
On the SSL certification framework
Came upon this post in Reddit:
https://www.reddit.com/r/techsupportgore/comments/4tobss/my_library_wants_me_to_install_a_root_certificate/ ELI5: A root certificate installation allows the organization providing the certificate to pretend to be any website they want to be, without your knowing it happened. It does so by taking your web request, submitting it's own request to the web server as if it is yours, receiving the reply, then sending the reply to you as if it came from

Adventures in Azure Backup Server part 2
In order to test the recovery of my backup I created an A1 virtual machine in Azure, added 2 Data disks (2TB HDD space for recovery) and proceeded to install Azure Backup Server, then recover data from my recovery vault. (password required, do not lose your password!)
Things to note:
1. the recovery spent a long time appearing to do nothing. Literally nothing. There was no disk access to the relevant hard disks, no high CPU usage, no apparent network traffic. This does not

On Teamviewer Security
So teamviewer may have been breached. Or maybe not. Maybe people should not use the same passwords between different accounts. For those not in the know, about a month ago several people have reported their computers being taken over by teamviewer. You can see the initial reports here:
https://www.reddit.com/r/technology/comments/4m7ay6/teamviewer_has_been_hacked_they_are_denying/
and here
https://www.reddit.com/r/teamviewer/comments/4m6omd/teamviewer_breach_masterthread_ple

On Publishing RDP to the internet
This graph shows the difference between the attacks on a publicly published RDP server, and one that is not published on port 3389. On the left, we have the report from 1 year ago before deciding to close the port, on the right we have the graph on the same address today. Not shown here: the number of attacks have decreased significantly. Ref: SingCERT advisory "Kaspersky Report on Compromised RDP Servers - "The xDedic Marketplace"
https://www.csa.gov.sg/singcert/news/advisor

Adventures in Azure Backup Server
Backing up of the fileshare to Azure Recovery Services Vault (https://azure.microsoft.com/en-us/services/backup/)
1. Initial backup was 1.5TB, mostly in small files. I won't even hazard an estimate of how many files there are. This backup took 2 weeks to run, we only throttle during working hours. I will not want to do this again.
2. As expected, once the initial backup completed, the incremental backups fell within 20GB. I conclude that the majority of our data is static.

Windows Azure and your wallet
Are you keeping track of your Azure consumption? Under MPSA
(https://www.microsoft.com/en-sg/Licensing/MPSA/) your azure consumption will not be shown in your typical subscriptions screen, it will instead be mailed to your subscription admins once every 2 weeks. I plotted out the usage in a graph to see the usage. From there I can plug in the public costing rates (https://azure.microsoft.com/en-us/pricing/calculator/) to estimate how much it is costing me. (Although MPSA rat

data.gov.sg
Every dataset you could think to pull from Singapore's open data portal. Your tax dollars at work.

Employee Cyber-security Toolkit
Have you heard of the Employee Cyber-security Toolkit? Developed by the National Security Coordination Secretariat with the support of the Singapore Business Federation and the Cyber Security Agency, this kit is a free web-based resource to help companies in their employee cyber security education efforts.
Derek here has been releasing weekly updates to the entire group of companies to better educate our users on securing themselves and their organization. Check it out! htt