Skip to main content
Monthly Archives

May 2017

Inside Look: Software Distribution

By Patch Management, VideoNo Comments
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

Actions Every CEO Must Take to Protect Their Organization from WannaCry Malware

By NewsNo Comments

[vc_single_image source=”featured_image” img_size=”large”]

Worldwide Malware Attack: Exploring WannaCry

WannaCry is the worst malware attack of 2017. As computer virus outbreaks go, this ransomware attack is being called one of the biggest cyberattacks in history and continues to spread worldwide. In this post, we’ll explore WannaCry, its latest developments, and how to protect your organization.

WannaCry is an extremely dangerous trojan virus that infects Windows computers and promptly encrypts nearly all data. To decrypt the files and regain access, WannaCry demands that $300 in bitcoins be paid to an anonymous account. After three days, the $300 ransom increases to $600. After seven days without payment, the computer’s contents are deleted.

Why is this virus spreading?

The virus typically enters your organization through email when a user opens an infected attachment or link the malware will install. The malware then attempts to replicate itself via your computer networks and the Internet. Your entire IT infrastructure may be at risk.

Can I recover the encrypted files or should I pay the ransom?

It is currently impossible to decrypt the encrypted files. If you have backup copies of affected files, you may be able to restore them. Even if you pay the ransom there is no guarantee your files will be decrypted. We recommend that you do not pay the ransom.

Who is at risk?

WannaCry ransomware is targeting all versions of Windows, it is leveraging a hack discovered by the NSA. Microsoft patched this vulnerability in March, 2017.

[vc_single_image image=”12688″ img_size=”medium”]

What should I do?

Your first line of defense is always common sense. This applies to WannaCry and any other malware floating around out there. If you receive an email with an attachment from someone you don’t know, never open or download that attachment.

If you receive an attachment from someone you do know, but it looks odd or suspicious, never open or download it.

It is vital that every Windows device attached to your computer network have Microsoft Patch MS17-010 applied. Ensure that your IT department has strong patch management processes in place that regularly patch all devices. This patch was released over 60 days ago, so there is no reason your IT department should not have deployed this.

Microsoft took the very unusual step this weekend to release MS17-010 for its old unsupported operating systems, including:

Windows 8
Windows XP
Windows Server 2003

This old operating systems must also be patched – many of the organizations you might have seen in the press still use these old systems. Take caution with visitors to your organization connecting to your computer networks as they might infect your company.

How can I protect myself in the future?

Regardless of your operating system, you should install all available security updates. Implement a tool like Syxsense to automate the detection of all devices and patching processes.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]

Inside Look: Reporting

By Patch ManagementNo Comments
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

Action Needed: Windows XP, Windows Server 2003 and Windows 8

By NewsNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

Patch Now: WannaCrypt Ransomware

On Friday, the security team at Syxsense was one of the first to break the news in the US about the WannaCrypt malware attack.

Over the weekend, a UK security blogger found a kill switch for the initial variant of WannaCrypt. The blogger found that each infected device checked for the existence of a long-unregistered URL before encrypting infected device files. The blogger registered the domain to allow him to track the progression of WannaCrypt.

Although the initial wave of attacks has been diminished by activating the kill switch, this is not over. New variants of WannaCrypt are still being released that ignore the kill switch.

WannaCrypt is exploiting weaknesses in the Microsoft Operating Systems that were identified by the NSA. Microsoft patched these weaknesses in March 2017 and tools like Syxsense, Windows Update or other patching solutions should be already protected by deploying MS17-010.

[vc_single_image image=”12612″ img_size=”medium”]

However, many organizations have older non-Microsoft supported operating systems still deployed – Windows Server 2003, Windows XP, Windows XP Embedded and Windows 8. Microsoft took the unusual step over the weekend of releasing a patch for these unsupported operating systems.

We strongly recommend identifying all vulnerable operating systems and deploying this patch immediately.

We strongly recommend using a solution like Syxsense, that supports older operating systems and has agentless ability to scan your entire IT environment for all devices and remediate without the need to have agents deployed.

This attack is not going away –  expect new variants shortly.

Ashley Leonard
CEO | Syxsense
Verismic Software, Inc.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|

Patch Now: Global Ransomware Attack

By News, Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Hackers breach computers in 12 countries with stolen NSA tools

A large ransomware attack has thrown the British healthcare infrastructure into uncertainty. The National Health Service confirmed in a statement that as of the morning of May the 12th “16 NHS organizations had reported that they were affected by this issue.” Photos circulating on Twitter showed both computer screens locked with a ransom message and ambulances backed up at hospitals. There are reports that doctors have had to resort to paper and pencil.

The release by the NHS also states “At this stage we do not have any evidence that patient data has been accessed.” As of this posting, the investigation is ongoing. However, the NHS has said that they believe the malware responsible is ‘Wanna Decryptor’.

[vc_single_image image=”10023″ img_size=”medium”]

The best way to protect against malware is keeping your systems up to date. While firewalls and antivirus are important outer defenses, protecting the interior of your network is also vital.  As vulnerabilities are discovered, updates are released to fortify software. However, if you put off patching, you leave your environment vulnerable to exploits.

Microsoft says that an update they released on March 14th addresses this vulnerability. Deploying this patch should keep your Windows systems secure, but if you are running unsupported versions of Windows, like XP, you won’t receive this update. Learn more about the Security Bulletin here.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Syxsense is the solution for efficient, predictive patching. We test patches and then release them to you for a stable and secure environment. Not only do we have Microsoft updates, but we have an extensive library of third-party software vendors. Protect yourself against a major vulnerability or ransomware attack with Syxsense to secure your systems.

[vc_separator css=”.vc_custom_1494626301140{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]

May Patch Tuesday: Playing Defense

By Patch Tuesday, UncategorizedNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

Who defends the Windows Defender?

This week we have learned of a serious bug with Windows Defender which could effectively hand over control to an attacker simply by receiving a carefully crafted email – without you even opening it. The researchers with Google Project Zero responsible for finding the bug, Travis Ormandy and Natalie Silvanovich, tweeted that this was “the worst Windows remote code exec in recent memory.” We would highly recommend if you are using Windows Defender to update the protection engine as soon as possible.

You may remember last year we published an article called, “Hard Shell – Soft Center.” This article typified the common strategy of protecting company networks at the physical perimeter level only and having a reduced security presence once inside the network.

We have since learned that our concerns on this type of strategy have been realized, having learned that network security is falling behind as it is unable to dynamically change to meet the ever-increasing threats to company property.

[vc_single_image image=”12386″ img_size=”medium”]

Our clients must include a multi-factor protection strategy which includes both protection at the perimeter supported by a routine patching process.

This is what we like to call a software perimeter, and requires you to follow some simple steps to protect your environment from the inside. Should you need some free advice to get started, click here.

Microsoft Updates

The May security release consists of security updates for the following software;

  1. Internet Explorer
  2. Microsoft Edge
  3. Microsoft Windows
  4. Microsoft Office and Microsoft Office Services and Web Apps
  5. NET Framework
  6. Adobe Flash Player

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

KB Info Product Platform Severity Impact
4019473 Microsoft Edge Windows 10 Version 1511 for 32-bit Systems Critical Remote Code Execution
4019473 Microsoft Edge Windows 10 Version 1511 for x64-based Systems Critical Remote Code Execution
4019472 Microsoft Edge Windows 10 Version 1607 for x64-based Systems Critical Remote Code Execution
4019472 Microsoft Edge Windows 10 Version 1607 for 32-bit Systems Critical Remote Code Execution
4019474 Microsoft Edge Windows 10 for x64-based Systems Critical Remote Code Execution
4019474 Microsoft Edge Windows 10 for 32-bit Systems Critical Remote Code Execution
4016871 Microsoft Edge Windows 10 Version 1703 for x64-based Systems Critical Remote Code Execution
4016871 Microsoft Edge Windows 10 Version 1703 for 32-bit Systems Critical Remote Code Execution
4019473 Internet Explorer 11 Windows 10 Version 1511 for 32-bit Systems Critical Remote Code Execution
4019215 Internet Explorer 11 Windows 8.1 for 32-bit systems Critical Remote Code Execution
4019215 Internet Explorer 11 Windows 8.1 for x64-based systems Critical Remote Code Execution
4019473 Internet Explorer 11 Windows 10 Version 1511 for x64-based Systems Critical Remote Code Execution
4019472 Internet Explorer 11 Windows 10 Version 1607 for x64-based Systems Critical Remote Code Execution
4019472 Internet Explorer 11 Windows 10 Version 1607 for 32-bit Systems Critical Remote Code Execution
4019264 Internet Explorer 11 Windows 7 for x64-based Systems Service Pack 1 Critical Remote Code Execution
4019474 Internet Explorer 11 Windows 10 for x64-based Systems Critical Remote Code Execution
4019264 Internet Explorer 11 Windows 7 for 32-bit Systems Service Pack 1 Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1511 for 32-bit Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 8.1 for 32-bit systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 8.1 for x64-based systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows Server 2012 Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1511 for x64-based Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1607 for x64-based Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1607 for 32-bit Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 for x64-based Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows Server 2012 R2 Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 for 32-bit Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows RT 8.1 Critical Remote Code Execution
4020821 Adobe Flash Player Windows Server 2016 Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1703 for x64-based Systems Critical Remote Code Execution
4020821 Adobe Flash Player Windows 10 Version 1703 for 32-bit Systems Critical Remote Code Execution
4018466 Windows Server 2008 for 32-bit Systems Service Pack 2 Critical Remote Code Execution
4019474 Internet Explorer 11 Windows 10 for 32-bit Systems Critical Remote Code Execution
4019215 Internet Explorer 11 Windows RT 8.1 Critical Remote Code Execution
4016871 Internet Explorer 11 Windows 10 Version 1703 for x64-based Systems Critical Remote Code Execution
4016871 Internet Explorer 11 Windows 10 Version 1703 for 32-bit Systems Critical Remote Code Execution
4019264 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Critical Remote Code Execution
4019215 Windows Server 2012 R2 (Server Core installation) Critical Remote Code Execution
4019473 Windows 10 Version 1511 for 32-bit Systems Critical Remote Code Execution
4018466 Windows Server 2008 for x64-based Systems Service Pack 2 Critical Remote Code Execution
4018466 Windows Server 2008 for Itanium-Based Systems Service Pack 2 Critical Remote Code Execution
4019215 Windows 8.1 for 32-bit systems Critical Remote Code Execution
4019215 Windows 8.1 for x64-based systems Critical Remote Code Execution
4019264 Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Critical Remote Code Execution
4019214 Windows Server 2012 Critical Remote Code Execution
4018466 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Critical Remote Code Execution
4019473 Windows 10 Version 1511 for x64-based Systems Critical Remote Code Execution
4019472 Windows 10 Version 1607 for x64-based Systems Critical Remote Code Execution
4019472 Windows 10 Version 1607 for 32-bit Systems Critical Remote Code Execution
4019264 Windows 7 for x64-based Systems Service Pack 1 Critical Remote Code Execution
4019474 Windows 10 for x64-based Systems Critical Remote Code Execution
4019214 Windows Server 2012 (Server Core installation) Critical Remote Code Execution
4019264 Windows 7 for 32-bit Systems Service Pack 1 Critical Remote Code Execution
4019264 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Critical Remote Code Execution
4019215 Windows Server 2012 R2 Critical Remote Code Execution
4019474 Windows 10 for 32-bit Systems Critical Remote Code Execution
4019215 Windows RT 8.1 Critical Remote Code Execution
4019472 Windows Server 2016 Critical Remote Code Execution
4019472 Windows Server 2016  (Server Core installation) Critical Remote Code Execution
4016871 Windows 10 Version 1703 for x64-based Systems Critical Remote Code Execution
4016871 Windows 10 Version 1703 for 32-bit Systems Critical Remote Code Execution
Microsoft Forefront Security for SharePoint Service Pack 3 Critical Remote Code Execution
Windows Defender Windows 10 Version 1511 for 32-bit Systems Critical Remote Code Execution
Windows Defender Windows 8.1 for 32-bit systems Critical Remote Code Execution
Windows Defender Windows 8.1 for x64-based systems Critical Remote Code Execution
Windows Defender Windows 10 Version 1511 for x64-based Systems Critical Remote Code Execution
Windows Defender Windows 10 Version 1607 for x64-based Systems Critical Remote Code Execution
Windows Defender Windows 10 Version 1607 for 32-bit Systems Critical Remote Code Execution
Windows Defender Windows 7 for x64-based Systems Service Pack 1 Critical Remote Code Execution
Windows Defender Windows 10 for x64-based Systems Critical Remote Code Execution
Windows Defender Windows 7 for 32-bit Systems Service Pack 1 Critical Remote Code Execution
Windows Defender Windows 10 for 32-bit Systems Critical Remote Code Execution
Windows Defender Windows RT 8.1 Critical Remote Code Execution
Windows Defender Windows Server 2016 Critical Remote Code Execution
Windows Defender Windows Server 2016  (Server Core installation) Critical Remote Code Execution
Windows Defender Windows 10 Version 1703 for x64-based Systems Critical Remote Code Execution
Windows Defender Windows 10 Version 1703 for 32-bit Systems Critical Remote Code Execution
4018466 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Critical Remote Code Execution
Windows Intune Endpoint Protection Critical Remote Code Execution
Microsoft Forefront Endpoint Protection 2010 Critical Remote Code Execution
Microsoft Security Essentials

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

|

[Infographic] Device Centric vs. Patch Centric Patching

By Patch ManagementNo Comments

Comparing Patch Strategies

What is the best approach to patching for your environment? See our infographic to compare the difference between patch-centric and device-centric patching.

Although the strategies are similar, there is a key difference when it comes to selecting and deploying updates. Click on the infographic to save and reference for later.

[vc_single_image image=”12558″ img_size=”full” alignment=”center” onclick=”custom_link” link=”https://go.pardot.com/l/62402/2017-05-03/3l1656″]
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

HTTPS Vulnerable: May Third-Party Patch Updates

By News, Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

The Most Sophisticated Phishing Attack Yet

In the past, one way to defend yourself from a phishing attempt was to double check the URL. If something looked fishy, pun intended, you knew to navigate away.

However, a recent demonstration by a Chinese security researcher shows it’s possible to display a URL that appears correct. Safari isn’t tricked, but Chrome, Firefox and Opera all can display this convincing, fake URL.

The best defense is to update these browsers as soon as possible; Chrome has already released an update that now prevents this. You should also always visit websites from your own bookmarks or by typing in the URL.

HTTPS Vulnerable to a MiTM Attack

An alert was put out by the United States Computer Emergency Readiness Team (US-CERT) mid-March outlining the possibility that HTTPS is vulnerable.

[vc_single_image image=”12545″ img_size=”200×200″]

In their alert, they point to issues detected with HTTPS inspection products that aren’t preforming the correct transport layer security certificate validation. Hackers could use a man-in-the-middle (MiTM) attack to intercept the connection and collect sensitive client data.

US-CERT recommends that any organizations using HTTPS should verify that their product properly validates certificate chains and passes any warnings/errors to the client.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Product Category Patch
Chrome Web Browser Chrome_v58.0.3029.81
Skype Online calls Skype_v7.35
Adobe (Updates for Adobe Campaign, Flash Player, Acrobat, Reader, Photoshop CC, and the Creative Cloud Desktop Application) APSB17-09

APSB17-10

APSB17-12

APSB17-13

Firefox Web Browser Firefox_v53
Thunderbird Email Client Thunderbird_v52.0.1
WinSCP File browser WinSCP_v5.9.5
Wireshark Network protocol analyzer Wireshark_v2.2.6
Glary Utilities PC cleanup Glary_v5.74
AIMP Audio Player AIMP_v4.13.1893
Java Programming language Java_8u131

 

Patch Details
Chrome_58.0.3029.81 Fixes include:

Type confusion in PDFium.

Heap use after free in Print Preview.

Type confusion in Blink.

URL spoofing in Omnibox.

Use after free in Chrome Apps.
Heap overflow in Skia.

Use after free in Blink.

Incorrect UI in Blink.

Incorrect signature handing in Networking.

Cross-origin bypass in Blink.

Skype_7.35 When searching for new contacts, you will now see the number of mutual friends you have. Quality improvements and general fixes.
Adobe

APSB17-09

APSB17-10

APSB17-11

APSB17-12

APSB17-13

Adobe has released a security update for Adobe Campaign v6.11 for Windows and Linux.  This update resolves an important input validation bypass that could be exploited to read, write or delete data from the Campaign database (CVE-2017-2989).

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve a critical memory corruption vulnerability when parsing malicious PCX files that could lead to code execution (CVE-2017-3004). These updates also resolve an unquoted search path vulnerability in Photoshop on Windows (CVE-2017-3005).

Adobe has released a security update for the Creative Cloud Desktop Application for Windows. This update resolves an important vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications (CVE-2017-3006). This update also resolves a vulnerability related to the directory search path used to find resources (CVE-2017-3007).

Firefox_v53 Faster and more stable with a separate process for graphics compositing (the Quantum Compositor). Compact themes and tabs save screen real estate, and the redesigned permissions notification improves usability. Plus various security fixes.
Thunderbird_52.0.1 Fixed: Clicking on a link in an email may not open this link in the external browser. Crash due to incompatibility with McAfee Anti-SPAM add-on. Add-on is blocked in 52.0.1
WinSCP_5.9.5 SSH core and private key tools (PuTTYgen and Pageant) upgraded to PuTTY 0.68. It brings the following change: Security fix: an integer overflow bug in the agent forwarding code. vuln-agent-fwd-overflow

Translation completed: Traditional Chinese.

Translation updated: Icelandic.

De-duplicating Duplicate Session and Disconnect accelerators in Session menu. 1512

De-duplicating Quit and Queue accelerators in Commands menu. 1516

Increased length limit of host name. 1517

Bug fix: Failure when reloading non-current directory expanded in remote directory tree. 1514

Bug fix: Failure when moving Download and Delete operation to background. 1462

Wireshark_2.2.6 Various security and bug fixes
Glary_v5.74 Faster scan and analyses. New Design.

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]