Security Protection – Harry Waldron MVP Rotating Header Image

Windows 10 – Major Release History

Windows 10 has had two major releases so far, as documented below:

http://windows.microsoft.com/en-us/windows-10/update-history-windows-10

https://technet.microsoft.com/en-us/windows/release-info

https://technet.microsoft.com/library/mt598226.aspx

We’re currently delivering updates to two distinct Windows 10 branches. The July initial launch branch (build 10240), and the November update branch (build 10586). We introduced new operating system features in November after having previewed, or “flighted”, them with our Windows Insiders between July and November. Most customers have already been moved automatically from the July branch to the November branch.

Microsoft Security Updates – FEBRUARY 2016

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release:

http://technet.microsoft.com/en-us/security/bulletin/ms16-feb

https://isc.sans.edu/forums/diary/Microsoft+February+2016+Patch+Tuesday/20711/

http://blog.talosintel.com/2016/02/ms-tuesday.html

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains twelve bulletins addressing 37 vulnerabilities. Five bulletins are rated critical and address vulnerabilities in Internet Explorer, Edge, Windows Journal, Office and Windows PDF. The remaining seven bulletins are rated important and address vulnerabilities in the Network Policy Server (NPS), Active Directory, Windows, Remote Desktop Protocol, WebDAV, Kernel Mode Driver and the .NET Framework.

Corporate Security – 2016 Employee work and home use safeguards

As BYOD devices and home access to corporate systems are popular options in corporate IT, home and work security can sometimes blend together.  Thus it is important to have strong security controls and employ best practices universally. Some of the key exposures are enumerated in the excellent slideshow by eWeek below:

http://www.eweek.com/security/slideshows/10-things-employees-can-do-to-improve-it-security-in-2016.html

In 2015, the borders between personal and professional use of apps and devices became less defined than ever. People constantly use whatever device they have at the time to do either personal or business tasks—that’s the real world. In 2016, the line between how employees use data in and outside of work will continue to blur and will drive important trends that IT needs to consider when building a security strategy.

The company’s 2015 Online Identity Study revealed that most employees today are not connecting the dots between the security best practices they are taught and their behavior at work and home. While employees say online security is a priority, they struggle to consistently follow best practices and be accountable for their actions, the study revealed. The study results showed that in the event of a data breach, most employees say the blame falls on IT and not on their own risky behavior. Here’s a look at key trends that the study suggests will shape the coming year.

1. Employees Are Non-biased on Device Use — Increasingly, the lines between work and personal devices are blurring. Sixty percent of employees do work activities from a personal device, and 55 percent do personal activities on work devices.

2. They Rely on IT — While employees admit to less-than-stellar password-related behavior, enterprise IT teams keep them on track.

3. They’re Confident in IT — As software, device and technology use transforms due to rapid innovation in the space, IT must be able to keep employees educated about how to keep their identities secure.

4. They’re Confident in Their Own Security Chops — Enterprises’ education efforts around security best practices are paying off: 79 percent of employees say they understand which online activities expose their personal or corporate information.

5. They Value Security — Employee intentions are well intact: 58 percent of respondents believe protecting work-related information is very important, even more so than their personal emails and home addresses.

6. They Share Passwords — More than three-quarters of employees believe it’s risky to share passwords, but 37 percent are still likely to do so. In fact, 54 percent admit to sharing log-in credentials with family so they can access each other’s computers, smartphones and tablets. Employees today use work and personal devices interchangeably; it’s prudent for IT to assume their corporate network may extend farther than expected.

7. They Reuse Passwords— If your account has been breached and your log-in credentials are in the hands of malicious hackers, it’s wise to assume those hackers will test those credentials (email, username, password) every day for the next 10 years. It’s easy to see why password reuse is risky.

8. They Take More Care of Work Credentials — When asked about work and personal credentials, employees admitted to being more careful when it comes to their work log-in credentials.

9. Their Passwords Have a Price Tag — While 74 percent of employees wouldn’t give up their work email credentials for anything, one in 10 would trade them for a paid mortgage or rent for one year. Further, 14 percent would give up their work email log-in credentials to pay off student loans.

10. They Resist Accountability — Fifty-nine percent of employees believe IT is accountable in the event of a corporate data breach. C-level executives are the next to be held accountable at 17 percent, and only 11 percent believe they, as individuals, would be held accountable in the event of a breach.

Security Awareness – 2015 RSA Security Blogger Awards

Graham Cluley shares an informal contest which highlights several excellent security sites that are valuable resources

https://www.grahamcluley.com/2016/02/whats-favourite-security-blog/

Every year, during the RSA Conference, the fine folks at the Security Bloggers Network get together at a sports bar in San Francisco, and catch up with their fellow bloggers.  There is also the chance that they might win a gong at the annual Social Security Blogger Awards which will be announced during the evening’s festivities.  Here are the finalists in each category of the Security Blogger Awards 2016, in no particular order:

Finalists for Most Entertaining Security Blog:
Finalists for Most Educational Security Blog:
Finalists for Best New Security Blog or Podcast:
Finalists for Best Security Podcast:
Finalists for Best Blog Post of the Year:
Finalists for Best Corporate Security Blog:

Security Awareness – February 9 designated as Safer Internet Day

This general security awareness for public in general, is set aside as a designated “day” on FEB 9th each year.  I plan to watch the webcast at 1pm Eastern time

http://saferinternetday.us/

ConnectSafely.org welcomes you to the U.S. home of Safer Internet Day, an international education and awareness-raising effort spanning more than 100 countries around the globe. If you can’t be with us at Universal Studios Hollywood on Tuesday, February 9th, please join our live webcast starting at 10 AM PT (1 PM ET)

 

Windows 10 Enterprise – Step-by-Step guide to encrypt hard drive

Windows 10 Professional and Enterprise include a tool called Bitlocker, which can provide total hard drive encryption for modern TPM based laptops.  The screenshots included provided excellent step-by-step documentation:

http://www.itpro.co.uk/security/25957/how-to-encrypt-your-hard-disk-in-windows-10

If you’re running a Windows 10 Pro or Enterprise laptop then it’s ridiculously simple to encrypt it using BitLocker.  Our laptops contain almost every detail of our lives, much of it information we’d prefer to keep confidential. Not just personal details, but business-critical documents that would be deeply embarrassing to lose. If your laptop gets stolen, you really don’t want the awkward conversation with your boss about what may leak out.

Don’t think the Windows password is enough to protect you either; determined thieves will find a way to bypass that lock screen. Even if you’ve added extra biometric protection via Windows Hello, they can use the brute-force method of removing the hard disk. If you haven’t encrypted it, it’s child’s play to read the data.

7 Step guide using BitLocker — You’ll need to be logged in as an administrator for the steps below to work. Also note that you might want to print off the password (you can save it to an external drive as well), so connecting a printer beforehand is a good idea.

Microsoft – Skype for Business improvements with UCC during 2016

Microsoft recently acquired UC Commander to improve Skype for Business capabilities during the coming year, as documented in this PC Magazine article: 

http://www.pcmag.com/article2/0,2817,2498484,00.asp

Microsoft isn’t hiding its concerted effort to capture all facets of the cloud-based enterprise communication and collaboration market.  All Microsoft’s services run on the company’s cloud platform on the back end, soon to be rolled into the Microsoft Azure Stack hybrid cloud infrastructure, but the core value for business users is integrating all those disparate offerings.  Microsoft’s recent acquisition of Event Zero’s UC Commander suite is a move to make that happen sooner rather than later.

The acquisition, announced last week, will allow Microsoft to build better native management tools directly into the Office 365 administration dashboard within the Skype for Business client. The strength of the UC Commander unified communications and collaboration (UCC) platform is in diagnostic analytics, monitoring, and reporting, so in integrating the platform Microsoft will add a built-in analysis layer into Skype for Business in which users can collect and analyze call quality and other multimedia data from audio and video calls.

Skype for Business already lets users view basic call quality reports and assign Skype numbers to Office 365 users. Microsoft’s goal, according to Zig Serafin, Microsoft’s Corporate Vice President of Engineering of Skype for Business, is to give businesses an easier way to “connect on-premises deployments they manage with Office 365 services, including hybrid deployments, provisioning of phones, and other endpoints.”

Identity Theft – Best practices and Steps for victims of this crime

Kim Komando shares a list of the major steps victims should follow if they become victims of identity theft:

http://www.komando.com/tips/300138/protect-your-tax-return-from-crooks-and-hackers/3

Report the crime. File a report with your local police and file a complaint with the Federal Trade Commission at www.identitytheft.gov or by calling the FTC Identity Theft Hotline at 1-877-438-4338.

Request a fraud alert. Contact one of the three major credit reporting agencies (Equifax, Experian, or TransUnion) and ask that a fraud alert be placed on your credit records.

Close fraudulent accounts. Close any credit or financial account that has been tampered with by a thief or opened without your permission.

Contact the IRS. Call the number provided on the IRS notice informing you of the fraud. Complete IRS Form 14039, Identity Theft Affidavit. You can use a form at IRS.gov, print, then mail or fax the form as needed as you clear your tax record.

Pay your taxes. Be sure to continue to pay your taxes and file your tax return on time, even if you must do so by mailing in paper forms.

Stay diligent. If you contacted the IRS about taxpayer ID theft and did not receive a resolution, contact the Identity Protection Specialized Unit at 1-800-908-4490 about your case.

2015 Tax Season – Steps to Protect your refund

Kim Komando shares some important tips to safeguard your tax refund as almost $6 billion was stolen by fraudsters last year

http://www.komando.com/tips/300138/protect-your-tax-return-from-crooks-and-hackers

Along with tax season comes a frighteningly easy form of identity theft that can cause you a heap of trouble. Thieves with just a little information about you can file a bogus tax return in your name and claim a huge refund. While it doesn’t always work out so well for the fraudster, the IRS still gives out billions each year in fraudulent refunds. In 2014, for example, it paid out $5.8 billion that it shouldn’t have, and that’s just the fraud it identified. Unfortunately, this year that could be your money.

Your Social Security number is THE key piece of information a scammer needs to file a bogus return on your account. To keep it safe:

* Do not carry your Social Security card in your wallet or purse. Keep your Social Security card and any other document that shows your Social Security number in a safe place. Learn the five steps to survive a lost or stolen wallet.

* Only share your Social Security number when absolutely necessary. For instance, though a doctor’s office will often request your Social Security number, rarely are you actually required to provide it. Learn more about that and other things you need to know before your next doctor’s visit.

* Safeguard your personal financial information in your home and on your computer. Change online passwords regularly. Check out our tip for making safe and secure passwords.

* Review your credit reports and your Social Security Administration earnings statement each year for accuracy. Check out your credit report and score for free. A big unexpected change in your credit score might mean a thief has struck.

Virus Total Security firm – Adds FIRMWARE scanning for malware

Virus Total has enhanced it services to now include Firmware based malware as noted below

https://threatpost.com/virustotal-supports-firmware-scanning/116072/

Successful attacks against firmware are rare but provide hackers with one thing they covet most: persistence.  Advanced attack groups have already accelerated their capabilities in finding ways to burrow into the BIOS and EFI as noted by the Snowden leaks’ description of the NSA’s attempts to develop malware implants for the BIOS. Further, last year’s disclosure by Kaspersky Lab of the Equation Group’s espionage platform, and specifically a persistence module that targets the firmware of a number of leading hardware vendors, demonstrated how resourced attackers could gain undetectable and perpetual persistence on machines.

Virus Total said the new tool supports:

* Apple Mac BIOS detection and reporting.
* Strings-based brand heuristic detection, to identify target systems.
* Extraction of certificates both from the firmware image and from executable files contained in it.
* PCI class code enumeration, allowing device class identification.
* ACPI tables tags extraction.
* NVAR variable names enumeration.
* Option ROM extraction, entry point decompilation and PCI feature listing.
* Extraction of BIOS Portable Executables and identification of potential Windows Executables contained within the image.
* SMBIOS characteristics reporting.

Featuring WPMU Bloglist Widget by YD WordPress Developer