in

myITforum.com

jayferron

  • Power Shell Training for free

    On the Microsoft Virtual Academy site which is free, there is a bunch of training on PowerShell. since I been talk about this for a while her a blog about this.

    Getting Started with PowerShell 3.0 Jump Start

    This Jump Start is designed to teach the busy IT professionals, admins, and help desk persons about how to use PowerShell to improve management capabilities, automate redundant tasks, and manage the environment in scale. Learn how PowerShell works and how to make PowerShell work for you from the experts Jeffrey Snover, the inventor of PowerShell, and Jason Helmick, Senior Technologist at Concentrated Technology.

    Instructors | Jeffrey Snover -  Distinguished Engineer and Lead Architect; Consultant; Jason Helmick -  Senior Technologist

    Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012 

    Link is Here

     

    Advanced Tools & Scripting with PowerShell 3.0 Jump Start

    IT pros, take this advanced PowerShell course to find out how to turn your real time management and automation scripts into useful reusable tools and cmdlets. You’ll learn the best patterns and practices for building and maintaining tools and you’ll pick up some special tips and tricks along the way from the architect and inventor of PowerShell, Distinguished Engineer Jeffrey Snover, and IT pro, Jason Helmick.

    Instructors | Jeffrey Snover -  Distinguished Engineer and Lead Architect; Consultant; Jason Helmick -  Senior Technologist

    Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012 

    Link is Here

  • Free Training on Basic Security training

    On the Microsoft MVA there a a great basic course on security, This course you can prepare for MTA Exam 98-367. Build an understanding of security layers, operating system security, network security, and security software. The course leverages Microsoft Official Academic Course (MOAC) material for this exam.

    Topics include

    Authentication, Authorization, and Accounting

    Understanding Security Policies

    Understanding Network Security

    Protecting the Server and Client

     

    The link is here for taking training

  • Largest collection of FREE Microsoft eBooks ever

    Largest collection of FREE Microsoft eBooks ever, including: Windows 8.1, Windows 8, Windows 7, Office 2013, Office 365, Office 2010, SharePoint 2013, Dynamics CRM, PowerShell, Exchange Server, Lync 2013, System Center, Azure, Cloud, SQL Server, and much more

     

    imageFREE Microsoft eBooks! Who doesn’t love FREE Microsoft eBooks? Well, for the past few years, I’ve provided posts containing almost 150 FREE Microsoft eBooks and my readers, new and existing, have loved these posts so much that they downloaded over 3.5 Million free eBooks as of last June, including over 1,000,000 in a single week last year (and many, many more since then).

     

    This is a Post copied from Eric Ligman at Microsoft

  • Deal on Microsoft Books 40% off

    While at TechEd NA 2014, you were hungry for more info on PowerShell, Hyper-V and Windows 8.1, to name just a few. Now through July 12, 2014, save 40% by applying discount code TECHED during checkout. And if that’s not enough, the Microsoft Press Store offers FREE shipping to US addresses, all the time. And if you’ve ever purchased one of these books, you’ll know just how heavy these can get – and heavy typically equals expensive shipping!

    Want to take it with you wherever you go? The Microsoft Press Store has the flexibility to make that happen. This 40% discount also applies to your purchase of an eBook… and you’ll get three formats for use on your devices.

    Ready to save? We thought so. Get your discount HERE and enjoy your new book!

  • MVP Award in Enterprise Security

    mvp

  • Another Major site hacked

    In the last few months we see a uptick in Big Web sites being hacked – We saw  last month AOL compromised. AOL Inc urged its tens of millions of email account holders to change their passwords and security questions, saying a cyber attack compromised about 2 percent of its accounts

    Yesterday EBAY announced that attack carried months had compromised customer data. and EBAY  urged 145 million users of its online commerce platform to change their passwords.

    You should NOT use the same password for all you sites, you need to use different password for your web sites. However when I say this to user, they say it to hard to do.

    I have been a user of some technology for years that helps user accomplish this task. There are Password Manager application that will save all your password in an encrypted system and you just need to remember the master password.

    While Password Manager applications will not stop web sited from being hacked they will limit the possibility of a user name/ password that you use on 1 site being used on another site.

    You can have each site with very strong password that are unique to each application.

    For the purpose of this Blog i will show you a product call Roboform.

    to use Roboform you do the following steps

    Step 1 Install software

    Step 2 Create a Master Password -  Your Master Password is the one password you’ll need to remember. This password will encrypt and secure all of your RoboForm data and do not forget it.

    Choose your master password screenshot.

    Step 3  Go to a web site and add you login info RoboForm automatically offers to save your Login information. It’s that simple.

    Click on the RoboForm icon to remember an existing password.

    Step 4 Now when you go to the site again Roboform will enter the login and password automatically.

    Choose your master password screenshot.

     

    Some other features for you include

    • RoboForm Identities feature to securely store your name, address, email, credit cards, and all your other information. Just click on your RoboForm Identity to fill entire web forms automatically.

    • Generate really Strong Passwords that you can use 1 per site and not have to remember

    Access your passwords using RoboForm Everywhere.

    You can find out more about Roboform Here

    FYI I have nothing to do with Roboform, I do not sell it, i just use it

     

  • Have you Jailbreak your Iphone or Ipad If so Warning !

    Active malware campaign Security researchers have uncovered an active malware campaign in the wild that steals the Apple ID credentials from jailbroken iPhones and iPads..

    On the SophosLabs site there is an article about this new attack “Unflod Baby Panda”

    This malware will do the following :

    Hooks the SSLWrite function

    When loaded and initialised, the Unflod library hooks the SSLWrite function, used when sending encrpyted data over a secure connection.

    That means the malware gets to peek at confidential data before it is encryption for transmission.

    then it  Watches out for the presence of AppleID credential data.

    Uploads credential data it finds to one of two hardcoded IP addresses

    What to do?

    If you haven't jailbroken your iOS device, you don't need to worry.

    If you are a jailbreaker and you have been circumspect in what you choose to install, you probably don't need to worry.

    Nevertheless, just in case, Sophos products detect this malware as iPh/PWS-CFX.

    Of course, because a proper anti-virus isn't possible on an unjailbroken iOS device (though, by the same token, malware is in general very unlikely on such devices), there isn't such a thing as Sophos Anti-Virus for iOS.

    So, if you want to scan your iPhone or iPad, you'll need to install software that lets you access the files on iDevice remotely so you can scan them with an anti-virus on your desktop or laptop computer.

    And to do that you'll need to jailbreak your iDevice...

    PS. If you allow remote access to your iDevice by installing the SSH daemon, don't forget that Apple gives the accounts root and mobile the same password on all iDevices (it's "alpine", and yes, hard-wired passwords are a terrible idea). So if you enable sshd, you must change the password on those accounts, as explained here.

    The full article is posted here

     

  • Think before you click

    This is a new campaign from Microsoft that i think we need to remind people to THINK FIRST before you CLICK

    logo

     

  • Think before you click.
  • Only download software from websites you trust. For more information, see How do I know if I can trust a website?
  • Turn on automatic updating so that you’re always using the latest, most secure versions of the software installed on your computer.
  • Make sure you’re using antivirus software and keeping it up to date.
  • Use newer software whenever possible.
  • You can prevent most computer issues if you THINK FIRST

     

    Source Microsoft 

  • Do you Teach and use PowerPoint

    Turn your PowerPoint presentation into an interactive online lesson. We call this a mix. Everything you need to create and share your mix is included. Add audio and video of yourself giving your presentation, write on slides as you talk to them, insert quizzes, practice exercises, and more – all from within PowerPoint. It’s like a screen cast, but better. This is a new Customer Preview

    for the Add in Called Office MIX

    Bring your PowerPoint presentations to life by adding interactive quizzes, online videos, and even web pages.

    Check it out at https://mix.office.com/

    to learn more about Office Mix go here

  • Free ebook: Programming Windows Store Apps with HTML, CSS, and JavaScript

    2843.9780735611111f_7E0540F4

     

     

    This book is about writing Windows Store apps using HTML, CSS, and JavaScript. Our primary focus will be on applying these web technologies within the Windows platform, where there are unique considerations, and not on exploring the details of those web technologies themselves.

     

  • Passwords gone Wrong -

    Creating a Password

    bird

    Sorry the password must be more that 8 characters

    bird house

    Sorry the password must contain 1 numerical space

    1 bird house

    Sorry the password cannot have blank spaces

    1birdhouseisthisok

    Sorry the password must contain at least one upper case character

    1birdhouseisthisokNOW

    Sorry the password can not use more that one upper case character consecutively

    11birdhouseisthisokNowjerk

    Sorry the password can not use more that 2 numbers consecutively

    11birdhouseisthisokNowjerkfine!

    Sorry the password cannot contain punctuation

    1birdhouseisthisokNowjerkfineonow

    Sorry the password can not use words in the Dictionary

    P@ssw0rd

    Sorry that  password is already in use and now you need to wait 24 hour to change your password

  • HealthCare.gov – HeartBleed bug security leak

    Officials are telling that the Healthcare.gov  website account holders to reset their passwords, following revelations of a bug that could allow hackers to steal data.

    Officials earlier said the site HealthCare.gov, were safe from the risks surrounding Heartbleed -- faulty code recently found in a widely-used encryption tool. 

    But, this weekend, the homepage directs users to change their login information.  

    "While there’s no indication that any personal information has ever been at risk, we have taken steps to address Heartbleed issues and reset consumers’ passwords out of an abundance of caution," HealthCare.gov states. 

    This is  what the Site says to do

    Recently, you may have heard about a new internet security weakness, known as Heartbleed, which is impacting some websites. HealthCare.gov uses many layers of protections to secure your information. While there’s no indication that any personal information has ever been at risk, we have taken steps to address Heartbleed issues and reset consumers’ passwords out of an abundance of caution. This means the next time you visit the website, you’ll need to create a new password. We strongly recommend you create a unique password – not one that you’ve already used on other websites.

    How to reset your password

    1. Use the online Forgot Password feature
    2. Enter your username and click "Send email"
    3. Wait for the "Forgot Marketplace Password" email we’ll send you to create a new password for your account
    4. Follow the link in the email and answer the 3 security questions you chose when you first created your account
    5. Create and confirm your new password
    6. Click "Reset Password"
    7. Wait for the message that your password was successfully reset
    8. Log in with your new password

    If you get a message that we couldn’t process your password reset request, you’ll need to try again. Click on "Return to log in page" and select the "Forgot your password?" link to get a new email with a new link to try again. If this doesn’t work, call the Marketplace call center at 1-800-318-2596 for help.

    Is my information at risk?

    There’s no indication that Heartbleed has been used against HealthCare.gov or that any personal information has ever been at risk. However, we’re resetting current passwords out of an abundance of caution, to ensure the protection of your information.

    Additional password tips and information about managing your HealthCare.gov account is located at https://www.healthcare.gov/help/i-am-having-trouble-logging-in-to-my-marketplace-account/.

  • DHS ALERT OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

     

    Original release date: April 08, 2014

     

    Systems Affected
    • OpenSSL 1.0.1 through 1.0.1f
    • OpenSSL 1.0.2-beta

    Overview

    A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extension.

    Description

    OpenSSL versions 1.0.1 through 1.0.1f contain a flaw in its implementation of the TLS/DTLS heartbeat functionality. This flaw allows an attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64k at a time. Note that an attacker can repeatedly leverage the vulnerability to retrieve as many 64k chunks of memory as are necessary to retrieve the intended secrets. The sensitive information that may be retrieved using this vulnerability include:

    • Primary key material (secret keys)
    • Secondary key material (user names and passwords used by vulnerable services)
    • Protected content (sensitive data used by vulnerable services)
    • Collateral (memory addresses and content that can be leveraged to bypass exploit mitigations)

    Exploit code is publicly available for this vulnerability.  Additional details may be found in CERT/CC Vulnerability Note VU#720951.

    Impact

    This flaw allows a remote attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64k at a time.

    Solution

    OpenSSL 1.0.1g has been released to address this vulnerability.  Any keys generated with a vulnerable version of OpenSSL should be considered compromised and regenerated and deployed after the patch has been applied.

    US-CERT recommends system administrators consider implementing Perfect Forward Secrecy to mitigate the damage that may be caused by future private key disclosures.

    References

    Revisions
    • Initial Publication

    This is copied from the DHS Site as a public service

  • Free eBook from Microsoft on Microsoft SQL Server 2014

    MVA-Introducing-Microsoft-SQL-Server-2014-108x132

    Introducing Microsoft SQL Server 2014

    In this book, the authors explain how SQL Server 2014 incorporates in-memory technology to boost performance in online transactional processing (OLTP) and data-warehouse solutions. They also describe how it eases the transition from on-premises solutions to the cloud with added support for hybrid environments.

     Download the PDF

  • Free E-books from Microsoft

    Microsoft System Center: Network Virtualization and Cloud Computing
    MVA-MSC-Network_Virtualization_Cloud

    This brief book identifies some key usage and deployment scenarios for cloud computing to provide some deep technical background on the Microsoft SDN solution, enabling IT professionals to quickly learn the internals of HNV, how it works from end to end, and where and how it should be used.

     Download the PDF (4.52 MB)

     Download the EPUB file (4.2 MB)

     Download the Mobi for Kindle file (6.56 MB)

    ------------------------------------------------------------------------------------------------

    Introducing Windows Server 2012 R2
    MVA-Intro%20Win%20Serv%202012%20R2

    Get a head start evaluating Windows Server 2012 R2—with technical insights from a Microsoft MVP and members of the Windows Server product team. Based on final Windows Server 2012 R2 release-to-manufacturing (RTM) software, this guide introduces new features and capabilities, with scenario-based advice on how the platform can meet the needs of your business. Get the high-level overview you need to begin preparing your deployment now.

     Download the PDF (8.0 MB)

     Download the EPUB file (22.5 MB)

     Download the Mobi for Kindle file (40.3 MB)

    ------------------------------------------------------------------------------------------------

    Introducing Windows 8.1 for IT Professionals

    MVA-Intro-Win8-%20IT-Pros

    Get a head start evaluating Windows 8.1—with early technical insights from award-winning journalist and Windows expert Ed Bott. This guide introduces new features and capabilities, providing a practical, high-level overview for IT professionals ready to begin deployment planning now.

     Download the PDF (8.0 MB)

     Download the EPUB file (22.5 MB)

     Download the Mobi for Kindle file (40.3 MB)

More Posts Next page »
Copyright - www.myITforum.com, Inc. - 2010 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems