Author Archives: Jonathan Brown

Apple iOS 12.1.2 Causes iPhone WiFi Problems

iPhone WiFi Problem:

If your having iPhone WiFi, it’s not a setting.  Apple pushed out iOS 12.1.2 and it’s breaking WiFi.

The most common issue is what this Pennsylvania poster encountered:  “@AppleSupport iOS 12.1.2 update broke WiFi sign in on the iPhone SE. Getting a random PW is incorrect even when was signed on to said WiFi. #MightWantToFixThat”

Apple is remaining silent about the issue but hopefully will release a fix shortly.  In the meantime, if you have not upgraded to 12.1.2 hold off.

“With millions of users around the world still upgrading to iOS 12.1.2 despite warnings (including one Maine, US user taking matters into his own hands), it has now emerged that the update is breaking WiFi as well. Worse still, a lot of users hit with the cellular data bug are suffering from broken WiFi on top, turning their iPhones into expensive paperweights.

Apple iOS 12.1.2 is breaking WiFi and mobile data for users around the worldApple

Once again, complaints from users about the iOS 12.1.2 WiFi problems can be found in every major continent: from North America and South America to Europe and Asia. Furthermore, like the mobile data bug, iPhone owners in the United States are suffering more than most.”

Original Post by 

Share this

INFO: Five steps to secure your identity infrastructure in Azure Active Directory

by kurtsh

This document will help you get a more secure posture using the capabilities of Azure Active Directory by using a five-step checklist to inoculate your organization against cyber-attacks.

This checklist will help you quickly deploy critical recommended actions to protect your organization immediately by explaining how to:

·         Strengthen your credentials.

·         Reduce your attack surface area.

·         Automate threat response.

·         Increase your awareness of auditing and monitoring.

·         Enable more predictable and complete end-user security with self-help.

https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps

Share this

RELEASE: Security Baseline (FINAL) for Windows 10 v1809 and Windows Server 2019

by kurtsh 

 

New security baseline for our OSs was released:
Microsoft is pleased to announce the final release of the security configuration baseline settings for Windows 10 October 2018 Update (a.k.a., version 1809, “Redstone 5” or “RS5”), and for Windows Server 2019.
For now, download the content here: Windows-10-1809-Security-Baseline-FINAL. It will be posted to the Security Compliance Toolkit download site very soon.

Read the entire blog announcement here:
• RELEASE: Security baseline (FINAL) for Windows 10 v1809 and Windows Server 2019
kurtsh | November 29, 2018 at 2:48 am | Categories: Uncategorized | URL: https://wp.me/p15CWC-517

This announcement should indicate that the “October” release of Windows 10 will released to manufacture (RTM) soon. New features include Autopilot, Kiosk Mode, many security features.  Here’s a list of features coming in Windows 10 Release 1809.

Read the entire blog announcement here:
     RELEASE: Security baseline (FINAL) for Windows 10 v1809 and Windows Server 2019

Microsoft Gold Partner

Share this

Microsoft Nonprofit Pricing and Ordering Process is Changed

Microsoft Gold Partner

For nonprofit Microsoft customers, as of May 1st, your process for ordering software and services from Microsoft has changed.  In some cases just the authorization and purchasing method will change.  In others, the prices will go up.

If you order through TechSoup and you work with a Microsoft Partner, you should have a discussion with your Microsoft Partner about what the new plans will mean to your organization.  If you do not work with a Microsoft Partner (and are not big enough to have an Enterprise Agreement – over 500 users), you should find a partner that can help you navigate the new system.

 

General  Networks can help you migrate the new licensing for nonprofits.  If you need help please Contact Us

 

Share this

How to Spot Phishing Messages Like a Pro

Update to STAY SAFE FROM PHISHING. 5 Ways to Stay Safe

June 2018 Volume 13 Issue 06

From the desk of Thomas F. Duffy, MS-ISAC Chair

The Federal Trade Commission’s definition of phishing is “when a scammer uses fraudulent emails or texts, or copycat websites, to get you to share valuable personal information.”[1] When a user falls for a phishing message, the malicious actor achieves their purpose of getting the victim to hand over sensitive information such as login names and passwords. Though we count on technologies and controls to minimize threats, phishing exploits users through social engineering, which allows the malicious actors to side step these protections. This is why it is important that everyone learn to spot these fraudulent messages. Let’s take a look at some example emails of phishing messages.

Message #1

Subject: Low Cost Dream Vacation loans!!!

Dear John,

We understand that money can be tight and you may not be able to afford to go on vacation this year.   However, we have a solution. My company, World Bank and Trust is willing to offer low cost loans to get your through the vacation season. Interest rates are as low at 3% for 2 years. If you are interested in getting a loan, please fill out the attached contact form and send it back to us. We contact you within 2 days to arrange a deposit into your checking account.

Please email your completed form to VacationLoans@worldbankandtrust.com.

Your dream vacation is just a few clicks away!

Dr. Stephen Strange

World Bank and Trust

177a Bleecker Street, New York, NY10012

What did you notice in message #1? 

In this message, you can see that the phisher wants to give us a low-cost loan with no credit check. They say we just need to send them our information and they will give us money, right? Not only does it seem too good to be true, but also when you hover the cursor over the email address to examine it further, you see that the link actually has a different destination. It is the email address of the attacker. Lastly, as much as you might like Dr. Strange, he’s probably not working for a bank part-time.

Message #2

Subject: Free Amazon Gift Card!!!

Dear Sally,

You name has been randomly selected to win a $1000 Amozan gift card. In order to collect your prize, you need to log in with your Amazon account at the link below and update your contact information so we can put your prize in the mail. This is a limited time offer, so please respond to the request within 2 business days.  Failure to respond will forfeit your prize and we will select another winner.

www.amozan.com/giftredemption2321

What did you notice in message #2? 

Aside from this seeming too good to be true, you can see that “Amazon” is misspelled as “Amozan” on the link provided. If you read this quickly, you may think you are responding to the real company to get your gift certificate. In reality, you are providing your information to the attacker. For the purposes of this example, the link actually navigates to the Center for Internet Security, which is a trustworthy site.

Message #3

Subject: Urgent – Take Action Before Your Email Account is Deactivated

Dear User,

Following changes to our Microsoft email systems, each user must authenticate their account to prevent it from being deactivated. You can accomplish this by heading to the link below and entering your Microsoft Outlook email account credentials, and then we will know your account is active and should remain so.

https://www.microsoft.com/

Thank you,

Information Technology

Helpdesk Support Team

What did you notice in message #3?

This email is fairly well crafted without errors. Note that it establishes a sense of urgency that the malicious actor hopes will cloud your judgment and threatens the deactivation of your email account. Additionally, the link at the bottom looks like a link to Microsoft, yet it is, in fact, heading somewhere else! Luckily, for the purposes of this example, that link simply leads to the Center for Internet Security, which is a legitimate site.

With these three examples considered, here are some basic recommendations to help protect you from becoming a phishing victim:

  • If it seems too good to be true, it probably is;
  • Hover your cursor over links in messages to find where the link is actually going;
  • Look for misspellings and poor grammar, which can be good signs a message is a fraud;
  • And, never respond to an email requesting sensitive personal information (birthday, Social Security Number, username/password, etc.).

 

Additional information and a phishing game can be found on the FTC’s website, https://www.ftc.gov/.

 

Share this