The dark side's payloads may be growing more sophisticated but not their delivery mechanisms...
(silicon.com - Security)
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
31 Temmuz 2011 Pazar
S.A.P.Z. Botnet, new perspective of attack
A few days ago, we have notified you about malicious activities from the S.A.P.Z. botnet. And we provided evidence that this methodology of attack can be used to affect users of any Latin America bank, or any part of the world.
Now the S.A.P.Z. gang, which may be Peruvian, has resorted to another strategy. It is focusing on the theft of sensitive information, by spreading a variant of Palevo worm, detected by Kaspersky Lab as P2P-Worm.Win32.Palevo.cudq.
The key element of this is that with S.A.P.Z., the cyber-criminals have used the functionalities of an old web application created for the administration of stolen data, called Blackshades. As indicated in this image, now they’re not only focusing on Peruvian users, but also others countries such as Chile, Colombia, Spain and USA.
Yes to tweeting, no to phishing
“Weibo”, a micro blog in Chinese, is really hot and has become fashionable in China lately. The number of users of the largest Weibo site Sina Weibo (www.weibo.com) has already reached 140 million. As usual, where there is popularity, there will be security concerns.
Today I found someone referring to my latest tweet, saying that I had won a big prize and needed to click the link to see the details. The guy’s name only consisted of some random letters, which made me cautious. Apparently this is a phishing URL.
I checked this randomly named user and found that he was newly registered but had already sent phishing URLs to lots of users.
indir nod32 nod32 güncel key nod32 guncel key eset nod32 guncel key
Peter Cochrane's Blog: Shafted by a USB stick
The dark side's payloads may be growing more sophisticated but not their delivery mechanisms...
(silicon.com - Security)
Porn SMS senders: round the globe
Various malware and riskware programs created for mobile platforms with premium rate SMS usage have been a huge problem for a very long time for users from countries like Russia, Ukraine or China. What about other countries?
When dial-up was popular, applications like porn dialers were also widespread. In 2009 we saw the first porn dialer for smartphones.
And now it is time for ‘porn SMS senders’ targeting users at least from US, Malaysia, Netherlands, UK, Malaysia and Kenya whose mobile devices are equipped with Android or J2ME. We’ve discovered a number of application (not-a-virus:RiskTool.AndroidOS.SMSreg and not-a-virus:RiskTool.J2ME.SMSreg families) which send a number of expensive SMS messages in order to subscribe to various services. It is important to mention that all apps contain ‘Terms & Conditions’ with the description of a particular program and cost of the SMS message/subscription.
The first piece of riskware we’ve discovered targets users of Android smartphones from the Netherlands. An application named ‘nooit spijt’ (‘never regret’ in Dutch) sends three SMS messages costing 1,5 EUR each. Complaints on various forums say that this app is spread via advertisements in other applications.
Main windows of ‘nooit spijt’
Porn SMS senders: round the globe
Various malware and riskware programs created for mobile platforms with premium rate SMS usage have been a huge problem for a very long time for users from countries like Russia, Ukraine or China. What about other countries?
When dial-up was popular, applications like porn dialers were also widespread. In 2009 we saw the first porn dialer for smartphones.
And now it is time for ‘porn SMS senders’ targeting users at least from US, Malaysia, Netherlands, UK, Malaysia and Kenya whose mobile devices are equipped with Android or J2ME. We’ve discovered a number of application (not-a-virus:RiskTool.AndroidOS.SMSreg and not-a-virus:RiskTool.J2ME.SMSreg families) which send a number of expensive SMS messages in order to subscribe to various services. It is important to mention that all apps contain ‘Terms & Conditions’ with the description of a particular program and cost of the SMS message/subscription.
The first piece of riskware we’ve discovered targets users of Android smartphones from the Netherlands. An application named ‘nooit spijt’ (‘never regret’ in Dutch) sends three SMS messages costing 1,5 EUR each. Complaints on various forums say that this app is spread via advertisements in other applications.
Main windows of ‘nooit spijt’
Why India's outsourcers are kicking up a stink over whiff of tighter data privacy rules
New legislation would cripple Indian IT, say outsourcers...
güncel nod32 keyleri nod32 guncel keyler nod32 guncel key güncel key nod32
Military chip crypto cracked with power-analysis probe
German computer scientists have taken advantage of the powerful number-crunching abilities of graphics chips to demonstrate a practical attack on the encryption scheme in programmable chips.
Field Programmable Gate Array (FPGA) chips of the type used in embedded systems belonging to the military and the aerospace industry are vulnerable to attacks based on analysing power usage during the power up sequence of the chip. The side-channel attack against the bitstream encryption mechanism used by Virtex 4 and Virtex 5 chips from Xilinx allowed researchers from the Ruhr University to extract a key used to decrypt configuration instruction files. The technique uncovered secret keys by analysing fluctuations in power consumption during the decryption process.
Only one power up sequence needs to be monitored. The subsequent number crunching took up to nine hours, in the case of the more advanced Virtex 5 chip, or six hours in the case of the earlier Virtex 4. The approach is akin to listening to the clicks coming from the tumblers of a safe to work out a combination, but using variations in power consumption rather than sound.
Source:
The most innocent as vectors to increase the Pay-per-Click business
It is clear that cybercriminals do not have any code of ethics. Consequently, even the most innocent are not exempt from a malicious attacker’s perspective, and are often used as a means to allow them to generate higher economic returns, in this case, through the abuse of clicks.
The following image provides clear evidence of this. Designed with an interface that’s "user friendly" for kids, this website invites you to download a threat detected by Kaspersky Lab as not-a-virus: AdWare.Win32.BHO.tbz.
Backdoor:W32/Knockex.A
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
indir nod32 nod32 güncel key nod32 guncel key eset nod32 guncel key
Gates sells 5 million shares of Microsoft (AFP)
Will Li-Fi be the new Wi-Fi?
FLICKERING lights are annoying but they may have an upside. Visible light communication (VLC) uses rapid pulses of light to transmit information wirelessly. Now it may be ready to compete with conventional Wi-Fi.
"At the heart of this technology is a new generation of high-brightness light-emitting diodes," says Harald Haas from the University of Edinburgh, UK. "Very simply, if the LED is on, you transmit a digital 1, if it's off you transmit a 0," Haas says. "They can be switched on and off very quickly, which gives nice opportunities for transmitting data."
It is possible to encode data in the light by varying the rate at which the LEDs flicker on and off to give different strings of 1s and 0s. The LED intensity is modulated so rapidly that human eyes cannot notice, so the output appears constant.
Source:
esed nod32 keyleri esed nod32 key esed nod32 keys est nod32 key
Financial data stealing Malware now on Amazon Web Services Cloud
��� There were some recent comments about Amazon Cloud as a platform for successful attacks on Sony… Well, today I found that Amazon Web services (Cloud) now is being used to spread financial data stealers.
esed nod32 download nod32 serialleri esed nod32 indir nod32 serial
Symantec Forecast Tops Estimates as Security Spending Rises
Symantec Corp., the largest maker of computer-security software, forecast higher profit and sales than analysts predicted as businesses boost spending to defend their systems amid a recent spate of threats.
Profit excluding some costs will be 38 cents to 39 cents a share in the fiscal second quarter ending in September, Mountain View, California-based Symantec said today in a statement. That compares with the 38-cent average estimate of analysts, according to Bloomberg data. Sales will be $1.66 billion to $1.68 billion, above the consensus of $1.61 billion.
Corporate spending on data security is increasing amid a rash of hacking attacks, including breaches of Sony Corp.?s PlayStation network and EMC Corp.?s RSA Security unit. ?The threat landscape is more toxic than ever,? Symantec Chief Executive Officer Enrique Salem said on a conference call with analysts. ?That is driving people coming to us.?
Source:
Trojan:Android/YZHCSMS.A
Trojan:Android/YZHCSMS.A sends SMS/MMS messages to premium rate numbers, potentially incurring unexpected/unwanted usage charges.
nod32 full download full nod32 download est nod32 serial 64 bit nod32
Backdoor:W32/Knockex.A
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
eset nod32 guncel key eset nod32 güncel key indir com nod32 nod32 keyleri
30 Temmuz 2011 Cumartesi
TDSS loader now got ?legs?
The TDSS loader, a malicious program that we wrote a lot about (e.g. here and here) now has legs, i.e. a tool for self-propagation. TDSS is a very complicated piece of malware and the cybercriminals have created an ingenious propagation tool for its loader.
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Porn SMS senders: round the globe
Various malware and riskware programs created for mobile platforms with premium rate SMS usage have been a huge problem for a very long time for users from countries like Russia, Ukraine or China. What about other countries?
When dial-up was popular, applications like porn dialers were also widespread. In 2009 we saw the first porn dialer for smartphones.
And now it is time for ‘porn SMS senders’ targeting users at least from US, Malaysia, Netherlands, UK, Malaysia and Kenya whose mobile devices are equipped with Android or J2ME. We’ve discovered a number of application (not-a-virus:RiskTool.AndroidOS.SMSreg and not-a-virus:RiskTool.J2ME.SMSreg families) which send a number of expensive SMS messages in order to subscribe to various services. It is important to mention that all apps contain ‘Terms & Conditions’ with the description of a particular program and cost of the SMS message/subscription.
The first piece of riskware we’ve discovered targets users of Android smartphones from the Netherlands. An application named ‘nooit spijt’ (‘never regret’ in Dutch) sends three SMS messages costing 1,5 EUR each. Complaints on various forums say that this app is spread via advertisements in other applications.
Main windows of ‘nooit spijt’
Bitdefender 2012 brings tighter cloud, behavioral protection
Bitdefender releases its 2012 suites with an interesting and effective mix of security tools based on both cloud-based definitions and behavioral detections, exclusive today to CNET Download.com.
est nod32 key esed nod32 serial esed nod32 antivirus nod32 turkce
Automated stock trading poses fraud risk, researcher says
In the trade-off between speed and security, big traders are choosing speed to maximize profits.
Worm:W32/Todon.I
Worm:W32/Todon.I is a worm that spreads to new victim machines via infected removable and network drives. The worm also has trojan-downloader capabilities, as it attempts to download additional files from remote servers.
nod32 serialleri esed nod32 indir nod32 serial nod32 güncel keyleri
Extremists flocking to Facebook for recruits (AP)
Reddit's Swartz braves 35 years in prison
24 year old Demand Progress activist Aaron Swartz is facing a 35 year prison sentence and a million dollar fine for downloading millions of academic documents via MIT's guest network.
Early reports are that Swartz plans to defend the case as part of a campaign against vague US copyright laws.
According to Ars Technica, Swartz, the founder the activist group Demand Progress, was arrested by MIT's own cop shop and charged with breaking and entering - for allegedly entering a "restricted" networking room. The breaking and entering was so that he could, allegedly, hide a laptop that was using a guest account on the MIT network to download millions of academic papers from JSTOR, an academic journal service that MIT pays for.
Source:
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
British Police Apparently Duped Into Arresting the Wrong Guy?
Earlier today the blogosphere lit up with news that "Topiary" a key hacker from Anonymous and LulzSec was arrested.� Topiary, along with "Sabu", was viewed as a LulzSec "chief", instrumental in orchestrating the group's many sophisticated attacks.� But all may not be as it seems.
If the arrested man was indeed LulzSec's Topiary, he couldn't have picked a much more perfect lair.� Much like a James Bond villain, the alleged hacker was arrested on a remote island -- one of the Shetland Islands, off the north coast of Britain's mainland.
Police transported the 19-year-old suspect to central-London, for interrogation.� Police say they're also searching for a 17-year-old related to the case in Lincolnshire, a Northeastern province of the mainland. Police characterized the arrest as a "pre-planned, intelligence-led operation".
Source:
nod32 guncel key güncel key nod32 full nod32 esed nod32 keyleri
Bitdefender 2012 brings tighter cloud, behavioral protection
Bitdefender releases its 2012 suites with an interesting and effective mix of security tools based on both cloud-based definitions and behavioral detections, exclusive today to CNET Download.com.
esed nod32 keyleri esed nod32 key esed nod32 keys est nod32 key
Worm:W32/Downaduprun.A
Worm:W32/Downaduprun.A is Generic Detection of the malicious autorun files created by Worm:W32/Downadup, which exploit the Windows Autorun functionality to spread the worm.
PingChat! founder on the secrets behind driving 15 million downloads (Appolicious)
Appolicious - Free texting apps are just about saving money. Apps like PingChat! give users rich, social and just plain fun experiences the SMS platform just can?t provide.
From Cocos Islands to Cameroon
The cybercrime business is really no different from other types of business such as pasta making or selling spare parts for cars. It has its own expenses and overheads. A hacker, just like any businessman, tries to save on attacks and keep their costs down.
In general, a web attack needs a domain name and hosting in order to spread malicious files. Everything is fairly straightforward with regards to hosting: the criminals either buy it themselves or use cracked servers to store their files. Protective measures cannot extend to the blocking of whole file servers, as legitimate data may also be stored on them.
Domain names can be blocked quickly by integrated security solutions. Therefore, a black hat has to constantly change the domain names from which their attacks originate.
Registration of a second-level domain name is relatively expensive (on average from $5 to $20 per unit), which is why cybercriminals often try to save money and use free third-level domain names.
Lately, the co.cc and cz.cc services have been at the forefront of cybercriminal activity. Hundreds of domain names were being registered every day, spreading a huge amount of malware over the Internet.
However, a couple of weeks ago an unprecedented event occurred: Google removed all resources located at co.cc from its search results.
As a result, it was no longer profitable for cybercriminals to register domain name in this zone, especially for those who make use of search engines (e.g. for spreading rogue AV with the help of black search engine optimization).
Trojan:JS/Obfuscated.Gen
Trojan:JS/Obfuscated.Gen is a Generic Detection that identifies malicious HTML, Javascripts, PDF, or any scripting files that contain obfuscated code, which may be used by malware authors to evade antivirus signature detection, as well as making malicious scripts harder discover and analyze
nod32 key esed nod32 download nod32 serialleri esed nod32 indir
Extremists flocking to Facebook for recruits (AP)
Stanford researcher exposes Microsoft's Wi-Fi database
To pressure Microsoft to curb access to its geolocation database, researcher creates Web page that lets people send queries based on their--or someone else's--computer's unique Wi-Fi address.
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
Monthly Malware Statistics, May 2011
The following statistics were compiled in May using data from computers running Kaspersky Lab products:
- 242,663,383 network attacks blocked;
- 71,334,947 attempted web-borne infections prevented;
- 213,713,174 malicious programs detected and neutralized on users’ computers;
- 84,287,491 heuristic verdicts registered.
Rogue antivirus for Mac OS X
In 2010, we saw an overall decrease in the number of rogue antivirus incidents: after peaking in February and March (about 200,000 incidents per month), the rate at which they spread fell about fourfold by the end of 2010. This may seem strange, since spreading fake antivirus solutions is a virtual goldmine for cybercriminals. It is true that the number of rogue antivirus offerings has gone down, but those blackhats who continued to be involved in this activity focused on specific countries (the US, France, Germany, Spain) instead of distributing rogue antivirus software globally.
nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key
Financial data stealing Malware now on Amazon Web Services Cloud
��� There were some recent comments about Amazon Cloud as a platform for successful attacks on Sony… Well, today I found that Amazon Web services (Cloud) now is being used to spread financial data stealers.
LulzSec spokesman Topiary arrested in Scotland
Police in the U.K. have arrested the man they believe has been serving as the unofficial spokesperson of the hacktivist group LulzSec.
The 19-year-old suspect, who uses the online alias "Topiary," was arrested Wednesday at a home in the Shetland Islands, located off the northeast coast of Scotland, and was booked at a London police station, according to a statement. In a recent interview inside an internet chat room, Topiary was asked by Salon.com reporter Peter Finocchiaro whether he feared arrest.
"There was a brief window where I was paranoid or that it irked me -- now I just laugh wholeheartedly," Topiary responded. Topiary is believed to be the person responsible for running the extremely popular Twitter account belonging to LulzSec, a six-person hacking group that emerged in late May and proceeded to launch a series of assaults against a diverse group of organizations. In most cases, the attacks were perpetrated out of principle, the group said.
Source:
nod32 guncel keyler nod32 guncel key güncel key nod32 full nod32
29 Temmuz 2011 Cuma
Google+ fake invites = malware
These days, invites to the new social network created by Google are a popular subject among users that want to try it.
If a subject is popular it also can be used by cybercriminals as a trick to infect curious users - and Brazilian cybercriminals have already started sending fake invites with malicious links pointing to malware, specifically Trojan bankers.
Today we found one of them targeting Portuguese speakers:
esed nod32 serial esed nod32 antivirus nod32 turkce nod32 full indir
Half of all SAP systems on the Internet will be hacked next week
On the 4th of august at the world largest technical security conference - BlackHat USA 2011, which will take place in Las Vegas, SAP security expert and CTO of ERPScan Alexander Polyakov will show how any malicious attacker can get access to the systems running on SAP via Internet using new critical vulnerability.
SAP systems are used in more than 100 000 world companies to handle business-critical data and processes. Almost in each company from Forbes 500 system data are set for the handling of any process beginning from purchasing, human resources and financial reporting and ending with communication with other business systems. Thus receiving an access by the malicious attacker leads to complete control over the financial flow of the company, which can be used for espionage, sabotage and fraudful actions against hacked company.
The given attack is possible due to dangerous vulnerability of the new type, detected by Alexander in J2EE engine of SAP NetWeaver software, which allows bypassing authorization checks. For example it is possible to create a user and assign him to the administrators group using two unauthorized requests to the system. It is also dangerous because that attack is possible on systems, protected by the two-factor authentication systems, in which it is needed to know secret key and password to get access. To prove it researchers from ERPScan created a program, which detects SAP servers in the Internet with help of secret Google keyword and checks found servers on potential dangerous vulnerability. As the result, more than half of available servers could be hacked with help of found vulnerability.
Source:
Anonymous urges PayPal boycott, condemns FBI
The hactivist group expresses outrage at the FBI following recent arrests and exhorts PayPal users to drop the "corrupt and greedy" service for its actions against WikiLeaks.
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Hacker of Apple iPad-AT&T site reportedly in plea talks
Judge puts Andrew Auernheimer's case on hold, saying plea talks are under way in hacking case.
esed nod32 key esed nod32 keys est nod32 key esed nod32 serial
Google+ fake invites = malware
These days, invites to the new social network created by Google are a popular subject among users that want to try it.
If a subject is popular it also can be used by cybercriminals as a trick to infect curious users - and Brazilian cybercriminals have already started sending fake invites with malicious links pointing to malware, specifically Trojan bankers.
Today we found one of them targeting Portuguese speakers:
Former HBGary Federal CEO bows out of DEFCON talk
Former HBGary Federal CEO Aaron Barr has backed out of a scheduled appearance at next weekend's� DEFCON hacker conference after attorneys from his former company threatened legal action.
Barr withdrew Wednesday from the Aug. 6 panel discussion after attorneys representing HBGary Federal threatened to file a legal injunction against him if he did not back out immediately, according to Kaspersky Lab's security blog, Threatpost.com, which first reported the news.
Barr was scheduled to participate in a presentation, titled ??Whoever Fights Monsters...' Aaron Barr, Anonymous, and Ourselves," alongside Joshua Corman, research director at consultancy The 451 Group, and "Jericho" of Attrition.org. The panel, scheduled to be moderated by Paul Roberts, editor for Threatpost.com, promises to offer a ?heated? discussion about issues relating to recent attacks by hacktivist groups such as Anonymous.
Source:
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
Backdoor:W32/Knockex.A
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
esed nod32 keyleri esed nod32 key esed nod32 keys est nod32 key
Nintendo president takes 50-percent pay cut in wake of quarterly loss (Digital Trends)
Digital Trends - In the wake of yesterday’s news that Nintendo suffered its first-ever quarterly loss and plans to slash prices on the Nintendo 3DS, the president of the Japanese company put the blame on his shoulders and told shareholders he plans to halve his salary.
nod32 guncel keyler nod32 guncel key güncel key nod32 full nod32
Come have Coffee and Code in Vancouver with me and Microsoft tomorrow
So John Bristowe, Developer Evangelist for Microsoft Canada will be hosting a Coffee and Code event in Vancouver tomorrow from 9 to 2 at Wicked Cafe. Come join him and fellow Microsoft peers Rodney Buike and Damir Bersinic as they sit and share their knowledge over a cup of joe.
I will be there too, and will be available if anyone wants to talk about secure coding, threat modeling with the SDL TM or if you want to talk about integrating AuthAnvil strong authentication into your own applications or architectures
I do hope to see some of you there. And if I don't... I will be seeing you at #energizeIT right?
What: Coffee and Code in Vancouver
When: April 8th, 2009 from 9am - 2pm
Where: Wicked Cafe - 861 Hornby Street (Vancouver)
Trojan:W32/Murofet.A
This trojan attempts to download a file (presumably malicious) from a randomly generated domain.
nod32 güncel key nod32 guncel key eset nod32 guncel key eset nod32 güncel key
Nintendo shares dive on 3DS price cut, earnings (AFP)
eset nod32 güncel key indir com nod32 nod32 keyleri nod32 keyler
TSA hopes scanner upgrades reduce privacy worries
A software upgrade to address privacy concerns will be rolled out more broadly but is unlikely to eliminate health and other concerns related to so-called pornoscanners.
Rogue:OSX/FakeMacDef.A
Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.
nod32 serialleri esed nod32 indir nod32 serial nod32 güncel keyleri
Trapped in a filter bubble: How Google and Facebook only feed you what you want to hear
Author Eli Pariser on the way the web's warped lens is keeping us from serendipitous discoveries...
(silicon.com - Sales & Marketing)
eset nod32 güncel key indir com nod32 nod32 keyleri nod32 keyler
28 Temmuz 2011 Perşembe
Rogue:W32/WinFixer.gen!A
The file appears to be suspicious, is potentially undesirable, or may be structured in a way or has characteristics that resembles known malware. This may indicate the presence of a malware infection, or that the suspect file is malicious.
Patch Tuesday June 2011
This month's patch Tuesday is a sizable one by any standards, following the quiet Tuesday that my colleague Roel Schouwenberg described last month. Microsoft is patching a total of 34 vulnerabilities in 16 bulletins, MS11-038 through MS11-051. At least eight different Microsoft product lines are updated, and Adobe is coordinating release of Reader, Acrobat, Shockwave and Flash updates as well today.
So we are looking at patching the following programs:
Microsoft Windows, Microsoft Office, Internet Explorer, .NET, SQL, Visual Studio, Silverlight, ISA and Adobe Reader, Acrobat, Shockwave and Flash player. More than half of the vulnerabilities being patched exist in the Internet Explorer and Microsoft Excel software components, frequent targets of drive-by and spear phishing attacks.
Most interesting is MS11-050, a single patch that knocks out 11 separate Internet Explorer vulnerabilities, some enabling information disclosure (cookiejacking), memory corruption and remote code execution: CVE-2011-1250, CVE-2011-1251, CVE-2011-1252, CVE-2011-1254, CVE-2011-1255, CVE-2011-1256, CVE-2011-1260, CVE-2011-1261, CVE-2011-1262. The additional VML patch MS11-052 knocks out another Internet Explorer vulnerability, CVE-2011-1266.
Microsoft already pointed out that the Internet Explorer patch addressing "cookiejacking" is not a particularly high risk issue because it is relatively unknown to them as an attack vector, and because there are more substantial social engineering techniques. While those points may be true, now that the techniques are more widely discussed, the risk of them being abused by more attackers goes up as well.
Eight different privately reported vulnerabilities are being patched in Microsoft Excel alone by MS11-045, each of which allow for remote code execution. We are still reviewing why the patch is rated "important" and not critical for the various Excel versions.
The patches that stand out result in remote code execution within Internet Explorer, Office and Silverlight. The recent history of attacks on consumer and corporate users, including the many successful spear phishing and APT attacks should help increase the urgency of these patches.
On the server side in the cloud, Microsoft is patching a vulnerability that could be abused in a DoS attack that could only be staged from within the cloud. MS11-047 is rated an "Important" patch for Windows 2008 versions, correcting a flaw in Hyper-V where a guest could send a malformed packet to the VMBus and result in denial of service on the server. MS11-039 is the Silverlight patch that could not only be used in a remote code execution attack on the client side, but also can be used to remotely run arbitrary code on vulnerable IIS web servers.
At least eight of the nine patches rated "Critical" requires a restart, be prepared for this interruption. We recommend applying all of this month's released patches asap.
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
Reflecting on our Windows 7 birthday party
So this week my buddy Charlie and I threw a Windows 7 party for the IT pro community in Vancouver, BC at the Microsoft office.
The office could only handle 80 people, and we simply had to turn people away. Sorry to those who weren't allowed to come. Many people came early, and hung out in the hallway even before they were allowed in.
With almost a 100 people in that hallway just out of the elevator, that hall was WARM. I felt bad for some of the people as you could tell they were overheating. But we weren't ready to let them in as we set up the rooms with different Windows 7 systems.
When we did open the doors it was a mad rush for everyone to get in where it was cooler and they could grab a cold one and cool down. Thankfully everyone was patient and polite. Thanks to everyone for that!
Once they got in, there were several different rooms that they could go hang out in. In one room, Charlie had brought a HP Media Touchsmart so people could experience the new multi touch functionality of Windows 7. Kerry Brown, a fellow MVP with experience in Windows shell, stayed in the room teaching people all the new shell features like Libraries, Jump Lists etc, and I am told schooled some admins on the nitty gritty of Power Shell. Good job Kerry! Thanks for helping out!!!
It was interesting as everytime I looked in that room, people were surrounded around the device playing with the TouchPack games and with Virtual Earth. It was interesting to hear my buddy Alan comment that his experience on his iPhone with multitouch, especially with Google Earth, was far superior to what he was seeing there. Maybe that is something Microsoft can take away from that. Of course, big difference on a 24 inch monitor and a small iPhone screen. But the point is well taken.
We had the biggest crowds when we did demos in the main presentation room. When I was presenting on DirectAccess security I had my good friend Roger Benes (a Microsoft FTE) demonstrate how Microsoft used DirectAccess themselves. Using the Microsoft guest wireless he connected seamlessly to Microsoft's corpnet, which allowed us to demonstrate the policy control and easy of use of the technology. I am told a lot of people enjoyed that session, with several taking that experience back to their own office to discuss deployment. Thats always good to hear.
Charlie impressed the crowd showing how to migrate from Windows XP and Vista to Windows 7. He demonstrated Windows Easy Transfer and Anytime Upgrades and took the time to explain the gotchas in the experience. He even had me demonstrate XP mode on my laptop so people could see how they could maintain application compatibility with a legacy Windows XP virtualized on Windows 7.
Of course, I had a lot of fun hanging out in the far back room. I got to demonstrate some of the security stuff built into Windows 7 like BitLocker, AppLocker and BitLocker to Go. I was even asked about Parental Controls which I couldn't show on my laptop since its domain joined, but was able to show on a demo box Roger had brought for people to play with.
Some of the more interesting things I helped facilitate was asking my buddy Alan to bring his Macbook in. He is a great photographer who works with Linux and OSX a fair bit, on top of using Windows. Actually, all the photos you see in this post were taken by him. Thanks for sharing them Alan!
Anyways, I convinced him to let us use his Macbook to install Windows 7. He reluctantly agreed, as you can see from the picture below when he was looking at the Snow Leopard and Windows 7 media together. :-)
We had a fair number of people crowd around his Macbook as he went through the process of installing Bootcamp and deploying Windows 7. Interestingly enough, it flawlessly converted that Apple hardware into a powerful Windows 7 system in about 20 minutes.
Charlie and I were REALLY busy. We had presented on different sessions in different rooms throughout the night. Actually, I very rarely even saw him except for a few times when he called me in to help out with a demo. Sorry we couldn't party more together Charlie. And my apologies to those that were looking forward to our traditional "Frick and Frack" show where we banter back and forth.
Many of you may not know that outside of computers, I am an avid indie filmmaker. Actually, that is giving me too much credit. I am an amateur cinematographer at best, who had high hopes that I would get a chance to film everyone's impressions throughout the party. Unfortunately, I was so busy presenting, I had almost NO TIME to get any film recorded. *sigh* Alan did get a snap of a rare moment when I actually caught someone on film.
Of course I can't complain too much. I had a great time getting to show all the neat features in Windows 7, and answering the tonnes of questions that people had.
Of course, when the night finally wound down, it was nice to close out the party and watch the Vancouver skyline change. When we were done, we had the opportunity to hang with our IT friends in Vancouver and bring in the birth of Windows 7.
I have several people I would like to thank for making the evening possible. Charlie and I couldn't have done it without the support of people like Graham from VanTUG, Jas from VanSBS and Roger from Microsoft. Speaking of Microsoft, I have to give a shout out to Sim, Sasha and Ljupco in the MVP team who helped us get through all the red tape to throw the party at Microsoft's office. And many thanks to Brent, Alan and Kerry for helping us out throughout the event. My thanks to all of you.
I hope everyone had a good time. And if anything, Charlie and I hope you learned something that will help you deploy and use Windows 7 in your organizations. Happy birthday Windows 7. Welcome to a new world without walls!
P.S. All the pictures you see here were taken by Alan and used with his permission. You can check out some of his other amazing work at bailwardphotography.com.
full nod32 download est nod32 serial 64 bit nod32 esed nod32 4
Apple updates iOS to fix PDF security flaw
News in brief: The iOS 4.3.4 update is available free to iPhone, iPod touch and iPad users...
(silicon.com - Security)
esed nod32 download nod32 serialleri esed nod32 indir nod32 serial
Black Hat Pwnie Award winner will probably get arrested
Law enforcement may be interested to see if anyone actually shows up to this year to accept the annual Pwnie Award for Epic Ownage at Black Hat, since all the nominees face possible criminal charges.
Nominees for the prize are Anonymous, LulzSec, Bradley Manning and WikiLeaks, and the perpetrators of the Stuxnet worm. Not that past winners haven't been similarly tainted, but this year's incidents have been particularly high-profile.
Source:
Will Li-Fi be the new Wi-Fi?
FLICKERING lights are annoying but they may have an upside. Visible light communication (VLC) uses rapid pulses of light to transmit information wirelessly. Now it may be ready to compete with conventional Wi-Fi.
"At the heart of this technology is a new generation of high-brightness light-emitting diodes," says Harald Haas from the University of Edinburgh, UK. "Very simply, if the LED is on, you transmit a digital 1, if it's off you transmit a 0," Haas says. "They can be switched on and off very quickly, which gives nice opportunities for transmitting data."
It is possible to encode data in the light by varying the rate at which the LEDs flicker on and off to give different strings of 1s and 0s. The LED intensity is modulated so rapidly that human eyes cannot notice, so the output appears constant.
Source:
esed nod32 keys est nod32 key esed nod32 serial esed nod32 antivirus
Major Windows 7 gotcha you should know about that may block you from upgrading
OK, so anyone who knows me expects that I stay up on the bleeding edge when it comes to dev tools and operating systems. Yes, I have been using Windows 7 for almost a year now and have been loving it. However, I never ran it on my production dev environment as I felt I did not what to disrupt our software development workflow until Windows 7 was in final release. With it out to RTM now, I felt it was as good as time as any to migrate, especially since we recently released our latest build of our own product and have a bit of time to do this.
So last week I deployed Windows 7 to both of my production dev systems, as well as the primary QA lab workstations. It was the worst thing I could ever have done, halting all major development and test authoring in our office due to a MAJOR gotcha Microsoft failed to let us know about during the beta and RC.
Ready for this....
You cannot run Virtual PC 7 (beta) in Windows 7 WITHOUT hardware virtualization. OK, I can live with that, since the new XP mode (which is an excellent feature) may very well need it. That didn't concern me. It was my fall back that failed to work that blew my mind...
You cannot run Virtual PC 2007 in Windows 7, as they have a hard block preventing it from being installed on Windows 7 due to compatibility issues. So the same machine that I have been using for development using Vista for a few years has now become a glorified browsing brick. I cannot do any of my kernel mode and system level development or debugging as I am not ALLOWED to install Virtual PC 2007 on the same hardware that worked before. *sigh*
What surprised me is that Ben, the Virtual PC Guy at Microsoft blogged that it was possible to run Virtual PC on Windows 7, and in his own words:
While all the integration aspects of Virtual Machine Additions work (mouse integration, shared folders, etc...) there is no performance tuning for Windows 7 at this stage - so for best performance you should use a system with hardware vitalization support.
That sounds to me like it will still work without hardware virtualization. Seems that is not the case.
Since Windows 7 is already to RTM, if this is a block due to Windows, it isn't going to be fixed anytime soon. So hopefully they can do something in the Virtual PC side of the equation, or they are going to disappoint a lot of unknowing developers.
This just became a MAJOR blocking issue for many dev shops that are using Virtual PC for isolated testing.
If this concerns you, then I recommend you download Intel's Processor Identification Utility so you can check to see if your dev environment is capable of running hardware virtualization.
Failing to do so might get you stuck like I did, now having me decide if I want to degrade back to Windows Vista just to get work done. There goes another day to prep my main systems again. *sigh*
UPDATE: Fellow MVP Bill Grant has provided me a solution to my delimma. It appears the issue is because Virtual PC 7 (beta), a built in component for Windows 7 when installed, is causing the blocking issue. By going into "Turn Windows features on or off" and removing Virtual PC support (and effectively removing XP mode support), Virtual PC 2007 can then be installed on machines that do not have hardware virtualization support.
This isn't the most optimal behaviour, but acceptable. Since without VT support in my CPU I can't use XP mode anyways, removing it does not limit WIndows 7 from functioning. I have reported to Microsoft on this odd behaviour since:
- Virtual PC 7 and XP Mode simply shouldn't be installing if my CPU isn't supported
- When the Customer Experience dialog pops up there is an option to "Check for Solutions Online". This is a PERFECT time where they could explain to uninstall Virtual PC 7 and XP mode support built into Windows 7 so Virtual PC 2007 will not block. Right now it reports that no solution is available.
So if you do NOT have VT support in your CPU, please uninstall Virtual PC 7 support if you installed it. VPC 2007 will then properly install for you.
Start-up picks new Web address after hijacking
After concluding the dispute resolution process is too slow and expensive, Lissn has moved to a new Internet domain after its old one was hijacked.
nod32 guncel key eset nod32 guncel key eset nod32 güncel key indir com nod32
Kaydol:
Kayıtlar (Atom)