Year: 2012

Doctor Web doesn’t register significant decrease in BackDoor.Flashback.39 bot number

April 20, 2012

Doctor Web’s virus analysts continue to monitor the largest to date Mac botnet discovered by Doctor Web on April 4, 2012. The botnet statistics acquired by Doctor Web contradicts recently published reports indicating a decrease in the number of Macs infected by BackDoor.Flashback.39 The number is still around 650,000.

According to Doctor Web, 817 879 bots connected to the BackDoor.Flashback.39 botnet at one time or another and average 550 000 infected machines interact with a control server on a 24 hour basis. On April 16, 717004 unique IP-addresses and 595816 Mac UUIDs were registered on the BackDoor.Flashback.39 botnet while on April 17 the figures were 714 483 unique IPs and 582405 UUIDs. At the same time infected computers, that have not been registered on the BackDoor.Flashback.39 network before, join the botnet every day. The chart below shows how the number of bots on the BackDoor.Flashback.39 botnet has been changing from April 3 to April 19, 2012.

 

However recent publications found in open access report a reduction in the number of BackDoor.Flashback.39 bots. Typically, these materials are based on analysis of statistics acquired from hijacked botnet control servers. Doctor Web’s analysts conducted a research to determine the reasons for this discrepancy.

BackDoor.Flashback.39 uses a sophisticated routine to generate control server names: a larger part of the domain names is generated using parameters embedded in the malware resources, others are created using the current date. The Trojan sends consecutive queries to servers according to its pre-defined priorities. The main domains for BackDoor.Flashback.39 command servers were registered by Doctor Web at the beginning of April, and bots first send requests to corresponding servers. On April 16th additional domains whose names are generated using the current date were registered. Since these domain names are used by all BackDoor.Flashback.39 variants, registration of additional control server names has allowed to more accurately calculate the number of bots on the malicious network, which is indicated on the graph. However, after communicating with servers controlled by Doctor Web, Trojans send requests to the server at 74.207.249.7, controlled by an unidentified third party. This server communicates with bots but doesn’t close a TCP connection. As the result, bots switch to the standby mode and wait for the server’s reply and no longer respond to further commands. As a consequence, they do not communicate with other command centers, many of which have been registered by information security specialists. This is the cause of controversial statistics — on one hand, Symantec and Kaspersky Lab reported a significant decline in the number of BackDoor.Flashback.39 bots, on the other hand, Doctor Web repeatedly indicated a far greater number of bots which didn’t tend to decline considerably. The image below shows how a TCP-connection to the command center makes a BackDoor.Flashback.39 bot freeze.

Doctor Web once gain warns Mac OS X users of the BackDoor.Flashback.39 threat and strongly recommends you to install Java updates and scan the system to determine whether it has been infected. For more information about BackDoor.Flashback detection and neutralization visit https://www.drweb.com/flashback/. To remove the Trojan, you can use Dr.Web for Mac OS X Light available free of charge.

This article is a repost of http://news.drweb.com/show/?i=2386&lng=en&c=14

Doctor Web once gain warns Mac OS X users of the BackDoor.Flashback.39 threat and strongly recommends you to install Java updates and scan the system to determine whether it has been infected,” the company said in the blog post.

Apple issued a patch for the Java vulnerability April 4, but security researchers criticized the company for its slow response to the issue, which was first reported in February.

On April 12, Apple released an update for Mac OS X v10.7 and v10.6 that removes most common variants of Flashback.

Last week, security researchers identified a Flashback variant, called SabPub, that appears to have been built to carry out targeted attacks, potentially against pro-Tibetan activists.

PATCH you computer this is an example of how all computer system are at risk without constant updating…

 

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 1)

Registration URL: http://go.microsoft.com/?linkid=9807963  or  http://bit.ly/JLTQLM

Date/ Time:    Tuesday, May 15, 2012 – 9-10am (Pacific)

Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

__________

TechNet Webcast: Everything You Wanted to Know and Ask about Windows Deployment (Part 2)

Registration URL: http://go.microsoft.com/?linkid=9807964   or  http://bit.ly/Kgny8y

Date/ Time:    Thursday, May 17, 2012  – 9-10am (Pacific)

Abstract: In this demonstration-rich, question and answer webcast, Windows Product Manager Stephen Rose moderates an open conversation with Microsoft Deployment Toolkit Product Manager Michael Niehaus and deployment guru Johan Arwidmark. They discuss the new Microsoft Deployment Toolkit 2012 release as well as tips and tricks from the experts about using the Windows Deployment Toolkit.

 

This is a remind that if they have received any promotional exam vouchers for Exam 70-659: Windows Server 2008 R2, Server Virtualization, the time to redeem them is now. All offers for the exam will expire on May 31, 2012. They can register to take their exam at the Prometric Registration website

 

My sister gets a call … Hi Microsoft, we see you are having a problem were are here to help fix you computer….

My sister asked how did you know my phone number, what your phone number… and the hung up…

She and you should know that Microsoft and other software vendors do not call you.. Unless you opened a ticket for support. If you not sure ask for their name and the call the vendor back on a Support phone number that you get from the vendors web site.

And now

US-CERT: has created a warning….

Social engineers target utilities with fake Microsoft support calls

The U.S. Cyber Emergency Response Team released "ICS-CERT Monthly Monitor" yesterday, warning that social engineers are attempting highly targeted attacks against Industrial Control Systems like utility companies. The attacks are in the form of phishing phone calls allegedly coming from "Microsoft Server Department" and warning of infected PCs. The attacker attempts to have the utilities turn on services which would allow unauthorized remote access

I will be helping with this event

Every organization has the power to employ cloud technologies in their own way, at their own pace and with their own terms. The use of private cloud technologies help transform how organizations manage infrastructure resources, provision applications and automate services for their business. It also helps them leverage and manage public cloud services that expand their current infrastructure and application capabilities. As an end result, organizations increase IT operational agility, improved business focus and achieve value-add economics that evolves their IT infrastructure into a strategic asset.
Over 24 hours, you will hear from top industry and technical professionals from around the world to help you better understand the private cloud technology solutions that are available today. You will hear from industry organizations about how they view the public cloud and how the role of the IT Professional will evolve as more and more organizations begin a private cloud transformation. Listen to the number of technical professionals who will be on hand talking about the required components to simplify private cloud creation and management. Talk with them and your peers about the numerous operational efficiencies that come from deploying a private cloud with the reduction of servers and the benefits of provisioning and managing virtual applications across multiple platforms.
We hope that you will come away from this event with the knowledge and experience to help you in your private cloud infrastructure decisions and be prepared to have thought-leadership based discussions focused on building and managing your organization’s agile and efficient private cloud environment.
Event Start: May 10, 2012 8:00AM GMT
Event End: May 11, 2012 8:00AM GMT

register here

MCSE is back but it new….

Move Your Career to the Cloud with the Microsoft Certified Solutions Expert certification

Microsoft Certified Solutions Expert (MCSE) is a reinvented certification for today’s technology solutions

Microsoft has reinvented its certification program by building a broader and deeper set of technology solutions skills validation, starting with cloud-enabled solution skills. As one of the most recognized and respected certification programs, Microsoft is charting the path for IT Professionals and Developers to keep their skills relevant as new technology solutions are released.

Reinvented, Not Just Renamed

Microsoft Certified Solutions Expert (MCSE) emphasizes solutions

Microsoft has reinvented its certifications to validate the skill sets needed to develop, deploy, and maintain Microsoft technology solutions. These certifications recognize IT Pros and Developers who have skill sets that run both broad and deep. Certifications are available at three skill levels:

Microsoft Certified Solutions Associate (MCSA)

The Associate level is the prerequisite certification necessary to get your Expert level certification. This certification validates the core skills you need to get your 1st job in IT.

Microsoft Certified Solutions Expert (MCSE) &
Microsoft Certified Solutions Developer (MCSD)

The Expert level is Microsoft’s flagship set of certifications validating that your skills are relevant in the constantly changing tech environment. The Microsoft Certified Solutions Expert (MCSE) is the destination for established IT Professionals who have expertise working with Microsoft technology solutions. The Microsoft Certified Solutions Developer (MCSD) is the destination for established Developers who have expertise developing solutions with Microsoft tools.

Microsoft Certified Solutions Master (MCSM)

After you have achieved your Expert level certification, Master is the next destination. This certification is for the select few who wish to further differentiate themselves from their peers and achieve the highest level of skills validation.

The Cloud Changes Everything

Microsoft Certified Solutions Expert (MCSE) helps bridge the new cloud computing talent gap

“With the demand for cloud skills growing quickly, the gap between hiring demand and talent supply across the United States is getting larger and causing more difficulties in sourcing candidates.”

Wanted Analytics, Hiring Demand for Cloud Computing Skills Skyrocketing, March 2012

The need for cloud computing skills has been pushing the market for months. Solution providers are seeking cloud-ready employees to bring their businesses to the next level. The cloud computing market is evolving at such a pace that while the number of job postings is skyrocketing, the talent isn’t there to fill the positions.

In the past 20 years, Microsoft Certifications have been THE tool to address the skills gap. To be relevant, certifications need to continue to be the tool needed and recognized in the market.

That’s why Microsoft has reinvented its certification program—to certify a deeper set of skills that are mapped to the Cloud and to real-world business contexts. Rather than testing only on a component of a technology, IT Professionals and Developers are now tested on more advanced skills and a deeper understanding of the technology.

New Certifications Are Available Now

Private Cloud and SQL lead the Microsoft Certified Solutions Expert (MCSE) reinvention

We’ve posted a lot more information about the reinvented program and the first new certifications: Private Cloud MCSE, Database MCSE & Business Intelligence MCSE:

Microsoft Certification overview page: http://aka.ms/MSCerts

Microsoft Certification overview video: http://aka.ms/MSCertsVideo

MCSE information page: http://aka.ms/MCSE

MCSE video on YouTube: http://aka.ms/MCSEvideo

MCSE Private Cloud: http://aka.ms/MCSEpvcloud

MCSE Data Platform: http://aka.ms/MCSEDP

MCSE Business Intelligence: http://aka.ms/MCSEBI

You may also wish to encourage your readers to take advantage of a new 2-for-1 exam offer from Prometric:

Prometric 2-for-1 offer: http://aka.ms/Prometric241

 

 

Free ebook: Programming Windows Phone 7, by Charles Petzold (a 24-chapter gift from the Windows Phone 7 team and Microsoft Press)

Free ebook: Moving to Microsoft Visual Studio 2010 (10 chapters by by Patrice Pelland, Pascal Paré, and Ken Haines)

Free ebook: Introducing Microsoft SQL Server 2008 R2 (10 chapters by Ross Mistry and Stacia Misner)

Free ebook: Understanding Microsoft Virtualization Solutions (Second Edition) (6 chapters by Mitch Tulloch)

Free ebook: Own Your Future: Update Your Skills with Resources and Career Ideas from Microsoft (8 chapters by Katherine Murray)

Free ebook: Introducing Windows Server 2008 R2 (9 chapters by Charlie Russel and Craig Zacker)

Free ebook: First Look Microsoft Office 2010 (14 chapters by Katherine Murray)

Free ebook: Deploying Windows 7, Essential Guidance (10 chapters from the Windows 7 Resource Kit and 6 TechNet articles)

 

Take control—and put the built-in security and privacy features in Microsoft Office to work! Whether downloading documents, publishing a presentation, or collaborating online—this guide offers concise, how-to guidance and best practices to help protect your documents and your ideas.

• Get practical, proactive guidance for using the security and privacy management features in Office 2010 and Office 365

• Walk through everyday scenarios, and discover everyday techniques that help you take charge

• Understand common risks and learn best practices you can apply right away

You can download it  Here

Making a USB to go Windows 8 Stick, in 13 steps!

The will show you the step by step process that I use.

My configuration is as follows:

The C: drive has Windows 8 on it

Using the E: as location of windows source

Using D: as USB drive to put windows to go

Using F: as location that I mounted install.

All commands are bolded for easy in using the document;

—————————————————————————————-

1.  Do: 

Open a Dos Command Prompt as Administrator

2. Type:

 Diskpart

Note: this open Diskpart program

3. Type:

List disk

Note: show disk drive in my computer

Disk ### Status Size Free Dyn Gpt

——– ————- ——- ——- — —

Disk 0 Online 128 GB 0 B *

Disk 1 Online 256GB 0 B

Disk 2 Online 64 MB 0 B

Note: my USB drive is 64 gigs

4: Type:

 Select disk 2

Note: put focus on drive 2

5: Type:

Clean

Note: cleans all data off drive

6: Type:

Create partition primary

Note: creates primary partition

7: Type:

format fs=ntfs quick

Note: format the drive using ntfs and fast format

8: Type:

Active

Note: make the drive active so you can boot USB drive

9: Type:

assign letter=d

Note: make the USB drive letter d

10: Type

Exit

Note: end Diskpart program

11: Do the following:

Either put Windows 8 DVD in Drive for or Mount Image as f drive

Note in Windows 8 point to and ISO Image and in explore click mount or put Windows DVD in drive f

12:Type in dos windows:

dism /apply-image /imagefile=f:sourcesinstall.wim /index:1 /applydir:d:

Note this will install Windows to d drive using the Install. Win then you will see if you done the steps correctly.

Applying image

[===========================55.0% ]

When 100 %

When done

13: Type:

bcdboot.exe d:windows /s d: /f ALL

Note: This install the boot manager to D: so windows will boot.

You are now done..

Take USB computer to a computer start computer by pressing F12 and choose USB device to boot...

This will take some time first time you use it to add all the new devices that the USB drive finds in the host computer

• The Start button takes you to Start Screen and lets you toggle between open apps
• Alt-Tab cycles through apps in sequence, as usual
• Arrow keys allow you to move through the Start screen
• First, to open the charms menu, point to the upper-right or lower-right corner. When the charms appear, click the one you want. Using your keyboard, use the Windows logo + C key combination.
• Windows + F brings up the Search screen, though simply typing (when on the Start screen) is more convenient
• Windows + Z in a full screen app brings up the contextual menus
• Windows + D takes you to the desktop
• Windows + L locks the PC, invoking the lock screen
• Windows + P pulls up multi-monitor settings
• Windows + I brings up the Settings charm
• Windows + E invokes Windows Explorer, as ever
• Windows + R brings up the Run prompt
• Windows + Y makes all your open windows (and the Metro UI) transparent, so you can see the desktop beneath
• Windows + X shows Windows Mobility Center, which appears to serve much the same role as the Settings charm but on the desktop instead
• The Scroll wheel pans across Start screen, slowly
• Right-click brings up contextual menus in a full screen app
• Left-click on the Start screen brings up options to unpin, resize and uninstall apps
• Ctrl-Alt-Delete summons a screen with options to shut down, switch users, log off or quickly open the Task Manager
• If you want to get to your file commands, like Save & Edit for example, in the app you are using, right-click anywhere there is open space (not on text or any images), and the command bar will appear from below. On the Start screen, you can right-click a tile to also see command options for that tile. Using the Windows logo key + Z combination will also get you there.
• To switch to your most recently used app, point to the upper-left corner. When the app preview appears, click it. To switch to a different open app, point to the upper-left corner again and then pull it down slightly. When the app preview list appears, click the one you want. The usual Alt+Tab key combination will also allow you to switch apps.
• To Snap an app to use two apps side by side, Point to the upper-left corner. When the app preview appears, drag it to snap the app to either side of the screen. You can also right-click the preview and select the app you want to snap. Pressing the Windows logo key + Period key in succession will snap the current app.
• If you want to see the familiar desktop view, go to the Start screen, and then click the Desktop tile. Using the Windows key + D keyboard shortcut will also do the trick.
• To zoom in or out, on the Start screen , use the Summary view icon in the lower-right corner or you can use Ctrl+Scroll wheel. The Ctrl+Plus sign to zoom out and Ctrl+Minus sign to zoom in keyboard shortcuts will work for you as well.
• Here’s how you close an app. Point to the upper-left corner. When the thumbnail appears, drag it to the bottom of the screen. You can also use the keyboard shortcut Alt + F4 to close the app.
• And finally, to shut down your computer, open the Charms menu, and then click Settings. Click Power, and then select a shutdown option. Using your keyboard, press Ctrl+Alt+Del. Tab to the Power icon. And list of shutdown options now appears. Use the arrow keys to get to the option you want. And then press Enter.