Security Protection – Harry Waldron MVP Rotating Header Image

Facebook – WhatsAPP may allow business messaging directly to users

Facebook recently purchased the popular smart phone messaging company WhatsAPP.  It may allow business to directly send special messages and discounts to Facebook customers

Last year, Facebook purchased the massively popular messenger application WhatsApp for $21.8 billion. Under the site’s ownership, the app’s user base has continued to grow at a rapid rate, going from 600 million users last August to 800 million now. However, the app isn’t cheap to run; while it made $14 million in the first half of 2014, it lost a staggering $232 million through stock-related expenses during that same time period. What does that mean for users? They’ll likely soon experience Facebook’s efforts to monetize the app—and those efforts might feel invasive.

“We think that enabling that B2C [business-to-consumer] messaging has good business potential for us,” Facebook Chief Financial Officer David Wehner said at a tech conference this week. “As we learn those things, I think there’s going to be opportunities to bring some of those things to WhatsApp, but that’s more longer term.”

In other words, businesses could directly communicate with you on WhatsApp, the same space where you host private conversations with friends. These companies won’t directly interact with your friends in any way or intrude on your conversations, but the fact that they’re entering that space is sure to freak out some privacy-concerned users. As Facebook gathers more and more information about its users, the more advertising is likely to reach you—on both public and private platforms.

Leadership – Success achieved through Lessons Learned approach

John Maxwell’s leadership blog features key tactics to learn from our mistakes and improve during future endeavors

If you’re going to lose—and you are because everyone does—then why not turn it into a gain? How do you do that? By learning from it. A loss isn’t totally a loss if you learn something as a result of it. Your losses can come to define you if you let them. If you stay where a loss leaves you, then eventually you can get stuck there. But you can choose to change, grow, and learn from your losses.   A loss doesn’t turn into a lesson unless we work hard to make it so. Losing gives us an opportunity to learn, but many people do not seize it. And when they don’t, losing really hurts.

Learning is not easy during down times, because it requires us to do things that are not natural. It is hard to smile when we are not happy. It is difficult to respond positively when numb with defeat. It takes discipline to do the right thing when everything is going wrong.   If that is your desire—to become a learner from losses—you need to change the way you look at losses, cultivate qualities that help you respond to them, and develop the ability to learn from them. I believe you can do that using this road map:

1. Cultivate Humility: The Spirit of Learning
2. Face Reality: The Foundation of Learning
3. Accept Responsibility: The First Step of Learning
4. Seek Improvement: The Focus of Learning
5. Nurture Hope: The Motivation of Learning
6. Develop Teachability: The Pathway of Learning
7. Overcome Adversity: The Catalyst for Learning
8. Expect Problems: Opportunities for Learning
9. Understand Bad Experiences: The Perspective for Learning
10. Embrace Change: The Price of Learning
11. Benefit from Maturity: The Value of Learning

Windows 10 – Microsoft Cortana ported to iOS and Android

The new Cortana personal assistant software facility will be available as an APP for iOS and Android smart phones and tablets to augment WIN10 functionality on these devices if desired by users when WIN10 is launched later this year.,2817,2484667,00.asp

Watch out Siri, Cortana is coming. Microsoft today announced that its Cortana digital assistant will be available on iOS and Android when Windows 10 launches later this year.   Windows 10 Bug ArtIt will work “as a companion to Cortana on your Windows 10 PC,” Redmond said in a blog post. “The ‘Phone Companion’ app on the PC will help you install the Cortana app from the Google Play or Apple App Store onto your phone so you’ll be able to take the intelligence of Cortana with you, wherever you go.”

“The Cortana app can do most of the things Cortana does on your PC or on a Windows phone,” wrote Joe Belfiore, corporate VP of Microsoft’s Operating Systems Group. “You can have Cortana remind you to pick up milk the next time you’re at the grocery store, and then your phone will wake up and buzz with the reminder. You’ll be able to track a flight using Cortana on both your phone and your PC, and get the updates on the device that you’re on so you don’t miss anything.”

Changes to Cortana’s Notebook—where you set up your interests, calendar, and daily routine—will sync across all devices, Belfiore said. Due to iOS and Android restrictions, Windows Phone users will get more Cortana functionality, like toggling settings, opening apps, turning on hands-free access by saying “Hey Cortana.”

Leadership – Mothers day examples

John Maxwell has excellent weekly blog for managers and leadership

A mother is not a person to lean on, but a person to make leaning unnecessary. –Dorothy Canfield Fisher

Mothers hold their children’s hands for a short while, but their hearts forever. –Unknown

A mother is a person who, seeing there are only four pieces of pie for five people, promptly announces she never did care for pie. –Tenneva Jordan

I love my mother as the trees love water and sunshine–she helps me grow, prosper, and reach great heights. -Adabella Radici

My mom is a never-ending song in my heart of comfort, happiness, and being. I may sometimes forget the words but I always remember the tune.- Graycie Harmon

We may not be able to prepare the future for our children, but we can at least prepare our children for the future. -Franklin D. Roosevelt

Microsoft Security Updates – MAY 2015

Critical security updates to Microsoft Windows, Office, IE, and other products became available on Patch Tuesday.  All corporate and home users should promptly update for the best levels of protection against new threats

Microsoft Security – Advanced Threat Analytics (ATA) monitors user behavior

Microsoft Advanced Threat Analytics (ATA) is new Azure AD security monitoring tool for cloud based applications, that has been ported for on-premises monitoring. The preview version is now available for evaluation and testing, as shared below

We’ve just released the preview of Microsoft Advanced Threat Analytics (ATA). Microsoft ATA is a new on-premises product that brings Azure AD style security monitoring and anomaly detection on-premises. Microsoft ATA is based on the innovative work done by Aorato, a startup company we acquired in November. Today in the cloud we can detect and help protect your organization against a host of attacks, including brute force attacks, attacks from anonymizers, anomalous attacks from atypical locations and many other types of attacks.  Customers have told us that they LOVE the level of monitoring and security we provides them. In many cases it’s richer than what they get on-premises.

And customers are constantly asking “Could you give me something that provides me the same level of monitoring and security for my on-premises Active Directory that you give me for Azure AD in the cloud?” Today I’m happy to be able to answer “Why yes, we can!”  We’ve just released the preview of Microsoft Advanced Threat Analytics (ATA). Microsoft ATA is a new on-premises product that brings Azure AD style security monitoring and anomaly detection on-premises. Microsoft ATA is based on the innovative work done by Aorato, a startup company we acquired in November.

How does it work? — After a simple deployment wizard, a non-intrusive port mirroring configuration copies all Active Directory-related traffic to Microsoft ATA while remaining invisible to attackers. Microsoft Advanced Threat Analytics then analyzes all Active Directory related traffic and receive relevant events from your corporate SIEM to enrich the attack story. It’s important to mention that ATA stores all the information locally on-premises, so your data will not leave the organization.  The detection engine automatically starts learning and profiling behaviors of users, machines, and resources, and then leverages Machine Learning technology to paint a picture of normal, everyday activity.  After becoming familiar with normal user behavior, ATA looks for anomalies to raise red flags and build the attack story that alerts security teams once those abnormal activities have been contextually aggregated with the near real-time detection of advanced attacks and security risks to create a complete and easy to comprehend attack timeline.

Designed for simplicity — We love to keep it simple! Microsoft Advanced Threat Analytics is a non-intrusive solution, our deployment is very simple, you don’t need any rules, policies or agents, just configure port-mirroring and within a few hours you will see results!  Many security analysts have told us that they are overwhelmed with the constant reporting of traditional security tools and the task of sifting through them to locate anomalies. The ATA attack timeline is a clear, efficient, and convenient feed that surfaces the right things at the right time, giving you the power of perspective on the who, what, when, why, and how. ATA provides visibility like in a social network, you can search for any users, devices or resources and see their behavioral profile.

Microsoft Windows – Control Panel tips

Tips and techniques for using Control Panel are shared for both Windows 7 and Windows 8 users,2817,2483646,00.asp

There are probably life-long Windows users who have never accessed the Control Panel—the interface for taking care of all the of the operating system’s settings. With the Control Panel, you can add or remove software/hardware, administer users’ accounts, take care of you security settings, change how Windows looks and acts, and a lot more. It’s powerful stuff. And scary for non-techies.

Consider this a quick-and-dirty intro to some of the less obvious things you should know about accessing the Control Panel—which is, really, just a virtual folder full of applets in a single location within Windows. It’s been that way since Windows 95, but we’re going to concentrate on the latest versions of Windows, the popular Windows 7, and the “we put up with it until the next one” Windows 8/8.1. We can’t cover everything you can do with Control Panel—that would fill entire books, and even then, not comprehensively. But we can get you started on the basics.  On Windows 7, click Start and Control Panel from the menu. It’s that simple.

There’s one other view—click the “View by” drop-down at the top of control panel and select “Large icons” or “Small icons” to get a long list of all the applets available. This is sometimes called the “Classic View” since that’s how control panels were displayed before Windows 7. This view includes every Control Panel applet that comes with Windows, plus any third-party control panel applets. In this screen you’ll see Quicktime from Apple, Flash from Adobe, and Rapid Storage Technology from Intel, for example.

Microsoft – 2015 BUILD and IGNITE Conferences share future directions

The MSDN channel 9 streaming broadcasts were excellent in their coverage of the 2015 Ignite conference.  These conferences were highly educational in sharing upcoming developments for future Microsoft product capabilities

Microsoft’s back-to-back conferences, Build and Ignite — which took place over the past two weeks in San Francisco and Chicago, respectively — offered updates on Windows 10, HoloLens, and Microsoft Office that provide insight into the company’s vision for the future of enterprise apps.

Build, one of Microsoft’s most popular annual events, is typically geared towards developers, but usually proves a hotspot for consumer news as well. With Windows 10 arriving later this year, it was predicted that the new OS would take the spotlight at Build. Indeed, those predictions came to light during Microsoft’s time in San Francisco. Updates on the new OS poured out of Build, ranging from advancements in HoloLens to the Windows 10 IoT Core Insider Preview. Now, developers can start building projects based on Windows 10. During the Build conference, we also learned about Windows Phone support for Android apps and the availability of Visual Studio for OS X and Linux users. We found out that we should start calling “Project Spartan” Microsoft Edge. We saw a killer demonstration of Continuum, which automatically adjusts the Windows 10 interface according to the device at hand.

Ignite is a new event hosted by Microsoft and designed “for big thinkers looking for an edge,” including enterprise developers and architects, as well as senior business tech decision-makers who are pursuing innovation. The event is a combination of various smaller conferences, including Microsoft TechEd, MMS, SharePoint, Lync, Project, and Exchange events. What Windows 10 was to Build’s keynote, Microsoft Office was to Ignite’s. During the kickoff, Microsoft executives discussed the many changes coming to the desktop and cloud versions of Office later this year. Productivity and collaboration were the focal points of the Ignite keynote and announcements throughout the week. We got a snapshot of how productivity will look on devices running Office 2016, which will range from Microsoft’s Surface Hub to iPhone. We saw how OneDrive for Business will be integrated with Office 2016 to streamline the process of attaching emails and granting permissions. We learned that Skype for Business will become the go-to platform for Office 365 meetings to enable video chat and content co-creation across Office apps.

Linux Malware – Jellyfish Rootkit

New Linux malware techniques have emerged as a proof-of-concept rootkit, that allows more stealth-like capabilities to hide in infected systems undetected.

A team of developers has created a rootkit for Linux systems that uses the processing power and memory of graphics cards instead of CPUs in order to remain hidden. The rootkit, called Jellyfish, is a proof of concept designed to demonstrate that completely running malware on GPUs (graphics processing units) is a viable option. This is possible because dedicated graphics cards have their own processors and RAM.

Such threats could be more sinister than traditional malware programs, according to the Jellyfish developers. For one, there are no tools to analyze GPU malware, they said. Also, such rootkits can snoop on the host’s primary memory, which is used by most other programs, via DMA (direct memory access). This feature allows hardware components to read the main system memory without going through the CPU, making such operations harder to detect.

Users probably shouldn’t worry about criminals using GPU-based malware just yet, but proof-of-concepts like Jellyfish and Demon could inspire future developments. It’s usually just a matter of time before attacks devised by researchers are adopted by malicious attackers.

Malware – Upatre Botnet infects with Dyre bank info stealer

The Internet Storm Center and other security firms are warning the Upatre Botnet.  The initial approach in infecting users is through massive spam attacks.  During the infection process, it will drop Dyre on the user’s machine.  Dyre is a bank information stealer threat that hides in a stealth-like manner and has capability to pattern match and potentially intercept bank account credentials.

Malicious spam (malspam) delivering Upatre/Dyre has been an ongoing issue for quite some time.  Upatre is the malware downloader that retrieves Dyre (Dyreza), an information stealer described as a “Zeus-like banking Trojan”.  Earlier this year, EmergingThreats reported Upatre and Dyre are under constant development, while SecureWorks told us banking botnets continue to deliver this malspam despite previous takedowns.

Botnets sending waves of malspam with Upatre as zip file attachments are a near-daily occurrence.  Most organizations won’t see these emails, because the messages are almost always blocked by spam filters. Because security researchers find Upatre/Dyre malspam nearly every day, it’s a bit tiresome to write about, and we sometimes gloss over the information when it comes our way.  After all, the malspam is being blocked, right? Nonetheless, we should continue to document some waves of Upatre/Dyre malspam to see if anything is changing or evolving.