Data Breach: Recommendations on how to protect yourself

This has become an all too common event these days.  I am glad my home state has taken the time to inform citizens via recommendations protect ourselves. Here is the latest information from New Jersey Cybersecurity & Communications Office.

 

Under Armour/MyFitnessPal

Under Armour announced that, in February 2018, an unauthorized party obtained access to data associated with MyFitnessPal user accounts. Information exposed in the breach includes usernames, email addresses, and hashed passwords. The NJCCIC recommends that MyFitnessPal users immediately change the passwords to their accounts and be on alert for phishing campaigns associated with, and resulting from, this breach.

 

Saks Fifth Avenue and Lord & Taylor

Saks Fifth Avenue and Lord & Taylor department stores released a statement regarding a data breach that resulted in the theft of customer payment card data. According to Gemini Advisory, a cybersecurity firm that specializes in tracking stolen financial data, the compromise likely occurred beginning May 2017 and the majority of stolen payment card information was obtained from the companies’ New York and New Jersey locations. Saks Fifth Avenue and Lord & Taylor will offer impacted customers free credit and web monitoring services, as well as free identity protection services. The NJCCIC recommends affected customers take advantage of the free credit and web monitoring services, as well as the identity protection services offered, monitor their financial accounts for suspicious activity, and notify their card issuers immediately if they notice unauthorized charges made to their accounts.

 

Panera Bread

On April 2, security researcher Brian Krebs reported that, for at least eight months, Panerabread[.]com had been leaking millions of customer records that included names, email addresses, home addresses, dates of birth, customer loyalty card numbers, and the last four digits of their payment card numbers. In August 2017, another security researcher, Dylan Houlihan, had reportedly notified the company about the data exposure but the company did not address the issue until April 2, 2018. Cybersecurity firm Hold Security suggests that the number of exposed records likely exceeds 37 million and that the data leak may also impact Panera’s commercial division. The NJCCIC recommends all Panera Bread customers monitor their financial accounts and loyalty accounts for suspicious activity and report any unauthorized charges immediately. Additionally, we recommend Panera Bread customers be on alert for phishing campaigns associated with, and resulting from, this data leak.

 

CareFirst

CareFirst BlueCross BlueShield reported that, on March 12, 2018, an employee within the company took action on a phishing email and, as a result, may have exposed the personal information of 6,800 of the insurer’s members. The employee’s account was used to send spam emails to recipients who are not associated with CareFirst. The unauthorized access to the employee’s email account could have potentially exposed CareFirst member names, identification numbers, and dates of birth. Eight members’ Social Security numbers may have also been exposed. CareFirst is offering two years of free credit monitoring and identity theft protection services to affected members. The NJCCIC recommends affected members take advantage of the free credit monitoring and identity theft protection services offered.

 

The above and more can be found here on the NJCCIC site for April Alerts

 

 

How to: Disable the Windows Store

 

One of the features of Windows 10, is the Windows Store.  The Windows Store is a digital distribution platform for Microsoft Windows. It started as an app store for Windows 8 and Windows Server 2012 as the primary means of distributing Universal Windows Platform apps.

Ref: https://en.wikipedia.org/wiki/Microsoft_Store_(digital)

As system configurators and administrators, this may be problematic as it introduces new configuration that was not expected or supported by the IT Staff.  To mitigate this the following steps can be used to disable the Windows Store.

This can be disabled via local group policy or via active directory domain services group policy.

Type gpedit in the search bar to find and start Group Policy Editor.

In the console tree of the snap-in, click Computer Configuration, click Administrative Templates, click Windows Components, and then click Store.

In the Setting pane, click Turn off Store application and then click Edit policy setting.

On the Turn off Store application setting page, click Enabled, and then click OK.

 

Considerations:

These policies are applicable to users of the Enterprise and Education editions only. ref: https://support.microsoft.com/en-us/help/3135657/can-t-disable-windows-store-in-windows-10-pro-through-group-policy

 

Blocking Internet Advertisements, and more with Pi-hole

The challenge is to mitigate exposure to the advertisements spammed all over the internet with the same approach as fighting against virus and malware threats.

I recently upgrade my Pi-hole® to take on not only the task of blocking Internet advertisements, but malware, and adult sites.

Here is my list on pastebin: https://pastebin.com/eV3cUnjy

Installing Pi-hole

Pi-hole makes it as easy as possible to download and get running with a one-line script that starts up a menu-based installer. Simply enter: curl -sSL https://install.pi-hole.net | bash

More on setup here

Whitelisting

There was a fair amount of whitelisting that needed to be applied to allow some social media sites to work as desired. You will want to monitor what’s blocked to determine what you are willing to allow.

Mobile Protection

I started using the Pi-hole® to protect my mobile device from these threats by leveraging the same blocking I am using on my home network.  This not only cuts back on the data use but also add layers of privacy and security protection to my device while on untrusted networks.

 

A simple solution to use is OpenVPN. Fore more info on setup please visit: https://openvpn.net/

DNSSEC

But what about my ISP who can see my upstream DNS requests.  Well for that, we could trust them, or trust in a 3rd party who uses DNSSEC technology to protect your privacy. Use Google, Norton, DNS.WATCH or Quad9 DNS servers.

And with that you get some decent statistics about your network.

 

 

 

 

 

 

 

 

 

 

Configure preferred geo data location in Office 365

 

GDPR had me thinking about Multi-Geo in Office 365

By default, Office 365 resources for your users are located in the same geo as your Azure AD tenant. So, if your tenant is located in North America, then the users’ Exchange mailboxes, OneDrive is also located in North America. For a multinational organization, this might not be optimal for various reasons.

Reasons such as

  • Performance and
  • Data residency requirements for data-at-rest

Multi-Geo enables a single Office 365 tenant to span across multiple Office 365 data-center geographies (geos) and gives customers the ability to store their Exchange and OneDrive data, at-rest, on a per-user basis, in their chosen geos

By setting the attribute preferredDataLocation, you can define a user’s geo

A list of all geos for Office 365 can be found here or long URL format: https://products.office.com/en-us/where-is-your-data-located?geo=All

These values can be set in your Office 365 tenant via PowerShell or Azure AD Connect.

In PowerShell – 

# Connect to Office 365 – by Jermal Smith (@jermsmit)
Set-ExecutionPolicy RemoteSigned
# Get-Credential – You will be asked for username / password
$credential = Get-Credential
# Import-Module MsOnline
Import-Module MsOnline
# If this step fails in error – Install-Module MsOnline
# Connect to MsolService using supplied credentials
Connect-MsolService -Credential $credential

Then use the command: Set-MsolCompanyAllowedDataLocation followed by service type and location.

Ref: https://docs.microsoft.com/en-us/powershell/module/msonline/set-msolcompanyalloweddatalocation?view=azureadps-1.0

After you have assigned Data Locations you can then set users to the location by issue the following example command:

Set-MsolUser -UserPrincipalName jsmith@jermsmit.com -PreferredDataLocation EUR

Then confirming with:

Get-MsolUser -UserPrincipalName jsmith@jermsmit.com | Select PreferredDataLocation

The above works well for new users, but for existing user’s you will need to trigger a migration with the following command:

Start-SPOUserAndContentMove -UserPrincipalName jsmith@jermsmit.com -DestinationDataLocation EUR

Ref: https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/start-spouserandcontentmove?view=sharepoint-ps

Lastly… “To be eligible for Multi-Geo, you must have at least 5,000 seats in your Office 365 subscription” As this is just getting released I am confident more information will be known soon.

 

 

MethylPREDNIsolone DOSEPAK 21S

Methylprednisolone is a steroid that prevents the release of substances in the body that cause inflammation. Methylprednisolone is used to treat many different conditions such as allergic disorders, skin conditions, ulcerative colitis, arthritis, lupus, psoriasis, or breathing disorders.

Friday, March 30, 2018

Today I start my DOSEOAK, sometimes referred to as Medrol (Pak) which was prescribed to me by my doctor to help address possible issues with inflammation in the area of my neck which may be triggering nerve sensations ending in pain starting in my shoulder, down the backside of my arm into my wrist and finally causing numbness in my fingers.

I am logging my treatment here as a reminder to myself and sharing the outcome with you.

  • 7 AM – First 2 pills of the Medrol (Pak)
  • 1 PM – pill number 3 after my lunch

Saturday, March 31, 2018

  • 9:00 AM – First pill of the day. Off to Orthopedic around noon.  I’ll be receiving x-ray of my shoulder and neck.
  • 12:00 PM – Completed neck and shoulder x-rays now waiting for the doctor.
  • 1:00 PM – I am now going to be scheduled for an MRI, also my medication dosage was increased by the Orthopedic because he felt that 4 MG was too low of a dosage considering the evident nerve pain in my fingertips.

Sunday, April 1, 2018

I started my new round of Prednisone Oral 20 MG Tablets

The plan:

  • Take 3 tablets by mouth daily for 2 days
  • Then take 2 tablets daily for 2 days
  • and then take 1 tablet daily for 2 days

Monday, April 2, 2018

Day 2 of my new plan, first dose at 7:00 AM – No side effects although, I do have soreness in my hips which is new…

Few hours after my second dose of the 20 MG Tablets – I felt cold sensations down my left arm (arm that was previously in pain).  Hand also felt cold

Tuesday, April 3, 2018

Today is day way of 2 tablets daily —  Took my dose in the morning 7:00 AM and went to work.

Around 12:00 PM I noticed the cold feeling running up down my arm again and into my hand and fingers.  Typing is difficult as is it feels like I’m poking my fingers with pins…  Reading online about symptoms has me paranoid …  Now reading about: Thoracic outlet syndrome – https://www.mayoclinic.org/diseases-conditions/thoracic-outlet-syndrome/symptoms-causes/syc-20353988

7:30 PM Took my second dose for the day.

In bed by 10 PM, numb feeling in fingers during the night while sleeping

 

Wednesday, April 4, 2018

Day 2 of my 2 tablets — Took my dose in the morning 7:00 AM

Around Noon, my arm felt cold again