Wednesday, September 20, 2017
Saturday, September 16, 2017
Here’s what your stolen identity is selling for on the Dark Web
Business and Technology News Here's what your stolen identity is selling for on the Dark Web
How much is your personal data worth to you? A lot. (Thanks, Equifax.) And how much is it worth to an identity thief? You may be surprised, or insulted, or enraged, to find out. Verified high-limit credit cards from countries including the U.S., Japan, and South Korea are selling on the Dark Web for the bitcoin equivalent of about $10 to $20, according to an annual report on cybercrime by Secureworks, a unit of Dell Inc.http://www.sfgate.com/business/article/Here-s-what-your-stolen-identity-is-selling-for-12203490.php
Sent with Reeder
Brief message sent from a mobile device
Thursday, September 14, 2017
Excel 32 bit versus 64 bit
Great article on the Excel performance matter that we’ve been encountering in the past few months.
Friday, September 8, 2017
Thursday, September 7, 2017
Capturing and Inspecting Traffic in Azure Networks
Petri IT Knowledgebase Capturing and Inspecting Traffic in Azure Networks
In this post, I will teach how to capture packets from the NICs of Azure virtual machines using Network Watcher and inspect Azure network traffic at the packet level using Wireshark.
Essential Skill
Time and time again, I hear how important being able to capture and inspect network traffic is. Engineers at Microsoft consider this an important skill. Speakers at technical conferences recommend learning how to do this. I have had to do this sort of work myself to troubleshoot issues or supply data to Microsoft support engineers.
Network Watcher — Packet Capture
The tools in Network Watcher provide us several methods for diagnosing communications issues in Azure virtual networks. One of these tools is called Packet Capture, which allows us to capture packets as they are passing through the NIC of a virtual machine.
Note: the Network Watcher extension must be installed in the virtual machine that you want to capture traffic from.
To do a packet capture, open Network Watcher and go into Packet Capture. Click Add to create a new packet capture and then enter the following information:
- Subscription: Specify the subscription in your tenant that contains the virtual machine that you will capture network packets with.
- Resource group: Select the resource group that contains the virtual machine.
- Target Virtual Machine: Choose the virtual machine.
- Packet Capture Name: Enter a name for the packet capture.
You then must configure the capture configuration:
- Storage Account and/or File: A storage account must be specified. You can select to download it immediately.
- Maximum Bytes Per Packet and Maximum Bytes Per Session: You can limit the size of the capture. By default, the entire packet is captured but you can truncate it. By default, a maximum of 1GiB (the computer science version of a GB, not the 1000-based marketing version) is captured in a session.
- Time Limit (Seconds): The maximum duration is 18000 seconds or 5 hours.
If you clicked OK, then every packet that would pass in/out of the virtual machine would be captured. Often when troubleshooting, we have a bit more intelligence such as:
- Source/destination IP addresses
- Protocol information
We can optionally add one or more filters to limit what packets are captured.
Sponsored
In my example, I am going to capture 60 seconds of RDP (Port 3389) traffic that is coming into a virtual machine called vm-petri-01.
![Capturing RDP packets coming into an Azure virtual machine [Image Credit: Aidan Finn]](https://www.petri.com/wp-content/uploads/2017/08/AzureNewPacketCapture.png)
Capturing RDP Packets Coming Into an Azure Virtual Machine [Image Credit: Aidan Finn]
It takes a few moments for the packet capture to save and then complete the Loading phase. It will automatically enter a Running phase, capture packets, and save them as you specified.
Inspecting a Packet Capture
The resulting packet capture is saved in a storage account with a folder structure that documents the virtual machine and date/time of the capture.
![A packet capture file in a storage account [Image Credit: Aidan Finn]](https://www.petri.com/wp-content/uploads/2017/08/ViewingAPacketCaptureFile.png)
A Packet Capture File in a Storage Account [Image Credit: Aidan Finn]
You can download the capture file (right-click and select Download) and open it. You can also return to the packet capture in Network Watcher and a download link is shared under Status.
The packet capture file is in a .CAP format, which can be opened using Wireshark.
![Network packets captured from Azure and viewed in Wireshark [Image Credit: Aidan Finn]](https://www.petri.com/wp-content/uploads/2017/08/AzurePacketCaptureInWireShark.png)
Network Packets Captured From Azure and Viewed in Wireshark [Image Credit: Aidan Finn]
Sponsored
Now you have your packet capture and it is time to learn how to use Wireshark to analyze the results.
The post Capturing and Inspecting Traffic in Azure Networks appeared first on Petri.
http://feedproxy.google.com/~r/Petri/~3/zUTFX4gEYB0/capturing-inspecting-traffic-azure-networks
Sent with Reeder
Aron
Brief message sent from a handheld device.
Blocking Access to Office 365 for an Ex-employee
Petri IT Knowledgebase Blocking Access to Office 365 for an Ex-employee
Easing Ex-Employees Out of Office 365
It is a natural part of business for employees to leave, one way or another. Some leave of their own volition, some receive encouragement to seek new challenges elsewhere, and some need to be marched out the door by a large security guard without their feet touching the ground.
In the on-premises world, your next step is probably to disable the ex-employee's Active Directory account and impose similar blocks in any other authorization systems that the person might use to access company assets, including keycard access to buildings. Many companies have scripts to automate the steps to secure systems following an employee's departure.
Organizations need similar processes when Office 365 is in the picture. With the growth in mobile apps and devices, it is not enough to simply change a password or disable an account. If someone is leaving the company, you need to consider at least four actions:
- Change the account password.
- Force sign-outs across all Office 365 applications.
- Wipe mobile devices using ActiveSync (or the Clear-MobileDevice cmdlet) or Intune (which offers both full and selective wipes).
- Recover and preserve data. For example, by making the user's mailbox inactive.
If your company provides devices to users, you can add recovery of those devices to the list along with other corporate paraphernalia like ID badges and smartcards. And then there is the small matter of ensuring that you do not pay for licenses (Office 365, Azure AD Premium, add-ons, etc.) for ex-employees for longer than necessary.
Resetting Passwords and Blocking Accounts
It has always been relatively easy to change someone's password using PowerShell or the Office 365 Admin Center. Find the user account, edit its properties and select Reset Password (Figure 1). The only thing to remember when dealing with an account belonging to an ex-employee is not to send them the message with the new password after you receive it from Office 365.
Figure 1: Changing a password for an Office 365 account (image credit: Tony Redmond)
You can also go to the Sign-in status section of the user properties and set it to Sign-in blocked to make sure that Office 365 will allow no further connections to the account. If the user tries to access the account, even with the new password, they will see that their account is locked (Figure 2).
Figure 2: A user account learns that their account is blocked (image credit: Tony Redmond)
The Forced Sign-Out Option Lurking in OneDrive Settings
Changing a password and blocking sign-in to the account is usually enough when people have an amicable exit from the company. But if you need to bring the hammer down immediately to block someone's access to Office 365, you need to force a sign-out. This is especially so in an era of pervasive mobile devices where you want an all-points bulletin to go everywhere to prevent access to company information.
You can force an immediate sign-out using the Office 365 Admin Center or PowerShell. The only problem is that Microsoft buried the ability to force a sign-out for an account in the OneDrive Settings section of the properties for an account (Figure 3) rather than a prominent function like the Reset Password button.
Figure 3: Where the forced sign-out function lives in OneDrive settings (image credit: Tony Redmond)
Apart from obscuring this very valuable feature from administrators, burying the ability to force a sign-out in OneDrive Settings means that it is inaccessible if the person never uses OneDrive. The first time someone goes near OneDrive, SharePoint provisions that user's site and all is well. But if they never use OneDrive and do not have a site, the Admin Center will not display any OneDrive settings.
Revoking Tokens
In most cases, the OneDrive site for a user exists and you can force an account to sign-out through the Office 365 Admin Center. If not, or when you have several accounts to process at the same time, you can use the Revoke-AzureADUserAllRefreshToken cmdlet, which is part of the Azure Active Directory PowerShell module (V2). This is the cmdlet called by the Office 365 Admin Center when it forces a user to sign-out. For example:
[PS] C:\> Revoke-AzureADUserAllRefreshToken -ObjectId Mary.Jones@Office365ITPros.com
The cmdlet works by invalidating all the refresh tokens used to obtain new access tokens for Office 365 applications by setting their expiry to the current date and time. When a user authenticates to connect to an Office 365 application, they create a session with that application. The session receives an access token and a refresh token from Azure Active Directory. An Office 365 access token is valid for an hour (the period can be changed if needed). When that period elapses, an automatic reauthentication process kicks in to get a new access token to allow the session to continue. This exchange can happen if the refresh token is still valid and the account credentials are the same.
Because the forced sign-out invalidates the refresh tokens, the next time a session to an Office 365 application tries to use its refresh token to renew its access, it discovers that the token has expired and so forces the user to reauthenticate. As you have already changed the account password and blocked access, the user cannot reauthenticate.
The exact time when an application enforces the requirement to reauthenticate depends on how much longer the access token for the session is valid when you start the sign-out process and the actions taken by the user. If they stay in the same page, the sign-out happens when the access token expires. On the other hand, the sign-out happens at once if they move to another page within the application, refresh the browser, or open another Office 365 application. This support article has more information about Office 365 access and refresh tokens.
What is important is that once you start the forced sign-out process, the user rapidly loses access to applications. You are guaranteed that all access will finish within an hour.
Sponsored
Easy to Do, If You Know How
The good news is that it is very easy to block user access to Office 365. That is, if you know where to find the forced sign-out feature in the Office 365 Admin Center or know about the PowerShell cmdlet. Now that you do know, it should be all plain sailing from here. All you need to do now is figure out the rest of the process to wipe mobile devices, recover data, reassign or remove licenses, and all the other details involved in handling the transition of people out of an organization.
If you are at the Ignite 2017 conference in Orlando this month, be sure to drop by one of my sessions!
Follow Tony on Twitter @12Knocksinna.
Want to know more about how to manage Office 365? Find what you need to know in "Office 365 for IT Pros", the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.
The post Blocking Access to Office 365 for an Ex-employee appeared first on Petri.
http://feedproxy.google.com/~r/Petri/~3/_7XyDZTNcOQ/blocking-access-office-365-user
Sent with Reeder
Brief message sent from a mobile device
The best hidden gems of the Bay Area suburbs
Bay Area News The best hidden gems of the Bay Area suburbs
A few years ago, we put together our list of San Francisco's best hidden gems and secret spots. Now, we're expanding our search.
http://www.sfgate.com/bayarea/article/best-hidden-gems-of-the-Bay-Area-suburbs-12178041.php
Sent with Reeder
Brief message sent from a mobile device
Monday, September 4, 2017
Best true wireless earbuds: the best AirPod alternatives around
Apple AirPods are great if you own an iPhone and don't mind people calling you "that person who wears those funny Apple earphones".
For the rest of us, there are plenty of other options. A whole new category of true wireless earphones has emerged, letting you truly get rid of headphone cables.
Early models were expensive, suffered from terrible wireless performance and often just didn't sound good enough. But we've picked through the best of the current crop to bring you the best AirPods alternatives around.
The Jabra Elite Sport are currently the ultimate true wireless earphones for runners and other kinds of athletes. There's a heart rate sensor on the right earpiece, letting it monitor your exertion level as you exercise.
A Jabra companion app lets you track your exercise, and you can kick off a workout by pressing a button on one earpiece. Unlike most rivals there are also volume/playback controls on the left earpiece too.
The heart rate tracker is more reliable than most wrist-worn models, as long as you fit the Elite Sport buds properly. And the fit is going to split the audience a bit.
The Jabra Elite Sport don't perch in your ears, they fill them rather like a custom moulded earphone. As a result sound isolation is excellent and the fit very secure. Some will find it too invasive, though.
Road runners need to be double-careful about nearby traffic, although they're excellent at getting rid of terrible gym techno. Jabra offers another solution too. Double-tap one of the buttons and you enter HearThrough mode, which pipes through some ambient sound without ruining your music. This kind of mode often sounds horrible, but it doesn't here.
Jabra recently updated the Elite Sport to boost stamina to a better-than-average 4.5 hours peer charge. And while the carry case only offers enough juice for two bonus charges rather than the 10-15 of some others, it's a very handy little thing: the size of a cufflinks box.
Sound quality is among the best you'll hear from this kind of earphone. It's wide and rich, seeming expansive and dynamic enough to do justice to your music. You don't have too think of these as "just for exercise" earphones.
However, the Onkyo W800BT sound better still. They have better mid-range texture and superior bass control/balance. The higher treble registers of the Jabra Elite Sport also seem a little tamed to our ears, leading to sound that, while good, seems manipulated rather than a flat frequency response.
Read the full review: Jabra Elite Sport
One of the earliest true wireless sets of earphones is still among the best. The Onkyo W800BT arrived to demonstrate these kind of earphones could sound much better than AirPods, and they continue to flatten most of the competition for sound quality.
Richer, wider and with much better stereo separation and 'air' than most, these are a truly satisfying listen. The cohesiveness and detail of the mid-range also hugely outclasses most other earphones of this kind. What else did you expect from Onkyo?
The snag is that their wireless performance is not perfect, especially when you compare them to newer cheaper pairs.
Walking around with them in, you have to put up with occasional blips and some weird drop outs between the master and slave earpieces.
Other parts of the tech aren't quite up to some newer pairs either. Battery life of three hours per charge is only worth a shrug, and the charger case isn't as neat as some.
We're not massive fans of the bulbous look either. You can tell the family resemblance with Onkyo's bigger headphones, but they're a little large and ungainly.
Still, if sound quality matters most they are winners regardless.
Jam has made some cracking budget wireless speakers in its time, so we're not too surprised it has nailed a few elements of the mid-price Jam Ultra wireless earphones.
First, their design is innocuous in just the right way. They have a tough-looking nylon weave exterior, but don't instantly attract attention like a pair of AirPods. They're tasteful, for earphones made by a company called Jam at any rate.
Wireless performance is also fantastic. Even on the occasional time when there was a bit of interference between the two earpieces, the secondary one simply fades out, rather than cutting out abruptly.
The Jam Ultra charge case is neat too, and small enough to fit in a pocket. It's a good job, as the 3-hour battery life isn't too impressive.
Sound quality is fair, but we're disappointed by the leaden, clunky bass. There's good soundstage width and the Jam Ultra are an all-round easy and full-sounding listen, but they'd be much better without the excess warmth and upper bass gumming everything up.
If you like your sound bottom-heavy and fat, step right up, though. The price and design are both good.
The Sol Republic Amps Air look a little similar to the Jam Ultra. This is no great surprise as both companies are owned by HoMedics, master of massage products. Tech works in mysterious ways.
These headphones are far from identical, though. The Sol Republic Amps Air have a scalloped rubberised finish, and the entire back of each earpiece is a big concave button.
They are among the better-looking true wireless earphones at this price, mainly because they don't stick out too far and don't expand sideways too much either. Not everyone will love the 'urban' edge that most Sol Republic earphones have, though.
The Amps Air are "water and rain" resistant according to Sol Republic, which seems to suggest they'll be fine as long as you don't wash the apertures under a tap. They use three little power connectors that interface with the charging carry case.
As with a lot of current true wireless earphones, battery life is a pretty dismal three hours. However, the case has enough charge for up to a mammoth 15 refreshes. You can feel the satisfying density of it too: it's more external battery than carry case.
Bluetooth signal reliability is very solid, with only very occasional interference.
The Sol Republic Amps Air sound is decent, but perhaps best suited to exercise or very casual listening. Bass is very powerful, and it's matched with pronounced but not ear-slashing treble and upper mids.
It's a sort of balance, if not audiophile one. The meat of the mids is limited. You get impact and energy, but not an entirely natural or refined take on your tunes. For use at the gym or during runs, the Amps will work well, though.
The Kitsound Comet True Wireless are about the cheapest AirPod-a-like earphones you'll find in actual shops. Your other options are ultra-low price Chinese manufacturers we struggle to trust most of the time.
Most of these won't get you the solid wireless performance of this Kitsound pair either. While even the most expensive first-wave AirPod imposters tended to suffer from flaky Bluetooth signal, the Kitsound Comet True Wireless are remarkably good.
It's a sign the new chipsets behind this kind of wireless transmission are getting much, much better. There are now few cut-outs, and no ugly garbled digital distortion. They work well.
There is a noise bed you'll notice if listening to podcasts rather than music, though, and sound quality isn't up to much. Hard-edged, sibilant and thin, we've heard earphones bundled with phones sound better. There's also a sound level mis-match between the earpieces, the right sounding slightly louder than the left.
We wouldn't use these as our main earphones. And they don't have the oomph to make great gym or running headphones either. If you care a lot about sound quality, the Kitsound Comet True Wireless aren't for you.
They are also less convenient than more expensive pairs, using little microUSB sockets on each bud rather than a case. Battery life is decent in this class, though, at four hours.
Poor sound quality would put us off these earphones, but making a true wireless pair this cheap that works very well on a pure technical level ears Kitsound a few plaudits.
Many of you will not have heard of Uunique before. It normally makes phone cases and accessories, making the Uunique London Freedom True Wireless one of its techiest products yet.
They are so tech-packed they have more going on than most big-name competitors, actually. As well as true wireless transmission, the Uunique London Freedom True Wireless have active noise cancellation. This is where microphones on the back of the earpieces are used to pipe through inverse sound waves to cancel ambient noise.
The effect isn't particularly pronounced, miles off what you get with a Bose set. However, it does seem to attenuate bass noise a little, which is handy for commuters.
It does have an effect on battery life, though. The Uunique London Freedom True Wireless are quoted as having just 2.5 hours battery life, and in our experience it actually edges closer to the 2-hour mark. Given this low stamina, the battery charger case is a little too large. You'll need to use it a lot. This plastic puck may look good on a table, but with this regularity of charging we want something that'll fit in a pocket a bit easier.
The main black mark on the Uunique London Freedom True Wireless is something else: signal reliability. Cut-outs, blips and momentary loss of signal between the two earpieces are too common. You can improve this a little by moving your phone closer to the main earpiece, and making sure there are no interfering metal objects nearby (your keys), but other sets at the price fare much better.
Sound quality is decent, with no major skews such as ultra-booming bass or very soft treble. They're fairly clear, although they are not particularly refined, with a hint of hardness in the upper mids. Detail is only moderate and the soundstage isn't nearly as wide as the best.
- Our guides to the best earbuds and best wireless earbuds are here to help if you're not ready to go true wireless
http://feedproxy.google.com/~r/techradar/allnews/~3/l7ePGYWd9Ic/best-true-wireless-earbuds-the-best-airpod-alternatives-around
Sent with Reeder
Brief message sent from a mobile device
Ransomware: The future of extortion
Techradar - All the latest technology news Ransomware: The future of extortion
Three years ago, I got a call from a friend who was working as an IT administrator abroad. He told me about something very interesting he came across and I was curious. Out of nowhere, the files in his organization's systems got encrypted leaving a message in their place asking for a ransom for the decryption keys, he explained.
Because he has employed an efficient local backup system, they were able to restore the data and completely ignore the demand by the attackers. Before finishing our conversation, he told me: this is how extortion looks like in the digital world, we will only see more of this.
Unfortunately, his warnings have become a reality as we are witnessing more and more ransomware attacks across the globe. On Saturday, September 2, Indian Computer Emergency Response Team (CERT-In) issued a warning reporting a new wave of spam emails, circulating with common subject lines to spread variants of the Locky ransomware.
According to CERT-In, "over 23 million messages have been sent in this campaign". This is not the first ransomware attack we have seen this year, in fact, this comes after the devastating WannaCry and Petya ransomware attacks that occurred earlier.
The concept of modern ransomware was invented by Adam L. Young and Moti Yung at Columbia University way back in 1995. According to Young and Yung, the idea of cryptoviral extortion or ransomware as it's more commonly known was "a natural by-product of an unnatural union: a former hacker placed in a room with a cryptographer, both given ample time with which to contemplate the dystopia of tomorrow".
When analyzing where the future malicious software attacks might evolve to, their thoughts were defined by the early 90s AIDS Trojan and the 'facehugger' creature from the movie Alien. They concluded that the most effective malware attacks of the future will be like the facehugger, which is almost impossible to remove and any attempt made in that direction will cause more damage.
In their quest for a "digital analogue of the facehugger, a forced symbiotic relationship between a computer virus and its host were removing the virus is more damaging than leaving it in place, they discovered the first secure data kidnapping attack". "We called it cryptoviral extortion", writes Adam L. Young and Moti Yung.
However, encrypting ransomware only came to prominence in late 2013 with the propagation of CryptoLocker, the first ransomware that used Bitcoin to collect ransom money. In December 2013, according to ZDNet's estimates based on Bitcoin transaction information, the operators of CryptoLocker had procured about US$27 million from infected users.
In India, the term ransomware gained attention early this year, after the WannaCry and Petya ransomware attacks affected many government and private organizations globally, nearly bringing certain regions in the world to a stand still. Both WannaCry and Petya were built upon an exploit named EternalBlue, which was leaked from the notorious NSA.
Coming to Locky, it scrambles the contents of a computer or server and demands payment to unlock it, usually by bitcoins, says CERT-In website.
Locky spreads through innocent looking spam emails with common subjects like "please print", "documents", "photo", "Images", "scans" and "pictures". But, what the messages actually contain are "zip" attachments with Visual Basic Scripts (VBS) embedded in a secondary zip file. The VBS file contains a downloader which polls to domain "greatesthits[dot]mygoldmusic[dot]com" (please do not visit this malicious website) to download variants of Locky ransomware.
According to CERT-In, if the system is infected by Locky, then all files will be encrypted, and users are advised to exercise caution while opening emails and organizations are advised to deploy anti spam solutions and update spam block lists.
The biggest vulnerability, despite many precautions the IT admins take, is human error. All you need is one idiot to open a suspicious email and download the attachment to put the whole organization at risk, and this is why ransomware is turning into a popular money making tool for cyber criminals.
According to Tom Simonite, MIT Technology Review's San Francisco bureau chief, in recent years a shift took place in the world of online crime, with the establishment of sophisticated malicious software known as ransomware as a popular and reliable business model for criminals. "The money that can be made with ransomware has encouraged technical innovations. The latest ransomware requests payment via the hard-to-trace cryptocurrency Bitcoin and uses the anonymizing Tor network," writes Simonite.
"If well designed, it provides easier profits than stealing credit card details or banking information and then selling that data on the black market. The crooks "get anonymity, faster profit, and don't have to spend time and money finding middlemen," Uttang Dawda, a malware researcher, told MIT Technology Review.
Cyber criminals are now exploring new shores with ransomware, as two years ago the first ransomware that can encrypt files on an Android smartphone, called Simplocker, was discovered by researchers at the company ESET. Sadly, we will soon witness criminals holding us for ransom by taking control of our automobiles and IOT devices, to even pacemakers.
http://feedproxy.google.com/~r/techradar/allnews/~3/LTRom04n-YA/ransomware-the-future-of-extortion
Sent with Reeder
Brief message sent from a mobile device
Sunday, September 3, 2017
Why You Should Visit Petaluma, California - Forbes Travel Guide Blog
http://blog.forbestravelguide.com/why-you-should-visit-petaluma-california
Brief message sent from a mobile device
Brief message sent from a mobile device
10 best free web hosting providers 2017
http://feedproxy.google.com/~r/techradar/allnews/~3/tCvoEh8NFX0/top-free-hosting-for-uk-businesses-1214296
Brief message sent from a mobile device
Brief message sent from a mobile device
The best WordPress hosting for your business 2017
http://feedproxy.google.com/~r/techradar/allnews/~3/HVBab1AOguc/best-wordpress-businesses-hosting
Brief message sent from a mobile device
Brief message sent from a mobile device
Best Bay Area hikes for beginners
http://www.sfgate.com/bayarea/article/36-awesome-Bay-Area-hikes-for-beginners-11273115.php
Brief message sent from a mobile device
Brief message sent from a mobile device
Subscribe to:
Posts (Atom)