Discover how mastering email communication can boost business efficiency, avoid common pitfalls, and ensure secure, respectful online interactions.
Turkey Revenge
The turkeys are pissed this Thanksgiving they are seeking revenge.
Germs Infest 60% of Americas Phones
60% of Americans sleep with their phones, harboring germs. Cleaning regularly with UV sanitizer or alcohol wipes can help keep your phone and bed germ-free.
Smartphone Sanitizing: A Practical Guide
Securely erase personal data from your old smartphone before recycling. Protect your identity from hackers—easy steps to follow.
Why Soft Skills Matter in Today’s Job Market
Boost your career with essential soft skills like communication, teamwork, and emotional intelligence. Learn why they’re crucial for workplace success.
Which Mobile OS is Most Hit by Malware?
Help Net Security reminds us that most mobile phone users still don’t have a mobile AV solution installed on their devices making. This makes it hard to gauge just how many of them have been hit by mobile malware. To overcome this fact, Microsoft (MSFT) researchers observed that mobile phones often get synched with the users’ computers. Also, users often use their computers to search for mobile apps on third-party application markets and file-sharing sites. These habits allow mobile malware to occasionally end up on their desktop/laptop computers and gets detected by desktop anti-virus software.
Researchers at the Microsoft Malware Protection Center (MMPC) were able to use thes detection to get an idea of what malware attacks the various mobile operating systems. The MMPC found was that Symbian users’ devices are getting hit with a disproportionately bigger number of threats than those targeting other operating systems. In August 2011, Microsoft detected around 42,000 of them.
Malware attacks
Microsoft’s Marianne Mallen says that Symbian-specific malware seems to be evolving and Zeus-in-the-mobile (“ZItmo“) and SpyEye-in-the-mobile (“Spitmo“) are the most recently detected malware and arguably the most dangerous for the user.
The Sun Oracle (ORCL) Java ME platform takes second place in the MSFT research, with nearly 24,000 threats detected in August 2011, mostly apps sending text messages to premium-rate numbers.
The MMPC found that Google‘s (GOOG) Android malware numbers were rather low when compared to Symbian and Java ME platforms. There were around 2,800 hits in August, but have been steadily rising since February. Much of the Android malware uses privilege-escalation exploits to install itself or other components on the device without having to ask the user for permission.
At the end of the MSFT list are Apple (AAPL) iOS and Research In Motion (RIMM). No new threats for Apple’s mobile OS have been discovered this year, and the total number of threats detected in August was around 590. RIM brings up the rear with only 5 malicious apps detected during that month and can boast of only one completely new threat springing up for it this year:.
Ms. Mallen’s advice to mobile users is to scan applications downloaded when possible, even when it’s already on a mobile device. Ms. Mallen says that even apps from the official app stores, may have been repackaged with malware that can run stealthily without the user being made aware of the underlying payload,” she points out. “The payload can include data-theft, silent SMS-sending in the background, and downloading and installing of other malware components, among other things. This malware (or links to it) could also be spammed or sent through email, using social engineering to entice the user to download a copy of the malware onto the desktop.”
rb-
UMMM no critique of mobile malware issues on WinPhones?
Related articles
- The One Chart You Need To See To Understand Mobile (AAPL, GOOG, RIMM, MSFT, NOK) (businessinsider.com)
- Overview of Smartphones and Malwares (techtimely.wordpress.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2011, AAPL, Android, Apple, GOOG, Google, IOS (Apple), Microsoft, Mobile, Mobile operating system, MSFT, Research In Motion, RIM, Symbian, Zeus
Tablet Security Tips
ICSA Labs, an independent division of Verizon has provided third-party testing and certification of security products since 1989. They suggest a series of security tips for smartphone, tablet, or app user’s Help Net Security reports.
Only buy apps from recognized app stores
Apps from unofficial third-party stores and applications downloaded from peer-to-peer sites are much more likely to contain malware than apps sanctioned by official vendor stores such as the Android App Market or Apple App Store.
Think twice about accepting permissions
Most applications, legitimate as well as malicious ones, need users to accept several “permissions” before the apps are installed. Check carefully to be sure that the app comes from a legitimate source. I wrote about mobile phones leaking data previously.
Monitor bills for irregular charges.
If attackers gain access to personal information stored on the mobile device, they can quickly rack up charges by sending “silent” text messages to high-priced call services. For example, if the Google (GOOG) Android Trojan GGTracker is inadvertently installed on a device, it can sign up users, without their knowledge, for premium text messaging services.
Employ security policies to protect employer-issued devices
Employers should enforce password-based access and require voice mail codes so that only authorized users can get access to data on employer-issued devices.
Be mindful of more personal devices at work
Companies must have security systems and policies in place to safeguard their business environment and prevent access to company networks from employees’ personal devices. I wrote about BYOT here.
Remember that a tablet is a tiny PCs
Many security threats that apply to traditional computers also apply to mobile devices, such as smartphones and tablets, and consumers should take necessary measures to protect themselves. One way to do this is to install anti-malware software on mobile devices and enable VPN functionality.
Protect your tablet, smartphone, and voicemail PIN
If your mobile phone does not have a password, add one that is at least six digits. Try to choose a unique password that is not already used across other systems and accounts. Do not use repeating digits in passwords or voice mail pins. Remember that your provider will never request your voice mail pin, so do not be tempted to give it to anyone who requests it.
Related articles
- One Mobile Device Security Threat You Haven’t Considered (informationweek.com)
- 5 Mobile Security Issues To Watch (informationweek.com)
Category: Uncategorized |
Tags: ADBE, Adobe Systems, Blackberry, Handhelds, IOS (Apple), Malware, Mobile device, Mobile phone, Policy, RIMM, Security, Smartphone, Tablet computer, Virtual private network
Gartner’s Top Tech Trends For 2012
Gart
ner VP David Cearley described their top ten strategic technology trends for 2012 to attendees of the Gartner Symposium IT/Expo. Gartner (IT) defines a strategic technology as one with the potential for significant impact on the enterprise in the next three years. Here are Gartner’s top strategic technologies for 2012.
Media tablets and beyond: Bring-your-own-technology (BYOT) at work has become the norm, not the exception. By 2015 tablet shipments will reach around 50% of laptop shipments and Windows 8 will likely be in third place behind Google‘s (GOOG) Android and Apple’s (AAPL) iOS. The net result is that Microsoft‘s (MSFT) share of the client platform, be it PC, tablet, or smartphone, will likely be reduced to 60% and it could fall below 50%, Mr. Cearley says.
The implication for IT is that the era of PC dominance with Windows as the single platform will be replaced with a post-PC era where Windows is one of a variety of environments IT will need to support. Gartner says it expects iOS/Android will dominate the market with 80% of tablets shipped by 2015. IT leaders need a managed diversity program to address multiple form factors, as well as employees bringing their own smartphones and tablet devices into the workplace.
Mobile-Centric Applications and Interfaces. User interfaces with windows, icons, menus and pointers which have been in place for more than 20 years are changing. The UI will be replaced by mobile-centric interfaces emphasizing touch, gesture, search, voice, and video. Applications themselves are likely to shift to more focused and simple apps that can be assembled into more complex solutions. By 2015 half the applications that would be written as native apps in 2011 will instead be delivered as Web apps.
Internet of Things: The Internet of Things (IoT) describes pervasive computing where cameras, sensors, microphones, image recognition, everything, is now part of the environment. In addition, increasingly intelligent devices create issues such as privacy concerns. Gartner says. Drivers of the IoT are:
- Near Field Communication (NFC) payments allows users to make payments by waving their mobile phone in front of a compatible reader.
- Embedded sensors which detect and communicate changes are being built into an increasing number of places and objects.
- Image Recognition technologies identify objects, people, buildings, places logos, etc. that has value to consumers and enterprises.
App Stores and Marketplaces: Application stores by Apple and Android provide marketplaces where hundreds of thousands of applications are available to mobile users. Gartner forecasts that by 2014, there will be more than 70 billion mobile application downloads from app stores every year with an enterprise focus. With enterprise app stores, the role of IT shifts from that of a centralized planner to a market manager providing governance and brokerage services to users and potentially an ecosystem to support entrepreneurs. Enterprises should use a managed diversity approach to focus on app store efforts and segment apps by risk and value.
Big Data: The size, complexity of formats, and speed of delivery exceed the capabilities of traditional data management technologies; Gartner says it requires the use of new technologies simply to manage the volume alone. One major implication of big data is that in the future users will not be able to put all useful information into a single data warehouse. Logical data warehouses bringing together information from multiple sources as needed will replace the single data warehouse model.
Cloud Computing: This topic is still an important trend. It will become the next-generation battleground for the likes of Google and Amazon (AMZN). Going forward, enterprise IT will be concerned with developing hybrid private/public cloud apps, improving security and governance, Mr. Cearley says. While the market remains in its early stages in 2011 and 2012, it will see the full range of large enterprise providers fully engaged in delivering a range of offerings to build cloud environments and deliver cloud services. Oracle (ORCL), IBM (IBM), and SAP (SAP) all have major initiatives to deliver a broader range of cloud services over the next two years. As Microsoft continues to expand its cloud offering, and these traditional enterprise players expand offerings, users will see competition heat up and enterprise-level cloud services increase.
Enterprises are moving from trying to understand the cloud to making decisions on selected workloads to implement on cloud services and where they need to build out private clouds. Hybrid cloud computing which brings together external public cloud services and internal private cloud services, as well as the capabilities to secure, manage and govern the entire cloud spectrum will be a major focus for 2012. From a security perspective, new certification programs will be ready for the initial trial, setting the stage for more secure cloud computing. On the private cloud front, IT will be challenged to bring operations and development groups closer together using “DevOps” concepts in order to approach the speed and efficiencies of public cloud service providers.
Other key predictions Gartner had included:
- Contextual and Social User Experience: Context-aware computing uses information about an end-user to improve the quality of interaction and anticipates the user’s needs and proactively serves up the customized content. By 2015, 40% of the world’s smartphone users will opt in to context service providers that track their activities with Google, Microsoft, Nokia (NOK), and Apple continuously tracking daily activities Mr.Cearley says.
- The growing use of flash memory for In-Memory Computing is a long-term technology trend that could have a disruptive impact comparable to that of cloud computing.
- The adoption of Extreme Low-Energy Servers built on low-power processors typically used in mobile devices will increase for non-compute intensive workloads or delivery of static objects to a website. Gartner says that 10%-15% of enterprise workloads are good for this.
- Next-Generation Analytics Gartner says over the next three years, analytics will mature from structured and simple data analyzed by individuals to the analysis of complex information of many types (text, video, etc.) from many systems.
Related articles
- Expecting a recession, Gartner urges ‘creative destruction’ (networkworld.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2011, AAPL, Android, Apple, Big data, Business, BYOT, Gartner, GOOG, Google, Internet of Things, IOS (Apple), Microsoft, MSFT, Predictions
How Does Malware Spread?
The ZDNet Zero Day blog reports that Microsoft’s (MSFT) recently released Security Intelligence Report identified socially engineered malware (scareware pop-ups; blackhat search engine optimization attacks) enticing users into downloading and executing a malicious file as the most used malware propagation tactic.
Based on a sample of 600 million systems worldwide, MSFT research ranks AutoRun USB infection as the second most used malware propagation tactic, according to Zero Day. Microsoft disabled AutoRun by default on Windows XP and Vista in February to prevent malware infections. The results, at least according to Microsoft, have indicated a significant decline in malware using AutoRun as a spreading mechanism.
The report also points out that zero-day flaws do not necessarily represent a driving force in the growth of malicious attacks or cybercrime in general according to the ZDNet blog. More propagation tactics:
- User Interaction required – 44.8%
- Au
toRun USB – 26% - AutoRun: Network – 17.2%
- File Infector – 4.4%
- Exploit: Update Long Available – 3.2%
- Exploit: Update Available – 2.4%
- Password Brute Force – 1.4%
- Office Macros – 0.3%
- Exploit: Zero Day – 0%
Zero Day points out that Microsoft is missing malware that spreads without user interaction, namely through the exploitation of client-side vulnerabilities in third-party software and browser plugins. The MSFT report says attackers regularly exploit client-side Java. Java exploits were responsible for between one-third and one-half of all exploits observed in the four most recent quarters including:
Oracle (ORCL) (formerly Sun) Java Runtime Environment (JRE),- Java Virtual Machine (JVM)
- Java SE in the Java Development Kit (JDK)
rb-
I wrote about the problems with old versions of Java and JavaRa which can delete all the old unnecessary files java leaves on your hard drive everything Sun Oracle plugs some more holes in their app.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2011, AutoRun, Development Kit, Java, Microsoft, MSFT, Oracle, ORCL, Platform Standard Edition, Security, Universal Serial Bus, Virtual Machine, Windows, XP
Arbor Networks Adds 20 New Michigan Jobs
Ann Arbor.com reports that Information technology security firm Arbor Networks promises to add 20 new jobs to its Ann Arbor, Michigan R&D operations. In exchange, the Ann Arbor City Council unanimously agreed to give Arbor Networks a five-year abatement on $883,527 in real property improvements and $7.8 million in new personal property and equipment.
The tax break for the University of Michigan spin-off runs through Dec. 31, 2016. As part of the agreement, Arbor Networks will be required to add no less than 20 jobs by Dec. 31, 2013. The city’s administration recommended approval of the latest tax break, calling the attraction and retention of Arbor Networks’ operation consistent with the city’s economic growth objectives,
“The digital information business is continually changing with new and faster technology and Arbor Networks needs new test equipment and digital equipment, with anticipation of 20 new employees resulting to this facility,” City Assessor David Petrak wrote in a memo to council members.
Paul Krutko, president and CEO of the economic development group Ann Arbor SPARK also supported the action in a statement; “Attracting and retaining Arbor Networks in the Ann Arbor region is reflective of Ann Arbor SPARK’s work to help IT businesses grow in the region.”
Arbor Networks is a leading provider of network security and management solutions for next-generation data centers and carrier networks, including most of the world’s Internet service providers and many of the largest enterprise networks in use today. Arbor’s proven network security and management solutions help grow and protect customer networks, businesses and brands.
rb-
The Michigan techie jobs story keeps growing and maybe I was wrong about Arbor Networks abandoning Michigan.
The information technology security firm will receive a five-year abatement on $883,527 in real property improvements and $7.8 million in new personal property and equipment.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2011, Ann Arbor, Arbor Networks, Business, Michigan, Security, SPARK, University of Michigan