jermsmit

New Phishing Scam Using Microsoft Office 365

*** Attention Required ***

It seems that the bad guys are at it once again with an attempt to collect information by phishing credentials from those of us using Office 365 for corporate emails.  The characteristics of this particular attack the hackers intention is to deceive Office 365 users into providing their login credentials”.

The user sees a fake Office 365 login page, which requests their credentials. Once the Office 365 usernames and passwords have been compromised, the hackers can:

  • Send emails to other users in the victim’s address book, asking them for anything, sending fake invoices, sending more phishing emails, etc.
  • Access the user’s OneDrive account, to download files, install more malware, infect files with malware, etc.
  • Access the users SharePoint account, to download files, install more malware, etc.
  • Steal company intellectual property or other customer information such as customer SSNs, credit card numbers, email addresses, etc.

One of the characteristic of this recent attack is an email being sent with an embedded image which resembles an Microsoft Office Word document containing a link back to a site with a fake Office 365 logon page.  In addition to this the site URL ends in php?userid= syntax.

I have provided the following YouTube video to illustrate the interaction of the fake Office 365 logon page.

Link: https://youtu.be/wHxkzxGF4JY

 

Advice:

It’s an important part of your responsibility to be cautious when accessing emails even from known senders to ensure its legitimate by reviewing the email to ensure that its legitimate.

If in doubt do not open the email and reach out to the sender to ensure they sent you the email.  If you self-determine an email to be suspicious immediately report incidents as soon as they happen.

 

Here are a few guidelines below that could be followed.  Please review:

 

Check the sender.

Sometimes, cybercriminals and hackers will fake (or “spoof”) the sender of an email. If the “from” address doesn’t match the alleged sender of the email, or if it doesn’t make sense in the context of the email, something may be suspicious.

Check for (in)sanity.

Many typical phishing emails are mass-produced by hackers using templates or generic messages. While sophisticated attacks may use more convincing fake emails, scammers looking to hit as many different inboxes as possible may send out large numbers of mismatched and badly written emails. If the email’s content is nonsensical or doesn’t match the subject, something may be suspicious.

Check the salutation.

Many business and commercial emails from legitimate organizations will be addressed to you by name. If an email claims to come from an organization you know but has a generic salutation, something may be suspicious.

Check the links.

A large number of phishing emails try to get victims to click on links to malicious websites in order to steal data or download malware. Always verify that link addresses are spelled correctly, and hover your mouse over a link to check its true destination. Beware of shortened links like http://bit.ly, http://goog.le, and http://tinyurl.com. If an email links to a suspicious website, something may be suspicious.

Don’t let them scare you.

Cyber criminals may use threats or a false sense of urgency to trick you into acting without thinking. If an email threatens you with consequences for not doing something immediately, something may be suspicious.

Don’t open suspicious attachments.

Some phishing emails try to get you to open an attached file. These attachments often contain malware that will infect your device; if you open them, you could be giving hackers access to your data or control of your device. If you get an unexpected or suspicious attachment in an email, something may be suspicious.

Don’t believe names and logos alone.

With the rise in spear phishing, cybercriminals may include real names, logos, and other information in their emails to more convincingly impersonate an individual or group that you trust. Just because an email contains a name or logo you recognize doesn’t mean that it’s trustworthy. If an email misuses logos or names, or contains made-up names, something may be suspicious.

If you still aren’t sure, verify!

If you think a message could be legitimate, but you aren’t sure, try verifying it. Contact the alleged sender separately (e.g., by phone) to ask about the message. If you received an email instructing you to check your account settings or perform some similar action, go to your account page separately to check for notices or settings.

 

 

Going Vegan for 30 Days – Part 1

 

Hey friends,

Here I am, making my very own attempt choice to try do new things while learn something about myself and others via what we all love… Food! This is not some new short lived diet that I am attempting. Its a peek into a lifestyle that many others, and a few friends live.

Today it technical the 2nd day for me… Not bad as I have been preparing myself for over a year now. This is now my commitment for the next 30 days.

With that I will leave myself the following note.

Jermal: Things you can’t eat –

  • Butter or cream
  • Eggs
  • Cheese from cows or goats
  • Milk from cows or goats
  • Meat, poultry, lamb, or beef
  • Fish, shellfish, shrimp, or lobster
  • Gelatin
  • Honey (this one is going to be hard; I love honey in my tea)
  • Anything that poops

Jermal: Things you can and should eat –

  • All fruits
  • All vegetables
  • All herbs and spices
  • Beans
  • Soy-based protein like tofu and tempeh
  • Grains
  • Pasta (that’s not made from eggs)
  • Olive oil

Admittedly I will need help from some of you in the community, so please comment and help me with some tips / advice. I have already singed up for PETA’s vegan starter kit! Time to pull in the other resources I’ve booked marked over the year

More to come.

‘#22Kill’ Push-up Challenge, What It Means

A few weeks back, I had the chance to visit the Team #22KILL website and to participate in this now social media awareness challenge to bring about awareness not only to myself but to others that a shocking number of  soldiers and veterans die every day as a result of suicide.

Marked by the hashtag “#22Kill” , “#22KillPushUpChallenge,”  or “#22pushups”, people are responding with 22 push-ups for a cause.

As stated on the site the goal is to “Help us reach our goal to get 22 Million pushups – To honor those who serve and to raise awareness for veteran suicide prevention through education and empowerment.”

So my journey began via my YouTube channel 

Starting From Day 1 to Day 22

Suicide Prevention, whether it be for vet’s or the everyday person is a serious cause that needs your support.

If You Need help? For Yourself or a Loved one.

Call the National Suicide Prevention Lifeline at: 1 (800) 273-8255

You will find supportive individuals willing to offer you the tools you need.

If you want to join the challenge – or challenge a friend – make sure that you include the hashtag “#22Kill” and that your post is made “public” so that 22Kill can keep their count accurate. You can also become a veteran advocate yourself by volunteering through the 22Kill organization website.

Thanks

VMware vCenter 6 Phantom Snapshots

I’ve been using vCenter 6 for a while now and noticed an odd issue pertaining to snapshots. It seems that all guest show a “revert to current snapshot” state even if a snapshot does not actually exist.

However viewing under the Snapshot Manger… shows no existing snapshots associated with the virtual machine guests.

I’ve noticed this this issue does not exist when using the vSphere Web Client.

These symptoms have been confirmed by VMware official in the following KB: https://kb.vmware.com/kb/2111363

For now there are no resolution steps…

Symptom Recap:

  • There are no snapshots on virtual machine(s).
  • Virtual machines show Revert to current snapshot (right-click on the virtual machine > Snapshot > Revert to current snapshot) enabled in vSphere Client when connected to the vCenter Server 6.0.
  • When viewing the Snapshot Manager (right-click on the virtual machine > Snapshot > Snapshot Manager) for the virtual machine in the vSphere Client, there are no snapshots present.
  • Directly logging into the ESXi host using the vSphere Client shows the Revert to current snapshot grayed out.
  • Creating and deleting a snapshot does not resolve this issue.
  • In the vSphere Web Client Revert to current snapshot appears grayed out.

Work around: 

  1. Ignore the vSphere Client results and use the vSphere Web Client
  2. Use PowerCli to display snapshots.

Example command I like to use:

 

SharePoint Server 2016 IT Preview

The SharePoint Server 2016 preview is now available to download from the Microsoft website:

http://www.microsoft.com/en-us/download/details.aspx?id=48712

Note: Windows Server 2012 R2 is required

Brief on Install Instructions

  1. Review SharePoint Server system requirements
  2. Download and install full-featured software for a 180-day trial
  3. When prompted, use the following product key: NQTMW-K63MQ-39G6H-B2CH9-FRDWJ

Windows 10 Enterprise 2015 LTSB, What’s That?

If you pondered on what is “LTSB”. Here is some “shared” info for you.

What is the Long Term Servicing Branch?

“Windows 10 uses a new approach to providing updates to users. Traditionally Microsoft would release a version of Windows and then provide updates such as security and bug fixes, but not add any major, new functionality. Every few years Microsoft would release a new version of Windows that contains updates and new features but this meant customers would always have to wait years for new functionality. With Windows 10, Microsoft is giving users greater choice in how they receive new features with the introduction of a long-term servicing branch (LTSB) and a current branch (CB) version.

The LTSB is similar to how versions are delivered today with a new one delivered every couple of years and in between each new version Microsoft will provide security updates, bug fixes and so on. Alternatively, customers can choose to use the CB method which provides security updates, bug fixes, and new features every few months.

When each LTSB is released it will converge with the currently existing CB, allowing customers to transition from CB to LTSB, in the event they decide they no longer want to receive updates so frequently. Customers using LTSB will be able to upgrade between LTSB builds and likely one additional time prior LTSB (current Windows 8.1 would count as a LTSB).”

source of info shared here

To sum this up in a short way:
The Long Term Servicing Branch versions of Windows 10 act like older versions of Windows in that you will still receive security patches and bug fixes through Windows Update but you will not receive enhancements and new feature upgrades.

Office 365: Initiate a full password sync using DirSync

Having a need to rapidly sync passwords to Office 365 using Directly Sync (DirSync) I come across the following method that seems to work with minimal effort.  By default the DirSync only kicks off ever 3-5 min’s.

To initiate a full password sync you can do the following:

  1. Open PowerShell, and then type:

     
  2.  Then Type:

     
  3. Press Enter
  4. Load Services.msc
  5. Restart the Forefront Identity Manager Synchronization Service Service. (FIMSynchronizationService)

In your application event logs you should notices multiple events  of 656 (Password Sync Requests) and Even 657 (Password Sync Results) indicating that your full password sync has kicked off.

 

Tech Short: Use Windows Management Instrumentation Command to List Windows Updates

To list the updates that have been installed on a Windows 8.1 or Windows 2012 Server simply issue the following command in a command prompt window

That’s it

Minecraft Chat Logs – Post for Parents

Minecraft is a awesome game and allows for so much good for kids. But with the good sometimes comes the bad elements. In this case I am referring to “chat”. In some cases there are incidents where chat can be a filled with hostility, profanity, etc..

As one who runs a server; I have times were I am asked by parents to confirm if their child was cursing on the server or if someone else was doing this.I have no problem giving this info but there are limitation I have which are the private messages between players.

There is a solution to this and that is obtaining the logs on the players computer itself.

So here are some steps you can take to acquire the logs

  • Type %appdata% into your windows search bar then press ENTER​
  • Double click on your “.minecraft” folder​
  • Double click on your “logs” folder​

 

You will find inside a file named latest.log which is the most recent log along with files that are dated with the extension of .gz archive of chat logs. You can use a program such as 7-zip to extract these.

Once you have a log file open, simple search the log for the items you are looking for.

If you have any questions please feel free to reach out to me for assistance and thank you for being involved with your child’s online activity

– Jermal

 

 

Minecraft Skins

Originally Posted: http://minecraft.jermsmit.com/minecraft-skins-pc/

A skin refers to the texture that is placed onto a player model or mob.

The skin is divided into areas that act as the surface area of the character (For example, there’s the front head area, left leg area, etc.). A skin will only allow solid color; transparency is not allowed on the skin file except on the second layer, which is transparent by default; playing offline, pixels can be left free resulting in “holes” in the skin. The second layer can be used to give the character glasses, hats, or other accessories (even a bigger head).

A player can only change their character’s skin if they have purchased Minecraft. This is done on the Profile page by uploading a valid .png image file, which will then replace the default skin.

Skins also have the option of having 3 or 4 pixel wide arms, which can be changed

on the profile page as well

ref: http://minecraft.gamepedia.com/Skin

But where do I get them?

This is a good question.  You can make your own; awesome idea for those who are creative and wan’t to have something of their own.

Or you can simple download them. There are many sites online, but one must beware as some sites are there just to scam you and infect your computer with malware and worse acquire your account info.

Here are known sites I trust and would give my recommendation on using:

  1. Minecraft Skins – The Skindex – http://www.minecraftskins.com/
  2. Planet Minecraft – http://www.planetminecraft.com/resources/skins/