My Thoughts on Microsoft's Enterprise Security

Now we know that Microsoft and any other large tech giant needs to have new enterprise security to prevent hackers from penetrating their networks and control grids. But it's seems to me that the tech giant Microsoft is not sparing no expense in their enterprise security approach and strategy. For example they have hired a lot of cyber security specialists in building their attack protections, detections, and response features into their windows 10 and Microsoft office 365 programs like word, excel, PowerPoint, and etc. If you are going to invest in a $1 Billion dollars into your R and D programs you better make it count because you don't get another opportunity like this again in the corporate world. Normally that upper and executive management are not interested in investing any money in cyber security and enterprise security especially a billion dollars, but as cyber security are being front and center and it seems like in the news there is always a data breach happening almost everyday companies and government agencies are taking a new approach in this new frontier.

I am cautious, but if Microsoft sometime put their security detention protocols in their enterprise security programs into motion and be successful with it then other companies will follow suit. After all this can at least slow down the hackers in their tracks and with their security features this can alert the white hats in advance that a black hat is attempting to hacked into the enterprise security software. The names of the new security features on Window's 10 is called Microsoft Passport, Windows Hello, and Credential Guard this will integrate with the Azure Active Directory in merging with the Advanced Threat Analytics can detect suspicious login patterns, brute force, and pass-the-hash-attacks. Google search these security features on Windows 10 above and check out this article above and tune in next time on cyber brotha peace.

Microsoft's Enterprise Security Apporach:

http://www.computerworld.com/article/3005724/security/microsoft-touts-new-holistic-approach-to-enterprise-security.html?utm_content=buffer6b8dc&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

Can Elections be Hacked?

The way everyone has been talking about data and privacy in Information Technology Security in protecting our sensitive information from cyber criminals and hackers the election comes to mind.  Nothing is safe and secure any more in the cyber security realm and people and politicians needs to realize that their data is not secure. Speaking of which that voter information has been affected in the voting process. We know that most counties in the US has their voter information on private sensitive information like addresses, social security numbers, political party information, phone numbers, and etc. Now what if that information got into the wrong hands by hackers in stealing their identities for criminal purporses.

We have to understand that nothing is secure in cyber space and that including state, federal, county, and city elections. We are not talking about hacking the votes here, but we are talking about campaign information websites, memos, strategies, talking points from candidates on their opponents, and etc. Think about it for a moment what if a hacker creates a fake website of a candidate that the voter wants information on before he or she votes and they click on the website and it redirects them to another site the hackers has make and in order for them to log out of the site they must give their password to get out. Thus leading the hacker to hacked into the victims personal and sensitive accounts like banking, emails, social security numbers, and the list goes on. Check two these two articles on this topic there are more but you have to Google search them tune in next time on Cyber Brotha peace.

Hackers and US elections:
http://www.computerworld.com/article/3016287/security/hackers-likely-to-target-a-us-election-next-year.html


DNC Data Breach:

http://www.nbcnews.com/politics/2016-election/fallout-continues-democratic-data-breach-n484556

Governments needs to update Cybersecurity

Governments from the state, city, county, and federal level needs to update their cybersecurity and network servers in their control grids. The reasons why public sector organizations and agencies keep on getting hacked over and over again is because they are not taking the time to update their networks and not putting cybersecurity as a priority one right now. Not only there are having outdated operating systems, ineffective security configurations, poor password control, failure to install security patches and a lack of timely scanning to detect vulnerabilities. To me this is a failure of leadership from the governor, state house, department heads on down to the cyber security director and I am not saying that government agencies are not behind the times, but they need to work jointly with the private sector i.e. corporate America for partnership on cyber security related issues.

Plus they need to increase their cyber security and budgets every year to fight hackers from hacking into their secure systems. If the governments from city, state , and federal do get on board soon then they will continued to have hacking problems, but this time it will be 10 times worse to the point where government services will be affected the most like payroll for government employees, social security for retirees, Medicare and medical payments from hospitals will grind to an halt, not to mention public safety as well. We have to understand cybersecurity is apart of our world and governments musts update their security networks in this cyber frontier we all live in I know this is scary but we must adapt to this new environment. Stop being reactive and be proactive to the situation at hard governments must need to really update their security patches, and stop making passwords must easy for the hackers to exploit to their advantages so sensitive documents don't get stolen or the files get corrupted by computer virus from internal and external threats. I don't care what a government official says their systems are not 100 percent secure and unhackable if a hacker wants to get into a government server they will find away in it is a cat and mouse game government leaders must become a hacker to take down hackers in their system and databases.

Space Storms

It is possible that in the near future that so called space storms i.e. solar eruptions can destroy our critical computer and industrial systems in the coming years. You might be thinking, "There is no way that is a possible?" Well according to the US government and the National Science and Technology Council they said it is possible they have released their National Space Weather Action Plan in their report. This plan is a worse case scenario that in any event that a solar eruption in space that can disrupt electric power systems, satellites, phone networks, space launches, navigation systems, and the space station itself. That means we have a problem as you know that everything runs on computer and internet connection and if that is disrupted due to the space weather above us then everything will come to a standstill.

For example, crucial GPS on both military and civilian airlines will be disrupted by causing GPS errors, power lines will be overloaded with extra electricity, and etc. I know this is worse case scenario, but we as a people have to be aware of this things it can happen one day in the near and coming future it is food for thought. Also another thing as well if solar eruptions or space storms has the potential to destroy our aging power grid systems and this is why we need to modernize our control grid to withstand solar flares from space storms I hope that policymakers, business executives, scientists government directors from different government agencies, and military leaders to this type of threat seriously in the future.  Here is the NSTC's Action Plan and the article and tune in next time on cyber brotha peace.


Space Storms and Critical Networks
http://www.computerworld.com/article/3002225/disaster-recovery/us-readies-for-space-storms-that-could-crash-critical-networks.html  

NSTC's Action Plan

https://www.whitehouse.gov/sites/default/files/microsites/ostp/final_nationalspaceweatheractionplan_20151028.pdf

Free Wi Fi Zones are Bad

Here are my thoughts on these so called free WIFI zones for today's blog and I have experience in these WIFI zones. First of all I dont bring my laptop or tablet to hotels, the bus station, motels, and even Starbucks for internet access. For one thing hackers can bypass the host WIFI zone password for example Starbucks and since the password is easy to use the hackers can get inside of an account with ease. Plus not to mention can get any banking, email passwords, and other sensitive information at their will causing your computer to go haywire. Another reason why I do not trust free WIFI zones is most times they have slow internet connection and it takes forever to load a page in my viewpoint.

Do not get me wrong they do have some good security options for the WIFI network like for example isolation from LANs or Local Area Networks that allows the guest to isolation his WIFI network from other guest other WIFI networks in area and use the free WIFI network from a starbucks, but on the down side you have to change passwords more frequently then usually I do not change my password for 4 months at a time. But do to the rise of hackers, cyber criminals, and terrorists we have to take precautions when using WIFI networks from public places because you never know who is watching your movements online. Another security option is you can isolate from each other on the guest network what the option does is preventing other guests from doing maliciously things online to other guest on the public network such as inflecting other guests devices to prevent ID theft and somewhat hacking. In my final opinion that I think they should not have free WIFI Zones I think they need to have to pay a fee since they are customers in a business that way the security on the network will be in top order because I have notice that if a customer complaints that they have been hacked on a public network and the business who host free WIFI zones do not enforce their security protocols for customer protection take a look at the screenshots below on what can you do in the so called free WIFI Zones. One final word of wisdom do not I mean do not share your WIFI network on public networks because anyone can have access to them at anytime thank you. Here is the link to the article below tune in next time on Cyber Brotha peace.

To Share or to Not to Share:
http://www.computerworld.com/article/3014184/security/to-share-or-not-to-share-a-look-at-guest-wi-fi-networks.html



Screenshots on Security options:

Secure Routers

You know when I think of routers of any OS system or computer desktops I think of high speed internet connections and nothing more than that. I guess now anything can be compromised and hacked into network routers on your local computers at home or in a business. For example smartphones, tablets, laptops, and refrigerators can  be subjected to compromised by skilled hackers. A compromised router can be used for spying on insecure communications, but can be used for man in the attacks on secure communications on SSL/TLS/HTTPS.

You might be asking to yourself how can my local router can be compromised so easily? It is simple a compromised router can send the unexpected victim into scam websites or fake websites to collect your passwords and slow down your internet connection to the web. When the hackers are using Deniel of Service attacks or DDOS i.e. spamming on your computer. How can you tell is if you notice if you have more ads on your inbox in your email on your spam section and if you open can popped up a virus and it can affected your router as well. Remember the router is the communication tool in your house and it is montiored by your local Internet Service Provider or ISPs in your area. Finally here two links to make sure your router is secure or you can a security checklist tune into the next blog on Cyber Brotha peace.

Router Security Checklist
http://routersecurity.org/checklist.php

How Secure is your router
http://www.computerworld.com/article/3004017/network-security/how-secure-can-your-router-get.html

New Virus called TeslaCrypt

I didn't they was a new software virus called TeslaCrypt and it affects certain kinds of video games like Call of Duty, Minecraft, World of Warcraft, and World of Tanks. Even in the video game world any thing can be hacked and encrypted for malicious purposes for hackers, and cyber criminals to exploit to their gain and advantages. TeslaCrypt is a random soft Trojan virus that can affect video games as far as game saves, custom maps, replays, mods, and profiles on gaming systems.

At one the virus inflected attempts at one time 200 times a day, but now it up to 1800 attempts at this type of rate the certain video games will be affected and do not be surprise if they will be ID thefts as well. I want everyone to remember Swatting where video game hackers use the affected user's address to call the local swat units to get revenge for their losses during Xbox live matches and multiplayer combat. It is gotten to the point where small to medium size businesses are paying big money to recover their important files like customer information, company documents, business deals and acquisitions and mergers and sensitive information on customers.


Like I said before hackers are getting more and more advance by the day inventing new software viruses like Teslacrypt to target popular videos games like a Call of Duty or a World of Warcraft to affect the software in their data systems in the gaming world.  Here are two articles on the topic.


http://www.computerworld.com/article/3015454/security/teslacrypt-ransomware-attacks-are-increasing.html

http://www.computerworld.com/article/2985809/data-security/ransomware-pushers-up-their-game-against-small-businesses.html

Linux Computers at Risk

Every Operating System or OS has a flaws in their programs, but Linux takes the cake for example they have a Grub2 Bootloader system flaws. This allows hackers and cyber-criminals to modify and install malware on a locked down linux system. For those who are with wondering minds may ask what does GRUB stands for it stands Grand Unified Bootloader. It is a system that most Linux suppliers and distributors used to initializing the operating system when the computer starts. It does have a password feature that restrict access to boot entries and with computers with multiple different operating systems.

Organizations relied on this where it is common to disable CD-ROMs, USB flesh drives, and network boot options and set a password for the BIOS/UEFI firmware in order to secure computers from attackers who might gain physical access to the machine. Now without these important boot options attackers, cyber-criminals,and rogue employees can simply put boot from an alternative OS like a live Linux program stored on a USB drive or CD/DVD and access files on a computer drive.

Here is my view on this issue hackers are being more and more advance by the day and like I said nothing is secure anymore in cyber world. That is including OS systems like a Linux system with different variables in programming and coding. It is up to the OS distributors to patched up the security related flaws for mass productive to private sector corporations and public sector government organizations and agencies. That way it can reduce the malware flaws and glitches in the protocols and software systems.

For my next blog I will be talking about business mergers and how does it affect the IT world and customers like you tune in next time on Cyber Brotha peace.


This article talks about GRUB2 and Linux problems

http://www.computerworld.com/article/3015995/security/grub2-bootloader-flaw-leaves-locked-down-linux-computers-at-risk.html