I wrote a post back in January 2016 on Fake Phone Calls. I’ve recently come across another helpful website with more information on recognizing phone scams. I hope you find it helpful.
In case you missed it, Microsoft rolled out version 5.0 of their Enhanced Mitigation Experience Toolkit (EMET) in July 2014. This follows on the heels of EMET 4.0 (Nov 2013) and EMET 4.1 (May 2014).
What is EMET?
You may be asking yourself What is EMET? Why should I install it? Where or when should I install it? Susan Bradley has written an in-depth article on EMET, covering all of these questions. I highly recommend reading her article.
EMET helps defend against zero-day threats. It is a standalone security application, but that does not mean that it should be installed on every workstation. The basic guideline is to install EMET on this systems where you do any online tasks that involve sensitive personal information, purchases and online banking.
EMET: A Customer’s Perspective
EMET can be installed standalone, which is what I am showing here. The EMET manual offers additional information and guidance for businesses and domain-based networks.
If you have a previous version of EMET installed, you will need to uninstall it first and reboot before installing EMET 5.0.
If you wish, go ahead and download and install EMET 5.0 now! Installation is straightforward, and does not require a reboot of the workstation. EMET 5.0 supports Window clients Vista SP2, Windows 7 SP1, Windows 8/8.1, as well as Windows Server 2008 SP2, 2008 R2 SP1, 2012 and 2012 R2.
The only suggestion I would make when installing EMET 5.0 is to select “Use Recommended Settings”:
After installing EMET 5.0, you will find a new Padlock icon in your list of notification-area icons in your taskbar.
Right click on the Padlock icon, and select Open EMET to view the EMET Settings.
Last week Microsoft rolled out a large set of updates that cover both the Windows operating system and Microsoft Outlook. In my testing, the updates have installed fine. However, Microsoft has indicated that they have since removed some of the Windows OS updates from distribution on Friday – based on early feedback from users that they may cause a “Blue Screen of Death” (BSOD) situation.
The most sever case is with MS14-045. For details on the updates in question, check out this ZDNet article.
For I.T. personnel, Ed Langley (Naked PowerShell) has written a series of PowerShell scripts (click here) to determine if any of the relevant updates are installed on a system.
There is nothing you need to do as a response to this email. This is simply an advisory – unless of course you have encountered a workstation that has had a BSOD.
Microsoft Security Essentials (MSE) is Microsoft’s free anti-virus program for personal use, and for businesses with 10 or less computers. Microsoft has indicated that is you already have MSE installed on Windows XP, then it will be supported and updated for another year, given that XP is no longer a supported platform.
To my surprise, I was at a client’s office on Wed April 16th and powered up two XP workstations. Both of them hung for the longest time right after logging in. Once they did come up, I was presented with various error messages about MSE. With no time to investigate, I went ahead and uninstalled MSE and then installed a different anti-virus program.
Today, I heard that the a bad definition file might have been the cause.
Yahoo reported today that usernames and passwords of some of their email customers have been stolen. Read the specifics in this ABC News Wire story.
Unfortunately, this is becoming a daily occurrence, and much like the person who kept yelling “fire”, we are slowly becoming numb to these warnings of security breaches and identity thefts. But we must not let down our guard.
So, what can you do? Here are a few suggestions, and by no means complete:
C’est la vie!
I recommend and install Calyptix’s Access Enforcer all-in-one network security appliance at many of my customer sites. Compared to my experience working with some other security appliances, I find the Access Enforcer very easy to install and maintain.
If you work with Calyptix, you may not be aware that they do “mail bagging” automatically if you enable SMTP filtering. “Mail bagging” simply means that if (for whatever reason) incoming mail cannot be delivered to your on-premise mail server, the Access Enforcer will hold (bag) it. Once your mail server is back online, it will release the emails.
The Calyptix KB article on mail bagging was updated today to address the proper requirements for using this feature.