Archive for Security

How to Spot Phone Scams

I wrote a post back in January 2016 on Fake Phone Calls. I’ve recently come across another helpful website with more information on recognizing phone scams. I hope you find it helpful.

How to Spot Phone Scams Guide

Microsoft’s EMET 5.0

In case you missed it, Microsoft rolled out version 5.0 of their Enhanced Mitigation Experience Toolkit (EMET) in July 2014. This follows on the heels of EMET 4.0 (Nov 2013) and EMET 4.1 (May 2014).

image

What is EMET?

You may be asking yourself What is EMET? Why should I install it? Where or when should I install it? Susan Bradley has written an in-depth article on EMET, covering all of these questions. I highly recommend reading her article.

EMET helps defend against zero-day threats. It is a standalone security application, but that does not mean that it should be installed on every workstation. The basic guideline is to install EMET on this systems where you do any online tasks that involve sensitive personal information, purchases and online banking.

EMET: A Customer’s Perspective

Installing EMET

EMET can be installed standalone, which is what I am showing here. The EMET manual offers additional information and guidance for businesses and domain-based networks.

If you have a previous version of EMET installed, you will need to uninstall it first and reboot before installing EMET 5.0.

If you wish, go ahead and download and install EMET 5.0 now! Installation is straightforward, and does not require a reboot of the workstation. EMET 5.0 supports Window clients Vista SP2, Windows 7 SP1, Windows 8/8.1, as well as Windows Server 2008 SP2, 2008 R2 SP1, 2012 and 2012 R2.

The only suggestion I would make when installing EMET 5.0 is to select “Use Recommended Settings”:

image

After installing EMET 5.0, you will find a new Padlock icon in your list of notification-area icons in your taskbar.

image

Right click on the Padlock icon, and select Open EMET to view the EMET Settings.

image

Windows Update Advisory

Last week Microsoft rolled out a large set of updates that cover both the Windows operating system and Microsoft Outlook. In my testing, the updates have installed fine. However, Microsoft has indicated that they have since removed some of the Windows OS updates from distribution on Friday – based on early feedback from users that they may cause a “Blue Screen of Death” (BSOD) situation.

The most sever case is with MS14-045. For details on the updates in question, check out this ZDNet article.

For I.T. personnel, Ed Langley (Naked PowerShell) has written a  series of PowerShell scripts (click here) to determine if any of the relevant updates are installed on a system.

  1. If you, tend to periodically run Windows Updates on your own workstations, I would advise against doing so until I hear more from Microsoft.
  2. The Microsoft Office updates are not involved, and can be applied as desired.
  3. Finally, it’s because of situations like these that I recommend that servers are NOT configured to have updates automatically applied.

There is nothing you need to do as a response to this email. This is simply an advisory – unless of course you have encountered a workstation that has had a BSOD.

https://technet.microsoft.com/en-us/library/security/ms14-045.aspx

http://support.microsoft.com/kb/2982791

Microsoft Security Essentials Crashing on XP

Microsoft Security Essentials (MSE) is Microsoft’s free anti-virus program for personal use, and for businesses with 10 or less computers. Microsoft has indicated that is you already have MSE installed on Windows XP, then it will be supported and updated for another year, given that XP is no longer a supported platform.

To my surprise, I was at a client’s office on Wed April 16th and powered up two XP workstations. Both of them hung for the longest time right after logging in. Once they did come up, I was presented with various error messages about MSE. With no time to investigate, I went ahead and uninstalled MSE and then installed a different anti-virus program.

Today, I heard that the a bad definition file might have been the cause.

Stolen Email Passwords Again!

Yahoo reported today that usernames and passwords of some of their email customers have been stolen. Read the specifics in this ABC News Wire story.

Unfortunately, this is becoming a daily occurrence, and much like the person who kept yelling “fire”, we are slowly becoming numb to these warnings of security breaches and identity thefts. But we must not let down our guard.

So, what can you do? Here are a few suggestions, and by no means complete:

  • Use strong passwords – the password for your email account should (1) contain a combination of letters, numbers and special characters, and (2) be 8 or more characters in length. Why? Because it makes it that much harder for spammers and hackers to break your password. An easy to implement rule is to replace some letters with numbers or similar special characters.
    One example, if your password was “racingcars”, you might change it to “R@c1ngC@r$” – where I simply replaced the letter a with @, the letter i with the number 1, and the letter s with $.
  • Change your email password – if you think your email account has been compromised, go online to your email provider’s web site and change your password immediately.
  • Don’t click on links within emails – especially those that are mass emails sent from financial institutions, stores, or online web sites. Example: if you get an email from PayPal saying there’s an issue with your account, don’t click on the link in the email. Instead, open up your browser and go directly to the PayPal website.
  • Restrict incoming email – if you really want to cut back on junk email, many email programs, including Outlook, will allow you to set up a “Safe Senders” list. If a person is not listed in your “Safe Senders” list, then the email will be sent to your Junk Mail folder. Outlook will also give you the option to automatically add everyone in your Contacts to your Safe Senders list.
  • Learn to use the BCC: field – BCC stands for “Blind Carbon Copy”. If you are going to send out an email to a group of unrelated people, then list their email addresses in the BCC: field rather than the TO: field.
  • Never send confidential information by email – if someone needs your social security number, call them and give it to them over the phone. Don’t email it. Don’t text it. You have to consider the possibility that anything you put into an email could get into the wrong hands.

C’est la vie!

Calyptix Mail Bagging

I recommend and install Calyptix’s Access Enforcer all-in-one network security appliance at many of my customer sites. Compared to my experience working with some other security appliances, I find the Access Enforcer very easy to install and maintain.

image

If you work with Calyptix, you may not be aware that they do “mail bagging” automatically if you enable SMTP filtering. “Mail bagging” simply means that if (for whatever reason) incoming mail cannot be delivered to your on-premise mail server, the Access Enforcer will hold (bag) it. Once your mail server is back online, it will release the emails.

The Calyptix KB article on mail bagging was updated today to address the proper requirements for using this feature.