2016: Cryptolocker virus is as active as on its day of release

June 16, 2016

REMOVE IT NOW
2016: Cryptolocker virus is as active as on its day of release
CryptoLocker is a malicious cyber threat, which is categorized as ransomware. This threat was detected several years ago, but there is no sign that it is planning to stop its activity and let other virus dominate. You can still download Cryptolocker without expecting this because the main way used to spread it relies on seemingly harmless email messages. Once it attacks the target PC system, it encrypts victim’s files and displays a ransom note, which is displayed below. We should add that Cryptolocker is the first ransomware which started using encryption strategy for trying to swindle people’s money. No matter that it belongs to the same category as FBI virus, Police Central e-crime Unit virus or Department of Justice virus, this virus tries to convince its victims that they have to pay a ransom by encrypting their personal files. Cryptolocker is the file-encrypting ransomware, so it uses asymmetric encryption for locking these and similar files:

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx.

As you can see, this list is full of widely used files names, such as doc, xls and similar. In order to restore them, it asks to pay a ransom via Moneypak, Ukash, cashU, or Bitcoin. Typically, this threat asks from $100 to $500, but there is no guarantee that this amount of money won’t be increased in the nearest future. According to the warning message, which is typically displayed by this threat, people have only a certain amount of time to pay a ransom and recover the connection to their files. Fortunately, Cryptolocker can no do harm to those who have been backing up their data and making extra copies of their files. If you have copies of your photos, business documents, and other files, you don’t need to pay a ransom. You just need to remove this ransomware from your computer and prevent the additional damage. For Cryptolocker removal, we highly recommend using Reimage, which has been showing great results when eliminating files of this virus. For restoring your files, you should try R-Studio or Photorec.

Share
0

VOIP

April 19, 2016

They clearly have either no idea, or set out to rip a customer off for tens of thousands of dollars… A 20 phone system complete and setup should cost between $5k and $10k, complete and setup… including phones…. VoIP is a great money saver, but so, so , so many companies have no idea really what they are doing. They put a system in, and don’t ensure there is ongoing maintenance. (Not a lot of money. 20 phone system, about $120/month). This leads to system getting hacked, failing, and generally poor performance, not to mention they try to use cheap modem routers, and some at least try to utilise the QOS (Quality of Service) in those cheap modems…

Rules of VoIP:

Must have a firewall and configured so hackers are banned, (simple IP tables with fail2ban work, but configuring them is hard yakka… and difficult to get right… and the IP Ban usually comes to late.)
High quality QOS is essential if sharing with normal internet usage.
Pick a variation and stick to it, master it, and don’t wander to alternates on a whim.. We use FreePBX, and know it… Very very well…..
Use quality network gear. Yes I know TPLink is cheap, and not bad for the price, but when it comes to VoIP, it doesn’t cut the mustard. Minimum quality is Draytek. We will not touch the home brands like Netgear, Billion (They have gone downhill over the years I believe personally), D-Link, Linksys (The early pre-cisco days are gone people….)NetComm, etc.. There is nothing wrong with these devices, but they are not designed for business application and function…
Where you can use a real router like PF Sense and manage it properly, setup remote phones using VPN’s
Pre-built type systems like 3CX (Windows is not a good platform for VoIP server; Great for Microsoft Exchange or a Terminal Server) and appliance boxes just rip you a new one on licensing fee’s despite being based on Asterisk (An open source platform, that most VoIP is based on….)
VoIP is here to stay and the dodgy dans are going to be coming out of the woodwork.. Don’t fall for:

Convert you current system to VoIP… That’s nastier than the proverbial dog poop in a burning paper bag thrown on the doorstep.
A pre-built system that all you have to do is plug the phones in..
local and national calls that cost per minute unless you are buying SIP minutes by the bulk (10000 minutes etc..)
Stick to the tried and true VoIP Telco’s. These guys have been around a while, and know what it takes to provide you with decent service.
Beware of the large Telco’s offering… You remember the service you get from them and how much it pained you to deal with them…. Not mentioning any names of large multi-national carriers or anything like that…..

Share
0

Every now and then you come across something that bugs you

April 19, 2016

Every now and then you come across something that bugs you just so badly, that you really want to do something about it, but effectively your hands are tied, or it’s just not possible. They call this “Stress”.Our Sydney partner has been asked to assist with sorting out a phone system, a small firm of about 20, simple enough. So as if the IT game isn’t difficult enough.. stress
angry-face The previous band of thieving mongrels have convinced and sold their (previous) client that they needed some super duper Cisco (see my other comments on Cisco)VoIP system that isn’t readily available in Australia, and special software add-on is required to make it work, and linked to special Cisco phones that are known to have issues. What’s worse is that to get this system in with the special software you have to buy several different licenses for a minimum of a 1000 phones, and it’s a yearly license.. Now whether this is true or not, the cost for this system\server was $22k. The IT setup for this company was 14 virtual server.. Fourteen… WHAT THE *(&^^%. We are able to justify 4, and that was a struggle… Mongrels who do this make my blood boil…

Share
0

Windows 8 though to Windows 10

October 24, 2015

Anyone having difficulty used their Windows 8 though to Windows 10 machines, do a google search for classic shell, download it and install it , its 100 percent free, you then have the option of setting your computer to run with a familiar interface, like windows XP, windows Vista, and Windows 7

Share
0

It just really p&%$#^ me off….

September 27, 2015

Every now and then you come across something that bugs you just so badly, that you really want to do something about it, but effectively your hands are tied, or it’s just not possible. They call this “Stress”.Our Sydney partner has been asked to assist with sorting out a phone system, a small firm of about 20, simple enough. So as if the IT game isn’t difficult enough.. stress
angry-face The previous band of thieving mongrels have convinced and sold their (previous) client that they needed some super duper Cisco (see my other comments on Cisco)VoIP system that isn’t readily available in Australia, and special software add-on is required to make it work, and linked to special Cisco phones that are known to have issues. What’s worse is that to get this system in with the special software you have to buy several different licenses for a minimum of a 1000 phones, and it’s a yearly license.. Now whether this is true or not, the cost for this system\server was $22k. The IT setup for this company was 14 virtual server.. Fourteen… WHAT THE *(&^^%. We are able to justify 4, and that was a struggle… Mongrels who do this make my blood boil…
They clearly have either no idea, or set out to rip a customer off for tens of thousands of dollars… A 20 phone system complete and setup should cost between $5k and $10k, complete and setup… including phones…. VoIP is a great money saver, but so, so , so many companies have no idea really what they are doing. They put a system in, and don’t ensure there is ongoing maintenance. (Not a lot of money. 20 phone system, about $120/month). This leads to system getting hacked, failing, and generally poor performance, not to mention they try to use cheap modem routers, and some at least try to utilise the QOS (Quality of Service) in those cheap modems…

Rules of VoIP:

Must have a firewall and configured so hackers are banned, (simple IP tables with fail2ban work, but configuring them is hard yakka… and difficult to get right… and the IP Ban usually comes to late.)
High quality QOS is essential if sharing with normal internet usage.
Pick a variation and stick to it, master it, and don’t wander to alternates on a whim.. We use FreePBX, and know it… Very very well…..
Use quality network gear. Yes I know TPLink is cheap, and not bad for the price, but when it comes to VoIP, it doesn’t cut the mustard. Minimum quality is Draytek. We will not touch the home brands like Netgear, Billion (They have gone downhill over the years I believe personally), D-Link, Linksys (The early pre-cisco days are gone people….)NetComm, etc.. There is nothing wrong with these devices, but they are not designed for business application and function…
Where you can use a real router like PF Sense and manage it properly, setup remote phones using VPN’s
Pre-built type systems like 3CX (Windows is not a good platform for VoIP server; Great for Microsoft Exchange or a Terminal Server) and appliance boxes just rip you a new one on licensing fee’s despite being based on Asterisk (An open source platform, that most VoIP is based on….)
VoIP is here to stay and the dodgy dans are going to be coming out of the woodwork.. Don’t fall for:

Convert you current system to VoIP… That’s nastier than the proverbial dog poop in a burning paper bag thrown on the doorstep.
A pre-built system that all you have to do is plug the phones in..
local and national calls that cost per minute unless you are buying SIP minutes by the bulk (10000 minutes etc..)
Stick to the tried and true VoIP Telco’s. These guys have been around a while, and know what it takes to provide you with decent service.
Beware of the large Telco’s offering… You remember the service you get from them and how much it pained you to deal with them…. Not mentioning any names of large multi-national carriers or anything like that…

Share
0

Log Blindspots: A review of cases where System Logs are insufficient

January 20, 2015

configuration file)
What the User Did: Via Windows Explorer and Notepad, the user made a simple change to an XML attribute in the file “web.config”, changing a ‘0” (false) value to “1” (true).
Editing web.config with Notepad
Security and Audit Implications of this Action: Changes to this file will affect how the web server runs, in numerous different ways. This can expose security risks, and can also affect proper operations.
What shows up in system event logs: 6,000 log entries cover the 20 seconds it took to make the change. One log entry indicates that “Notepad” was launched. Another log entry indicates that “web.config” was added to the “Recent Files” list in Windows. A third log entry seems to show (not convincingly) that it was Notepad that edited the filw web.config. But even with this info, we cannot tell what was actually changed within the file! (Was it a harmless addition of an application extension? Or did the user modify an important entry within the file?)
To know what was changed, we would now have to access a file server backup, and perform a file compare on the old and new versions. Doable, but that’s a heavy burden to answer a pretty straightforward question: “What did the user change???”
Event Viewer: But what was changed?
What User Activity Monitoring shows you: ObserveIT’s log shows what the user did, in a concise and descriptive manner. And again, video replay shows what took place within the file.
Log Blindspots: A review of cases where system logs are insufficient © Copyright 2011 ObserveIT Ltd. | www.observeit-sys.com
6
Scenario 5: Changing the port used by IIS
What the User Did: An admin user changed IIS to listen to port 8080 instead of the default 80. This was done via “Start > Settings > Control Panel > Administrative Tools > IIS Manager”, and once there editing the Properties for “Default web site”.
Set IIS to listen to port 8080
Security and Audit Implications of this Action: Modifying the port of a service accessible from outside the DMZ can open a huge hole in the firewall security.
What shows up in system event logs: Among the 5,500 log entries, there is one entry that adds IIS Manager to the Recent Items list in Windows. This is timestamped when the app was closed, which might mislead the investigator, and alsow wouldn’t even occur if the user left the window open. Earlier, there is an obscure log entry indicating a DLL that was loaded to memory. This is the true indication that IIS Manager was launched, but it is very difficult to find this in a reasonable level of effort!
Event Viewer: Obscure log entry of DLL. It turns out that this is the culprit!
What User Activity Monitoring shows you: Once again, ObserveIT gives us the whole picture.
Log Blindspots: A review of cases where system logs are insufficient © Copyright 2011 ObserveIT Ltd. | www.observeit-sys.com
7
Platform Considerations
The Windows experiments were performed on a Windows 2003 server. Windows 2008R2 has added additional audit policy granularity. However, these updates do not mean that additional knowledge can be gleaned from the logs; Only that the logs can be filtered a bit better. The bottom line remains that many high-risk, security-impacting actions, including those highlighted in this paper, are not logged.
The Linux experiments were performed on RedHat RHEL. Similar audit logging is found in other Linux flavors, as well as in Solaris Unix, with similar focus on technical aspects of each command (pid, cwd, success).
Conclusion
Security audits that rely on existing system logs have large holes in them due to the fact that system logs simply do not capture the relevant information necessary.
For issues that are known a priori, the blindspot can be eliminated with a custom utility targeted at that specific issue. But this only solves this one specific issue.
The easiest way to eliminate these blindspots in their entirety is by adding User Activity Monitoring such as ObserveIT, which augments the existing system and database logs by showing precisely what the user did (as opposed to the technical results of what he did.)
About ObserveIT
ObserveIT User Activity Monitoring software meets the complex compliance and security challenges related to user activity auditing, one of the key issues that IT, Security and Compliance officers are facing today.
ObserveIT acts like a security camera on your servers, generating audit logs and video recording of every action the user performs. ObserveIT captures all activity, even for applications that do not produce their own internal logs. Every action performed by remote vendors, developers, sysadmins and business users is tied to a video recording, providing bulletproof forensic evidence.
ObserveIT is the ideal solution for 3rd Party Vendor Monitoring, and PCI/HIPAA/SOX/ISO Compliance Accountability.
Founded in 2006, ObserveIT has a worldwide customer base of Global 2000 companies that spans many industry segments including finance, healthcare, manufacturing, telecom, government and IT services.

Share
0

Illegal downloading in government’s sights as Online Copyright Infringement Discussion Paper takes aim at consumers, ISPs

July 29, 2014

THE days of downloading your favourite TV show for free could be numbered, with details emerging about the plans to crack down on internet piracy.

A leaked discussion paper on the issue, published by news website Crikey, outlines measures the Federal Government is considering to curb illegal downloading, including forcing internet service providers (ISPs) to block offending websites and punishing customers caught infringing copyright.

But John Stanton from ISP industry body Communication Alliance says the proposals overlook a major source of the problem — that the content consumers want is not accessible or affordable enough.

Australians are among the worst offenders in the world when it comes to illegal downloading.

A UMR Research study cited in the draft paper found that an estimated 21 per cent of all Australians over the age of 18 had engaged in online piracy.

Furthermore, when Game of Thrones’ fourth season premiered in April, more people in Australia illegally downloaded the program than anywhere else in the world. Australia accounted for 11.6 per cent of the piracy, and Melbourne was the worst-offending city on the globe, according to TorrentFreak.

Aussies are also notorious for downloading top-shelf US dramas Orange is the New Black, Breaking Bad and Homeland.

The paper’s introduction, co-signed by Attorney-General George Brandis and Communications Minister Malcolm Turnbull, says illegal downloading is putting at risk Australia’s $90 billion copyright industries, which employ more than 900,000 people.

“Digitisation means that these industries are particularly susceptible to harm from online copyright infringement with the potential to directly impact on the Australian economy and Australian jobs,” the paper states.

HOW IT COULD AFFECT YOU

The draft paper floats a number of possible ways to punish customers who continue to download content illegally.

It references the US’s Copyright Alert System, which notifies customers when they have breached copyright laws. If subscribers ignore the notices, ISPs can punish them by slowing their internet speed or blocking them from browsing the web altogether until they contact their provider.

Share
0

Check your internet security and visablity to others on the internet

July 21, 2014

https://www.grc.com/x/ne.dll?bh0bkyd2

Check your internet security and visablity to others on the internet

ideally you want to be fully stealthed..

The concern is that any web site can easily retrieve this unique “machine name” (just as we have) whenever you visit. It may be used to uniquely identify you on the Internet. In that way it’s like a “supercookie” over which you have no control. You can not disable, delete, or change it. Due to the rapid erosion of online privacy, and the diminishing respect for the sanctity of the user, we wanted to make you aware of this possibility. Note also that reverse DNS may disclose your geographic location.

If the machine name shown above is only a version of the IP address, then there is less cause for concern because the name will change as, when, and if your Internet IP changes. But if the machine name is a fixed account ID assigned by your ISP, as is often the case, then it will follow you and not change when your IP address does change. It can be used to persistently identify you as long as you use this ISP.

There is no standard governing the format of these machine names, so this is not something we can automatically determine for you. If several of the numbers from your current IP address (124.186.219.16) appear in the machine name, then it is likely that the name is only related to the IP address and not to you. But you may wish to make a note of the machine name shown above and check back from time to time to see whether the name follows any changes to your IP address, or whether it, instead, follows you.

Just something to keep in mind as you wander the Internet.

Share
0

iPad vs. Laptop

June 12, 2014

Can Apple’s tablet be your office computer?
The world is getting fascinated with smaller electronic gadgets, which can easily fit in smaller spaces and have higher utilities
The iPad is discussed online as a netbook killer: it’s just more fun than a netbook. Sure, it is. However, is it better to take with you for travel?
What is Mini Laptop or Notepad?
A mini laptop, officially named a mobile Internet device (MID), is a smaller version of the typical laptop. Mini laptops are very small and are lighter weight than normal laptops. They do not have a lot of the extra features regular-sized laptops are known to have, which translates into significantly lower price tags for most models.
What is iPad?
The iPad is a flat, rectangular computer with a large, 9.7-inch touch screen on its face. The iPad runs a version of the iPhone operating system and, as a result, can run programs from the App Store. It allows existing apps to upscale their size to fill its entire screen
There are some benefits to use the iPads but limitation as well
Weight
As recommended travelling light is about carrying only the lowest weight stuff. When it comes to weight the ipad is the clear winner. I’m even tempted to wait till the ipad mini comes out, which will have a 7 inch screen and be correspondingly lighter. Doesn’t that sound confident, especially taken into account that it hasn’t even been confirmed to be in development?
It is very easy portable for the business officials, who can carry with them while travelling and be online and can access mails all the time.
Content creation: can you type fast?
This is where all the reviews favour netbooks. With actual keyboards, they’re obviously more fit to type on. However, on both Ipad and netbook the keyboards get very small, but still you can some how manage to write on notepad without having tension of screen touch in notepad.
Stuff missing from this generation iPad
USB – that’s right, you have to buy an extra thingy to get USB access. This one is a potential deal-breaker.
Camera – not a deal breaker, but there is no camera on the Ipad. I can’t see myself taking pictures with that thing anyhow: it’s too big and while video conferencing would be nice, it is not required to have the high level internet access. In fact: the normal connection would be fast enough for Skype with video. Techies are expecting the next generation Ipad to have a camera though.
Memory – 64 GB just isn’t all that much in today’s world. And the Ipad can’t be upgraded, so if it’s not much now, it won’t be enough in the long run. This one is not a deal breaker, but it is an important point, especially since memory issues can’t be supplemented with USB easily either.
Is the iPad a replacement of the Notepad?
The iPad clearly is not a replacement for a laptop / netbook but it does reduce the need for carrying those devices around all the time. You can’t get rid of the computer simply because the easiest way to get content onto an iPad is through iTunes (on a computer) and computer is required to perform the backup of iPad.
iPad is excellent for taking notes, diagramming, mind-mapping etc… It’s much more portable and it allows for doing more things on the fly.
Some significant drawbacks of iPad
Backup of the iPad took around half a day for me. It was so annoying that I turned off the back-up. This is a huge issue for a device for people who are using this for work purposes.
It’s great for creating simple content (e.g., presentations, small spreadsheets and documents) however; try to share a presentation with a colleague. The process of uploading a deck to iWorks (the file sizes are huge!), and then downloading only into PDF or Keynote file formats are a huge turn off.
Lack of multi-tasking is annoying at best. Looking at Twitter, responding to IM or browsing are things can be done without having to exit the working application.

Share
0

Evolution….not Revolution

June 12, 2014

An Article on Next Generation Network (NGN):
Evolution….not Revolution
Evolution of Next Generation Network (NGN) from existing Network (Circuit/Packet Based)
Existing Networks:
At present, separate networks exist for voice, data, and for various others Networks. Over the years, network operators have been looking for a ‘service Independent network architecture’ which can facilitate rapid and economical introduction of new services.
There are two major existing networks:
Public Switching Telephone Networks(PSTN)/Circuit Switching – These networks provides voice based services
Data Network/Packet Switching – These network provides data based services
Disadvantages of using these networks separately:
High maintenance cost
Low security
Complexity
NGN:
NGN is a converged Internet Protocol backbone network capable of carrying both data and voice. NGN is envisaged to facilitate the convergence of voice, data and video networks into a single unified packet based multi-service network capable of providing futuristic service.
Advantages:
Easily Scalable.
Maintenance cost is low.
Investment Protection.
Enhanced Security and Protection.
Access protocol Adaption
Services offered by NGN:
Specialized resource services (e.g., provision and management of transcoders, multimedia multipoint conferencing bridges, media conversion units, voice recognition units, etc.)
Processing and storage services (e.g., provision and management of information storage units for messaging, file servers, terminal servers, OS platforms, etc.)
Middleware services (e.g., naming, brokering, security, licensing, transactions, etc.)
Application-specific services (e.g., business applications, e-Commerce applications, supply-chain management applications, interactive video games, etc.)
Content provision services that provide or broker information content (e.g., electronic training, information push services, etc.)
Interworking services for interactions with other types of applications, services, networks, protocols, or formats (e.g., EDI translation)
Management services to maintain, operate, and manage communications/computing networks and services
Why NGN:
NGN is a logical upgrade by all infrastructure owners, incumbents and alternates alike, to stay up to speed with the evolution of technologies and to obtain cost effectiveness.
NGN is used for core of the networks.
NGN: A unique opportunity for regulators to set the conditions for a competitive market.
Greater flexibility, in terms of the technology and services on offer
And most importantly, a significant reduction in the cost of running and maintaining separate voice, data and Internet services
But as with any new technology there is a risk attached, that the NGNs can be built to foreclose competition which may jeopardize consumer interest.
Protocols Involved:
H.248 Protocol / MEGACO
It is used as media gateway control protocol b/w media gateway controller and media gateway or it is used b/w soft switch control equipment and various media gateways
MG-Media Gateway:
It is responsible for the packetization of voice traffic and transmitting traffic towards the destination
H.323 / SIP (Session Initiation Protocol)
It is defined as packet based multimedia communication system including VOIP (Basically 1st generation IP phones) i.e. it means H.323 made real time voice and video over IP. It is most widely used because of its veteran status but it has limited function extensibility and limited system capacity extensibility because of these drawback SIP Protocol come into the picture
SIGTRAN Protocol
SIGTRAN (Signaling transport) is protocol stack defined by the SIGTRAN workgroup of Internet Engineering Task Force (IETF) for transport real time signaling data over IP network, It defines suite of protocol to carry SS7 and ISDN messages over IP
Signaling Gateway responsible for interfacing to the SS7 network and passing signaling messages to the IP nodes.
Service providers from around the globe are implementing the NGN strategies and planning to invest billion of rupees in rollout of NGN.
NGN based networks are here to take advantages of fast and flexible services creation and provisioning capabilities, while also providing for legacy interworking and combinational services that make use of most of the existing investments. Operators can then build networks toward the all IP versions offering rich multi-access multimedia services.

Share
0