I really like this way of thinking outside the box! Some of the old, and current, concepts on password complexity, length, history etc. are being revised. There is some new thinking on the matter, based mainly on trends and analytics Microsoft has done via millions of hack attempts on Azure based resources.
New Microsoft recommendations:
- “Maintain an 8-character minimum length requirement (and longer is not necessarily better).
- Eliminate character-composition requirements.
- Eliminate mandatory periodic password resets for user accounts.
- Ban common passwords, to keep the most vulnerable passwords out of your system.
- Educate your users not to re-use their password for non-work-related purposes.
- Enforce registration for multi-factor authentication.
- Enable risk based multi-factor authentication challenges.”
Read it here
Thousands of Hacked Home Routers are Attacking WordPress Sites
Fascinating blog from WordFence, one of the best WordPress firewall out there. They uncovered attacks coming from various countries and regions. The target is home networks. There is a router vulnerability called “Misfortune Cookie” [really] that is being exploited. It appears many home routers are hacked with this vulnerability and they in turn launch attacks. The tricky part here is that the launched attacks are actually small per home router, so detection is difficult.
The really weird thing is that the IPS are coming from all over the place, but attacks from Algeria [!] are increasing dramatically.
Read the WordFence Blog here
Now that the Microsoft ‘LinkedIn’ purchase is completed, Microsoft is aggressively pursuing more relevant and very forward-thinking usage of all its applications in the SaaS [Office 365] world.
Nutshell: lots of resume / job searching /social profile types of integration between ‘LinkedIn’ and Office applications.
“With its $26 billion acquisition of LinkedIn getting the thumbs up from EU regulators, Microsoft is wasting no time in integrating the social platform with its productivity software.
The goal — as described by the tech giant’s CEO Satya Nadella — is to utilize LinkedIn’s networking and learning resources to help people “develop new skills online, find new jobs, and easily connect and collaborate.” “
Read it here
I had a chance to set up, install, and look around in/at Windows Server 2016 Datacenter Technical preview 5. Wow, it is exciting and seemingly sleek and fast so far.
See my page for more.
Yeah, I see no reason for people to stay with VMware. You get free virtualization with the latest Windows Server 2012 and [soon to be released] 2016, especially if you purchase the Datacenter version.
‘Microsoft offers free Windows Server 2016 licenses to VMware switchers’
Read it here
Yikes – Multi-vector and SPEED: ‘a DDoS attack against an unnamed European media organization that peaked at 363G bps (bits per second)’. That ‘G’ is not a typo.
‘Attackers launch multi-vector DDoS attacks that use DNSSEC amplification’
I actually thought they were already gone, but I guess there has been a bit of a resurgence [?]. Whatever it was, it is now mostly over. This is a great idea – pay phones are generally spread out pretty nicely.
‘Good riddance payphones: NYC’s free gigabit Wi-Fi kiosks go live’
I just finished a simple Exchange Shell page. Exchange 2010 / 2013 Management Shell type commands can be very useful and highly effective. If the task at hand can be done easily by the Console, then I usually just stick with that.
But sometimes it is best to go straight to the Shell!
There are hundreds and hundreds of these WordFence Firewall entries on Riguy.Com. I blocked some IPs here and there; that will work for a while. I wonder what these nice people from Ukraine would ever want with my most humble of web sites? Regardless, thanks WordFence [awesome security plugin]!
Memo to self: be sure to double check updated WordPress plugins immediately after doing the update!
It is like stating the obvious, but nonetheless very important to remember the above. I just updated the Captcha and WordFence plugins. I saw an error, but remembered to check the Plugins section to verify they are running. Once activated the plugins are fine. Some seem to need this, while others activate ‘automagically’.
WordFence Security hard at work, on my humble website ;>
I love this Plugin [although I use the free version for my personal website, our work pays for it because it is worth every penny].
You don’t see this humility enough on the modern web >>
“My previous insight was totally wrong. I’ll fix this issue in near future.”
The honesty is very refreshing. I may just check that product [a plugin] out! ;>
Microsoft has a wonderful proactive family or child safety type of feature that is very nice and extremely useful. It monitors your kid’s web browsing, Apps use, and overall screen time. It sends a weekly report to the parent. It is all set up through the parent’s Microsoft account. This service is free and super easy to use. Your child does not even need to know about it. I know, I know, this makes some uncomfortable. But remember – you are not ‘Big Brother’. But you are Mommy or Daddy.
It is a very good idea to peruse the simple, emailed weekly report – you never know when your child will start to wander into potentially dangerous areas of the Internet. It takes under 30 seconds to review.
“Add kids to your family to help them stay safer online. Adults in the family can view reports of kids’ online activity, limit how long and when they use their devices, and help make sure they don’t see inappropriate websites, apps, or games. Manage family settings online at account.microsoft.com/family, and changes will be applied to any Windows 10 device the child signs in to. You can also add adults to your family who will also be able to apply settings to children in the family. ”
I get this weekly ….
Interesting piece on the latest Windows Phones. Microsoft continues to struggle in finding their place in the smart phone world. It is too bad, because personally, I think they are fantastic overall.
“Microsoft Sacrifices Lumia 950 And 950 XL For A Stronger Surface Phone”
Announced in October 2015, and released a month later, the Lumia 950 and Lumia 950 XL smartphones have not set the world alight. The first ‘out of the box’ Windows 10 powered smartphones occupy a curious pivot point in Microsoft’s plans. What do they tell us about the direction of Microsoft and how it will approach mobile in 2016?
Between them they represent the end of a line of smartphones that stretches back to Nokia’s 2011 decision to go with Windows Phone rather than Android, They also represent Microsoft’s future attitudes to smartphones as a single element of a wide range of Windows 10 powered devices all living on the same code-base, all sharing information, applications, and data, through Microsoft’s cloud-based services.
The two handsets build on past glories, and point the way towards a potential future. Unfortunately it is a very unclear future. With CEO Satya Nadella focusing on Microsoft’s software and cloud services it means that much of the functionality that made Windows Phone a commendable choice in the past is no longer exclusive to the Lumia handsets. You can run Microsoft’s cloud services on iOS and Android easily, and in terms of process and workflow there’s little difference between Windows, Android, and iOS.”
Read it here
Is it me or is the ‘Google’ on the search page much bigger than it used to be? I thought my browser window had been ‘zoomed’ to about 125% or similar. But it turns out, this is their new super-sized word logo ;> It takes getting used to, if you ask me.
But it does get them NOTICED, that much is certain.