It has recently been discovered by researchers at Trend Micro that there is a piece of malicious software that automatically uploads stolen data cache to the SpendSpace file-sharing service for when it needs to be retrieved. Creators of malware often use file-hosting and sharing servers for that exact purpose. However, this marks the first time malware has been noticed doing so automatically, according to Trend Micro Threat Response Engineer Roland Dela Paz.

The site afflicted, SendSpace, accepts files and generates a link that can be shared between people, allowing the content to be downloaded from the files. This new malware has been specifically configured to send files, copy the download link and send it to a command-and-control server. In addition to that, the password needed to access the archive is also sent, according to Dela Paz.

It has also been discovered that SendSpace’s terms of service would prohibit the use of the site in that manner. According to a response about the malware from SendSpace, the company stated that it was “notified of this several days ago by Trend Micro themselves, and we’re working to find a solution for this.”

Services like SendSpace present a lot of advantages, albeit unintentionally, to cybercriminals says Rik Ferguson, Director of Security Research and Communication for the European branch of Micro Trend. Ferguson also added that even though cybercriminals use networks of proxy computers to mask their communication with a compromised computer, using a storage service adds another layer and stated, “It breaks in some ways the chain of evidence.”

Another problem is that authorities would be less likely to try and take down a legitimate file-hosting service than a brand new server set up by scanners. Services like SendSpace are also especially useful for things known as Advance Persistent Threat Attacks. These allow “cyberspies” to infiltrate an organization for an extended period of time.

There is also a better chance that compromised companies or sites will not consider outbound connections to a file-sharing service suspicious. This makes it exponentially less likely that the connection will be shut down. According to Ferguson, “Basically it’s criminals taking advantage of public infrastructure to appear less suspicious.”

Source: PC World – Malware Automates Storing of Data Haul on File-hosting Site SendSpace

A Tech Travel Agent can get a laptop rental to you within 24 business hours in over 1000 cities worldwide. Call Me Toll Free 800-736-8772

Amazon Web Services has just added four new locations that allow enterprises to use its Direct Connect network service in order to communicate with Amazon’s cloud, according to a statement released by the company on Tuesday. The all new Amazon Web Services Direct Connect locations that have been added include the CoreSite One Wilshire in Los Angeles, TelecityGroup Sovereign in London and Equinix in Singapore and Tokyo. The two locations that these four will be joining currently exist in the United States.

Direct Connect is basically an alternative to using an internet connection to access Amazon Web Services’ cloud service offerings. Advantages of using Direct Connect over a standard internet connection include things like a more consistent network performance for applications that require real-time data as well as enhanced privacy for customers that may have security or compliance policies preventing them from connecting to the cloud via a VPN.

In order to connect, enterprises must choose between 1Gbps and 10Gbps Ethernet ports. Companies that want or need more capacity can always provision multiple connections if need be. However, there are some drawbacks to using Direct Connect, mainly with the network service, in that Amazon does not offer service level agreements with Direct Connect at the moment.

Getting started is simple. All you have to do is fill out a sign-up form indicating your connection requirements and Amazon will contact them. Amazon does charge $0.30 per hour for using Direct Connect for a 1Gbps port and $2.25 an hour for a 10Gbps port. You will also be charged somewhere between $0.02 and $0.045 per gigabyte of data transferred out of the cloud.

Amazon is planning on adding more Direct Connect locations all over the world in 2012 though the company has yet to release any details on when they will go up, where they will go up and just how many are going up.

Source: Computer World – Amazon adds more spots for companies to connect to its cloud

DVD Video Projectors are exactly what they sound like, combination units that combines a DVD media player with a video projector, cutting out the need for multiple pieces of electronics and wiring.

A problem in McAfee’s Saas Endpoint Protection software that allows computers to serve as open proxies for spam is being investigated by the company according to a recent statement from a McAfee representative. A statement from the rep says, “We are aware of the issues and have both threat analytics and development teams diligently analyzing the problem and possible solutions. We will have more information on the issue shortly.”

A PR representative from the company said that she was trying to acquire more details on the situation, though was unable to disclose any further information after that. The initial problem was discovered by customers of McAfee on the internet who complained that their emails were being blocked by different email providers and also that their IP addresses were being blacklisted for sending out spam.

The problem appears to stem from the RumorServer Service myAgtSvc.exe, McAfee Peer Distribution Service, which is a part of the company’s SaaS Endpoint Protection Suite. The technology, which is used for sending updates to users without a direct internet connection, operates as an Open Proxy on Port 6515, which essentially opens the computer up to being used as a spam headquarters.

One victim to the attack was the Kramer Blog, who first detected the problem in early January when email was returned undelivered with a message stating, “Our system has detected an unusual rate of unsolicited mail originating from your IP address.”

According to the Kramer Blog, “Our Windows 2008 server was one of the computers affected. We first realized there was a problem on the 4th  January 2012 when an email was returned undelivered with the message: ‘Our system has detected an unusual rate of unsolicited mail originating from your IP address. To protect our users from spam, mail sent from your IP address has been blocked.’ On checking through our mail logs, we also noticed that an earlier email sent 2nd January 2012 had been delayed with a message saying our IP was on the spamhous/cbl list as being infected with a trojan spambot.”

McAfee is currently in the process of developing and improving a patch that will allow these spam messages to not be responded to from port 6515. In addition to that, the patch will also be posted through updates throughout the week and will show up as 5.2.3 patch 4.

Source: ZDNet – McAfee software allows spam for hijacked PCs

Rack-Mount Server rentalsare ideal if your company needs an extra storage unit for company information while you are testing various types of storage solutions.Whether you need a short-term rental or a long-term lease, we have the right kind of server for your needs.

Cyber attacks are quickly becoming a very serious threat to internet users all over the world. Every day we are hearing more and more about big businesses and government websites that are getting hacked by different groups and causing mayhem for everyone involved. The bigger problem is, however, that it is extremely hard to completely wipe out this type of threat.

Even though it may seem impossible to completely obliterate cyber attacks for good, Japanese scientists may have figured out a solution that doesn’t just protect you from getting attacked at that moment, but forever. Computer scientists from Japan have reported that they have successfully developed a computer virus that can be launched on the internet that would track down and disable the source of a cyber attack.

As with every new claim in the science and technology world, a lot of experts are remaining skeptical, mainly due to the fact that if this were to actually be true, it would solve probably the biggest problems to online security ever faced, known in the cyber security world as the source attribution problem.

Hackers are able to launch harmful viruses or DoS attacks by using a bunch of layers of a proxy server or by using a botnet to disguise their source internet address. This masks the actual origination of the attack itself, making finding the source nearly impossible. The company claiming to have solved this problem, Fujitsu, has claimed that it has solved the source attribution problem and has also discovered how to destroy any attacking code it meets on its way to the source.

This “friendly” virus has already passed a plethora of tests in closed networks where it bounced between attacking computers, reached the origin of the attack and sent the ID information back to its controllers. However, this technology is not without its skeptics, like Director of Security Research at Trend Micro Rik Ferguson.

Ferguson relayed his skepticism in a statement saying, “It is not a simple matter to ‘break into’ a computer that is found to be part of a chain attack. If it were possible to backtrack through every stage of the attack chain and examine data then this task would be made significantly more simple, but that is and remains a major challenge ethically, legally and technologically.”

Another possible problem with this type of technology, that was warned against by security firm Imperva, is that a virus like this one, that follows the attack back to the source, could be disastrous in the fact that it could go after the wrong people. Hackers could very well figure out a way to make the attack appear as if it came from somewhere it did not, letting the wrong person pay the price for something they didn’t do.

Source: Sci-Tech Today – Computer Virus Could Disable Cyberattack Source

SMBnow.com is news of, for and by SMBs!
SMBnow.com… The Small & Medium Business Magazine!

If you are a big corporation or a big enterprise company, you probably already know that you need powerful computers to handle the sheer amount of information that is used to make tasks simpler and less expensive while also enabling knowledge to be shared more easily in order to benefit the company. An increased dependence on modern computers for employees and employers brings major challenges that have the potential to harm productivity.

Problems like this may include things like disruptions from hackers, viruses, malware and spam, all of which can threaten your company’s productivity and prevent employers from maintaining a solid workplace environment needed to handle different projects as well as the sensitive data of your company.

For many big businesses it is imperative to have an adequate network security solution so personal and corporate information remains secure and protected at all times. One of the most compatible tools for network security is the next generation firewall, which has also been specifically designed with organizations in mind. Big businesses need increased flexibility in order to distribute work to match their infrastructure and scale over time.

There are a ton of bonuses to using the next generation firewall for your company’s internet network security, including:

• Next Generation Intrusion Prevention System – Third party validation and the combination of granular application and URL access control.
• Unparalleled performance and scalability
• Total network visibility providing you with passive, real-time visibility of hosts, applications, operating systems, users, content, attacks and more.
• Intelligent security automation allowing for more administrative functions than other solutions, meaning you don’t have to devote all your time and resources to internet security.

In addition, the next generation firewall provides overall firewall inspection throughout all options, ranging from 40Gbps down to 1Gbps with minimal degradation. It has also been implemented in 15 different organizations by security professionals, gaining a reputation as a new firewall that puts security and date protection as a top priority.

Source: Business 2 Community – The Importance of Internet Network Security to Big Enterprises

The National Institute of Standards and Technology (NIST) has just released a new draft computer security publication that provides guidance for vendors, as well as security professionals, while they work on protecting personal computers as they start up. Computer safety is becoming an increasing priority around the world as “hacktivist” groups like Anonymous are becoming ever more persistent in their hacking campaigns.

The first software that starts to run when your computer is booted up is the “Basic Input/Output System” (BIOS). This is a fundamental system software that initializes the hardware before your chosen operating system begins. The BIOS of your computer works at an extremely low level and, as a result, can cause a significant threat to your computer’s security.

According to one of the authors of BIOS Integrity Measurement Guidelines (NIST Special Publication 800-155) Andrew Regenscheid, “Unauthorized changes in the BIOS could allow or be part of a sophisticated, targeted attack on an organization, allowing an attacker to infiltrate an organization’s systems or disrupt their operations. We believe this is an emerging threat area and that these developments underscore the importance of detecting changes to the BIOS code and configurations, and why monitoring BIOS integrity is an important element of security.”

BIOS Integrity Measurement Guidelines is the second publication in a series of BIOS documents from NIST. BIOS Protection Guidelines (NIST Special Publication 800-147) was released back in April of 2011 and provides guidelines for computer manufacturers to build in features to secure the BIOS against unauthorized modifications.

The detection mechanisms in BIOS Integrity Measurement Guidelines compliment these protection mechanisms outlined in BIOS Protection Guidelines in order to provide greater assurance of the security of the BIOS. It is easy to overlook threats to things like the BIOS of your computer as many people don’t recognize this as being vulnerable. BIOS Integrity Measurement Guidelines from NIST should help though.

Source: EurekAlert – Protecting computers at start-up: New NIST guidelines

Transactions at the postal services in the United Kingdom were affected today as issues in the Post Office network’s computer system caused problems on what is considered to be the busiest day of the year for U.K. postal services. The Royal Mail expected 131 million items to enter the postal system today and some transactions were affected for two 30-minute periods, which led to waiting queues.

The Post Office apologized and stated that service had now been restored across the network in the United Kingdom, consisting of 11,800 branches. The problem arose as Royal Mail’s website continued to suffer from a strange computer glitch. According to the Post Office’s Network and Sales Director Kevin Gilliland, “We are very sorry for the inconvenience this problem has caused customers. We know how important the Post Office is to our customers at all times, but especially at Christmas.”

This is the second computer problem at the network in six months as a shutdown in July blocked access for 3.3 million customers with Post Office card accounts. Some pensioners also have their benefits paid into a Post Office card account. A spokesman from the Post Office said that the glitch affected most of the services offered by the branches that were hit.

Post offices were expected to be especially busy today as the Royal Mail predicted today to be the busiest day of the year. The Royal Mail expected 131 million items to be posted today, more than double the usual number. The post office had also taken on thousands of extra employees to deal with the influx of items.

Problems at a post office are never good but having them happen on the busiest day of the year is more than a catastrophe. Thankfully the problem was able to be settled quickly and with minimal problems, though the fact that this is the second time it has happened in six months should definitely be something the Post Office should look into.

Source: BBC News – Computer glitch hits post offices

Unfortunately, issues involving cybercrime are only expected to increase in the coming year which is leading many technical support companies to advise users on how to be proactive and protect their PCs. These firms are developing new hacker protection plans designed to help protect your computer from these viral attacks.

According to a Senior Product Manager at SupportSquad, one of these technical support companies who has a protection plan known as PC Guard, “One of the best ways to help protect your data and personal information from being stolen by hackers is to change your password from the default one provided. Of course, this is only the first step, and SupportSquad can show you other ways to guard your PC from identity theft with its newest product: PC Guard.”

It is expected that approximately 11 million Americans will become victims of identity theft this year alone which is why companies, like SupportSquad, are addressing this issue by developing their very own security protection plans.  PC Guard offers a more secure level of protection and was developed for users who are concerned that their internet habits may expose them to higher risks of identity thefts.

“Our new protection plan, PC Guard, will ensure that you do not become the victim of identity theft,” the Senior Product Manager added. “The program will provide a high level of encryption to all your sensitive data and protect it at all times.”

PC Guard, which will cost you $6.99 per month, will provide you with 24/7 alerts informing you of any and all attempts of cybercrime or identity theft against you. In addition to that, it also comes complete with file and database-level encryption that will help protect and secure your personal information.

However, it does kind of make you wonder if all these threats are mere ploys by the security companies to get you to buy their products. We may never know, but if you truly feel vulnerable, you can always pick up PC Guard or one of its many clones.

Source: The San Francisco Chronicle – Cyber Crime Expected to Increase in 2012 – SupportSquad Offers New Hacker Protection

Cloudcor has just announced that CumuLogic, one of the leading providers of Java Platform-as-a-Service (PaaS) offerings, has just been named a Premier partner for UP 2011. UP 2011 is a hybrid format conference on cloud computing that runs from December 5th through December 9th at the Computer History Museum located in Mountain View, California. The show is also broadcast globally on the internet as well.

Dr. James Gosling, adviser for CumuLogic, will be a featured panelist on the power PaaS discussion on December 5th. The panel session, which features top PaaS players Microsoft, IBM and CumuLogic, will look at the dramatic changes PaaS has undergone over the past few months. Discussions will include a focus on multi-language support, multi-cloud deployment capabilities and common developer services.

In addition to that, the panel will also focus on digging deep into the transformation of platform services from one of the greatest sources of cloud lock-in to one of the most open and flexible approaches to leveraging infrastructure services.

According to Cloudcor Incorporated and UP 2011 Conference Chairman Khazret Sapenov, “We are delighted to add CumuLogic as a bespoke Premier Partner to the UP 2011  Conference lineup. We look forward to their contribution to this year’s proceedings.”

Rajesh Ramchandani, Founder and Vice President of Products at CumuLogic, also added, “We are excited to partner with Cloudcor Incorporated for the UP 2011 Conference. UP 2011 is a leading cloud computing conference and a great place to expand on CumuLogic’s vision and discuss trends in the rapidly emerging PaaS market.”

You can register for this panel discussion by visiting the UP 2011 Conference website. The website will also have all the details about the conference, as well as all the highlights from everything that happens, including all the panel discussions, interviews with some of the big names in cloud computing and a ton more.

Source: The Sacramento Bee – Creator of Java to Discuss Next-gen PaaS at UP2011 Cloud Computing Conference

Rack-Mount Server rentalsare ideal if your company needs an extra storage unit for company information while you are testing various types of storage solutions.Whether you need a short-term rental or a long-term lease, we have the right kind of server for your needs.

At Tuesday’s CNN-sponsored GOP debate, three Republican Presidential candidates stated that cyber attacks pose an emerging national security threat to the United States of America. In his closing comments during the debate, GOP hopeful and former Speaker of the House Newt Gingrich said that he views cyber attacks as one of three major security threats the United States is currently unprepared to deal with.

Before the events of 9/11, and even today, the biggest threat to the United States was the use of a weapon of mass destruction (WMD) in an American city, Gingrich noted. “The second is an electromagnetic pulse attack, which would literally destroy the country’s capacity to function.” The third was noted as being a cyber attack.

Herman Cain also noted that, as a former ballistics analyst and computer scientist, he also sees cyber attacks as a national security threat. “That’s something that we do not talk enough about, and I happen to believe that that is a national security area that we do need to be concerned about.”

Both Gingrich and Cain were responding to a question posed by Marc Thiessen, a visiting fellow at the American Enterprise Institute, who asked the GOP candidates to identify what they see as unexpected security threats of the future.

During the Presidential debates of 2000, then-Governor of Texas George W. Bush was never asked about the threat from Al Qaida, though the battle with that group dominated his presidency. Thiessen added, “What national security issue do you worry about that nobody is asking about, either here or in any of the debates so far?”

The third and final GOP candidate to raise cyber attacks as an issue in response to the question was current Texas governor Rick Perry. In comments stating that his belief that China was destined for the “ash heap” of history, Perry said that the People’s Liberation Army (PLA) involvement with cybersecurity is a major issue that the United States has to deal with now.

Later, Perry’s press office issued a statement saying that Perry viewed cyber attacks as an emerging threat to the nation. “As president, he will view them as seriously as a physical attack. Cyber attacks could target our military, important utilities and the countless computer systems upon which our economy depends.” the statement read.

In addition to that, this statement advocated the need for both defensive and offensive cyber capabilities so that China and others who launch cyber attacks against the United States know there will be repercussions. The other comments by the GOP hopefuls suggest that cybersecurity issues will be a major topic for discussion in the upcoming 2012 presidential election. Currently, Congress is considering more than a dozen pieces of cybersecurity legislation and there is also a growing awareness in Washington about the need for a strong national policy for dealing with emerging threats.

Source: Computer World – Cyberattacks a top national security concern, GOP candidates say