Tool for create and manage the Enterprise Mode site list for Enterprise Mode IE.This tool lets IT Professionals create and update the Enterprise Mode site list for their company, without directly editing the XML. The Enterprise Mode site list only works with Enterprise Mode IE.
Click Here for Download
The installation package for HPC Pack 2012 R2 Update 1 is available for download here. The HPC Pack Image in the Azure Gallery, for both Azure Global and Azure China, is also now generally available. Together with this image, an official PowerShell script tool to deploy an HPC Pack cluster in infrastructure as a service (IaaS) VMs is now downloadable from here.
About two months ago, we announced the release of the Preview version of the Update 1 for HPC Pack 2012 R2, We want to thank everyone who helped us tested the early releases and sent us feedback. We made some important and necessary changes to our official release as a result.
The following are the significant new features in HPC Pack 2012 R2 Update 1:
This post came from Microsoft
| Is it time to level up your skills using Infrastructure as a Service? Want to learn from the best technical engineers and noted technology leaders around? Join Mark Russinovich, Corey Sanders, and members of the Azure Engineering team for a live event delivered online over four days. Join for one session, join for them all. You'll dive deep into technical scenarios, ask questions of the experts, and level up your own skills. Azure IaaS for IT Pros Online Event, December 1-4 | |||||||||||||
|
Become an IaaS go-to guru Mark Russinovich, Microsoft Chief Technology Officer, Azure, will kick off the event, followed by deep technical training in the technologies critical for IT Pro Implementers, like you, to deepen your foundational cloud skills. Following the keynote, experts will share their technical insights on topics including Core IaaS, Cloud Infrastructure Fabric, Open Source Software on Azure, and Workloads on Azure IaaS. Be recognized for your skills Get certified for your skills! Register for the event to receive reminder emails and obtain details for receiving a 50% off exam voucher you can use towards Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions for Microsoft Azure Specialist Certification. Join the live event from 9am to 1pm PST
|
|
Register Here
Computers that are running volume licensing editions of Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008 are, by default, KMS clients with no additional configuration needed.
To use the keys listed here (which are GVLKs), you must first have a KMS host running in your deployment. If you haven’t already configured a KMS host, see Deploy KMS Activation for steps to set one up.
If you are converting a computer from a KMS host, MAK, or retail edition of Windows to a KMS client, install the applicable setup key (GVLK) from the following tables. To install a client setup key, open an administrative command prompt on the client, type slmgr /ipk <setup key> and then press Enter.
if you are looking for KMS Client Setup Key
Go Here
If you bought Windows 8.1 or Windows 8, you can download and install Windows from this page using just your product key
Have your product key handy. You can find it in your online order information, in the confirmation email for your purchase or on the DVD packaging. The product key is a 25-character code that looks something like this:
XXXXX- XXXXX- XXXXX- XXXXX- XXXXX.
Go Here
Linksys EA Router have a security issue, if have EA series routers running the Linksys SMART WiFi firmware it contain multiple vulnerabilities,
CWE-320: Key Management Errors - CVE-2014-8243
An remote, unauthenticated attacker can read the router's .htpassword file by requesting http(s)://<router_ip>/.htpasswd. The .htpasswd file contains the MD5 hash of the administrator password.
CWE-200: Information Exposure - CVE-2014-8244
A remote, unauthenticated attacker can issue various JNAP calls by sending specially-crafted HTTP POST requests to http(s)://<router_ip>/JNAP/. Depending on the JNAP action that is called, the attacker may be able to read or modify sensitive information on the router.
It should also be noted that the router exposes multiple ports to the WAN by default. Port 10080 and 52000 both expose the administrative web interface to WAN users. Depending on the model, additional ports may be exposed by default as well.
A remote, unauthenticated attacker may be able to read or modify sensitive information on the router
FIX go to the Linksys site and download updated firmware files
Reposted form the US-CERT Site
US-CERT warned that:
This attack works by luring users to install an app from a source other than the iOS App Store or their organizations’ provisioning system. In order for the attack to succeed, a user must install an untrusted app, such as one delivered through a phishing link.
This technique takes advantage of a security weakness that allows an untrusted app—with the same “bundle identifier” as that of a legitimate app—to replace the legitimate app on an affected device, while keeping all of the user’s data. This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier. Apple’s own iOS platform apps, such as Mobile Safari, are not vulnerable.
The OFFICAL CERT article follows…---
______________________________
iOS devices running iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta.
A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances.
Masque Attack was discovered and described by FireEye mobile security researchers.[1] (link is external) This attack works by luring users to install an app from a source other than the iOS App Store or their organizations’ provisioning system. In order for the attack to succeed, a user must install an untrusted app, such as one delivered through a phishing link.
This technique takes advantage of a security weakness that allows an untrusted app—with the same “bundle identifier” as that of a legitimate app—to replace the legitimate app on an affected device, while keeping all of the user’s data. This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier. Apple’s own iOS platform apps, such as Mobile Safari, are not vulnerable.
An app installed on an iOS device using this technique may:
iOS users can protect themselves from Masque Attacks by following three steps:
Further details on Masque Attack and mitigation guidance can be found on FireEye’s blog [1] (link is external). US-CERT does not endorse or support any particular product or vendor.
The Microsoft Security Intelligence Report is the most comprehensive threat intelligence report in the industry. It provides data and insights on malware, exploits and vulnerabilities based on data from more than a billion systems worldwide and some of the busiest online services. It also includes actionable guidance to help IT Professionals manage risk. The latest report, Volume 17, focuses on the first half of 2014, with trend data for the last several quarters.
Where you are a PC user or not the insight here are great to read about
You can download the report HERE
Here is the Microsoft update
Published: November 11, 2014
Version: 1.0
On this page
This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software section.
The security update addresses the vulnerability by correcting how Schannel sanitizes specially crafted packets. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability.
posted by: Claud Xiao on November 5, 2014 2:30 PM
filed in: Malware, Mobility, Reports, Threat Prevention, Unit 42
tagged: Apple, globalprotect, iOS, Mac OS X, Maiyadi App Store, WireLurker
Today we published a new research paper on WireLurker, a family of malware targeting both Mac OS and iOS systems for the past six months. We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms based on the following characteristics:
WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.
WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.
WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing. In this whitepaper, we explain how WireLurker is delivered, the details of its malware progression, and specifics on its operation.
We further describe WireLurker’s potential impact, as well as methods to prevent, detect, contain and remediate the threat. We also detail Palo Alto Networks Enterprise Security Platform protections in place to counter associated risk.
WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server. This malware is under active development and its creator’s ultimate goal is not yet clear.
We recommend users take the following actions to mitigate the threat from WireLurker and similar threats:
Download “WireLurker: A New Era in OS X and iOS Malware” here.
This Article was copied from the Nice folks at PALOATO NETWORKS
I found the neat project that is all PowerShell scripts the a Security Professional can use as part of their toolbox
To find out more go here
Here a a few PowerShell script that I use to look al logs and user accounts.
To finding the latest logon time
•Get-QADComputer -ComputerRole DomainController | foreach { (Get-QADUser -Service $_.Name -SamAccountName username).LastLogon } | Measure-Latest
•The following example demonstrates how to find inactive user accounts:
•Search-ADAccount -AccountInactive | where {$_.ObjectClass -eq 'user'} | FT Name,ObjectClass –A
•The following example demonstrates how to find user accounts that have been inactive for 90 days:
•Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | where {$_.ObjectClass -eq 'user'} | FT Name,ObjectClass –A
Retrieving Local Security Log Information
On a local computer, the PowerShell Get-EventLog cmdlet
•get-eventlog-list
•get-eventlog -list |<br>where \{$_.logdisplayname -eq `<br>"security"\}
Find all users who have “Password Never Expires
Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass –A
To Determine Who Has Never Logged On
get-aduser -f {-not ( lastlogontimestamp -like "*") -and (enabled -eq $true)}
Find the Location of a Locked-Out User (jferron)
$DomainControllers = Get-ADDomainController -Filter *
Foreach($DC in $DomainControllers)
{
Get-ADUser -Identity jferron -Server $DC.Hostname `
-Properties AccountLockoutTime,LastBadPasswordAttempt,BadPwdCount,LockedOut
}
Here is a list of updated books by subject area you can download.
Having a DHCP Server on you network that not managed by a IT department is a security issue.
Microsoft has released a new tool for free that you can download that will show you all your DHCP servers that are Authorized and then show you what is not approved This is a Graphic Tool that test by subnet.
Rogue detection tool is a GUI tool that checks if there are any rogue DHCP servers in the local subnet.
See what you have
Choose your network
Following are the features with this tool:
1. The tool can be run one time or can be scheduled to run at specified interval.
2. Can be run on a specified interface by selecting one of the discovered interfaces.
3. Retrieves all the authorized DHCP servers in the forest and displays them.
4. Ability to validate (not Authorize in AD) a DHCP server which is not rogue and persist this information
5. Minimize the tool, which makes it invisible. A tray icon will be present which would display the status.
You can download this tool here
On the Microsoft Virtual Academy site which is free, there is a bunch of training on PowerShell. since I been talk about this for a while her a blog about this.
Getting Started with PowerShell 3.0 Jump Start
This Jump Start is designed to teach the busy IT professionals, admins, and help desk persons about how to use PowerShell to improve management capabilities, automate redundant tasks, and manage the environment in scale. Learn how PowerShell works and how to make PowerShell work for you from the experts Jeffrey Snover, the inventor of PowerShell, and Jason Helmick, Senior Technologist at Concentrated Technology.
Instructors | Jeffrey Snover - Distinguished Engineer and Lead Architect; Consultant; Jason Helmick - Senior Technologist
Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012
Link is Here
Advanced Tools & Scripting with PowerShell 3.0 Jump Start
IT pros, take this advanced PowerShell course to find out how to turn your real time management and automation scripts into useful reusable tools and cmdlets. You’ll learn the best patterns and practices for building and maintaining tools and you’ll pick up some special tips and tricks along the way from the architect and inventor of PowerShell, Distinguished Engineer Jeffrey Snover, and IT pro, Jason Helmick.
Instructors | Jeffrey Snover - Distinguished Engineer and Lead Architect; Consultant; Jason Helmick - Senior Technologist
Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012
Link is Here
On the Microsoft MVA there a a great basic course on security, This course you can prepare for MTA Exam 98-367. Build an understanding of security layers, operating system security, network security, and security software. The course leverages Microsoft Official Academic Course (MOAC) material for this exam.
Topics include
Authentication, Authorization, and Accounting
Understanding Security Policies
Understanding Network Security
Protecting the Server and Client
The link is here for taking training
FREE Microsoft eBooks! Who doesn’t love FREE Microsoft eBooks? Well, for the past few years, I’ve provided posts containing almost 150 FREE Microsoft eBooks and my readers, new and existing, have loved these posts so much that they downloaded over 3.5 Million free eBooks as of last June, including over 1,000,000 in a single week last year (and many, many more since then).
This is a Post copied from Eric Ligman at Microsoft
While at TechEd NA 2014, you were hungry for more info on PowerShell, Hyper-V and Windows 8.1, to name just a few. Now through July 12, 2014, save 40% by applying discount code TECHED during checkout. And if that’s not enough, the Microsoft Press Store offers FREE shipping to US addresses, all the time. And if you’ve ever purchased one of these books, you’ll know just how heavy these can get – and heavy typically equals expensive shipping!
Want to take it with you wherever you go? The Microsoft Press Store has the flexibility to make that happen. This 40% discount also applies to your purchase of an eBook… and you’ll get three formats for use on your devices.
Ready to save? We thought so. Get your discount HERE and enjoy your new book!
In the last few months we see a uptick in Big Web sites being hacked – We saw last month AOL compromised. AOL Inc urged its tens of millions of email account holders to change their passwords and security questions, saying a cyber attack compromised about 2 percent of its accounts
Yesterday EBAY announced that attack carried months had compromised customer data. and EBAY urged 145 million users of its online commerce platform to change their passwords.
You should NOT use the same password for all you sites, you need to use different password for your web sites. However when I say this to user, they say it to hard to do.
I have been a user of some technology for years that helps user accomplish this task. There are Password Manager application that will save all your password in an encrypted system and you just need to remember the master password.
While Password Manager applications will not stop web sited from being hacked they will limit the possibility of a user name/ password that you use on 1 site being used on another site.
You can have each site with very strong password that are unique to each application.
For the purpose of this Blog i will show you a product call Roboform.
to use Roboform you do the following steps
Step 1 Install software
Step 2 Create a Master Password - Your Master Password is the one password you’ll need to remember. This password will encrypt and secure all of your RoboForm data and do not forget it.
Step 3 Go to a web site and add you login info RoboForm automatically offers to save your Login information. It’s that simple.
Step 4 Now when you go to the site again Roboform will enter the login and password automatically.
Some other features for you include
Generate really Strong Passwords that you can use 1 per site and not have to remember
You can find out more about Roboform Here
FYI I have nothing to do with Roboform, I do not sell it, i just use it
Active malware campaign Security researchers have uncovered an active malware campaign in the wild that steals the Apple ID credentials from jailbroken iPhones and iPads..
On the SophosLabs site there is an article about this new attack “Unflod Baby Panda”
This malware will do the following :
When loaded and initialised, the Unflod library hooks the SSLWrite function, used when sending encrpyted data over a secure connection.
That means the malware gets to peek at confidential data before it is encryption for transmission.
then it Watches out for the presence of AppleID credential data.
Uploads credential data it finds to one of two hardcoded IP addresses
If you haven't jailbroken your iOS device, you don't need to worry.
If you are a jailbreaker and you have been circumspect in what you choose to install, you probably don't need to worry.
Nevertheless, just in case, Sophos products detect this malware as iPh/PWS-CFX.
Of course, because a proper anti-virus isn't possible on an unjailbroken iOS device (though, by the same token, malware is in general very unlikely on such devices), there isn't such a thing as Sophos Anti-Virus for iOS.
So, if you want to scan your iPhone or iPad, you'll need to install software that lets you access the files on iDevice remotely so you can scan them with an anti-virus on your desktop or laptop computer.
And to do that you'll need to jailbreak your iDevice...
PS. If you allow remote access to your iDevice by installing the SSH daemon, don't forget that Apple gives the accounts root and mobile the same password on all iDevices (it's "alpine", and yes, hard-wired passwords are a terrible idea). So if you enable sshd, you must change the password on those accounts, as explained here.
The full article is posted here
This is a new campaign from Microsoft that i think we need to remind people to THINK FIRST before you CLICK
You can prevent most computer issues if you THINK FIRST
Source Microsoft
Turn your PowerPoint presentation into an interactive online lesson. We call this a mix. Everything you need to create and share your mix is included. Add audio and video of yourself giving your presentation, write on slides as you talk to them, insert quizzes, practice exercises, and more – all from within PowerPoint. It’s like a screen cast, but better. This is a new Customer Preview
for the Add in Called Office MIX
Bring your PowerPoint presentations to life by adding interactive quizzes, online videos, and even web pages.
Check it out at https://mix.office.com/
to learn more about Office Mix go here
This book is about writing Windows Store apps using HTML, CSS, and JavaScript. Our primary focus will be on applying these web technologies within the Windows platform, where there are unique considerations, and not on exploring the details of those web technologies themselves.
Creating a Password
bird
Sorry the password must be more that 8 characters
bird house
Sorry the password must contain 1 numerical space
1 bird house
Sorry the password cannot have blank spaces
1birdhouseisthisok
Sorry the password must contain at least one upper case character
1birdhouseisthisokNOW
Sorry the password can not use more that one upper case character consecutively
11birdhouseisthisokNowjerk
Sorry the password can not use more that 2 numbers consecutively
11birdhouseisthisokNowjerkfine!
Sorry the password cannot contain punctuation
1birdhouseisthisokNowjerkfineonow
Sorry the password can not use words in the Dictionary
P@ssw0rd
Sorry that password is already in use and now you need to wait 24 hour to change your password
