Check out the updated hardware requirements for Windows 11 and find out how Windows Insiders can get started with a Windows 11 Insider Preview build.
Since launching Windows 10 six years ago, a lot of hardware innovation has happened in the PC space. For Windows to move forward and take better advantage of the latest innovations, we need to update the baseline system requirements for modern PCs. As a result, Windows 11 has updated hardware requirements which will be reflected in the Windows Insider Program. This blog post will outline what this means for Insiders new to flighting as well as Insiders who have already been flighting Insider Preview builds.
People can download the scanner and check to see if they have any malware and also clean their computers. Check if you have the 32Bit or 64Bit OS, click on the link and select save then click on the view in folder, double click the file and watch what happens
Microsoft Safety Scanner is a scan tool designed to find and remove malware from Windows computers. Simply download it and run a scan to find malware and try to reverse changes made by identified threats.
Microsoft has announced the first Insider Preview for Windows 11.
I was under the impression that Windows 10 was the last version on Windows with half year and annual updates. It seems that this planned pandemic has caused more ructions than we could have imagined. What we have been able to find out that the NSA have been spying on anyone and everyone over the past. They have been working with Microsoft, Linux, Apple and all hard disk and router manufactures to have spyware and backdoors in all operating systems worldwide. They have been the people hat have helped create the internet, all security software being used worldwide.
With the end of the current age and as we head into a new era, there are many changes forecast. One, a new Quantum internet (QI) is being put in place, one where hacking will be eliminated and second a new Quantum Financial system (QFS). This will require many changes to the O/S if we are to retain our current computing power.
So with Microsoft releasing a new OS at this time makes me think that this could be a release that could have everything ready for a switch over to the new QI.
Windows 11 Bug Bash July 7—July 14!
Coalition to create framework for dealing with ransomware
Major tech firms including Microsoft and McAfee, as well as research groups and other organizations, are creating a coalition to address cyberattacks against entities in government, education, health care and other critical sectors. The Ransomware Task Force will focus on threat reduction, tech solutions and the development of a standard framework for responding to ransomware for all industries to follow.
Full Story: ZDNet (12/22), StateScoop (12/21)
Applies To: Windows Server 2016 Essentials, Windows Server 2012 R2 Essentials, Windows Server 2012 Essentials
You can create a bootable USB flash drive to use to deploy Windows Server Essentials. The first step is to prepare the USB flash drive by using DiskPart, which is a command-line utility. For information about DiskPart, see DiskPart Command-Line Options.
To create a bootable USB flash drive for use in recovering or reinstalling Windows on a PC instead of a server, see Create a recovery drive.
For additional scenarios in which you may want to create or use a bootable USB flash drive, see the following topics:
- Restore a full system from an existing client computer backup
- Restore or repair your server running Windows Server Essentials
To create a bootable USB flash drive
- Insert a USB flash drive into a running computer.
- Open a Command Prompt window as an administrator.
- In the new command line window that opens, to determine the USB flash drive number or drive letter, at the command prompt, type
list disk, and then click ENTER. The
list diskcommand displays all the disks on the computer. Note the drive number or drive letter of the USB flash drive.
- At the command prompt, type
select disk <X>, where X is the drive number or drive letter of the USB flash drive, and then click ENTER.
clean, and the click ENTER. This command deletes all data from the USB flash drive.
- To create a new primary partition on the USB flash drive, type
create partition primary, and then click ENTER.
- To select the partition that you just created, type
select partition 1, and then click ENTER.
- To format the partition, type
format fs=ntfs quick, and then click ENTER. ImportantIf your server platform supports Unified Extensible Firmware Interface (UEFI), you should format the USB flash drive as FAT32 rather than as NTFS. To format the partition as FAT32, type
format fs=fat32 quick, and then click ENTER.
active, and then click ENTER.
exit, and then click ENTER.
- When you finish preparing your custom image, save it to the root of the USB flash drive.
As a trainer when you get a post somewhere like this makes it all worth the effort:
WordPress Newsletter Article
So you have a terrific online store, and you want it to flourish. One way to increase sales is by driving organic traffic to your site. It’s an effective method for attracting customers without having to spend money on ads. This is why many sites are using SEO to draw customers in, according to Search Engine Journal. Wondering how you can get started? Here are four eCommerce website SEO tips that can help grow your bottom line.
1. Make your site easy to understand and use
First off, make sure your site structure is clear, mobile-optimized, and fairly intuitive. It should be easy for visitors on a variety of devices to understand how to use your site and find what they are looking for. Customers must be able to easily search for and locate the products they want. Using the shopping cart and checking out should be a snap, as well. If visitors find your site accessible and helpful, then search engines will, too — and they’ll boost your search engine ranking, sending more organic traffic your way.
2. Choose relevant keywords
Relevant keywords are essential for your site, particularly if you have an eCommerce blog. You can get started with keyword research using a tool such as WordPress SEO by Yoast, SEMRush, or Google Keyword Planner. First, determine the top two keywords you want to rank on. These should be search terms that your target audience might use when searching for your site. They may be competitive, but you should be able to increase your ranking over time by including them on relevant parts of your site, such as meta descriptions, product pages, blog posts, permalinks, and image names. Consider also including less popular, long-tail keywords that will help customers find you. Once you’ve done this, periodically check the keyword ranking for your site to keep track of how you’re doing.
3. Optimize product images
Images frequently appear in Google search results, presenting you with a golden opportunity to get your products noticed. To do so, optimize your product images and primary category images for SEO. In most cases, especially where product photos are concerned, you’ll want to use a high-quality JPEG image. But make sure that the file size isn’t so large that it’s slow to load. Otherwise, customers may decide to move on and leave the site. If the size of the image file you want to use is too large — say, over 2 MB — you can re-size it with image-editing software.
4. Write great product descriptions
Each product in your store should have a brief, well-written product description that is optimized for SEO. It’s important to include relevant keywords in your product descriptions, but only if they fit naturally. Search engines often penalize sites they think are engaging in keyword stuffing — that is, forcing a particular webpage full of keywords in an attempt to game search engine rankings. Although you can use the manufacturer’s product description, writing your own product description usually produces better results.
With these four eCommerce website SEO tips, you can begin driving more organic traffic to your online store. If you have a WordPress.com Business or eCommerce plan and want to optimize your eCommerce site’s SEO even more, you can explore WordPress.com SEO tools or take a free online course on WordPress.com Business SEO.
A simple extension of a brilliant hack by Lucas (@Whistler4Ever), published by Sergey Tkachenko at WinAero, and unearthed by Steven Parker at Neowin gives you a very easy way to put an icon on your Windows 10 Desktop screen that opens to just about any Settings page, where you can change a setting in a nonce.
[ More info: How to fix five Windows 10 headaches ]
Here’s how to make it work:
- Right-click or tap and hold any blank place on the Windows 10 Desktop.
- Choose New > Shortcut.
- Pick one of the ms-settings apps listed below and type it into the input box. For example, to go to the Data Usage app, type ms-settings:datausage in the box marked Type the location of the item.
- Click Next, give the shortcut a name, and click Finish.
A new shortcut appears on your desktop. Double-click or tap it, and the Settings app appears.
|Settings page||App used for the shortcut|
|Battery and power|
|Battery Saver settings||ms-settings:batterysaver-settings|
|Power and sleep||ms-settings:powersleep|
|Display and user interface|
|Date and time||ms-settings:dateandtime|
|Mouse and touchpad||ms-settings:mousetouchpad|
|Region and language||ms-settings:regionlanguage|
|Network and radios|
|Other devices (privacy)||ms-settings:privacy-customdevices|
|Speech, inking, and typing||ms-settings:privacy-speechtyping|
|System and user|
|Family and other users||ms-settings:otherusers|
|Notifications and actions||ms-settings:notifications|
Spear phishing campaigns —they’re sharper than you think
- Diana Kelley Cybersecurity Field CTO
- Seema Kathuria Senior Manager, Cybersecurity Solutions Group
Even your most security-savvy users may have difficulty identifying honed spear phishing campaigns. Unlike traditional phishing campaigns that are blasted to a large email list in hopes that just one person will bite, advanced spear phishing campaigns are highly targeted and personal. They are so targeted, in fact, that we sometimes refer to them as “laser” phishing. And because these attacks are so focused, even tech-savvy executives and other senior managers have been duped into handing over money and sensitive files by a well-targeted email. That’s how good they are.
Even though spear phishing campaigns can be highly effective, they aren’t foolproof. If you understand how they work, you can put measures in place to reduce their power. Today, we provide an overview of how these campaigns work and steps you can take to better protect your organization and users.
Figure 1. Percentage of inbound emails associated with phishing on average increased in the past year, according to Microsoft security research (source: Microsoft Security Intelligence Report).
Step 1: Select the victims
To illustrate how clever some of these campaigns are, imagine a busy recruiter who is responsible for filling several IT positions. The IT director is under a deadline and desperate for good candidates. The recruiter posts the open roles on their social networks asking people to refer leads. A few days later they receive an email from a prospective candidate who describes the role in the email. The recruiter opens the attached resume and inadvertently infects their computer with malware. They have just been duped by a spear phisher.
How did it happen?
In a spear phishing campaign, the first thing an attacker needs to do is identify the victims. These are typically individuals who have access to the data the attacker wants. In this instance, the attackers want to infiltrate the human resources department because they want to exfiltrate employee social security numbers. To identify potential candidates they conduct extensive research, such as:
- Review corporate websites to gain insight into processes, departments, and locations.
- Use scripts to harvest email addresses.
- Follow company social media accounts to understand company roles and the relationships between different people and departments.
In our example, the attackers learned by browsing the website that the convention for emails is email@example.com. They browsed the website, social media, and other digital sources for human resources professionals and potential hooks. It didn’t take long to notice several job openings. Once the recruiter shared details of jobs online, would-be attackers had everything they needed.
Why it might work: In this instance it would be logical for the victim to open the attachment. One of their job responsibilities is to collect resumes from people they don’t know.
Figure 2. Research and the attack are the first steps in a longer strategy to exfiltrate sensitive data.
Step 2: Identify the credible source
Now let’s consider a new executive who receives an email late at night from their boss, the CEO. The CEO is on a trip to China meeting with a vendor, and in the email, the CEO references the city they’re in and requests that the executive immediately wire $10,000 to pay the vendor. The executive wants to impress the new boss, so they jump on the request right away.
How did it happen?
In spear phishing schemes, the attacker needs to identify a credible source whose emails the victim will open and act on. This could be someone who appears to be internal to the company, a friend, or someone from a partner organization. Research into the victim’s relationships informs this selection. In the first example, we imagined a would-be job seeker that the victim doesn’t know. However, in many spear phishing campaigns, such as with our executive, the credible source is someone the victim knows.
To execute the spear phishing campaign against the executive, the attackers uncovered the following information:
- Identified senior leaders at the company who have authority to sign off on large sums of money.
- Selected the CEO as the credible source who is most likely to ask for the money.
- Discovered details about the CEO’s upcoming trip based on social media posts.
Why it might work: Targeting executives by impersonating the CEO is increasingly common—some refer to it as whale phishing. Executives have more authority and access to information and resources than the average employee. People are inclined to respond quickly when the boss emails—especially if they say it’s urgent. This scenario takes advantage of those human power dynamics.
Figure 3. The more targeted the campaign, the bigger the potential payoff.
Step 3: Victim acts on the request
The final step in the process is for the victim to act on the request. In our first example, the human resources recruiter could have initiated a payload that would take over his computer or provide a tunnel for the attacker to access information. In our second scenario, the victim could have wired large sums of money to a fraudulent actor. If the victim does accidentally open the spear phishing email and respond to the call to action, open a malicious attachment, or visit an infected webpage, the following could happen:
- The machine could be infected with malware.
- Confidential information could be shared with an adversary.
- A fraudulent payment could be made to an adversary.
Catch more phishy emails
Attackers have improved their phishing campaigns to better target your users, but there are steps you can take to reduce the odds that employees will respond to the call to action. We recommend that you do the following:
- Educate users on how to detect phishing emails—Spear phishing emails do a great job of effectively impersonating a credible source; however, there are often small details that can give them away. Help users identify phish using training tools that simulate a real phish. Here are a few tells that are found in some phish that you can incorporate into your training:
- An incorrect email address or one that resembles what you expect but is slightly off.
- A sense of urgency coupled with a request to break company policy. For example, fast tracking payments without the usual checks and procedures.
- Emotive language to evoke sympathy or fear. For example, the impersonated CEO might say you’re letting them down if you do not make the urgent payment.
- Inconsistent wording or terminology. Does the business lingo align with company conventions? Does the source typically use those words?
- Encourage users to communicate potential phishing emails—It’s important that users flag phishing emails to the proper team. This can be done natively within many enterprise email systems. It can also be helpful if users talk with their peers about the phishing emails they receive. Spear phishers typically don’t send blast emails; however, they may select several people from the same department or with business relationships. Talking will alert other users to be on the lookout for phishy emails.
- Secure your identities—A spear phishing campaign is often the first step that an attacker takes to gain more privileged access to company resources. If they succeed in duping a victim, you can reduce the damage with modern authentication techniques. For example multi-factor authentication (MFA) can block over 99.9 percent of account compromise attacks.
Figure 4. Enhanced anti-phishing capabilities are available in Microsoft Office 365.
- Deploy technology designed to block phishing emails—If users don’t receive the phishing email, they can’t act on it! Deploy technology that can help you catch phishing emails before they land in someone’s inbox. For instance, Office 365, one of the world’s largest email providers, offers a variety of protection against phishing attacks by default and through additional offerings such as Microsoft Advanced Threat Protection (ATP) anti-phishing. Importantly, Microsoft has both been advancing the anti-phishing capabilities of Office 365 (see Figure 4 above) and improving catch rates of phishing emails.