Archive for February 28, 2012

| February 28, 2012
Comments Off on Romney Defeats Gingrich in US SPAM Primaries

Romney Defeats Gingrich in US SPAM Primaries

Romney Defeats Gingrich in US Spam PrimariesJust in time to get rid of all the annoying political ads on TV and radio leading up to the Michigan primary, GOP presidential wannabe Mitt Romney has been crowned King of political spam. His high-profile run as the leader for the 2012 nomination for the US presidential election has made him popular with spammers.

Mitt Romney is also the favorite politician of spammers. He is used to tout knockoff drugs and dubious bargains in junk e-mail according to a Bitdefender analysis of 8 million unsolicited messages spread in January.

Mitt RomneyRomney is mentioned in 45% of SPAM messages that reference US politics, ahead of second-placed Republican Newt Gingrich, who scored 33%. Romney’s name was most often used in scam messages that advertise low-interest loans or free credit score analysis while Gingrich was mentioned in junk mail promoting miraculous energy-saving devices that almost certainly don’t exist. The article says most of these offerings actually redirect the unwary user to survey site scams or knockoff drugs for sexual dysfunctions.

U.S. Republican hopeful Ron Paul came third in the BitDefender spammers’ list, with 12.2%. The most popular politician outside the Republican race that caught the spammers’ attention this year was Bill Clinton, with 4%.

BitDefender logoWinning Most-Mentioned Politician in Bitdefender’s spam survey is probably not an honor that many politicians want,” said Bitdefender E-Threats Analyst Bogdan Botezatu, who coordinated the spam study. “And I don’t think we’ll see spammers suddenly turning into political pundits. But the results could tell us which politicians spammers think are most likely to get a reaction from random e-mail readers. Spammers are, ultimately, after money and they’re essentially making a bet on popularity when they favor one politician’s name over another.”

The author says spam messages often use names of celebrities or politicians in fragments of news items in trying to give credibility to the message and to trick anti-spam filters that look for the percentage of links versus other words in the message.

Republican partyIn the BitDefender overall analysis of spam not filtered to include only political references – the Republican politicians were handily beat by celebrities including Jay Leno, Eva Longoria, Kobe Bryant, and even political commentator Rush Limbaugh.

rb-
I wrote about spammers hijacking celebrities ‘ identities to spread spam. In the past, Jay Leno and Heidi Klum have been called the most dangerous celebs on the web.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| February 23, 2012
One comment

McAfee Labs 2012 Threat Predictions

McAfee Labs 2012 Threat PredictionsComputer security company McAfee unveiled its Threat Predictions report (PDF), outlining the top cybersecurity threats organizations and individuals are likely to face in 2012. McAfee, a wholly-owned subsidiary of Intel (INTC), says that for the most part, 2012 looks like it will look like 2011 only worse, with many of the recent threats gaining momentum. Here are the predictions:

Industrial Attacks:Industrial Attacks: Cyber-criminals will target Water, electricity, oil, and gas utilities. These are essential services to everyday lives, yet many industrial systems are not ready for cyber-attacks according to McAfee. Many of the environments where SCADA (supervisory control and data acquisition) systems are deployed don’t have stringent security practices. McAfee predicts attackers will leverage this lack of preparedness with greater frequency, if only for blackmail or extortion in 2012.

Legalized Spam: McAfee Labs says global spam volumes have declined in the past two years. However, legitimate advertisers are picking up where the spammers left off using the same spamming techniques, such as purchasing third-party email lists or databases from companies going out of business. McAfee Labs expects to see this “legal” spam and the technique known as “snowshoe spamming” continue to grow at a faster rate than illegal phishing and confidence scams.

Mobile ThreatsMobile Threats: 2011 has seen the largest levels in mobile malware history, McAfee Labs expects that continue in 2012. They expect mobile attackers to improve on their skill set and move toward mobile banking attacks. Techniques previously dedicated for online banking, such as stealing from victims while they are still logged on while making it seem that transactions are coming from the legitimate user, will now target mobile banking users. McAfee Labs expects attackers will bypass PCs and go straight after mobile banking apps, as more and more users handle their finances on mobile devices.

Embedded Hardware: Embedded systems are designed for a specific control function within a larger system, and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras, and printers. McAfee Labs expects to see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond. This will require malware that attacks at the hardware layer and will enable attacks to gain greater control and keep up long-term access to the system and its data. Sophisticated hackers will then have complete control over hardware.

countries prove their cyber war capabilitiesCyberwar: Countries are vulnerable due to massive dependence on computer systems and a cyber-defense that primarily defends only government and military networks. Many countries realize the crippling potential of cyber attacks against critical infrastructures, such as water, gas, and power, and how difficult it is to defend against them. McAfee Labs expects to see countries prove their cyberwar capabilities in 2012, to send a message.

Rogue Certificates: Organizations and individuals tend to trust digitally signed certificates, however, recent threats such as Stuxnet and Duqu used rogue certificates to evade detection. McAfee Labs expects to see the production and circulation of fake rogue certificates increase in 2012. Wide-scale targeting of certificate authorities and the broader use of fraudulent digital certificates will affect key infrastructure, secure browsing and transactions as well as host-based technologies such as whitelisting and application control.

Legislative IssuesLegislative Issues: DNSSEC (Domain Name System Security Extensions) is designed to protect a client computer from inadvertently communicating with a host as a result of a man-in-the-middle attack. Governing bodies around the globe are taking a greater interest in establishing “rules of the road” for Internet traffic, and McAfee Labs expects to see more and more instances where legislative issues hamper future solutions.

Hacktivism: McAfee Labs predicts that in 2012 digital disruptions like Anonymous will join forces with physical demonstrators and will target public figures such as politicians, industry leaders, judges, and law enforcement, more than ever before.

Virtual CurrencyVirtual Currency: McAfee Labs expects cryptocurrency will be an attractive target for cybercriminals.  to see threats evolve to steal money from unsuspecting victims or to spread malware.

Hardware Attacks: McAfee Labs expects to see more effort put into hardware and firmware exploits to create persistent malware in network cards, hard drives, and even system BIOS (Basic Input Output System). and their related real-world attacks through 2012.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| February 21, 2012
Comments Off on Michigan H1-B Visas

Michigan H1-B Visas

Michigan H1-B VisasThe Michigan Department of Management, Labor, and Technology reports that the December 2011 unemployment rate was 9.3%. This equated to 431,490 known people without a job. Despite nearly half a million people looking for work, the website MyVisaJobs.com reports that Michigan icons like the University of Michigan, Wayne State University, Michigan State University, General Motors (GM), and Henry Ford Health Systems filed for nearly 8,300 H1-B visas with an average wage of $74,964

RankH1B Visa SponsorH1B Visa PetitionsAverage Salary
1University of Michigan375$61,708
2Wayne State University152$63,743
3Michigan State University125$61,521
4General Motors93$87,037
5Henry Ford Health System74$79,582
6DMC Education & Research66$63,154
7Jawood Business Process Solutions, Llc50$75,564
8HCL Systems, Inc47$62,415
9The Dow Chemical45$97,600
10Chrysler Group Llc35$84,353
11Michigan Technological University34$66,405
12Whirlpool32$91,028
13Altair Product Design, Inc32$76,441
14Kyyba, Inc.30$56,563
15Engineering Technology Associates, Inc28$61,074

rb-

University of MichiganAs a Michigan Alumni, I often wonder about U of M’s commitment to Michigan under President Coleman.

I wrote about the record-setting pace business is shaping up H-1B visas here.

Apparently, Michigan firms are on the same track. Even Obama is now talking about American’s taking care of Americans, so the opposition must be against that, so even more outsourcing?

Related articles
  • Immigration Attorneys Make Immigration Law & Employment Visas Easier for Foreign Workers, U.S. Employers, Corporations and Corporate Counsel (prweb.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| February 18, 2012
2 comments

Black Sabbath on Tesla Coils

Black Sabbath on Tesla CoilsBoingBoing says that if you need an explanation why you should spend 1:26 watching ArcAttack do a Tesla Coil version of Iron Man by Black Sabbath, you are in the wrong place.

 


ArcAttack is playing Black Sabbath on MIDI-compatible Tesla coils while standing in a Faraday suit. According to BoingBoing, the MIDI signal from the guitar is routed through a fiber optic cable to control the Tesla coils.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| February 16, 2012
Comments Off on Better Mobile Security

Better Mobile Security

Better Mobile SecuritySmartphone users should be concerned about mobile security. This is more true if the mobile device is used for work and has your employer’s email or messaging server. IT staff can take steps to protect the data on the mobile. Eric Geier, the founder of NoWiresSecurity writes provided CIO Update with 6 tips for better mobile device security.

Choose encryption and use itTip No. 1 – Choose a mobile OS that supports encryption and use it: Mr. Greer says to make sure the mobile operating system (OS) and device support hardware-based encryption. The article says Apple’s (AAPL) iOS and Research In Motion’s (RIMM) BlackBerry support encryption for both internal and external storage. Without encryption, it’s possible that someone could recover the data on the device even without your lock PIN or password.

Full device encryption is limited and varies on current Android device manufactures. Mr. Greer writes that Motorola Mobility’s (MSI) business-oriented smartphones offer encryption capabilities on Android 2.3. Android 3.x includes an API to help developers offer encryption on tablets. Android 4.x tablets and smartphones should support encryption sometime in 2012. WhisperCore is a third-party encryption solution that is in beta for Nexus S and Nexus One.

Set a lock PIN or password:Tip No. 2 – Set a lock PIN or password: The article says that enabling a password, whether it’s called a PIN, passcode, or passphrase, is the first line of defense in maintaining privacy and security. It helps prevent others from picking up your phone or device and snooping around if it becomes lost, stolen, or just left unattended. It’s also usually required if encryption is enabled on the device writes the author. A PIN will protect data and privacy from causal snoopers.

Tip No. 3 – Enable auto-wiping of data: Most mobile OSes support automatic wiping of the device’s data after a certain number of incorrect passwords attempts. Mr. Greer says auto-wiping is natively supported by iOS, Windows Phone 7, and BlackBerry. Android requires a third-party app, such as Autowipe.

It is important to keep all your data regularly backed up so the data can be restored to a new mobile after it is wiped.

Setup remote trackingTip No. 4 – Setup remote tracking and management: Before your phone or device gets misplaced or stolen the blog recommends that a remote tracking and management system should be set up. Most let you see the device’s GPS location on a map, send audible alerts to help you find it, and display a visual message to tell others how to return it. They typically also let you remotely lock and/or wipe it before someone else gets their hands on it. According to Mr. Greer:

  • For iOS 4.2 or later, Apple provides a free service.
  • For earlier iOS versions there’s the MobileMe service from Apple at $99 a year after the 60-day free trial.
  • For Android, you have to use a third-party app.
  • For Windows Phone 7 Microsoft provides the free Windows Live for Mobile service.
  • For BlackBerry, RIM provides the free BlackBerry Protect service.

Limit Wi-Fi hotspot usageTip No. 5 – Limit Wi-Fi hotspot usage: When you use public Wi-Fi hotspots that aren’t encrypted, all your Internet traffic is transmitted through the air and can be easily intercepted. The most important sites and services, such as banking websites, usually implement their own (HTTPS/SSL) encryption that protects their individual traffic. But most email providers and many social networking sites don’t; thus eavesdroppers can likely capture their passwords and traffic.

On the other hand, most 3G, 4G, and other cellular data connections are usually encrypted by the carriers. Plus eavesdropping on these types of connections isn’t as popular. Therefore, when you’re out and about you should try to use the data connection rather than unsecured Wi-Fi hotspots.

If you insist on using Wi-Fi hotspots, use those that offer enterprise encryption and 802.1X authentication, such as from T-Mobile and iBahn. Alternatively, consider using a VPN connection to secure your traffic from local eavesdroppers.

Use an antivirus or security app:Tip No. 6 – Use an antivirus or security app: Viruses, malware, and hacking on mobile devices is a growing problem. The author recommends installing a security app to help prevent infections and intrusions. Most AV solutions also offer other features, such as remote wiping, backup, and locating.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
« Older Entries