Microsoft Inspire – 2022 conference highlights

Uncategorized Comments Off on Microsoft Inspire – 2022 conference highlights
Microsoft Inspire (formerly the Microsoft Worldwide Partner Conference) is a conference held annually by Microsoft Corporation for its partner community.

Microsoft Inspire 2021

https://inspire.microsoft.com/

 

FTC – how to avoid fake collection agency scams July-2022

Uncategorized Comments Off on FTC – how to avoid fake collection agency scams July-2022

Random “robo-calls” are circulating with numerous fake attacks & spoofed dialed phone # to trick consumers.  Any emails, phone calls, etc. from a collection agency requires at least 4 requirements to ensure it is real as noted below:

Want to avoid dishonest debt collectors? Watch this video to learn how | Consumer Advice (ftc.gov)

Bryan asked the collectors for proof of his debt, which they didn’t have. A collector has to give you “validation information” about the debt, either during their first phone call with you or in writing within five days after first contacting you. The collector must tell you four pieces of information:

      • how much money you owe
      • the name of the creditor you owe it to
      • how to get the name of the original creditor
      • what to do if you don’t think it’s your debt

If a debt collector won’t give you this information, report them to the FTC at ReportFraud.ftc.gov. To learn more about your rights, visit consumer.gov/debt. Please share this video with friends and family so they’ll know what to do if they get a call about a debt they don’t think they owe.

Microsoft Unified Update Platform – On-site Windows Update option for 2023

Uncategorized Comments Off on Microsoft Unified Update Platform – On-site Windows Update option for 2023

Microsoft’s new UUP facility is a further improvement of WSUS that will be in beta testing this fall & planned for commercial release during 2023

Microsoft’s On-Premises Unified Update Platform To Control All Windows Updates in 2023 — Redmondmag.com

Preview Unified Update Platform for on-premises update management – Microsoft Tech Community

A private preview of the Unified Update Platform (UUP) for on-premises update management is available for commercial organizations between now and September. This preview prepares you and your organization for the complete transition of servicing to UUP by early 2023. UUP on premises is an integration with Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. This new capability simplifies Windows content management and streamlines the process for upgrading to Windows 11 for those who manage Windows devices with these update management platforms.

thumbnail image 1 captioned Estimated timeline for the preview and general availability of UUP on premises.

 

FTC – YouTube video channel link

Uncategorized Comments Off on FTC – YouTube video channel link

The FTC has a library of consumer protection videos that can be found using the following channel link & a few examples of security videos are shown below

https://www.youtube.com/user/FTCvideos/videos

 

 

 

FTC – SCAM attacks circulating which impersonate ICE and other agencies

Uncategorized Comments Off on FTC – SCAM attacks circulating which impersonate ICE and other agencies

Infographic for ICE

Scammers impersonate US immigration officers | Consumer Advice (ftc.gov)

Here’s how the scam often goes: They call or email saying you’ve violated immigration law. Or that your identity information is wrong or out of date. Or that you owe fees or need to pay an immigration bond. They’ll threaten to alert the police or to have you deported if you don’t give them the information they want. And they’ll tell you not to talk to anyone else about it — which means you can’t double-check their story.  All of this can be very unsettling. So if you come across this scam, here are some things to know:

  • ICE and USCIS never call out of the blue and demand money. So if the caller wants you to pay a fee or share personal details like your date of birth or bank account numbers, hang up. It’s a scam.
  • ICE and USCIS never accept payments using gift cards, cryptocurrency, or wire transfers. If someone asks you to pay this way, it’s a scam. Always.
  • Don’t trust caller ID. Scammers can make their phone numbers look real even if they’re not. Sometimes they’ll have you look up their number to confirm it’s what’s listed on the agency’s website — even if it matches, it could be a trick.
  • Check with ICE or USCIS if you’re unsure about whether a call or email is real. Never call back phone numbers in caller ID or left in voicemails or emails. Instead, type the agency name into a search bar and click on their webpage to find contact information.

CISA – Log4Shell attack research report for unpatched VMware Horizon servers

Uncategorized Comments Off on CISA – Log4Shell attack research report for unpatched VMware Horizon servers

CISA shares a highly detailed & updated Malware Analysis Report  for Log4Shell vulnerability in unpatched VMware Horizon servers.  Hackers have been able to gain access in some circumstances & the Log4Shell vulnerability is one to patch expediently

CISA Releases Log4Shell-Related MAR | CISA

MAR-10386789-1.v1 – Log4Shell | CISA

From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.  Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:

Uncategorized Comments Off on

The FTC has earmarked JULY to provide security awareness to our service men & women.  These excellent tips are applicable to everyone

Defending against impersonator scams | Consumer Advice (ftc.gov)

Scammers come up with all sorts of stories to convince you to send money or share your information. They might call or send you a text or email, pretending they’re tech support from Microsoft or Apple. They’ll tell you to put money on a gift card or spend cryptocurrency to protect yourself from a security breach. Don’t. It’s a scam.    Scammers also pretend to be government agencies like the IRS or Social Security Administration. They’ll claim that something bad will happen if you don’t pay or give them your personal information. Or they might say you’ll miss out on some government benefit. Either way, that’s a scam.

Here’s how to spot the fakers:

  • Know that nobody legit will ever contact you out of the blue, demanding money or information. Hang up. It’s a scam.
  • Don’t trust caller IDScammers know how to fake caller ID so it looks like a real phone number. Even if it has a real name, don’t trust it.
  • Never pay anyone who demands payment by wire transfer, gift card, or cryptocurrencyOnly scammers tell you to pay that way. Hang up if it’s a call. If it’s an email, text, or message on social media, don’t click any links.

Microsoft ACCESS – Fix for July 2022 update issues coming soon

Uncategorized Comments Off on Microsoft ACCESS – Fix for July 2022 update issues coming soon

After the July 12th security updates, MS/Access some very old data base formats became non-accessible & fixes are currently being tested for release soon.

Microsoft Access Fixes Coming Soon To Remedy Patch Tuesday Update Troubles — Redmondmag.com

Access Fix Now Available for VBA Security Patch Issue (microsoft.com)

Microsoft this week indicated that fixes for Microsoft Access problems, which were caused by a botched July 12 “patch Tuesday” security patch release, will be arriving soon. The problematic patch, which wasn’t identified in Microsoft’s announcement, was intended as a security update for the Microsoft Visual Basic for Applications (VBA) component. However, it inadvertently prevented some Access users from opening certain database files.

Specifically, some Access users received error messages when trying to open “ACCDE/MDE” files, which are defined as “Access Execute Only Database” files. The “MDE” part refers to an older file format used by older Microsoft Access versions.  A description of these file formats can be found in this Lifewire.com article.

 

Microsoft 365 – WIP security to be replaced by Purview DLP in future

Uncategorized Comments Off on Microsoft 365 – WIP security to be replaced by Purview DLP in future

For Microsoft 365 cloud base applications — Windows Information Protection (WIP) provides extra cloud based security protection.  It will be replaced by the new Purview DLP facility in the future as Microsoft provides an early notification.

Microsoft Ending the Windows Information Protection Service — Redmondmag.com

Announcing the sunset of Windows Information Protection (WIP) – Microsoft Tech Community

Windows Information Protection, previously known as Enterprise Data Protection (EDP), was originally released to help organizations protect enterprise apps and data against accidental data leaks without interfering with the employee experience on Windows. To address these needs, Microsoft has built Microsoft Purview Data Loss Prevention (DLP), which is deeply integrated with Microsoft Purview Information Protection to help your organization discover, classify, and protect sensitive information as it is used or shared.

Microsoft Purview Data Loss Prevention (DLP) leverages built-in sensitive data detection and native integration with sensitivity labels from Information Protection to enable you to create and enforce policies to prevent sensitive data exfiltration through common egress points. Microsoft Purview DLP is easy to turn on with protection built into Microsoft 365 cloud services, Microsoft 365 Apps (Office), and on endpoint devices with Windows and Microsoft Edge. It is offered and managed as a single, integrated, and extensible offering that allows you to manage your DLP policies from a single location. DLP controls can also be extended to macOS endpoints and Chrome browser, and various cloud apps, such as Dropbox, Box, Google Drive, and others through integration with Microsoft Defender for Cloud Apps.

Apple – JULY 2022 product security updates

Uncategorized Comments Off on Apple – JULY 2022 product security updates

Apple is a key hardware & software vendor for many organizations & several products have had recent security updates

Apple Releases Security Updates for Multiple Products | CISA

Apple security updates – Apple Support

InfoSec Handlers Diary Blog – SANS ISC Apple July 2022 updates

Apple has released security updates to address vulnerabilities in multiple products. These updates address vulnerabilities attackers could exploit to take control of affected systems. CISA encourages users and administrators to review the Apple security updates and apply necessary releases.

 


© 2022 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in