Microsoft to fix Internet Explorer 9 in July 2012 Patch Tuesday

Microsoft will issue nine bulletins, three rated “critical,” addressing 16 flaws across its product line as part of its July 2012 Patch Tuesday.  As part of the update, Microsoft could roll out a patch addressing the XML Core Services zero-day flaw, which surfaced last month.  

In its advance notification issued today, the software giant said the “critical” bulletins affect Windows and Internet Explorer 9. In addition, it plans updates to repair coding errors in Office, SharePoint server and Visual Basic for Applications.

Active attacks targeting XML Core Services
The advance notification does not indicate whether XML Core Services would be affected by the July updates. Microsoft issued an advisory last month warning users of attacks targeting an XML Core Services zero-day flaw. 

Microsoft XML Core Services processes and converts XML to HTML for display.  Attacks can target the coding error through drive-by attacks or trick users through a phishing campaign. Once an attacker is successful they are granted the same user rights as the victim and can access systems while fully authenticated, Microsoft said.

The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007. The advisory includes a workaround that can be used until the investigation is complete and a permanent patch is released.

Since the advisory, security experts say attacks targeting the flaw have increased. Graham Cluley outlined an attack using the flaw targeting the website of a European aeronautical parts supplier.

The bulletins are scheduled to be released July 10.




It\'s Summer Time. Enjoy Your Family And Still Manage Your Business.

For entrepreneurs, we often can't just “take two weeks off” like salaried workers can. We have to tend our businesses â€" until they're at the point where they can run by themselves (systems) and we have mature staff who can manage things while we're away.

In the meantime enabling remote productivity is essential.

According to a new Cisco WebEx survey of 500 U.S. small business owners, on average, they expect to spend 18 days working remotely this summer.

There are three parts to any successful remote work arrangement:

1. The mobile device itself (be it a tablet, phone or computer)

2. The wireless (or wired) connectivity â€" be it WiFi or cell phone

3. The software

Make sure you fully test you hardware before embarking on an extended remote work force venture. If you need to conduct a long video conference, is your device able to be positioned properly? Will you have enough battery power or will you be near enough an external power source. You need to ask these and many more questions.

In regard to your connection â€" don't assume you can have easy access to WiFi or a wired Internet connection. Even if you have wireless Internet access â€" is it fast and stable enough for your purposes.

The software you use is critical. Many people are using Google Plus, it's great but is still not crystal clear. There are so many options, including Microsoft Skype, WebEx, GoToMeeting, Fuze and many, many other solutions. There is no one RIGHT solution but test and test to see which works best for you and your needs.

To kick off the summer, Cisco WebEx is sponsoring an online contest entitled “WebEx Mobile Fridays” which asks WebEx users to submit a photo and brief description of where they are and how they are using WebEx.  Each week a winner will be selected randomly and will receive a $25 Amazon gift card. Participants can enter at http://csc0.ly/Summer2012.



HootSuite Adds More Social Integration. Is It Time To Switch Your Social Management Service?

I've been using TweetDeck for a long time as my main tool for following Twitter action.

I've been using Dlvr.it as my main tool for scheduling Tweets.

I have also dabbled with HootSuite every once in a while, but never used it much. However, there's one thing I've noticed â€" HootSuite is building lots of integration into it's platform and now it includes Instagram, SlideShare and other options.

So the question is simple, if you're using social media a lot and want to use as few tools, preferably a tool that integrates as many social tools as possible, then you might just have to switch the tool you're using.

Hmm.

 

 

 



14 Ways to Handle Angry Dissatisfied Customers Online

Leaving a client dissatisfied these days can have viral repercussions. Top young entrepreneurs share how to deal with angry customers online.

From Small Business Trends

14 Ways to Handle Angry Dissatisfied Customers Online



New Book On Building Your Community For Support, Marketing and Ideas

O'Reilly has a new book about building communities â€" which are essential for any seriously growing company. A community of rabidly loyal customers gives you powerful insight on what customers want, what they don't want and a powerful army of marketers who spread the word about your product and service to others.

The press release says it all:

Communities are vibrant entities,” says author Jono Bacon (@jonobacon). “While there is plenty of work we can do in building effective communities, what makes people stay for the long haul is when they feel like they belong.”

Discover how your community can become a reliable support network, a valuable source of new ideas, and a powerful marketing force with The Art of Community, Second Edition(O'Reilly Media, $39.99 USD).

“This second edition provides comprehensive coverage of building communities and community projects from strategic planning right up to delivery,” says Bacon. “Importantly, and particularly within the scenario of professional community managers working in organizations, the book also covers accountability, measuring success, and identifying bottlenecks and issues so they can be resolved.”

Interviews with 12 community management leaders, including Linus Torvalds, Tim O'Reilly, and Mike Shinoda, provide useful insights, and help you

  • Develop specific objectives and goals for building your community
  • Build processes to help contributors perform tasks, work together, and share successes
  • Provide tools and infrastructure that enable members to work quickly
  • Create buzz around your community to get more people involved
  • Harness social media to broadcast information, collaborate, and get feedback
  • Use several techniques to track progress on community goals
  • Identify and manage conflict, such as dealing with divisive personalities

“I can't think of a better guidebook than The Art of Community and your fearless tour guide, Jono Bacon. The second edition shares many other stories of how successful communities have been created and the choices made in doing so.”



Bosses put company data at risk

Bosses bringing their iPads or new smart phones into work can be putting their own companies in danger of costly cyber attacks, says a security consultant.

Aura Information Security's Andy Prow said executives could be the most risky members of an organisation because they might not understand the cyber threats they faced.

"The first people in an organisation to get iPads or Blackberry's will be the [executives] because it's cool and they want it." Prow said.

"IT says, 'Well we don't support that device yet', and the execs say, 'Well it doesn't matter ... set it up so I can access my email'."

However, while more bosses were wanting to use new devices at work, Prow said they were not necessarily secured properly.

"Particularly at the executive level they understand why the corporate systems must all be looked after and protected but haven't understood why things they use on a regular basis must also come under those constraints."

Prow also said the types of information that executives were accessing tended to be some of the business' most crucial information such as sales plans or information about new products.

However, if corporate data was breached or "millions of dollars go out of a company that shouldn't have" after a cyber attack, bosses were the ones that had to answer to their board or the media, he said.

Prow was part of a panel discussion on cyber crime hosted in Auckland yesterday by insurance company Chartis.

According to Chartis, cyber crime is on the rise and the risk of data theft - whether intellectual property or client details - could be hugely expensive for a business.

Chartis' Ian Pollard cited a study which said cyber attacks cost New Zealand companies $625 million last year.

As well as outsiders trying to get into a business' systems, disgruntled employees could also be responsible for cyber crime and the theft or leaking of data, Pollard said.

Ernst & Young senior manager of fraud investigation, Matt Hammond, was also a speaker yesterday and said many businesses had "massively understated" cyber threats.

Hammond said the "monetisation of data on the black market" has created a world where people "can convert data into cash".

DAC Beachcroft's Mark Anderson said there was a myth in business that only companies holding credit card details would be a target for cyber crime.

"There's a real commodity in data beyond credit card details," he said.

Prow said hacking a company for data had been turned into a "business operation" and overseas attacks were very difficult to trace.

He said: "We see a huge amount of complacency [from companies] ... cyber security just isn't on their radar, it's been in the news but it's that whole, 'It won't happen to us, we're not a target, we're down in New Zealand, we don't have any juicy data'."

CYBER ATTACKS
July 2010: Singapore's largest banking network brought to a halt and customers were unable to access ATMs or internet banking services.
August 2011: Sony PlayStation hacked and 77 million users had confidential information stolen.
October 2011: Thai Prime Minister Yingluck's Twitter account hacked and tweets criticising the Government sent out.

By Hamish Fletcher | Email Hamish

Why Integrated Marketing Produces Happier Customers and Better Results (Infographic)

We all try out best to market our businesses â€" we want to find new customers and we try our best to market to the customers we have. We beg for yet another referral â€" it's a constant struggle for survival. Neolane produced an infographic that nicely shows the importance of integrated marketing.

The core of integrated marketing is about having ONE CENTRAL database so that you have all the information about customers in one central place. If they come to your retail store, you know how much they purchased online. When they buy from you online, your system can reward them with a discount as a thanks for buying.

Integrated marketing is powerful.



Online Marketing: How Much To Spend

Are you promoting a product online with a finite budget? Or maybe you need to follow a measurable marketing plan at your larger company? Imagine you have $5,000 per month for online marketing â€" how do you go about spending this?

online marketing

Boil It Down To One Customer

Let's say, I am selling a software product for $100 per month subscription. How much would I pay for a new additional customer? In other words, if I can simply pay to acquire another 40 or 50 customers per month, what would I be willing to part with?

To answer this, you should calculate the “Life Time Value” (LTV) of your paying customer. In other words, how many months does one customer continue paying the $100? If the answer is 5 months, then your LTV is $500. Of course, to earn $500 you would not spend more than this amount on acquiring a customer.

There are lots of equations, depending on the product, to derive the ideal acquisition cost. But I believe the situation is different for everyone. For example, in venture-funded software companies, or newer ecommerce companies, folks spend an insane number of dollars to acquire customers (at first), because they are trying to capture a large portion of the market and create their brand name. In other cases, there is stiff competition in what you are pursuing, and thus you will need more marketing muscle.

However, my view is simple â€" you should spend what you are comfortable with. I will be chewed out by analysts and math geniuses for suggesting this approach, but I have my reasons.

Unless you have a strongly defined goal, such as, “I need 1000 paying customers to launch the phase 2 of my idea,” you should spend based on:

1.) The cash you have available for the next 12 months

2.) all other costs that you have to account for, from the $500 revenue per customer

Of course, not all costs are variable (on a per customer basis), but you should assume that you are not going to acquire 10X customers in the next couple months.

But Where Do I Spend My Money?

After all the above calculations, you may conclude that you are comfortable spending $100 to acquire one new customer. Since we do not have a specific business or product example, I am going to stick to my software subscription model from above.

Let's assume you will scout out all the different options such as Google Adwords, email newsletter campaigns run by reputed vendors/partners that serve your audience, online banner ads and ad networks. “Scouting out” means you will have to make an estimate (educated guess) on what traffic is going to give you one new customer for every $100 spent.

Let's look at this example to understand how to make this guess better:

You are setting up an Adwords campaign with a total budget of $1500 per month ($50 per day). The keywords that you want have suggested bids of $3/click for the first page. Assuming your budget gets utilized every day; this translates to 500 clicks for the month. From your site's past traffic data, you must have calculated the number of visits that convert to customers.

For example, if 10% visitors sign up for the trial, and then 10% of those pay â€" your result for the Adwords campaign would be 50 trials (10% of 500) and 5 paying customers (10% of 50). At $1500, that translates to a $300 acquisition cost. Three times more than your $100 comfort level.

So maybe Adwords is not for you. The only way to find better channels is to either experiment with a few different networks or get references and reviews from advertisers going after the exact same market. On the flip side, keep in mind that you need to stick to a campaign for at least 4-6 weeks. Doing something for a week and calling it a failure is simply not enough data.

While assessing different ad networks, ask them what their average CTRs (Click through Rates) are. This is relevant when you are paying per impressions, instead of per clicks. These networks will take a fixed sum of money from you and promise, let's say, 200,000 impressions. But you need to know the average clicks that advertisers get on those particular sites.

Online Marketing Money Photo via Shutterstock




Malicious Android apps doubled in Q1

The number of malicious applications on the Android marketplace doubled from 10,000 to 20,000 in just one month.

According to research by Trend Micro, in the first three months of this year, it identified 5,000 malicious applications, a number which has spiked more than four-fold over subsequent months. It said that the most common type of malicious app (accounting for 30 per cent of all those Trend Micro encountered) is one disguised as a highly popular legitimate app.

It also recommended users to avoid 'spy' apps that allow attackers to spy on the device by monitoring its GPS signal and reading any text and address book information. Two of these types of threats, named Spy Tool and Spy Phone PRO+, were recently spotted by Trend Micro as downloadable apps in Google Play.

Rik Ferguson, director of security research and communications at Trend Micro, said: “The growth in Android malware demonstrates sustained and focused criminal interest in the mobile platform and particularly in the Android operating system.

“Criminals have always followed user behaviour and they continue to do so. As we move steadily to the mobile web, mobile devices offer new avenues for criminal revenue generation alongside the continuation of the old. Consumers need to use care when downloading and installing apps and should be considering installing anti-malware on their mobile devices.”

Trend Micro also said that third-party stores are likely to pose even greater security risks and warned users to remain cautious on such sites about what they download.

David Harley, senior research fellow at Eset, said: “These figures are higher than the company will be comfortable with, given that it really has tried to use its Bouncer technology to raise its game on pre-filtering software submitted for its own outlet, as well as reacting quickly when advised that there is malware in the wild. But, unless it tries harder to regulate other outlets, malware authors have too many windows of opportunity to exploit compared to Apple's hard-line policy on outlets.

“Of course, the take-up of Android has been pretty significant: that in itself makes it an attractive target. There are quite a few security programs available for Android now, though mainstream anti-virus seems to be more reliable than most of the freeware, and of course a certain amount of common sense fills some of the gaps that reactive detection leaves.”



Automated Virtual Assistance: Job Killer vs Tech Productivty Boost?

Check out my full post on D&B Credibility Corporation's web site

From Honda's ASIMO robot, to flat panel screens loaded with artificial intelligence software, we've made some outstanding progress in automated personal assistance. We live in a world where we'll soon be guided through a facility by a robot that doesn't eat, doesn't take breaks, doesn't take sick days off, and performs exactly how it's programmed to do so.

Every business owner's dream is to automate business processes as much as possible, but are we going too far?

Is automated virtual assistance going to factor in significant job loss? Let's look to the past. A long time ago, about a quarter of the American population was working in some sort of agricultural job. That figure sharply dropped to three percent by 2003. Today, machines do the seed collection, the planting, the plowing, and practically every other function that used to take many people to accomplish. Those who worked at farms found jobs at factories.

Check out my full post on D&B Credibility Corporation's web site

Read other articles from D&B Credibility:

What Makes a Business Credible?

The Pros and Cons of Extending Credit to Customers

Common Business Credit Mistakes to Avoid

 

 

 



The ICO issues £150,000 fine to lender after loss of employee and customer details

The Information Commissioner's Office (ICO) has announced that it has imposed a civil monetary penalty of £150,000 on Welcome Financial Services after it lost more than half a million customer details.

Following the publication of its annual report, the ICO said that the fine against the consumer lender was issued after its business division lost two back-up tapes that contained personal details of employees and customers. The tapes were lost in November last year and have never been recovered.

The ICO undertaking found that two business divisions of the data controller, Shopacheck and another that was unnamed, maintained back-ups of the Shopacheck local area network (LAN) for each working day to 1.6TB tapes, which could hold two complete back-ups. Following the back-up procedure, the tapes were transported to a secure IT room.

In November, a box of 20 tapes was moved to Shopacheck's communications room and used to back-up the LAN. However on the 23rd November 2011, two tapes were noticed to be missing from the box at the communications room and an investigation found that they had been missing since late October.

The ICO found that the data on the tapes consisted of personal information of current and former employees of Shopacheck from 2002 to 2010, as well as 8,000 agents. There were also 1.94 million customer records of the Welcome Financial Services and Shopacheck.

The ICO said that it understands that both tapes were unencrypted, although they could only be accessed using specialist IT hardware and software. Welcome Financial Services has now taken remedial action to include an internal review of its IT systems to identify and encrypt any remaining data and systems. The ICO also said that 26 formal complaints had been received in relation to this incident.



Second 44Con to run over five days with dedicated infosec track day

This year's 44Con is to feature a dedicated 'infosec/business' track on its first day.

The conference will be held between the 5th and 7th September at the Millennium Gloucester Conference Centre in London. According to organisers the infosec track is aimed at higher level security staff or those that cannot attend for the full three days. The training sessions will be held on the 3rd and 4th September.

Speaking at the event will be: author Jayson Street on how to engage both management and end-users in the infosec process; Ian Amit from IOActive on better defending your systems by properly configuring, integrating and managing the technical systems you probably already own but don't get full benefit from; and Jitender Arora, CISO at GE Capital UK, on providing data integrity, what he called "the often-neglected element of the traditional confidentiality, integrity and availability triad".

Also visiting for the conference is HP chief security evangelist Rafal Los, who will speak on testing and validating your defences in a real-world environment.

Returning this year is Phil Polstra who, after speaking last year on low-cost USB write blockers and related hardware, will present the hardware device 'The Deck', a customised BeagleBoard embedded computer with a range of security and forensics modules and capabilities.

Also, Rafael Dominguez Vega and ‘Nils' from MWR Infosecurity will discuss the vulnerabilities and exploitation of chip and PIN terminals using the EMV protocol. Nils and Martyn Ruks from MWR will also discuss the security improvements, vulnerabilities and defences in 4G/LTE networks, which are currently rolling out for trial in the UK. Meanwhile, Arron ‘Finux' Finnon will present the findings of his research into using and abusing IPS devices.

In the presentations covering malware techniques, Michael Boman and Siavosh Zarrasvand will provide a how-to guide for anyone interested in investigating and analysing malware using affordable off-the-shelf tools and techniques. In ‘Friendly Fire', Curt Shaffer, Chris Cuevas and Chris John Riley analyse the use of white listing systems as an alternative to traditional anti-malware techniques, and discuss the issues and vulnerabilities in current implementations.

There will also be a number of workshops, ‘fast track' talks, social events and a range of training courses. Further details are available here and will be updated ahead of the event.



Information commissioner says it is time to \"wake up and smell the monetary penalty\"

Lessons need to be learned from the Information Commissioner's Office (ICO) undertakings.

As it launches its 2011/12 annual report, information commissioner Christopher Graham said that organisations are learning "the hard way" about the consequences of mishandling people's information, and others need to learn the lessons from the ICO.

Graham said: “Over the past year the ICO has bared its teeth and has taken effective action to punish organisations many of which have shown a cavalier attitude to looking after people's personal information.

“This year we have seen some truly shocking examples, with sensitive personal information, including health records and court documents, being lost or misplaced, causing considerable distress to those concerned. This is not acceptable and today's penalty shows just how much information can be lost if organisations don't keep people's details secure.

“We hope these penalties send a clear message to both the public and private sectors that they cannot afford to fail when it comes to handling people's data correctly.”

The annual report showed that there had been a decrease by 0.3 per cent in the number of data protection complaints received by the ICO in the year 2011/12, to 12,985 complaints.

Graham said that its new powers to tackle unsolicited marketing calls and texts have now extended to issuing a monetary penalty of up to £500,000 on the worst offenders.

“We have now set up a dedicated team to enforce the Privacy and Electronic Communication Regulations and we are currently working to identify the operators responsible. The ICO has executed search warrants at a number of sites across the UK linked to companies we believe are breaking the law,” he said.

“We have also set up an online reporting mechanism on our website that allows people to report any marketing texts or calls from unidentified senders. We have received over 12,000 reports to date and we are confident that this work will help us identify those responsible.”

Figures from the annual report show a 60 per cent increase in the number of audits carried out by the ICO good practice team. It said that of the 42 organisations audited, 90 per cent felt that the process raised awareness of the importance of data protection in their organisations. The ICO is also extending its audits to cover public authorities' compliance with the Freedom of Information Act and has also introduced advisory visits to help small- and medium-sized organisations.

Speaking at the SC Magazine Total Security Conference in London, Dr Simon Rice, principal policy adviser (technology) at the ICO, said that the 19 monetary penalties issued to businesses was "19 too many" and it was "not something that the office enjoys doing and it does not represent everything that we do".

The report said that the ICO had received over 600 self-reported data protection breaches, leading to it issuing ten civil monetary penalty notices totalling £1,171,000 in this year, along with 76 undertakings.



Brent Leary Re Launches Radio Show. Includes Rappin\' With Ramon Segment

Brent Leary (CRM, tech, social, music guru) has relaunched his popular show, Technology For Business Sake, in conjunction with the NewsTalk1160am in Atlanta. You can hear his show every week at 5pm on Saturdays â€" while you're washing your car, or whatever you do on Saturdays.

Within his show on segment he's launched is Rappin' with Ramon â€" where Brent and I discuss the hottest tech news of the week.

Check it out here or below



Ten Help Desk Solutions for Better Customer Service

Customer service is mission critical or so we often hear from experts. Beyond trying to manage a complaint, why is it so important? If you don't have a process for managing customer requests, questions, or technical difficulties, you may be reducing your profits. The following ten help desk solutions, also known as customer support software, are all aimed at refining how you guide your customer to satisfaction and loyalty.

problem solution

At first, a product or service is what attracts a customer's interest, but it is often the reputation a company has for service afterward that determines whether they come back or not. It also drives word of mouth recommendations, online and in real life.

Live Chat, Ticketing, email support are just a few of the things that make tracking a customer request easier. Call logging, a knowledge/information center that reps/agents can pull information from quickly when answering questions and the best of these have social integrations so you can keep up with what's happening around your brand and company name on Facebook, Twitter, and beyond.

The biggest value of a help desk is that your customer information is in one central place. If a customer calls in at another time, around the same request, any employee can help them or pass their call to the appropriate department.

Here are ten that you might consider:

Desk.com from Salesforce.com is one of the dominant players in the help desk space. No credit card required for the free 30-day trial, then pricing starts at $1/hour for part time agents you might have or $49/mo for each full time agent after the first one (which is free). So, in a nutshell, a one person shop could use this support tool for free.

LiveHelpNow helps keep your business up and running 24/7/365 with its web-based software. Plans start at $21/month after a 30-day free trial.

FreshDesk offers the first agent free on all its plans and special pricing for startups and nonprofits. 30-day free trial, then plans start at $9/month with hourly pricing for additional part time agents. They have catchy names on all their plans too: Sprout, Blossom, and Garden.

SmarterTrack has one low price of $15 per month; for each agent that you want to add. 30-day free trial. I like the self-service option for customers who want to research their own answers. It  includes a “Who's On” functionality so you can see visitors in the support community area.

TalkDesk is more focused on being a voice platform so you know who is calling you. They tie into CRM systems and I include them here because they let you track interactions with your customers. You would likely need to add a help desk option to realize the full power of their system. 14-day free trial; has a free plan for one agent, and then $49/month per agent.

ZenDesk is another market leader with a powerful help desk solution. You can customize ticket views to prioritize customer requests. I like that they put on educational webinars every week. They have a starter plan that donates your $20 purchase (for one year of service) to a children's hospital. You can have 3 agents on their $20/year plan, if you qualify as a new company. Regular plans start as low as $24/month/agent. 30-day free trial.

Zoho offers almost every application a small business could need. Their help desk option is called Zoho Support and they offer “free for one agent” package, then $12/month for each additional agent. 15-day free trial.

Kayako offers both a web-based and a pay-once full download software for its customer support/help desk application. There is a free 30-day trial, then $29/month on the SaaS version. The download version starts at $599 for up to ten agents.

Helpdesk Pilot has 15-day free trial, then $895 on an annual basis for five agents for their downloadable, host on your own server version. Their cloud version is called “HappyFox” and starts at $39/month for 3 agents. HappyFox is here. They do have a free plan, too, if you scroll down.

Helpdesk Pro offers a few different options that might work for some business owners. After a long 60-day free trial, they have a $29/month for unlimited users on their “sponsored” advertising-supported version. The next level is $59/month for unlimited agents.

Efficiency leads to lower expenses and improved profits, but not every business owner knows how to get there. Help desk solutions may be the key to improving employee productivity which in turn yields greater customer satisfaction because you have eliminated bottlenecks in the communication process (and elsewhere).

Keep me posted on what solutions you are using and why in the comments below.


Solutions Photo via Shutterstock




Malicious Android apps on Google Play doubled in Q1

The number of malicious applications on the Android marketplace ‘Google Play' doubled from 10,000 to 20,000 in just one month.

According to research by Trend Micro, in the first three months of this year, it identified 5,000 malicious applications, a number which has spiked more than four-fold over subsequent months. It said that the most common type of malicious app (accounting for 30 per cent of all those Trend Micro encountered) is one disguised as a highly popular legitimate app.

It also recommended users to avoid 'spy' apps that allow attackers to spy on the device by monitoring its GPS signal and reading any text and address book information. Two of these types of threats, named Spy Tool and Spy Phone PRO+, were recently spotted by Trend Micro as downloadable apps in Google Play.

Rik Ferguson, director of security research and communications at Trend Micro, said: “The growth in Android malware demonstrates sustained and focused criminal interest in the mobile platform and particularly in the Android operating system.

“Criminals have always followed user behaviour and they continue to do so. As we move steadily to the mobile web, mobile devices offer new avenues for criminal revenue generation alongside the continuation of the old. Consumers need to use care when downloading and installing apps and should be considering installing anti-malware on their mobile devices.”

Trend Micro also said that third-party stores are likely to pose even greater security risks and warned users to remain cautious on such sites about what they download.

David Harley, senior research fellow at Eset, said: “These figures are higher than the company will be comfortable with, given that it really has tried to use its Bouncer technology to raise its game on pre-filtering software submitted for its own outlet, as well as reacting quickly when advised that there is malware in the wild. But, unless it tries harder to regulate other outlets, malware authors have too many windows of opportunity to exploit compared to Apple's hard-line policy on outlets.

“Of course, the take-up of Android has been pretty significant: that in itself makes it an attractive target. There are quite a few security programs available for Android now, though mainstream anti-virus seems to be more reliable than most of the freeware, and of course a certain amount of common sense fills some of the gaps that reactive detection leaves.”



Microsoft names two \'John Does\' from Zeus disruption

Microsoft has named two men as being members of the ‘Zeus botnet family' and being in the team behind the banking Trojan.

Richard Domingues Boscovich, senior attorney at Microsoft's Digital Crimes Unit, said that of those originally named as 'John Does 1-39', he was ‘pleased to announce that we have identified and named two defendants as members behind the Zeus botnet family'. He also said that it will be referring the case to the FBI for criminal review and turning over all of the evidence gathered so far, including evidence of a broader group of perpetrators beyond the named defendants.

The two men, Yevhen Kulibaba and Yuriy Konovalenko, are currently serving a custodial sentence in the UK for other Zeus malware related charges. He said: “The original complaint was filed against a group of ‘John Doe' defendants and with the exception of Kulibaba and Konovalenko, our best efforts to identify the remaining John Doe defendants turned up no response.

“We will continue our efforts to serve defendants Kulibaba and Konovalenko, and the John Doe defendants, with this amended complaint. Meanwhile, the botnets' command and control (C&C) domains remain disabled. It is Microsoft's goal to ensure that these domains ultimately remain disabled, and we hope the evidence collected from these domains leads to a criminal investigation.”

The disruption of Zeus' C&C servers in March was not intended as a permanent shutdown, rather as a ‘strategic disruption of operations' in order to mitigate the threat to cause long-term damage to the cyber criminal organisation that uses and relies on botnets.

Boscovich said that the Electronic Payments Association (NACHA) has seen a decline in regards to Zeus infection rates, with 779,816 infections between March 25th and 31st 2012, with this dropping to 336,393 for the period of 17th to 23rd of June 2012.

Boscovich said: “Additionally, as a result of sink holing the Zeus IPs seized during Operation b71, we have learned the locations of hundreds of thousands of computers infected with Zeus malware. These computers belong to innocent people, and we want to rid their machines of the Zeus malware for good.

“To this end, we will coordinate with Internet service providers (ISPs) and Community Emergency Response Teams (CERTs) around the world to help people regain control of their Zeus infected computers.”



Apple iPad Mini and RIM News Show How to Reposition Your Company

New Apple iPad and RIM announcements following negative projections show how you, too, can reposition your company, ignore the critics, and reinvent your product or service. Setting a new direction may be the best way to beat competitors or turn your business around in tough times. Here's more.

The Tablet Shrinks

Apple iPad mini casts big shadow. The company that revolutionized the tablet market is trying to reassert its dominance with a new iPad model featuring a 7 by 8 inch screen. One of the prices of being an innovator is that competitors will often enter the field trying to outdo your product or service. The best strategy is to keep innovating. Bloomberg

Innovation cloaked in mystery. As it has done in the past, Apple is employing theatrics including an air of mystery to market its rumored new iPad mini device. We don't all have Apple's resources, but as an industry leader, you can certainly use any attention you already command from customers to educate about your new direction. Don't be afraid to spread the word.  MacRumors

Maintaining a competitive advantage. Another interesting point about the rumored launch of a new, smaller tablet, is its pricing, possibly between $249 and $299. There's not always a need to undercut competitors on price. Analysts suggest Apple rivals are having trouble competing with the $400 iPad with devices as low as $200. BGR

RIM Plans Comeback

RIM will empower people. The central message from Thorsten Heins, CEO of RIM, in a recent open letter to the public is “Don't count BlackBerry Out.” Don't give into critics or negative thinking. After suffering setbacks, your company, too , can pick itself up and decide to do something new. All it takes is the determination to change direction. The Globe and Mail

Sales will stink. Heins concedes there will be some hard times to get through. The company is planning a new product launch in about six months. Until then sales will be down, but better times are coming. You've probably faced some difficult challenges in your own business. It takes time to change course. Be patient and realize that reinventing your company doesn't happen over night. eWeek

The shape of things to come. A leaked “road map” of devices set to come out of RIM as the company transitions its approach shows some interesting things on the horizon. A report suggests two new BlackBerry 10 phones and a new tablet are among gadgets on the drawing board that could be in consumers' hands sometime next year. Repositioning requires a revolutionary approach. Let's see what these new devices will offer. TechCrunch

Reinventing Your Business

Do you have what it takes? With three quarters of the UK's small businesses planning significant growth over the next three years and 47 percent of UK small businesses planning to introduce new products and services into the marketplace, it's a cinch that some of these businesses will be reinventing themselves to get the job done. Here is some inspiration any business owner can draw from. Real Business

Even the big guys need change. EBay was once a revolutionary concept in online sales, but its revenue has plateaued, causing the company to fall behind rivals like Amazon as the e-commerce ecosystem evolves. Today a new team is working to reinvent Ebay to recapture prominence in the online sales market. How can you reinvent your business to lead your market with innovation? Fast Company

Changing your story. Sometimes the key to reinventing your brand can have to do simply with changing your customers' perceptions. Take the television advertising campaign for Dutch beer maker Grolsch, which is using a savvy visual narrative to reposition itself to enter the world beer market. The key is how customers perceive the brand. Marketing Week

The key to competition. Under the old approach, businesses found a competitive advantage and sought to exploit that advantage for greatest profitability, at least until competitors entered their market and forced competition on price. In the new hyper-competition model, Tim J. Smith, managing partner of Wiglaf Pricing, says the goal should be constant reinvention and self-disruption before competitors can enter the market. The Wiglaf Journal