Vol. 22, #1 - January 2, 2017 - Issue #1112


Security briefs

Editor's Corner

Our first newsletter of 2017 has arrived, and to kick off another year in the trenches of IT we'll catch up on the latest news about security issues that affect us as IT pros. We also have the usual tips, tools and other stuff to keep you from falling asleep at work.

Which reminds me of this Dilbert comic strip:


Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]


Unplug those earbuds!

Engadget has an article that suggests leaving earbuds plugged into your PC could soon be a security threat:


Fake Windows Update

Tom's Guide has news about some dangerous new ransomeware that looks and acts just like Windows Update:



Insider Attacks: A Cloudy Perspective

Malicious insiders has always been a big concern for security professionals in the traditional on-premises data center setting, but with more and more organizations moving some or all of their applications and data to the cloud, the very concept of "insider attack" takes on a new and much-broadened perspective. Hear what Deb Shinder has to say on this topic in her CloudComputingAdmin.com article here:



BASHing Windows 10

BetaNews suggest that adding Linux Bash to your Windows 10 Anniversary Update PC could pose a huge security risk:



Two is not enough

Cyberogism has news about a paper published by the National Institute of Standards and Technology (NIST) that suggests using SMS for performing two-factor authentication may not be a good idea:



Wireless keyboard worries

CSO Online says many popular wireless keyboards are completely unprotected and are vulnerable to eavesdropping:



 Windows 10 privacy attacked

The Chair of the National Data Protection Commission (CNIL) has issued formal notice on Microsoft Corporation to stop collecting excessive data and tracking browsing by users without their consent in order to comply with the French Data Protection Act:


EDITOR'S NOTE: This notice was issued last July and I haven't found any info about whether Microsoft has complied or not. If any of our newsletter readers in France can help us clarify the current state of this, please email us at [email protected].


ATM insert skimmers

KrebsOnSecurity takes a detailed look at how stealthy insert skimmers can be:


Also from KrebsOnSecurity is this article from last year describing the dramatic rise in ATM skimming attacks:


And this article where they take a close look at skimmers found at Walmart:


Can BitLocker be bypassed?

BetaNews has an article that says it's "terrifyingly easy" to bypass BitLocker in Windows 10:


Should road warriors be concerned? Email your thoughts to us at [email protected]


 Watch that watch!

ScienceDaily asks "Did your smart watch and fitness tracker just give away your PIN?" and describes some new research that reveals passcodes are hackable via wearables:



Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at [email protected]


Recommended for Learning

From the Microsoft Press Blog comes this announcement:

Free ebook: Containerized Docker Applications Lifecycle with Microsoft Tools and Platform

We have a new free ebook to share! This ebook, Containerized Docker Applications Lifecycle with Microsoft Tools and Platform, by Cesar de la Torre, was published independently by the author. Cesar has previously written for Microsoft Press, so we're helping spread the word about his new ebook.



Microsoft Virtual Academy

Top Ten Tips and Tricks to Managing Mobile Devices

Looking for enterprise mobility management advice? How about experience-based tips and tricks for devices, mobility, and security? Don't miss this practical course, led by Microsoft Solutions Professionals who have years of real-world experience. Go through these 10 modules with them, for an in-depth exploration of the enterprise mobility platform and what it covers.


Factoid of the Week

Here is our first factoid for 2017:

Fact: Half of all tweets are pointless babble.

Reference: See this BBC News article:


Question: How do you think this compares with Facebook? What about LinkedIn? Email us your thoughts: [email protected]

Until next week,

Mitch Tulloch

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]


Free collection of VMware, Hyper-V and Veeam stencils for Visio. Create well-organized and polished visualizations. It helps you to gain better visibility and improve your business process efficiency.


SolarWinds Server & Application Monitor provides a simplified user experience for monitoring key aspects of Active Directory’s health and performance. Try Server & Application Monitor


CSVFileView is a simple freeware tool which enables you to view and convert CSV files, even if you don't have a full-strength spreadsheet around:


Minimal FTP server for Windows uses only managed code and works with Total Commander:


WirelessConnectionInfo is a tiny portable tool which displays various statistics on your wireless network:



This Week's Tips

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Office 365 - Check domain availability

TechNet Tip of the Day has a quick way you can check whether a onmicrosoft.com domain is available for Office 365 or Azure services:


Intune - Configure WU for Business

Windows Management Experts (WME) has a tip on how to configure Windows Update for Business (WUfB) for Windows 10 clients managed by Windows Intune:


Windows 10 - Reduce eyestrain

The Electric Wand has a tip about configuring Windows 10 color settings to reduce eyestrain especially where your workplace has bright lights:



Events Calendar

North America

Microsoft Ignite Australia on February 14-17, 2017 at the Gold Coast Convention & Exhibition Centre, Broadbeach, QLD


Microsoft Worldwide Partner Conference (WPC) on July 9-13. 2017 in Washington, D.C.


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]

New on TechGenix.com

All you need to know about VMware Workspace One

Security vs. freedom is a balance many organizations seek, especially with the popularity of BYOD growing. VMware Workspace One helps keep everyone happy:


Overview of Dynamics 365, Microsoft's Salesforce competitor

Microsoft Dynamics 365, the company's latest productivity software suite, is aimed at making things easier for businesses and harder for Salesforce:


The rise and fall of the all-powerful admin

The days of a multitude of super-privileged admins is coming to an end, as companies realize too many people with unfettered access is a security threat:


Nano Server's tiny footprint allows you to do big things

Perhaps the most vital feature of Windows Server 2016 is also the smallest. Here's the benefits of using Nano Server in Windows Server 2016:


Boost Azure security with multi-factor authentication

If you are using Microsoft Azure, it's easy to boost security by implementing multi-factor authentication. Here's how to do it in a few quick steps:



Tech Briefing

Cloud computing 

AWS, Microsoft Embrace IPv6 for Their Clouds (AWS Insider.net)


Getting Started With Containers (Part 8) (VirtualizationAdmin.com)



Audit All GPO's for Deny User Right Assignments in an AD forest (Chad's Notes)


Shielded VMs in Server 2016 (WindowsSecurity.com)



SharePoint Disaster Recovery vs. Active Passive Farms (Build on SharePoint)


Configure rich document collaboration using Exchange Server 2016, Office Online Server (OOS) and SharePoint Server 2016 (You Had Me At EHLO)


Small business IT 

Building and growing your business with Windows 10 and the cloud -- Step 4 (Small Business Blog from Microsoft)


Preserving server hardware (Part 3) (WindowsNetworking.com)


System Center 

Sunsetted Features for System Center Configuration Manager (myITforum)


New MP: Microsoft System Center Management Pack for Office 365 (Lynne Taggart's Guide To Being "ALL THAT")



Other Articles of Interest

Perform a PaaS pricing comparison for public cloud

Platform-as-a-service (PaaS) offerings from public cloud vendors continue to gain popularity, as they make it easier for developers to deploy web applications and mobile back ends to the cloud. But trying to perform a PaaS pricing comparison between multiple vendors can be tricky – until now. In this tip, explore a price comparison of the major players in the PaaS market.


A hands-on look at VMware Horizon View 7

Reading up on any new technology has its value, but you never know how it's going to work in production until you use it. That's especially true when it comes to desktop virtualization technology. In this tip, one expert gives a hands-on tutorial of the VMware Horizon View 7 platform, detailing the upgrade process and what to expect after an upgrade.


Windows Server 2016 Hyper-V feature helps with VM resource consumption

One of the greatest benefits of server virtualization is that it reduces hardware costs by sharing physical server's hardware resources among multiple virtualized workloads. Unfortunately, disproportionate resource consumption has the potential to negatively impact multiple workloads. Find out how a new Windows Server 2016 Hyper-V feature can help ease this issue.


Ways to make the application deployment process clear and flexible

The only thing standing between an application and its users is deployment on a production platform. Unfortunately, the speed of business does not allow for the layered application deployment process of the past, so an alternative is needed. Discover four key guidelines to include in your application deployment checklist.



WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]


The Future of Shopping: No Lines - No Checkout - Just Grab And Go

Amazon Go is a new kind of store featuring the world's most advanced shopping technology:


The Future of Shopping

Guys, imagine taking your wives out shopping and actually enjoying it.  And ladies, what would you do to get rid of changing rooms and optimize your shopping time?


The Future of Grocery Shopping

Korean grocery store uses clever marketing campaign:


Penguin Goes Shopping

Lala, the 10 year old King Penguin is so smart - he walks to the fish store with his little backpack to shop for fresh fish every day:



WServerNews - Product of the Week


WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.