I downloaded the Creators Update last night and did an in place upgrade on my Surface last night and the upgrade went nice and smoothly.
I especially liked the tutorial that pops up with the different features that come with this edition of the Edge browser. As the upgrade isn’t available via Windows Update just yet, you can get a sneak peak at the extra features by looking at the tutorial here.I like the ability to pin and save pages for later and the drop down preview for finding a tab is pretty handy – but it will be interesting to see how well this works when you have tons of tabs open. The combination of Tabman Tabs Manager and OneTab work well for this in Chrome with the former allowing you to get a drop down list of all the tabs open (but no preview) and the latter instantly closing all open tabs and saving them into a html page for later reference – both highly recommended for keeping all those tabs you might read later and reducing the memory footprint for Chrome.
Note you can do a manual install now by going to https://www.microsoft.com/en-us/software-download/windows10 and selecting the option to update now. A small stub file will download, you run this, confirm you really do want to upgrade to the latest version and it downloads in the background. Once downloaded it will automatically install 30 minutes later with several reboots but you can pause or run it now as required.
Filing for future reference for reference in case of a ransomware infection. This list gathers together a list of tools and references that may allow you to get access back to encrypted files.
- Kasperky’s Decrypters
- Kaspersky’s AntiRansomware or Cryptoprevent– prevent infection in the first place
- Avast Decrypters (Multiple tools available)
- Trend Micro Decrypters – Multiple decrypters available
Remember the best way to not get infected is to install a cryptolocker prevention tool (I use the Cryptoprevent), watch the sites you go to, educate yourself on what a phishing attack looks like, don’t run as administrator, use opendns (or google safe browsing) and ensure you have a good backup that is not accessible from your normal machine with your normal credentials.
If you know of any others then please let me know.
Edit – https://www.nomoreransom.org/ is also a good resource and probably should be your starting point. It even allows you to upload an encrypted file (or the ransom note) and will then check what version of crypto you have and let you know if there is a decrypter available for you.
The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick
My rating: 4 of 5 stars
A cautionary tale of just how visible you are on the internet and in todays connected society.
First off I am fully aware of the irony of posting a review of this book online on Goodreads, my blog and Facebook after reading a book on how to be invisible on the internet…..
This was a an entertaining read and although I work in the IT field, there were still some security facts in the book that I was not aware so I learnt a fair amount. There are also some useful references for security tools that I had not been previously aware of (although I’m not a security professional).
Despite the above, the book isn’t too technical to make the non IT person bored but it may well make them paranoid! There is a huge emphasis on becoming invisible in the book through extreme measures such as paying a complete strange to buy some gift cards at a store that doesn’t have cameras in the store OR on the way to the store, then using that to buy bitcoins – twice to ensure they are completely laundered and then using those new coins to purchase various items. Not something that the average person in the street is likely to ever do ……and I must admit I do wonder if someone needs to go to all that trouble, would they be reading this book?
There are useful hints and tips about using secure messaging, email etc that can be used by everyone just to keep their internet usage secure which are not too extreme for the day to day consumer.
But for the ultra paranoid/nefarious, this book will either help you solve some of your issues or make you even more paranoid as it brings up points you hadn’t thought of before….
Thanks to Netgalley for the opportunity to read and review this book.
-
Simplifying Office 365 License Control with Azure AD Group-Based License Management
Simply Office365 licences by just adding users to a group.
-
How was your stay at the Hotel La Playa? – SANS Internet Storm Center
Powershell mapping of wifi and where people have stayed.A companion article to the wifi auditing but this maps information of where the access points could be to provide a rather interesting map of where you have been. Unfortunately not a powershell capable script….yet
-
Investigating Off-Premise Wireless Behaviour (or,
Powershell script to retrieve Wireless access points used across an organization. Very useful to see who is connecting to ” Free Public Wifi” and all the issues that will bring up….
With the recent report of cloudflare credentials being cached/available in search engines, it is always wise to see just how many sites you’ve logged into recently. If you don’t use a password manager, then you will have a fun time going through your browser history, working out what sites you logged into and then changing your passwords.
Hopefully you are using a Password Manager by now and there are several routines available (with source) to check an exported list of urls from your manager of choice against a public list of cloudflare protected sites.
I used CloudFlareChecker as I could use powershell to filter out my password list to url’s first and then run the site list through the tool (which required the .net runtimes installed).
Out of 1200+ url’s in my password export, there were 25 sites using cloudflare. It didn’t take too long to change credentials and update the passwords in LastPass. Yes it’s worth doing for all sites – but I really don’t have time to log into that many websites!
If you don’t use LastPass then there are several other resources at your search engine of choice that will help you check firefox saved passwords (hopefully you don’t), Keepass or even check an individual website for potential issues.
As an aside, I’ve been trying out Dashlane as an alternative to LastPass but I’ve not been very impressed with it so far. It fails to recognise any saved credentials for Office365 and the extension doesn’t even activate in Chrome so I’m staying with LastPass. If you haven’t signed up for a Password Manager yet, then signing up with this Lastpass premium link gives us both a free month of premium access and if you have any questions then let me know.
-
PowerShell Script to Remove Mailbox Folder Permissions
Great script for removing permissions. Needed to use this when migrating mailboxes to office365 where permissions had been previously granted to an ex-employee. The mailbox move fails as the permissions can’t be copied across
-
Upgrading WordPress with WordPress CLI
Script WordPress installs. In theory should never be needed as most installs are set to autoupdate.
-
Managing Usernames and Passwords with PowerShell for SharePoint Online – Petri
Powershell password management. I type my office365 passwords into powershell soooooo many times a day.Some good information here, especially with Windows Credential Manager and never heard of pnp
-
Config Wizard for Unofficial Kodi Addons
Kodi getting started config wizard
-
PowerShell Virtual Chapter – Home
list of the Powershell and sql virtual user group
-
dbatools – best practices and instance migration module
powershell and sql? what more could you want. Not tried yet, but definitely something for future investigation.
-
SQL Database reports
-
Looks like some useful sql admin tools that may be handy for work