by Jeff James, (www.WinITpro.com) Windows 8 also benefits from improvements to SmartScreen, Windows Defender, Modern Reader, and other security features Earlier this year, my colleague Paul Thurrott (and Rafael Rivera from Within Windows) ferreted out some details about security improvements to Windows 8, namely the addition of Modern Reader, a potentially more secure alternative to Adobe PDF readers. New security features were also revealed during the Microsoft BUILD conference and via a recent blog post by Jason Garms, Microsoft's group program manager of the reliability and security team for Windows 8. I've updated this original post with this new information. Picture Password Microsoft previewed a new touch-based security login at BUILD called picture password. Here's how it works: The user selects a picture, then makes three touch gestures on top of the image. The system remembers that sequence, and then the user repeats that sequence of gestures to login. For exa...
[More]
I am using GFI LanGuard since early Beta dates, and I think its a great product. Below you will read good review from a trusted web site , as I never had time to write about it , even though I did done many demonstrations World Wide with the Product (Vulnerability-assessment UK ) GFI LanGuard is a fully integrated, highly reliable and scalable security scanning, network auditing and remediation solution that allows the: Identification of system and network weaknesses. With an integrated and comprehensive vulnerability check database it provides the ability to carry out custom and predefined tests based on OVAL, CVE and SANS Top 20 vulnerability assessment guidelines. Auditing of network hardware and software assets. This has the added advantage of providing an organisation with a detailed inventory of assets, including installed applications, USB and other devices previously and currently connected to the network. Automatic download and remote installation of se...
[More]
Defence contractors have been pelted with cyber attacks in recent months from infiltrators looking to steal and publicize whatever secret internal documentation they can lay hands on. Now the U.S. DoD is opening up its own brand of protection to defence contractors. The United States Department of Defence is reportedly extending its Defence Industrial Base Cyber Pilot program, first announced by deputy defence secretary William Lynn in June, to defence contractors. Under this program, the DoD, together with the U.S. Department of Homeland Security, will share classified information and information on how to use it with defence contractors or their Internet service providers to help protect their computer infrastructures from attack. Defence contractors have proven to be particularly juicy targets for hackers associated with Anonymous, LulzSec and AntiSec of late. For example, Booz Allen Hamilton was hacked by Antisec, which broke into unprotected servers, stole 90,000 military use...
[More]
Windows 8 Server, In Brief By Mark Minasi (www.minasi.com) As I've already said, Microsoft has gotten a lot done in a short period of time. After sitting through two days of presentations, though, it occurred to me that there is something of a unifying thread to what initially seems a fairly wide-reaching array of new concepts and upgrades. After a bit, however, you get that there are a few common themes, so keep these in mind as you hear about Windows 8 Server. Bigger. Windows smells more mainframe-y, more enterprise-y, more reliable-y than ever before. Consider that the new IIS's main story is that it it can reliably and scaleably let you host tens of thousands of Web sites on a single box or two, all the while letting you be relatively certain that the owner of Web Site One can't screw with the content on Web Site Two. (The new Microsoft word for that is "multi-tenancy." You hear the phrase a lot when you hear about Windows 8 Server.) Or that they had to invent a new...
[More]
Source : IsecT Ltd.
ISO/IEC 27001 is the formal set of specifications against which organizations may seek independent certification of their Information Security Management System (ISMS).
ISO/IEC 27001 specifies requirements for the establishment, implementation, monitoring and review, maintenance and improvement of a management system - an overall management and control framework - for managing an organization’s information security risks. It does not mandate specific information security controls but stops at the level of the management system.
The standard covers all types of organizations (e.g. commercial enterprises, government agencies and non-profit organizations) and all sizes from micro-businesses to huge multinationals. This is clearly a very wide brief.
Bringing information security under management control is a prerequisite for sustainable, directed and continuous improvement. An ISO/IEC 27001 ISMS therefore incorporates several Plan-Do-Check-Act (PDCA) cycles...
[More]
A Malware and Firewall Protection Solution for the Private Cloud
By Leandro CarvalhoPrivate clouds are becoming increasingly necessary and common in both large and small environments due to the significant benefits delivered by a private cloud. However, administrators often struggle with the application of basic security policies in a private cloud deployment. These include firewall, antivirus and antispyware policies.
An example is a Private Cloud infrastructure containing multiple virtual machines for different types of networks, services or even clients – this infrastructure needs to have strong security policies applied. Each of these elements needs isolation, individual policies and rules that are in accordance with business requirements. Even if you have a private cloud only for your local VMs, sometimes we need different security configuration settings for lab networks, production networks, externals servers, etc. Host-based firewalls and antivirus will not help you to pr...
[More]
This post is “All in one” (AIO) Only and exclusively about Microsoft Lync Server Tools, from Getting started guide to Power shell, from Power Shell to the AD , from AD to Exchange implementation… Lync Server 2010 PowerShell http://blogs.technet.com/b/csps/ Getting Started Guide http://www.microsoft.com/downloads/en/details.aspx?FamilyID=E33765BC-9C5D-49B2-BB4F-EC8D42CCC1C7 Standard Edition Deployment Guide http://www.microsoft.com/downloads/en/details.aspx?FamilyID=787D6B9F-CBB3-4D6D-B292-34FE43E9AFC3 Enterprise Edition Deployment Guide http://www.microsoft.com/downloads/en/details.aspx?FamilyID=4CF4BED4-2F76-4B99-ADCB-60653521CC70 Lync Server 2010 AD Guide http://www.microsoft.com/downloads/en/details.aspx?FamilyID=513C46DB-ADC3-4D62-8ACC-5F0EE27F1F9C Lync Server 2010 Planning Tool and Readme http://www.microsoft.com/downloads/en/details.aspx?FamilyID=BCD64040-40C4-4714-9E68-C649785CC43A http://www.microsoft.com/downloads/en/details.aspx?FamilyID=C8BA3275-270F-4C0B-90BB-EDC1D12...
[More]
Dunya, one of the Australian Turkish Newspapers which is published around Sydney has futured me in their columns and web page. The newspaper , did congratulate me for winning Instructor of the year award from EC Council.
Honouring Our Best ATCs and CEIs:
Albuquerque, NM, September 9, 2011 – EC-Council, a leading international certification body in information security and e-business, today announced the winners for the annual EC-Council Global Awards for 2011. The EC-Council Awards recognize the ongoing commitment of Accredited Training Centers and Certified EC-Council Instructors that have contributed significantly, and made a difference to the information security community by providing leading EC-Council certification programs.
This year’s winners are carefully selected from an extensive EC-Council Training Partner network that has over 450 training centers across 87 countries, and a large pool of Certified EC-Council Instructors, after meeting the stringent criteria set by the EC-Council Awards Committee. The Awards will be handed out at the Hacker Halted USA 2011 conference, which will be held from Oct 21 – 27, at the Intercontinental Hotel in Miami, Florida.
“The annual EC...
[More]
Do you got Windows Server 8 up and running ? Is your “beta” testing is going well? Hold on! Are one of the “classic view” lovers ? Or is the “Preview edition of the new “Metro Style” application interface not working, as it should be “yet” Then all what you need to do is follow the below steps, to turn off the Metro Style Application interface. Check the setting: reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer /v RPEnabled 1 = Metro style 0 = Classic Desktop and start menu Modify the setting: reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer /v RPEnabled /d 0 /t REG_DWORD /f Enjoy your Windows Server 8 beta testing with out “metro”. until it works as is in the upcoming versions ;)