Year: 2016

LAST DAY TO REGISTER
10/4/16

EVENT DATE
10/5/16

EVENT LOCATION
Midtown, NYC
FULL DETAILS AND REGISTRATION
www.nymjcsc.org

I will be speaking.

A group of friends who are Microsoft MVP create a group of tools to protect from ransomware, this is done vie a combination of documents, policies, recovery keys, and instruction sets for other tools native to Windows Server and Desktop OS’s. We also include suggestions of how you can modernize your network configuration best practices a build a great solution for your clients. What really nice about this solution is the cost. The Solution is donation based!!

The link for more information is here

Remember training user on opening email and links are part of the process in reducing risk of Ransomware, and good security practices.

Lock at this BOGUS screen

What cool about this is how they added the location and the IP address into the scareware screen…

This is NOT real, but how many people would fall for this.  If you are  a home user running windows 10 here a go trick to know click on the windows key and type support one of the FREE options is help from Microsoft ….. If you at work you should contact your Help desk.

Remember Microsoft does not call customers and tell you that have problems with your computer.
If you get that call hang up !

I found a great article on Security Baselines for Windows

Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.

Security Baselines

A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.

Where can I get the security baselines?

Here’s a list of security baselines that are currently available.

Note: If you want to know what has changed with each security baseline, or if you want to stay up-to-date on what’s happening with them, check out the Microsoft Security Guidance blog.

Windows 10 security baselines

• Windows 10, Version 1511 security baseline
• Windows 10, Version 1507 security baseline

Windows Server security baselines

• Windows Server 2012 R2 security baseline

To read the full article please go Here

Would you like to learn about the latest and greatest features that Microsoft has built into PowerShell Version 5? Be sure to check out this course, and get the details that can enable you to begin using these features immediately.

Explore the new features in PowerShell, including changes in security, scripting, debugging, and administration role management, along with the PowerShell Gallery, ScriptAnalyzer, and DSC. Plus, learn to install modules, implement the Wait Debugger, look at Just Enough Administration, and much more.                                    

  Learn about features in PowerShell.

To take this course Click HERE

Corey Hynes and Ward Ralston teach this course about the features and functionality that have been added to this new version of Windows Server, along with those that were modified from previous versions.

See demonstrations and get high-level overviews, from a practical and a conceptual standpoint. Take a look at what’s new in Windows Server 2016 Hyper-V and software-defined networking, learn about the latest in software-defined storage, and hear about security features, including Credential Guard. Plus, explore containers and Nano Server, along with implementation and management.                                    

Another MVA class  Dive into Windows 10 with award-winning journalist and Windows Expert Ed Bott, along with Microsoft Technical Evangelist Jennelle Crothers, in this course covering tips, shortcuts, and top utilities for Windows 10.
Every IT Pro knows from firsthand experience that the sheer volume of Windows programs and accessories says a lot about its power and complexity. In these seven modules, get advice and hands-on training on Windows 10 tools that can help you work faster and smarter, including File Explorer, Event Viewer, Task Manager, and more. Plus, review tools for all skill levels, from end users to experts and professionals.  

To view the course click Here

Part of the “Microsoft Azure Essentials” series, this ebook helps SQL Server database users understand Microsoft’s offering for SQL Server in Azure. Learn how SQL Server in Azure is similar to SQL Server in an on-premises environment, and how they are different. The author, a content lead for Azure.com, walks you through the steps of getting started with SQL Server in an Azure virtual machine and with Azure SQL Database. Follow the numerous screenshots to create a trial subscription, create SQL Server in an Azure virtual machine, create an Azure SQL Database, migrate an on-premises database to each Azure environment, create users, back up and restore data, and archive data
 You can get the book Here

The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details, will be released to the recipient’s social media contacts, family, and friends if a ransom is not paid. The recipient is instructed to pay in Bitcoin, a virtual currency that provides a high degree of anonymity to the transactions. The recipients are typically given a short deadline. The ransom amount ranges from 2 to 5 bitcoins or approximately $250 to $1,200.
The following are some examples of the extortion e-mails:

“Unfortunately your data was leaked in a recent corporate hack and I now have your information. I have also used your user profile to find your social media accounts. Using this I can now message all of your friends and family members.”

“If you would like to prevent me from sharing this information with your friends and family members (and perhaps even your employers too) then you need to send the specified bitcoin payment to the following address.”

“If you think this amount is too high, consider how expensive a divorce lawyer is. If you are already divorced then I suggest you think about how this information may impact any ongoing court proceedings. If you are no longer in a committed relationship then think about how this information may affect your social standing amongst family and friends.”

“We have access to your Facebook page as well. If you would like to prevent me from sharing this dirt with all of your friends, family members, and spouse, then you need to send exactly 5 bitcoins to the following address.”

“We have some bad news and good news for you. First, the bad news, we have prepared a letter to be mailed to the following address that details all of your activities including your profile information, your login activity, and credit card transactions. Now for the good news, You can easily stop this letter from being mailed by sending 2 bitcoins to the following address.”

Fraudsters quickly use the news release of a high-profile data breach to initiate an extortion campaign. The FBI suspects multiple individuals are involved in these extortion campaigns based on variations in the extortion emails.

If you believe you have been a victim of this scam, you should reach out to your local FBI field office, and file a complaint with the IC3 at www.ic3.gov. Please include the keyword “Extortion E-mail Scheme” in your complaint, and provide any relevant information in your complaint, including the extortion e-mail with header information and Bitcoin address if available.

• Do not open e-mail or attachments from unknown individuals.
• Monitor your bank account statements regularly, as well and as your credit report at least once a year for any fraudulent activity.
• Do not communicate with the subject.
• Do not store sensitive or embarrassing photos of yourself online or on your mobile devices.
• Use strong passwords and do not use the same password for multiple websites.
• Never provide personal information of any sort via e-mail. Be aware, many e-mails requesting your personal information appear to be legitimate.
• Ensure security settings for social media accounts are turned on and set at the highest level of protection.
• When providing personally identifiable information, credit card information, or other sensitive information to a website, ensure the transmission is secure by verifying the URL prefix includes https, or the status bar displays a “lock” icon.

The FBI does not condone the payment of extortion demands as the funds will facilitate continued criminal activity, including potential organized crime activity and associated violent crimes.

This is a repost of a FBI Public Service announcement