Digital-Fortress

10/22/2015

Excellent article.

http://www.centurylink.com/business/enterprise/asset/white-paper/optimizing-for-innovation-colocation-cm150439.pdf

10/21/2015

Today Apple released numerous security updates that resolve a total of 142 vulnerabilities in their iOS, watchOS, OSX, iTunes, and Safari products. Some vulnerabilities are the same throughout various Apple products if they share a similar codebase.

09/15/2015

Some pros and cons here...If it will let me post it. :)

http://windowsitpro.com/site-files/windowsitpro.com/files/uploads/2015/08/Centrify_1001077.pdf

08/28/2015

And the greed factor kicks in. Charge people a lot of coin for something that was given to them free in the first place.

http://www.bleepingcomputer.com/forums/t/588383/sites-using-drwebs-torrentlocker-decryption-taking-advantage-of-victims/

Sites using Dr.Web's TorrentLocker decryption taking advantage of victims - posted in News: As reported earlier this week, Dr.Web has been able to decrypt TorrentLocker files for quite some time, but only for licensed customers. It appears they have also offered this service to their distributors an…

08/25/2015

Not impressed with Microsoft Edge. Techradar had this to say;

Using Sunspider 1.0.2 to test JavaScript performance, Microsoft Edge gave us a score of 118ms compared to Internet Explorer 11, which gave us a score of 137ms. Firefox 37 turned in 260ms and Chrome 43 303ms. Not too shabby.

I need to try this on another computer. My laptop is a beast and it hates Edge.

08/24/2015

Ever get that pesky file stuck in your print queue that is stubborn and you can't seem to get rid of it? There is the sometimes effective ~hurl curses at your machine and reboot it method, or....

I wrote a small batch file to stop the print service, clean the print spooler sub-folder and restart the print service. One annoying block was that Windows wants this to be run in elevated privilege mode. Yes, there are ways around it like running it manually this the elevated privilege prompt, or saving the file somewhere, creating a shortcut to it, then assigning 'run as admin' rights to the shortcut....what a waste of time. Those steps might take at least another 5 seconds. I'm too busy for that.

So, a few more command lines took care of that little issue. However, you still do have to deal with Microsoft's UAC unless you want to turn it off entirely, which I do not recommend. For those of you brave enough to create your own batch file, here is the code. For anyone else interested, PM me your email address and OS build, although this should work for everything up to and including Windows 8.1. Win 10, probably, servers...might need a tweak but it isn't made for them. Cheers.

off

:: BatchGotAdmin
:-------------------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"

REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )

:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"

"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B

:gotAdmin
pushd "%CD%"
CD /D "%~dp0"

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

net stop spooler >nul 2>nul

del /q c:\windows\system32\spool\printers\*.* >nul 2>nul

net start spooler >nul 2>nul

reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

rem all done Microsoft sux
pause

08/22/2015

Cleaning vs. Protection – Why you shouldn’t rely on malware cleaning as a single method to protect your system.

Got another strange pop-up or unexpected crash, and it’s time to take your computer back to the shop, right?

But what if you could avoid losing precious data and time spent with your computer? What if this whole cleaning step could be eliminated entirely? Trust me, that isn't likely, but you can take steps to ensure it is kept to a minimum.

This is why protection is a pivotal topic in the antivirus industry. Cleaning and protecting seem like two methods that aim for the same goal: a computer that is free of any online threats. While a few people still believe that they have nothing important to lose on their devices, we’d like to analyze two significantly different approaches for a security conscious person: cleaning an infected PC versus keeping a PC clean.

The end result or effect may look the same at first glance, but once you learn a few technical details and understand how things truly work, you’ll be surprised how different both approaches actually are.

No need to wear a seat belt, my computer guy will fix it. Um, no.
Not practicing protection because you’ll clean your computer later is like choosing to ride in a car without your seat belt because the doctors will patch you up in the event of an accident.

If you can imagine how ridiculous that is, then you can understand how important protection is for your PC.

Prevention is more than just the preferred method or smartest choice. Below I’ve included some scenarios to illustrate what’s possible if you rely exclusively on cleaning instead of protection.

Infection case #1: Home user with PUPs that continue to collect data after removal.

You’re at your PC hoping to do some online banking, but your screen is obscured by nasty, adult pop-ups and you have no clue how they got there or how to get rid of them. Your next thought is to download one of the many cleaning tools out on the internet to get rid of them. After all, that worked for you before. Unfortunately, when you Google for a program, most of the programs that pop up first, second or third can be just as intrusive and more difficult to remove than the original nasty.

The infection you had was a PUP (Potentially Unwanted Program). It doesn’t put much effort in hiding itself, so luckily for you, it can be removed relatively easy.

The cost? Hours of scans, making sure you research the right software to get and loss of cached data in your browser. The hidden price: that software collected personal information about you and your computer usage habits. You may still encounter weird occurrences in the future while surfing the web, and you may be recognized by various websites and their ad network partners.

Infection case #2: Personal or Business PC's infected by stuff that damages your system.

So, some computer guy told you to make sure automatic Windows updates are enabled on all computers. You check the update settings and realize that the service is completely disabled and won’t allow you to turn it on. Something is obviously wrong with your computer. Just recently you wondered why all Google ads look a bit different, larger, and more prevalent. You pick a malware scanner (Like Emisosft's Emergency Kit) and run a thorough scan.

Well crap....104 infections found. Most of them are harmless PUPs, but there are also a couple dozen active “Agent” Trojan findings. They are remote controlled by a server and form huge botnets with hundreds of thousands of other victim computers. It’s the ideal tool to send billions of spam emails, or even run coordinated DoS attacks on big online services. (unless, of course, they’re willing to pay a huge ransom).

Another listed infection on your scanner is labeled “Rootkit,” which is actually a well-hidden piece of malware that could easily go unnoticed, but watches your online banking activities and redirects some money to an anonymous account in a foreign country.

Your malware scanner does a great job in cleaning all those infections, so you have nothing to worry about, right? Yeah....

This is an important side note. No one single malware removal tool (regardless of what ANY of them say) can effectively and completely clean your machine if it is badly infected. If your machine is badly infected, you may need to take it to an experienced professional to get you back to ground zero before setting up the proper protection to minimize future infection

Well it appears that even though all of the malware was properly removed, your Windows updates are still not working and some operating system components used to enable them don’t even exist anymore. This is because it’s just not the scope of your malware scanner to re-download missing files from Microsoft onto your system. Additionally, your malware scanner can’t know which of your system settings are intentional and which ones are malware-manipulated. As a result, there may be one or more open gates inviting new attackers to take over your computer again. You still most likely have a lot of work to get your machine working properly again.

Bottom line: you need to be a real expert with years of malware analysis experience to be able to reconstruct everything the malware changed, down to the smallest level. Depending on the level of expertise of the professional you go to and how busy they are, I have seen this taking up to a week. Typically, a badly infected system worked on by an elite individual with take approximately 4-5 hours. Anyone who promised an hour turnaround time should not be trusted.

Infection case #3: Irreversible data loss

It’s Tuesday morning and you have get on your computer. But something is wrong with it. All your computer shows is an FBI-branded screen that tells you to send $1,000 USD via an anonymous online payment system. You have 48 hours to do this, or else your data (documents, pictures, videos, music) will be gone forever. Or, you may get one similar that tells you that are basically screwed unless you pay this ransom. This is called ransomware.

You understandably panic and call the most expensive IT company for advice. All they can tell you is that your files have been encrypted with a secret key that can’t be cracked in less than a million years. After some further investigation they give you more bad news: Your automatic backup system failed a couple of weeks ago because nobody noticed the alerts that the software gave on the server. All you can do is reinstate an outdated backup and try to reconstruct all data that has been added since then, or pay that hefty ransom. But, here's the kicker, the ransomware has infected has infected your backups, since they are just on an external hard drive plugged into your machine. Your restore points? Also infected.

This is the situation when malware cleaning has reached its limits. You may be able to remove the crypter if it’s still present, but you have most likely no way to decrypt all your files. It’s a nightmare scenario, and yet it happens to thousands of home users, businesses and institutions around the world every day.

There are some virus in the wild, such as the Expiro, which attack your OS system files, but not your data. If it gets to this point, it's time to just follow this. Clean. If it doesn't work, it's time to go to a professional. There are too many variables to save your personal or business data. As an example, too many times have I have heard customers come to me after having their system either cleaned or Nuked (read below) by a less experienced professional. They pulled of your data, but all your programs are gone. Oh yeah, I with it, your license keys. But, you don't have the keys anymore. You are probably screwed unless you registered the software. I must stress, a highly skilled IT person versus in dealing with these situations will take all these factors into account.

The Nuke Option

After cleaning and making backups of your data, wipe and reload your entire operating system from scratch. I fully understand that many IT people will moan about that idea and argue, “but it takes sooo long to do that, and who’s going to pay for it?” or maybe, “there is necessary old software on that PC that can’t be found/installed anymore”. But honestly, if you really want to clean a system well, it always takes a long time. Furthermore, if the software is truly so old that you can’t find it anymore, isn’t it probably time to replace it with something more modern anyway?

How to help avoid the hassle.

Protection is ideally established in multiple layers that complement each other:

Make sure all software is up-to-date.
Windows updates should never be avoided for any reason for a personal user. In a business environment, you should already have an IT person who has set your updates to come in, but not install. Microsoft is not good about making picture perfect updates. Let him (or her) evaluate them prior to install and then pull the trigger. I'm sure IT will argue about this, but I would be more than happy to 'explain' it to them. I've been doing this for a long time. :) On almost every patch-day (that’s when Microsoft releases a new set of updates for Windows) multiple critical security leaks are being fixed. Many of the patches close critical security leaks that potentially allow attackers to take over your PC remotely. Don’t forget, internet browsers and their plugins like Flash and Java need to be updated as well. BUT, Java and Flash are the most attacked portals to infect your system. You go to a website and it says "you need to run this Flash update". Don't. Use the auto utility or go directly to the website the get a new copy. This is probably an attack on your machine. At times, you don’t even need to download and run a malware file manually to become a victim. Most infections occur via drive-by attacks while you’re surfing the web, or through fully automated bots searching for new victims around the world all day long.

Get good virus/malware protection. There are many good choices out there. I stand by Panda as my program of choice. Free version or Premium version. If you go with the free version, you may want to look at added the paid version of Malwarebytes. It has excellent zero day exploit blocking. More about those another time, as I've been running on for a bit.

Oh, get rid of the preinstalled virus stuff on your new computer. it's probably Norton or McAfee and I do not recommend either.

Make regular backups of all your data.

There are free backup solutions out there. You can use EaseUS todo free backup to get local copies. But, that isn't good enough in my opinion. Grab BackBlaze (or one of another 50 companies online) who give you a cloud based backup as well.

08/05/2015

Ah, good old Microsoft. For those for you who ever have found a service running on your system (Win 7/8/8.1) called Akamai NetSession, this is essentially what this company was doing...

"Akamai does not come right out and say it, but the reason NetSession is installed on your computer is to allow them to use your computer to "upstream" content to other users. By installing NetSession, you are allowing Akamai to use your idle bandwidth to upload files to other Akamai users."

Every time I have seen this installed on a machine, I immediately annihilate it. No vampiring on my customers computers. Everyone should check to see if this is installed on their machine. They say it's harmless as it only uses it when idle. BS. Vampires. Microsoft's firewall has on occasion been known to block parts of it.

So, what does MS do in Windows 10? Yeah, the same thing. View the picture(s) below. When this is on (by default) and the bottom check mark (by default) is solid, that's right, Microsoft is using your computer to update other PC's on the internet.

I will post a step by step on where to turn it off for everyone a bit later when I finish my customer appointments.

08/05/2015

This product has tested out pretty well and this is from his website.

CryptoMonitor Pro is now temporarily free -
A completely new version of CryptoMonitor will be available in the future, and because of this, the current version of CryptoMonitor is now free until this version is released. If you have any questions comments of concerns, please contact us through our "Contact" page.

https://easysyncsolutions.com/CryptoMonitorDetails

EasySync CryptoMonitor is today's best protection against Ransomware like CryptoLocker. Never worry about lose your files to encryption again.

08/04/2015

http://www.zdnet.com/article/windows-10-scam-email-will-encrypt-your-files-for-ransom/

A cautionary tale in being patient, and not skipping the line.

08/03/2015

With the release of Windows 10, it has so far been a mixed bag of results. Performance is slightly better, but battery life on your laptops will take a hit until new drivers are developed for power management. In addition, the interface is cleaner. I plan on posting to my business page to lowdown on new features, with what I like and dislike from personally using it. Several things;

1. Any IT person worth their salt will tell you that doing a clean installation of a new OS is the best practice AND remains the best practice. Microsoft is offering the upgrade route at no cost (for Win7/8/8.1), but not a clean install. Yes, it does involve more work, and reinstalling your programs, but you get a much more stable OS build on your system

2. Starting with Windows 8, Microsoft and the hardware manufacturers have virtually been at war over which party is responsible for building the drivers for the hardware and software to communicate. Case in point, I have had several clients install Windows 10, only to find out that neither side is and has built the correct driver. Some can be irritating, some a much bigger issue. I have seen workstations and laptops that now have no sound, or wireless capabilities, or even wired access (like the wire into your Comcast box).

3. Microsoft will allow you to run an app (you get it through doing your windows updates, registering for the free version).

You can following the instructions from the link below. That being said, I have run that on several machines that ended up being crippled and losing a major component even though this app green lighted everything. But it is a good place to start. And if for some reason, you are still paranoid, send me the make and model number of your workstation or laptop, and I can do a quick look for you.

http://www.intowindows.com/download-windows-10-upgrade-advisor/

Microsoft has finally announced the release date for the final version of Windows 10. The next iteration of Windows operating system will be available on J

07/21/2015

Good old trusty VBA. :)

Private WithEvents Items As Outlook.Items

Private Sub Application_Startup()
Dim Ns As Outlook.NameSpace
Set Ns = Application.GetNamespace("MAPI")
Set Items = Ns.GetDefaultFolder(olFolderCalendar).Items
End Sub

Private Sub Items_ItemAdd(ByVal Item As Object)
On Error Resume Next

If Item.Class = olAppointment And _
Item.Categories "private" Then

Dim objMsg As MailItem
Set objMsg = Application.CreateItem(olMailItem)

objMsg.To = "[email protected]"
objMsg.Subject = Item.Subject
objMsg.Body = "New appointment added to " & Item.Organizer & "'s calendar." & _
vbCrLf & "Subject: " & Item.Subject & " Location: " & Item.Location & _
vbCrLf & "Date and time: " & Item.Start & " Until: " & Item.End

'use Display instead of Send if you want to add a note before sending
objMsg.Send

Set objMsg = Nothing

End If

End Sub