Better Protection with Windows Mobile

Software developers prefers to work on a platform which is very popular and for this reason, nowadays several developers prefer to develop application on Android and iOS devices. Android is very popular but is not secure. I am always recommending Android users to update their device and install Anti-Virus software. Android is not fundamentally secure and when it was being develop, security wasn’t the top priority of the project. The main agenda for the project was a light platform to run on small devices. Then when it becomes popular, security consider the key component for Android but it still failed to provide a secure platform while still malwares are able to get into Google Play and apps could be installed from third-party and install malware. There is security team in Google who are working on securing Android but still foundation of Android is not secure. Apple’s iOS provides a better security and it is secure out of the box, but still it has some security flaws and it is expensive so there are people who couldn’t afford buying it due to price. There are other platforms like Blackberry which provides a fair secure platform but there aren’t reliable development environment and are not popular among developers.

The final option would be Windows Mobile, it has secure foundation which is a lot more secure than Android and more secure than iOS. It has been engineered securely and there wasn’t any report of widespread malwares and hacking in this platform. Developers who have been working on Windows Mobile, enjoy a safe and reliable platform and they are assure that their application run on a platform which hackers couldn’t get in easily and there is a powerful engineering behind it. With recent development of Windows 10, there is concept of Universal Windows Platform (UWP) which you could develop an application and target it for Windows 10 (which there are millions of people using it) and use the same code with a bit of modification run it for Windows Mobile and other Windows Devices (if it meets hardware requirements). For these reasons, it would be wiser for developer to work on UWP app where they develop app for most popular operating system for personal computers which is Windows and have it run for Windows Mobile with few changes on code.

Using this method, they would make sure their app runs on reliable and secure platform and there is not much worry about the device get hacked and data stolen. In Android, even if you follow all best practices for security, your device still could get hacked and when operating system has been hacked, all applications are at risk. You won’t face such issue in Windows Mobile in most cases. This way, you could motivate your users to purchase devices which are more secure and this way you could protect your applications. In any case, you will need to develop app for Windows 10, why not spend a bit of time for Windows Mobile too?

This is important if your applications deal with financial and personal data. So, this is call for action for developers. We are asking developers to develop applications for Windows Mobile to protect us against modern threats and they don’t need spend a lot of time doing that, instead they could go for UWP. This way we could protect millions of users worldwide.

 

Advertisements

Windows Defender Exploit Guard Will Succeed Microsoft EMET

I explained about Microsoft EMET which is really cool tool against 0-days. It doesn’t completely protect you against all threats but it makes your system stronger and you have better protection against exploit. Whenever I visit any user or I want to check any system, I also add Microsoft EMET into it. Last year, we heard a news that Microsoft EMET is going to be discontinued. But I would like to announce good news that Microsoft EMET will be succeed with Windows Defender Exploit Guard. This is feature will be available in upcoming version of Windows 10 and it will be build into Windows, so you don’t need to install it and it will have more features and functionalities.

I am strongly asked you to prepare to upgrade your Windows 10 devices to the latest build and you will get better advantage against 0-days and better control over application security. So, if a developer wasn’t following best practices to secure the application, we could add some restriction that application and makes it harder for hackers and cybercriminals to gain access to our system. You may read more about this new feature on here.

 

How to Protect Your Home Wireless Network?

Hacker and Cybercriminals interested in hacking Wi-Fi network. It is much easier since they just need a Wi-Fi connector and they don’t need to connect their device to a physical cable. If they have right tools and right skills, they could use laptop, tablet or even a mobile phone to hack into wireless network. There are some tips, which we could follow as home users to protect ourselves against Wireless hacking.

Encryption Protocol and Passwords: There are protocols to encrypt connections like WEP or WPA, if you look into encryption algorithm in your modem, you could check them and see which one is supported and is more secure, normally WPA2 is more secure than WEP and WPA. The enterprise standard would use digital certificate which is more secure but for home user you might need to use simple and cheaper way of encryption which is password. You should look into your modem specification and see what standards are supported and use the most secure one. Then you also need to select strong password. It should be long and complex. Normally, I suggest to create a long and complex password and save it in notepad and put it into a flash memory and paste it in your connected devices and save password. It is good idea to change your password regularly at most every 90 days.

Number of Connected Devices: In some routers, you may set the maximum number of connected devices. In this case, you could count how many devices are being connected to router and set that as maximum number of connected devices. So let say, if you are connecting 6 devices to the Wi-Fi router at the same time, if someone else tries to connect, the connection will be rejected (unless you have fewer number of devices connected at that time e.g. 5 devices).

MAC Address Filtering: MAC address is the physical address on devices, on some routers you may set MAC filtering , where you could set MAC address of your devices which are being connected to router and set rule that only accept devices which match the same address and reject the rest.

Hide SSID: If you already used Wi-Fi, you might have seen that when you turn on Wi-Fi, you will see name of access points. This is actually their SSID, in some routers you may set to hide this name. So when you turn on Wi-Fi, you won’t see the name of your access point and you have to manually type it and then it will be asked for password.

Guest Wi-Fi: Let say someone is visiting you and you want to grand him or her access to your Wi-Fi. Some Wi-Fi routers has Guest Account and normally you should leave it disable and only enable it when guest is coming. This account would create some restriction on the guest user and protect access against your own internet access and you could set some limitation like amount of time allowed to use Wi-Fi or bandwidth limit.

Router Login Page: In order to make any changes to the router, you should login to the router page. It is recommended to change the default username and password for login. Some routers has ability which you could set to only allow access through LAN and block access from Wi-Fi, make sure you set this option. In addition, you should set to only grand access from local network and block remote access. This basically means, you could only change router setting when you physically connect through direct LAN connection.

Reduce Signal Frequency: Above methods would provide great helps to stop hackers, for example hiding SSID, would hide your router from cybercriminals, MAC filtering, block external device access to router, strong password will stop bad guys against hack your router. However, hackers always working on ways to bypass these and there is a way when no one could hack into your router unless they are close to your router. It is by set frequency of connection. When you reduce frequency of signals, you only could connect to your router when signal is within range or you are close to your router. It is recommended to place your router in location where you could get signal inside your home but you are unable to get signal outside your home. In this case, only if someone manage to get into your home, then he or she is able to connect to your Wi-Fi.

It is also recommended to enable Wi-Fi logging and check log files regularly to check for suspicious activities.

Have a safe Wi-Fi connection.

 

Update Vaccinates your PC against Ransomwares

After recent ransomware incidents, I received several messages from users who are super worry about current incidents and about futures malwares. I tell them one thing, you don’t need to be super-duper computer expert to protect yourself, the only thing you need to do is to update your PC and Anti-Malware software and nowadays, it is as easy as stay connected to internet and you will get the latest updates. For example in Windows 10, when you have default setting, you just have to connect to internet and Windows will protect you by updating Windows and Windows Defender automatically. If you have any other Anti-Malware software, normally it also get updated automatically. PC which have been infected with ransomware and are getting infected right now, are facing this problem, because they are not update. Update act like vaccinate for malwares and update could detect and remove them. If you really care about security and protecting yourself against malwares and ransomwares, they make sure update Windows, Anti-Malware software and everything.

In general, security researchers all over the world, are trying to find new threats and find ways to detect and remove them and if there are other malwares similar to the one which has been detected, they create ways to detect unknown but similar malwares. They effort on detecting and removing these malwares are being released as definition updates through update mechanism. In the other world, security engineers in Windows team also research about new and unknown threats and vulnerabilities in Windows and attempt to fix and protect these vulnerabilities and mitigate possible vulnerabilities in future and they release security fix through Windows Update.

 

What is Microsoft Security Compliance Manager ?

Managing security in a company is a complicated task. In Windows environment there is very nice feature known as Group Policy which you could take a control over managing your IT environment and you could set basic things like forcing user to change password every three months to more complicated tasks like block certain version of application from running or disabling certain settings in Windows. There is no doubt that Group Policy in Windows is very powerful, but many IT professionals are not sure how to configure it to compliance with best practices in security industry. If a company required to follow best practices in IT Security, they could achieve it with Group Policy, but they are not sure which policy should they set. In this case, they need to go through security best practices documents and figure out what each policy is all about and then open Group Policy and look for Group Policy Object and then set that specific policy there. This is time consuming and difficult process and for these reasons, many of IT professionals just setup basic security policies like the one for user account and then let it be like that. Hopefully, Microsoft released a tool which makes it a lot easier to adapt security best practices in Group Policy quickly and it called Security Compliance Manager. What it does is, it contains list of security best practices and map them to Group Policy Objects and it also has explanation like why we need each policy and why there are important. In this case, instead of look into guideline and figure out which policy must be set and where is it located in Group Policy, you will see all required policy and you will see why they needed and you could compare them with your current setting, the recommended one by Microsoft and recommended one by industry. In addition, you could simply sit with your managers and other IT Professional and discuss what changes you wanted to adapt into these policies and once you done, you could import it into your current IT environment and use it. You could also customized your own settings and share it with other branches. Security Compliance Manager is simple tool which makes great things. Make sure you use it and good news is, it is free of charge and you may download it from here.

The above link is the latest version and new version will be released regularly, make sure check out Microsoft website for the latest version.

 

Don’t Scare of WannaCrypt

Recently, a type of ransomware known as WannaCrypt which could spread over network like worm affect millions of computers worldwide. Ransomware is type of malware that encrypt files in a system and ask user to pay so they give them key to unencrypt files and making payment doesn’t necessary grand you the key to unencrypt files. Therefore, it is best not to make any payment and instead, invest more time to protect yourself. Normally, ransomwares come through a file or with a virus where user have to click on the file to or run infected program for ransomware to run and it only infect the affected PC and no other PCs in network. However, WannaCrypt is different, it infect the PC and try spread over network like worm and infect other PCs in the network. In this case, it could encrypt all PCs in a company or organization and this is why it becomes great concern. It uses vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server which has been fixed on March to spread over network. To put this simple, if you already updated your Windows, it won’t be able to spread over network and in general you should install update related to Microsoft Security Bulletin MS17-010. In other world, Microsoft already protected you , before this worm infected the world, but because many users and IT professionals still won’t take Windows Update seriously, it manage to affect the world. In addition, majority of Anti-Malware vendors already released update to protect users against this ransomware and if you are using any of Microsoft Anti-Malware products such as Windows Defender, Microsoft Security Essentials, System Center Endpoint Protection, Windows Intune Endpoint Protection, Microsoft Forefront , you will be protected, if you update your Anti-Malware and in Microsoft Anti-Malware signature, it is known as Ransom:Win32/WannaCrypt .

In conclusion, to protect yourself against this WannaCrypt and other ransomwares, you need to update your Windows and update your Anti-Malware product and in general, you should connect to internet and check for update. Microsoft also released Customer Guidance for WannaCrypt attacks. If you are worried about WannaCrypt, you need to do three things: Update (Windows), Update (Anti-Malware), Update (Other Programs).

 

Goodbye Windows Vista!

Support for Windows Vista has ended on April 11, 2017. It means, you won’t get any update or support for Windows Vista and if there is new vulnerability or security weakness for Windows Vista, you won’t get fix for it, in the other world security researchers and Microsoft security team won’t spend much time to do research on securing Windows Vista. Windows Vista succeed Windows XP, during those times, Windows XP has been blamed for security weaknesses and high number of malware infection. Windows Vista open up new door for security and new operating system introduced with new and powerful security concepts out of the box. Such as introducing two ways firewall (Windows XP was one-way firewall) and with advance and user friendly setting. Bitlocker introduced in the time of Windows Vista and it helped IT professionals and users encrypt their entire hard drive easily. User Account Control (UAC) also introduced in Windows Vista where it requests for permission whenever user tries to perform administrative tasks. In general, there were several improvements in area of security for Windows Vista. Some users blame Windows Vista, because new security features weren’t very friendly for them. In Windows 7, security enhanced and become friendlier and for this reason, many people upgraded to Windows 7. In Windows 8, security enhanced and Anti-Malware software build into the operating system and this improvement continues in Windows 10 and Windows keep improving in each version and new build and releases.

In case you are using Windows Vista, it is better to upgrade to supported version of Windows, take a look at Windows Vista end of support. It is recommended to upgrade to Windows 10 which is the latest version of Windows and there are several new security features there. When you upgrade from Windows Vista to Windows 10, you need to reinstall your application and in some case, you might need hardware upgrade. However, you must upgrade to supported version of Windows unless, it is just matter of time before new vulnerability discover in the public and cause damage in your system. If you are using Windows Vista, make a wise choice and upgrade today.