Web Design

The bottom line payoff for UC-based business communications has been widely promoted as optimizing business process performance through communications efficiency and flexibility or “UC-B.” While there are also direct benefits to individual end users (UC-U) in terms of personal productivity, the reality is that the more you can automate and the less you need to depend on people to be be part of a business process, the more efficient the process will be. (In the real world, though, we can’t automate everything all the time!) With the rapid adoption of personalized mobile, multimodal, smartphones by both consumers and business users, the opportunity to exploit UC for both inbound and outbound (proactive notifications) real-time interactions between customers, enterprise action-takers, and automated business applications will be increasing significantly. What that means is that both automated self-service applications and access to live assistance can be initiated by either a business process or by a customer, and the real-time medium of communication can selectively be combinations of voice conversations, “Push-to-talk” voice message exchange, online interactions, or text messaging (IM, SMS).

Read the original:
CEBP + Customer UC + Smartphones = UC-B and UC-U

Never is the heartless nature of cybercriminals more apparent than in the wake of a tragedy. As relief efforts continue and worldwide aid pours in to help those affected by the earthquake that rocked Haiti on January 12, cybercriminals have not slowed their efforts. They are eager to get you to donate money that the people of Haiti will never see. Spoofing legitimate relief organizations such as the Red Cross is a typical social engineering lure used by the bad guys to take your money.

Read this article:
Scams Take Advantage of Haiti Relief Efforts

EarthSpark , a clean energy company currently working in Haiti, has begun to raise money to provide 20,000 portable solar lamps for rescuers in wake of the recent devastating earthquake, EarthTechling reports. The company was already selling these solar lamps, plus mobile phone chargers, efficient stoves, solar home systems, and providing clean energy knowledge resources.

Read more from the original source:
Nonprofit Sending Portable Solar Lamps to Haiti

Somehow we’ve managed to get Martin, Rich, and me together on a fairly regular basis. Pretty impressive (superhero-like, even). It seems as though I was full of more beans than usual, taking a few playful jabs at Rich (something about goat smuggling) and Martin (butterfly tattoos, if I recall correctly).

Go here to read the rest:
Network Security Podcast, Episode 182

Here’s a quick update on CVE-2010-0249 , aka the Aurora exploit.  A few days ago exploit code was made public .  Since then malware authors have been customizing the exploits payload to install their own malicious creations.  Much of the field telemetry we’ve been receiving has been coming from McAfee users in China visiting websites in China.  Some users have been directed to malicious sites from blog and forum posts, while other cases involve compromised web pages that use multiple javascripts and iframes to pull in the malicious content. The exploits are often served from subdomains of 3322.org and 8866.org.  A common filename is ie.html, which references what.jpg, which contains part of the exploit code (and not a JPEG image).  Some payloads seen download files named down.css and log.css, which are malware executables.  Those executables contain functionality to download other malware, including: Artemis!629E2332CFDA – Generic PWS.y!bsk Artemis!78043EBA321B – PWS-Mmorpg!la Artemis!911BCF95C022 – PWS-OnlineGames.gx Generic Downloader.x!coe Generic Dropper!byp Generic PWS.y!bsk PWS-Mmorpg!la Suspect-02!50CB7D4BB04E – Generic Dropper.hi Suspect-26!4EBF601DCBF6 – PWS-Mmorpg!la Suspect-26!6D89EB2792F7 – PWS-Mmorpg!hb Suspect-26!B01B63F88994 – PWS-Mmorpg!la Given that exploit code is readily available, this is likely the tip-of-the tip of the iceberg in terms of the domains and malware we are likely to see over the next few weeks (and we can expect to see new exploit and related malware variants for many months, if not years, to come)

Visit link:
Update on Recent Microsoft 0day (CVE-2010-0249)

In my last post I mentioned that the “Operation Aurora” exploit code was public and that we could expect other attacks leveraging the CVE-2010-0249 exploit to emerge.  Given the significance of the recent earthquake in Haiti, and the slew of phishing sites, email scams, etc; it makes sense that attackers would try to incorporate an unpatched Internet Explorer vulnerability and Haiti-related web content.

Read the original:
Went Looking for IE Exploits in “Haiti”, Found Something Else

Operation Aurora has received a lot of attention over the past couple of days.  To recap, Google, Adobe, and many other companies were attacked with code exploiting a zero-day vulnerability in Internet Explorer.  Since the announcement of this vulnerability ( CVE-2010-0249 ), exploit code has been made public and already revised into a more usable form.

Read more from the original source:
“Operation Aurora” Leading to Other Threats

White House national security adviser James Jones says Americans will feel “a certain shock” when they read an account being released Thursday of the missed clues that could have prevented the alleged Christmas Day bomber from ever boarding the plane.

Continued here:
National security adviser: Airline bomber report to ‘shock’ (USA Today)

CANBERRA (Reuters) – A collision involving a Japanese security ship and anti-whaling activists on Wednesday has reignited debate over Tokyo’s annual whaling campaign. Japan continues to hunt whales despite pressure to stop from anti-whaling nations.

Read the original post:
FACTBOX – Japanese Southern Ocean whaling (The Star)

New Jersey’s U.S. senators slammed federal authorities Wednesday over a security breach at Newark Liberty International Airport over the weekend and called for upgrades to surveillance camera systems and better training and accountability for security officers.

More here:
NJ senators call for improved security at airport (AP via Yahoo! News)

In my last blog, we have discussed the kernel API refactoring in Windows 7, today we are going to look at a new feature of Windows 7 – XP Mode, which is a combined solution of Virtualization and RemoteApp technologies. For quick understanding on Windows XP Mode, let’s look at an excerpt from Wikipedia about its definition: “Windows XP Mode (XPM) is a virtual machine package for Windows Virtual PC containing a pre-installed, licensed copy of Windows XP SP3 as its guest OS. Pre-installed integration components allow applications running within the virtualized environment to appear as if running directly on the host, sharing the native desktop and Start Menu of Windows 7 as well as participating in file type associations.

Continued here:
Windows 7 – XP Mode

I got “File type does not meet security guidelines. Try another.” error when trying to upload thumbnail image for one of MegavideoDownloader blog . Following this thread: http://en.forums.wordpress.com/topic/doesnt-meet-security-guidelines now I know my mistake: my picture is in PNG format it has underscore on it the file size is too small (only 5KB) One of them posted a good guidelines before trying to upload image to a blog post: When creating and uploading an image to wordpress.com here are some basics worth remembering: Be sure your image is one of these file types – jpg, jpeg, png, gif (Note that bmp’s cannot be uploaded due to size).

See original here:
WordPress Error: File type does not meet security guidelines. Try another.

Most of the webmasters do not know about Search Engines penalty, but most of the major search engines like Google and Yahoo penalize sites to clean up their results delivery. There are several types of Search Engine Penalties and I already mentioned some of them. So, when you notice sudden drop in referral traffics from Search engines like Google, you should do some immediate research to know if anything went wrong as Google do not provide direct information regarding penalties

More here:
A Few Tips to Diagnose Google Penalty

With a dazzling laser show, the 26th Chaos Communication Congress (26c3) in Berlin, the last big security conference of 2009, has ended. If you haven’t been here, you might have missed fewer of the sessions than people on site, thanks to the worldwide availablility of live streams (and recordings). What you did miss was meeting all these people, though! 26c3 has simply outgrown the location it has occupied for the last few years, but this may be offset by a very successful experiment: allowing full remote access to the conference network via VPN for those who couldn’t attend.

Excerpt from:
No More Dragons: the 26th Chaos Communication Congress Ends

We see the popular “captcha” security mechanism often – wavy letters websites ask us to type into a box. It’s used by web pages and newsletter sign-up forms to prevent computer robots from hacking into servers and databases. But these codes, which are becoming increasingly complicated for an average person to use, are not immune to security holes……..

Read the original post:
Moving Video to "Captcha" Robot Hackers

Just in time for October’s Cyber Security Awareness Month, the National Institute of Standards and Technology (NIST) has published a guide to help small businesses and organizations understand how to provide basic security for their information, systems and networks. NIST has also created a video that explores the reasons small businesses need to secure their data (at right)……..

View post:
Use computer security guide to protect

In the never-ending battle to protect computer networks from intruders, security experts are deploying a new defense modeled after one of nature’s hardiest creatures – the ant. Unlike traditional security devices, which are static, these “digital ants” wander through computer networks looking for threats, such as “computer worms” – self-replicating programs designed to steal information or facilitate unauthorized use of machines

Visit link:
Ants vs. worms

Day 2 and Night 2 of the 26th Chaos Communication Congress is over, so it’s time for a short update on what you are missing here. This year the Congress is organized as a distributed event: Many local Hacker Spaces have joined the network at Berlin Conference Center, giving access to resources and talks to visitors. Check out the Dragons Everywhere Wiki at 26c3 for more info.

Read more here:
Dragons Everywhere: The 26th Chaos Communication Congress, Part 2

I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a clean colon (yep – you read that right): This lead to the following questionable site, which had some very interesting comments on our SiteAdvisor site: In short order I also received two more IMs

Originally posted here:
Check Your Friends! Facebook IMs May Lead To Trouble

What’s common between Ellen DeGeneres, Brittney Spears, Ryan Seacrest, Kim Kardashian, and Oprah Winfrey? They all have between 2 million to over 3 million twitter followers and staggering number of online fan followers. The celebrities and social networking relationship is making news headlines more frequently now, with Ashton Kutcher’s antics on Twitter, or some other celebrity taking swipes at their peers through their blogs.

Continue reading here:
Social Networking Sites – Where Fans Rub Shoulders With Their Favorite Stars