Security Protection – Harry Waldron MVP Rotating Header Image

Uncategorized

Leadership – Mothers day examples

John Maxwell has excellent weekly blog for managers and leadership 

http://www.johnmaxwell.com/blog/dont-forget-mothers-day

A mother is not a person to lean on, but a person to make leaning unnecessary. –Dorothy Canfield Fisher

Mothers hold their children’s hands for a short while, but their hearts forever. –Unknown

A mother is a person who, seeing there are only four pieces of pie for five people, promptly announces she never did care for pie. –Tenneva Jordan

I love my mother as the trees love water and sunshine–she helps me grow, prosper, and reach great heights. -Adabella Radici

My mom is a never-ending song in my heart of comfort, happiness, and being. I may sometimes forget the words but I always remember the tune.- Graycie Harmon

We may not be able to prepare the future for our children, but we can at least prepare our children for the future. -Franklin D. Roosevelt

Microsoft Security Updates – MAY 2015

Critical security updates to Microsoft Windows, Office, IE, and other products became available on Patch Tuesday.  All corporate and home users should promptly update for the best levels of protection against new threats

https://isc.sans.edu/forums/diary/May+2015+Microsoft+Patch+Tuesday+Summary/19685/

http://technet.microsoft.com/en-us/security/bulletin/MS15-may

Microsoft Security – Advanced Threat Analytics (ATA) monitors user behavior

Microsoft Advanced Threat Analytics (ATA) is new Azure AD security monitoring tool for cloud based applications, that has been ported for on-premises monitoring. The preview version is now available for evaluation and testing, as shared below 

http://blogs.technet.com/b/ad/archive/2015/05/04/microsoft-advanced-threat-analytics-public-preview-release-is-now-available.aspx

http://blogs.microsoft.com/blog/2014/11/13/microsoft-acquires-aorato-give-enterprise-customers-better-defense-digital-intruders-hybrid-cloud-world/

We’ve just released the preview of Microsoft Advanced Threat Analytics (ATA). Microsoft ATA is a new on-premises product that brings Azure AD style security monitoring and anomaly detection on-premises. Microsoft ATA is based on the innovative work done by Aorato, a startup company we acquired in November. Today in the cloud we can detect and help protect your organization against a host of attacks, including brute force attacks, attacks from anonymizers, anomalous attacks from atypical locations and many other types of attacks.  Customers have told us that they LOVE the level of monitoring and security we provides them. In many cases it’s richer than what they get on-premises.

And customers are constantly asking “Could you give me something that provides me the same level of monitoring and security for my on-premises Active Directory that you give me for Azure AD in the cloud?” Today I’m happy to be able to answer “Why yes, we can!”  We’ve just released the preview of Microsoft Advanced Threat Analytics (ATA). Microsoft ATA is a new on-premises product that brings Azure AD style security monitoring and anomaly detection on-premises. Microsoft ATA is based on the innovative work done by Aorato, a startup company we acquired in November.

How does it work? — After a simple deployment wizard, a non-intrusive port mirroring configuration copies all Active Directory-related traffic to Microsoft ATA while remaining invisible to attackers. Microsoft Advanced Threat Analytics then analyzes all Active Directory related traffic and receive relevant events from your corporate SIEM to enrich the attack story. It’s important to mention that ATA stores all the information locally on-premises, so your data will not leave the organization.  The detection engine automatically starts learning and profiling behaviors of users, machines, and resources, and then leverages Machine Learning technology to paint a picture of normal, everyday activity.  After becoming familiar with normal user behavior, ATA looks for anomalies to raise red flags and build the attack story that alerts security teams once those abnormal activities have been contextually aggregated with the near real-time detection of advanced attacks and security risks to create a complete and easy to comprehend attack timeline.

Designed for simplicity — We love to keep it simple! Microsoft Advanced Threat Analytics is a non-intrusive solution, our deployment is very simple, you don’t need any rules, policies or agents, just configure port-mirroring and within a few hours you will see results!  Many security analysts have told us that they are overwhelmed with the constant reporting of traditional security tools and the task of sifting through them to locate anomalies. The ATA attack timeline is a clear, efficient, and convenient feed that surfaces the right things at the right time, giving you the power of perspective on the who, what, when, why, and how. ATA provides visibility like in a social network, you can search for any users, devices or resources and see their behavioral profile.

Microsoft Windows – Control Panel tips

Tips and techniques for using Control Panel are shared for both Windows 7 and Windows 8 users

http://www.pcmag.com/article2/0,2817,2483646,00.asp

http://pcsupport.about.com/od/tipstricks/a/control-panel-command-line.htm

http://www.wikiwand.com/en/Control_Panel_(Windows)

There are probably life-long Windows users who have never accessed the Control Panel—the interface for taking care of all the of the operating system’s settings. With the Control Panel, you can add or remove software/hardware, administer users’ accounts, take care of you security settings, change how Windows looks and acts, and a lot more. It’s powerful stuff. And scary for non-techies.

Consider this a quick-and-dirty intro to some of the less obvious things you should know about accessing the Control Panel—which is, really, just a virtual folder full of applets in a single location within Windows. It’s been that way since Windows 95, but we’re going to concentrate on the latest versions of Windows, the popular Windows 7, and the “we put up with it until the next one” Windows 8/8.1. We can’t cover everything you can do with Control Panel—that would fill entire books, and even then, not comprehensively. But we can get you started on the basics.  On Windows 7, click Start and Control Panel from the menu. It’s that simple.

There’s one other view—click the “View by” drop-down at the top of control panel and select “Large icons” or “Small icons” to get a long list of all the applets available. This is sometimes called the “Classic View” since that’s how control panels were displayed before Windows 7. This view includes every Control Panel applet that comes with Windows, plus any third-party control panel applets. In this screen you’ll see Quicktime from Apple, Flash from Adobe, and Rapid Storage Technology from Intel, for example.

Microsoft – 2015 BUILD and IGNITE Conferences share future directions

The MSDN channel 9 streaming broadcasts were excellent in their coverage of the 2015 Ignite conference.  These conferences were highly educational in sharing upcoming developments for future Microsoft product capabilities

http://www.informationweek.com/software/enterprise-applications/windows-10-hololens-office-microsoft-details-its-vision/d/d-id/1320319

Microsoft’s back-to-back conferences, Build and Ignite — which took place over the past two weeks in San Francisco and Chicago, respectively — offered updates on Windows 10, HoloLens, and Microsoft Office that provide insight into the company’s vision for the future of enterprise apps.

Build, one of Microsoft’s most popular annual events, is typically geared towards developers, but usually proves a hotspot for consumer news as well. With Windows 10 arriving later this year, it was predicted that the new OS would take the spotlight at Build. Indeed, those predictions came to light during Microsoft’s time in San Francisco. Updates on the new OS poured out of Build, ranging from advancements in HoloLens to the Windows 10 IoT Core Insider Preview. Now, developers can start building projects based on Windows 10. During the Build conference, we also learned about Windows Phone support for Android apps and the availability of Visual Studio for OS X and Linux users. We found out that we should start calling “Project Spartan” Microsoft Edge. We saw a killer demonstration of Continuum, which automatically adjusts the Windows 10 interface according to the device at hand.

Ignite is a new event hosted by Microsoft and designed “for big thinkers looking for an edge,” including enterprise developers and architects, as well as senior business tech decision-makers who are pursuing innovation. The event is a combination of various smaller conferences, including Microsoft TechEd, MMS, SharePoint, Lync, Project, and Exchange events. What Windows 10 was to Build’s keynote, Microsoft Office was to Ignite’s. During the kickoff, Microsoft executives discussed the many changes coming to the desktop and cloud versions of Office later this year. Productivity and collaboration were the focal points of the Ignite keynote and announcements throughout the week. We got a snapshot of how productivity will look on devices running Office 2016, which will range from Microsoft’s Surface Hub to iPhone. We saw how OneDrive for Business will be integrated with Office 2016 to streamline the process of attaching emails and granting permissions. We learned that Skype for Business will become the go-to platform for Office 365 meetings to enable video chat and content co-creation across Office apps.

Linux Malware – Jellyfish Rootkit

New Linux malware techniques have emerged as a proof-of-concept rootkit, that allows more stealth-like capabilities to hide in infected systems undetected.

http://www.computerworld.com/article/2920343/security/new-linux-rootkit-leverages-gpus-to-hide.html

A team of developers has created a rootkit for Linux systems that uses the processing power and memory of graphics cards instead of CPUs in order to remain hidden. The rootkit, called Jellyfish, is a proof of concept designed to demonstrate that completely running malware on GPUs (graphics processing units) is a viable option. This is possible because dedicated graphics cards have their own processors and RAM.

Such threats could be more sinister than traditional malware programs, according to the Jellyfish developers. For one, there are no tools to analyze GPU malware, they said. Also, such rootkits can snoop on the host’s primary memory, which is used by most other programs, via DMA (direct memory access). This feature allows hardware components to read the main system memory without going through the CPU, making such operations harder to detect.

Users probably shouldn’t worry about criminals using GPU-based malware just yet, but proof-of-concepts like Jellyfish and Demon could inspire future developments. It’s usually just a matter of time before attacks devised by researchers are adopted by malicious attackers.

Malware – Upatre Botnet infects with Dyre bank info stealer

The Internet Storm Center and other security firms are warning the Upatre Botnet.  The initial approach in infecting users is through massive spam attacks.  During the infection process, it will drop Dyre on the user’s machine.  Dyre is a bank information stealer threat that hides in a stealth-like manner and has capability to pattern match and potentially intercept bank account credentials.

https://isc.sans.edu/forums/diary/UpatreDyre+the+daily+grind+of+botnetbased+malspam/19657/

Malicious spam (malspam) delivering Upatre/Dyre has been an ongoing issue for quite some time.  Upatre is the malware downloader that retrieves Dyre (Dyreza), an information stealer described as a “Zeus-like banking Trojan”.  Earlier this year, EmergingThreats reported Upatre and Dyre are under constant development, while SecureWorks told us banking botnets continue to deliver this malspam despite previous takedowns.

Botnets sending waves of malspam with Upatre as zip file attachments are a near-daily occurrence.  Most organizations won’t see these emails, because the messages are almost always blocked by spam filters. Because security researchers find Upatre/Dyre malspam nearly every day, it’s a bit tiresome to write about, and we sometimes gloss over the information when it comes our way.  After all, the malspam is being blocked, right? Nonetheless, we should continue to document some waves of Upatre/Dyre malspam to see if anything is changing or evolving.

ADDITIONAL LINKS LISTED BELOW

https://www.us-cert.gov/ncas/alerts/TA14-300A
http://www.secureworks.com/cyber-threat-intelligence/threats/dyre-banking-trojan/
http://securityintelligence.com/dyre-wolf/
http://www.networkworld.com/article/2878966/microsoft-subnet/dyre-banking-trojan-tweaked-to-spread-upatre-malware-via-microsoft-outlook.html
http://www.emergingthreats.net/about-us/blog/dyre-upatre-constant-development
http://www.secureworks.com/cyber-threat-intelligence/threats/banking-botnets-persist-despite-takedowns/
https://major.io/icanhazip-com-faq

Office 2016 – Public Preview available

Microsoft has announced availability of the public preview version of Office 2016:

http://blogs.office.com/2015/05/04/office-2016-public-preview-now-available/

Since March, we’ve shared some glimpses of what’s to come in Office 2016. Today, we’d like to give a more holistic view of what customers at home and work can expect in the next release. In Office 2016, we’re updating the Office suite for the modern workplace, with smart tools for individuals, teams, and businesses.

Your documents, anywhere — Across the Office 2016 applications, it’s easier to use the power of feature-rich applications to create, open, edit and save files in the cloud from your desktop, so you can access them from anywhere and on any device. In addition, new modern attachments in Outlook make it easy to attach files from OneDrive and automatically configure permission for the recipients—without leaving Outlook. All making it easier to share and collaborate on your work with others.

Collaboration — Real-time co-authoring is available in the Office Online apps today and we’re bringing that experience to the Windows Desktop applications, starting with Word. When you and your team are working in Word 2016 and/or Office online, you’ll be able to see where other editors are working and what they are writing—all in real-time.

Smart Applications — Applications will learn as you work, taking advantage of subtle cues and clues to help you stay on task and get more out of Office. Tell Me, a new search tool available in Word, PowerPoint, and Excel, serves up the commands you need by simply typing what you want to do.

Data analysis made faster and easier — New analysis capabilities are built into Excel, so you can pull, map, analyze and visualize your data faster and easier than ever.

New for IT – Office 2016 will offer new security, compliance, and deployment features, giving organizations more control over sensitive data and IT more flexibility in deployment and management.

Computer Hardware – Gartner warns of price increase in 2nd half 2015

http://www.computerworld.com/article/2916485/computer-hardware/pc-prices-to-go-up-later-this-year-gartner-warns.html

PC prices have enjoyed record lows for many years now, but buyers might have to shell out a few more bucks for their desired laptop or desktop later this year. Research firm Gartner is sounding the alarm that PC prices might go up later this year due to recent currency fluctuations. The effect may especially be felt in Europe and Japan, where local currencies are weakening against the U.S. dollar. The alternative to rising prices is fewer features. PC makers might opt for less memory, a cheaper webcam or a lower-capacity hard drive to avoid higher prices. PC makers do something similar every holiday shopping season when they sell computers at rock-bottom prices. Businesses will likely cut the PC purchases by 20 percent this year, Gartner said.

Windows 10 Phone – Review of preview version

The Windows 10 phone O/S was tested by Redmond Magazine as described in article below

http://redmondmag.com/articles/2015/04/14/first-look-at-windows-phone-10.aspx

We’re getting closer to the much anticipated release of Windows 10 and the gifts from Redmond just keep coming. Recently, Microsoft announced a preview of what many are referring to as Windows Phone 10 (the more official name seems to be Windows 10 for Phones).

The initial preview release is somewhat limited in that the OS will only run on specific models of Windows phones. I couldn’t risk installing the preview on my “production” phone and none of my lab phones were supported. Some Web sites have published hacks for installing Windows Phone 10 onto unsupported devices, but I didn’t want to risk bricking a lab phone. Besides, I wanted to experience the preview as Microsoft intended. Uortunately, there was an easy solution. I was able to get an AT&T Nokia Lumia 635 No Contract GoPhone from Amazon for under $50. Upon receiving the device I was able to install the Windows Phone preview onto it very easily.