker of shopping extension Honey for $4 Billion

Honey is a shopping extension that looks up items at other retailers to provide potential shoppers with coupons or better prices.

Microsoft released firmware updates for the Surface Pro X and the Surface Laptop 3.

Officials warn about the dangers of using public USB charging stations

“Pluggable” USB wall chargers are portable USB charging devices that can be plugged into an AC socket. Criminals leave these behind “by accident” in public places.

Criminals can also load malware onto public charging stations, so users should avoid using the USB port, and stick to using an AC outlet with your own hardware instead.

Malicious USB cables can also be left behind in public places. One such example is the O.MG Cable.

Device owners can buy USB “no-data transfer” cables, where the USB pins responsible for the data transfer channel have been removed, leaving only the power transfer circuit in place.

The LA District Attorney’s warning [PDF]

The California Consumer Privacy Act starts on Jan. 1, 2020.

Businesses are covered by the act if they meet any of the following conditions: (1) Has annual gross revenues in excess of $25,000,000; (2) Derives 50 percent or more of its annual revenues from selling consumers’ personal information; or (3) “Alone or in combination” annually buys, receives for the business’ commercial purposes, sells, or shares for commercial purposes the personal information of 50,000 or more consumers, households, or devices.

The proposed guidance addresses methods for handling and verifying consumer requests, training, recordkeeping, and the special statutory provisions concerning minors.

The Trump administration is pushing for the permanent authorization of expiring surveillance authorities in the Patriot Act, including Section 215 which allowed for the controversial bulk collection of telephonic records.

Some former Netflix customers who cancelled their subscription months ago have had their accounts reactivated without their consent by hackers.

The Netflix app will no longer work on some 2010 and 2011 Samsung TV models starting December 1st due to “technical limitations”.

Roku said the older streaming stick models that would no longer support Netflix including the Roku 2050X, Roku 2100X, Roku 2000C, Roku HD Player, Roku SD Player, Roku XR Player and Roku XD Player.

HP released a critical firmware patch for their server SAS SSDs. These hard drives permanently fail (if not fixed) after 32,768 hours of operation.


The Amazon-owned Ring doorbell was sending owners’ Wi-Fi passwords in cleartext as the doorbell joins the local network, allowing nearby hackers to intercept the Wi-Fi password and gain access to the network to launch larger attacks or conduct surveillance. Other issues have been reported with Ring.  Be sure to keep your Ring firmware updated.

Drones could become a major network security threat forcing organizations to guard the airspace around their buildings.  

Security breaches at NetworkSolutions,, and

They are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed.

More here:

Trend Micro reveals rogue employee sold data of up to 120,000 customers

Information including names, email addresses, support ticket numbers, and some telephone numbers were taken. This data was then used to conduct scams.

Travel Booking Giant Leaks 1TB Of Data Including Customer Credit Cards

The data exposed was extensive: customer names, email address, physical addresses, travel dates and destinations. Data includes unencrypted payment card details and usernames and passwords used by Gekko Group clients to access its booking platforms.

1.2 Billion Records Found Exposed Online in a Single Online Server

Adobe Creative Cloud: 7.5 Million account records leaked

The data included email addresses, account information, and the Adobe products used by each user.

Adobe: Magento Marketplace site hacked

Torian Group

We will be increasing our hourly rate from $130 to $135 starting January 1, 2020. Travel time will go from $60 to $70 per hour, and server backups will go from $40 to $50 per month.  Other prices are unchanged. The last rate change was 2 years ago. As always, let us know if you have any concerns.

By Tim Torian

Newsletter Sign-Up

The Torian Group Times Newsletter is a service to our clients, and anyone who finds it useful. Topics include security updates; known problems with recent patches; new and upcoming software and hardware that might affect your business; and information about technology in the Visalia area.  It is free to anyone who wishes to subscribe by providing their name and email address. We will not do anything with this information other than sending the newsletter – no unsolicited marketing of any kind.

Subscribe to our Newsletters