Microsoft disrupts Nitol botnet, outs hidden PC malware

Microsoft has disrupted the Nitol botnet, gaining control of more than 500 different malware variants that the software giant says were being secretly embedded in counterfeit Windows software being distributed at weak points in the supply chain.

Cybercriminals preload malware infected counterfeit software onto computers that are offered for sale to innocent people.

Richard Domingues Boscovich, senior attorney, Microsoft Digital Crimes Unit

The U.S. District Court for the Eastern District of Virginia granted Microsoft the right to disrupt the Nitol botnet by taking control of the 3322.org domain and more than 70,000 sub-domains that host the malware.  The domain, Microsoft said, had been active since 2008. 

The botnet take down represented the second such move in the last six months. In March, it disrupted a portion of the Zeus botnet, sink holing the Zeus IPs seized and identifying the locations of hundreds of thousands of computers infected with Zeus malware.

Action against the Nitol botnet stemmed from a Microsoft study looking into unsecure supply chains. According to the court documents filed by Microsoft, the research took place in August 2011. Forensics investigators purchased 20 PCs in China and after analyzing them, they discovered retailers were selling computers loaded with counterfeit versions of Windows software embedded with hidden malware. The company said 20% of the PCs that researchers bought on the black market were infected with malware.

"The study confirmed that cybercriminals preload malware infected counterfeit software onto computers that are offered for sale to innocent people," wrote Richard Domingues Boscovich, a senior attorney in the Microsoft Digital Crimes Unit. "The malware was capable of spreading like an infectious disease through devices like USB flash drives, potentially causing the victim's family, friends and co-workers to become infected with malware when simply sharing computer files."

Controlled PCs in Virginia
More than 4,000 Windows machines were discovered infected with the Nitol malware, including several PCs in Fairfax, Va. The malware consisted of rootkits that ran as a background process, opening up a concealed communication channel. Remote access Trojans enabled a cybercriminal virtually complete control of the infected machine. Keylogging Trojans that record key strokes were also detected. The Nitrol case alleges many of the same violations committed by the operators of the Waledac, Rustock and Kelihos botnets, Microsoft said.

Microsoft named Peng Yong and other unnamed suspects and was granted a restraining order, enabling the software maker to host the 3322.org domain through Microsoft's domain name system. The company can then block the communication between the infected machine and the botnet command and control servers.

"This action will significantly reduce the impact of the menacing and disturbing threats associated with Nitol and the 3322.org domain, and will help rescue people's computers from the control of this malware," Boscovich said.




Every Small Business Gets Stuck, Says Barry Moltz

Barry MoltzIf you've ever felt stuck in your business, you're far from alone.

Small business consultant Barry Moltz says that every business gets stuck from time to time.

And he believes it can happen for several reasons:

“Sometimes it's the sales “glass ceiling” where your sales just won't budge in spite of your best efforts. It doesn't get much more frustrating than this.

There are times when leads are at an all-time low, new customers are barely trickling in and existing customers fade away. Not fun, but we've all been there.

Oftentimes, it's simply a case of burnout. The business owner becomes completely exhausted. Their family suffers, their business suffers and life stops being enjoyable. It's a real rut and at this point, it is absolutely critical to transform the situation and get unstuck as quickly as possible.”

Moltz, one of the Small Business Trends Judges, specializes in helping businesses get unstuck. There are plenty of resources to help startups, he says, but few that help a company a few years down the road when they need it most. Thus, his niche is the stage when businesses get stuck.

Moltz has written several books to help business owners, including Bounce! The Path to True Business Confidence. He's a regular contributor to sites like American Express Open Forum, Forbes and Crain's Chicago Business.  He has appeared on TV and radio programs like The Big Idea with Donny Deutsch, MSNBC's Your Business and NPR's The Tavis Smiley Show.

Failing for the Lesson of Failure

Like so many entrepreneurs, Moltz has had his fair share of business failures. The lesson, he says, is in the failure itself:

“Failure doesn't always teach you something. The most important thing is to realize that failure is just part of the business cycle. There will be success and failure. Learn what you can, let go, and take another action to get to success.”

Since Moltz has worked for one of the largest companies in the world, as well as numerous small businesses, he knows how similar (or not) the two are. He says both small and large businesses make mistakes, but larger companies can hide them more easily.

Are We All Crazy?

Moltz says you'd have to be crazy to start a business. Does that mean all of us are crazy for doing what we do?

“If you looked at the statistical chances of financially succeeding, you have to be crazy. The risk is too great! People do it out of passion or a calling.”

Given that we're risk-takers, over-achievers, and Type A personalities, maybe we are all a little loco.

Editor's Note: This article is one of a series of interviews of key players in the Small Business Influencer Awards.




How To Train Your Team And Make It Connect

Staff training is an on going part of business. You can't just toss people in and expect them to swim. That works for a hand full of all-stars, but if you want to increase the success rate and the consistency in how the team does what it does, then effective training is important.

There's a big difference between having a training session so that you can say you had it; and having a training session that effectively changes behavior. In other words, it doesn't matter what you tell the team if the message doesn't stick.

eureka

I recently heard my Aunt, who's working on her Masters in Information Technology, say:

“Understanding the theory behind it is great, but I need to know that when I walk out that door I can do something.”

When it comes to advance education isn't that what we all want?  Information that makes a difference in our business, in our daily life? So why torture staff with boring or ineffective training - when there's another option on the table?

Dr. John Medina, molecular biologist and author of Brain Rules, says:

“The brain does not pay attention to boring things.”

He continues by stating that we retain and remember six times more information when we experience the words and the images. In fact, there's a real benefit to adding some entertainment value and true hands on experience to your staff training. But how?

Below are five steps to help make any training message stick (I've used it for well over a decade and teach others to do the same - because it still works). Of course, it's more effort on the trainer and the managers end, but it pays off in a team of people that can actually do the work the way you want it done.

Successful teams don't build themselves. Effective leaders and managers build successful teams by reinforcing a core message until it becomes second nature for them and their team members.

1) Say It 

Even though most people retain more by doing than hearing, all training begins with a message about:

  • What it is
  • What is expected
  • How it works

Before you can expect your team to effectively “do” anything, explain some things. The goal is to expose them to the information. And since your trainer understands that this is step one, he doesn't have to cram information into people who stopped listening 30 minutes ago. Once you've spoken on the subject, it's time to reinforce the information.

2) Display It 

Create visual reminders to use inside your training and to post around the building. The goal is to provide a bite sized way to digest the information from training, and since a picture is worth a 1000 words, then make it visual. Don't try to cram everything onto one poster. Instead, choose the most important points. You can also:

  • Reinforce the steps to a new process
  • Add some relevant pictures
  • Increase the font size
  • Put it on the wall

And for online businesses with teams who work from home, you can place your visuals on your private company website, as well as forward it by email. Now your team has an easy reminder of what is expected, instead of having to wade through a dense report or letter.

3) Demonstrate It 

You don't know what you don't know until you're in the middle of the situation. And while hands on is priceless there are certain things that you can NOT allow your team to learn the hard way - because it could be bad for business. So role play. This is the step right before your team gets their hands dirty. Give them a relevant scenario and have them to talk it out and then act it out using the information you just gave. Let them work the kinks out in this setting.

4) Put Their Hands On It 

Now that your team has heard it, seen it and had to role play it - it's time to place them in a real world situation where they have to use what you taught them.  To solidify the lesson you have to back off a little bit and let them deal, but make sure they can get in touch with you. Even if you are in the building, let them work it out. They need to feel the fear and find the answer in order to drive the lesson home.

Of course you have a business to protect and clients to take care of, but this step is necessary if you intend to have a team that can produce while you're in the hospital, on vacation or at a conference. And for your own peace of mind you can be right around the corner ready to step in, but only if necessary.

5) Teach It Again

I don't care what they say, people need a refresher. So after they have gotten their hands dirty, it's time talk about the training again. But this time let the staff reteach the lesson to each other. Now you're driving it home.

Follow these steps and it will stick because you have to know more in order to teach it to others.  Plus the team is pulling from personal experience after these steps and not just theory.

Eureka Photo via Shutterstock




Send Huge Files Securely With These Two Services

As you may have already discovered, it's kind of difficult to share data with people through email when your files are more than 10 MB in size. You can get around that if the file is only a small bit bigger (20-30 MB) by sending multiple emails to the contact with a split file, but that's very complicated and not lucrative. What if you have to send a 1 GB file?

File storage services like DropBox are not secure enough to store sensitive data and do not cater to businesses that have to comply with regulations. The overall ecosystem of applications that allow you to transfer such large amounts of data aren't very reliable and/or aren't equipped for enterprise customers.

Hosting the files in an encrypted environment not only takes a lot of work, but also requires a lot of know-how. But before you give up, have a look at these premium secure services for large file transfers:

  • YouSendIt Workstream - YouSendIt has a paid service for people who want to send large files (up to 2 GB) via email. Their free “Lite” version of the service allows for file transfers of up to 50 MB per file. However, YouSendIt also has a service catering to businesses known as Workstream. With the Professional version of their Collaboration Suite, you get unlimited online storage, secure file transfer, download tracking, mobile access, Active Directory integration, Single Sign-On integration, and a number of other useful features for $14.99 a month.
  • ShareFile - Citrix has recently added a service called ShareFile, which allows you to transfer files securely across vast networks. Their “Professional” plan gives you secure file storage (with unauthorized access notifications), a dedicated representative to handle your cases, custom branding (along with the ability to have your account branded for you by the ShareFile team), and integration with Podio collaboration software for $59.95 a month. You also get to include 10 employee accounts.

Always remember to watch where you put your files. Any sensitive data can be leaked if proper measures aren't taken. The services mentioned above give you a very heightened security profile with some perks that allow you to transfer files with style!



ICO fines council £250,000 after paper records dumped in recycling

Scottish Borders Council has been fined £250,000 by the Information Commissioner's Office (ICO) after former employee details were found in a paper recycle bank.

The records included former employees' pension details and salary and bank account data. A third party was contracted to digitise the records but failed to seek appropriate guarantees on how the personal data would be kept secure.

The files were spotted by a member of the public who called police, prompting the recovery of 676 files. A further 172 files deposited on the same day, but at a different paper recycling bank, are thought to have been destroyed in the recycling process.

Ken Macdonald, ICO assistant commissioner for Scotland and Northern Ireland, said: “This is a classic case of an organisation taking its eye off the ball when it came to outsourcing. When the council decided to contract out the digitising of these records, they handed large volumes of confidential information to an outside company without performing sufficient checks on how securely the information would be kept, and without even putting a contract in place.

“It is only good fortune that these records were found by someone sensible enough to call the police. It is easy to imagine other circumstances where this information could have exposed people to identity fraud and possible financial loss through no fault of their own.

“If one positive can come out of this, it is that other organisations realise the importance of properly managing third parties who process personal data. The Data Protection Act is very clear where the responsibility for the security of that information remains, and what penalties await those who do not comply with the law.”

The ICO pointed out that the Data Protection Act states that if you choose to use a third party to process personal data for you, you remain legally responsible for the security of the data and for protecting the rights of the individuals whose data is being processed. Scottish Borders Council had no contract in place with the third party processor, sought no guarantees on the technical and organisational security protecting the records and did not make sufficient attempts to monitor how the data was being handled.

Speaking recently to SC Magazine, Jonathan Armstrong, lawyer at Duane Morris LLP said that the impact of monetary fines from the ICO should be passed on to those directly responsible for the breaches and that they "should suffer the consequences as well".

Paul Ayers, VP EMEA of Vormetric, said: “This breach perfectly demonstrates an increasingly common enterprise challenge, as organisations are communicating with and exchanging data with an increasing number of supply chain partners and customers â€" it is now routine for firms to outsource the processing of sensitive financial services and core IT requirements.

“However, this way of working is leading to an increased risk of both data loss and the breach of compliance regulations. In this case, the Scottish Border Council had not performed sufficient checks on how securely the information would be kept nor how it would be managed by the third party â€" it was therefore they who were subject to the sizeable monetary fine.”



Chris Ogburn of Hewlett Packard: Consumerization of IT

Technology seems to be moving at the speed of light nowadays.  As it evolves, lines are being crossed, it's continually morphing, blending and becoming a different beast â€" and the consumer is now the one dictating the beast that is born.  The individual user, not the corporate environment, is now the driving creative force. Tune in as Chris Ogburn, Director of SMB Marketing For HP, joins Brent Leary to discuss this shifting environment, the consumerization of IT.

* * * * *

Chris OgburnSmall Business Trends: Can you tell us a bit about your background?

Chris Ogburn: I've been in the IT industry about 20 years, and have been with HP (Hewlett Packard) for about 10 years. One of the great benefits of my job is being responsible for the small and medium business space, and covering the Americas.

I love being out there with customers and learning what they are doing with technology.  This whole topic around consumerization of IT is a really hot topic right now.

Small Business Trends: What's your definition of consumerization of IT?

Chris Ogburn: We think about it as a shift in technology, from more business centric solutions to more customer centric solutions.

From a manufacturer's standpoint, you think about how technology is being designed very early in those stages to maybe a little bit less about large, corporate environments and thinking more about the individual user.

The power of information has moved away from where it was 50 to 100 years ago.  Where it sat with the business, the manufacturer, the designer, and they share what information they wanted with the customer.  That's really now shifted all the way to the consumer.

We can get information, feedback and referrals from our friends, our peers and our colleagues.  So it is really all about that massive shift powering the consumer, and then powering the user within a business.

Small Business Trends: How much of a role does cultural change within the organization play in being able to successfully make that transition?

Chris Ogburn: It is very important. When I talk about customer culture, you know there are a couple of things that go into that. One is they have to be really eager to engage with their customers. They have to really develop a culture that is built around customer service, engaging with customers, and wanting to have those conversations frankly, willing to address the tough issues or topics, or help solve problems and issues for customers.

What I have learned and find in speaking with people that have adopted this type of approach is that they are the ones that are so much more effective in using the tools like social media to communicate with, and talk to their customer base.

The more that you use those tool sets, whether you are on Facebook, Linkedin, Twitter, or whether you are continuing to improve and develop your website, if you think about how you are using different aspects of social media tools to reach customers, with that kind of culture built-in, you are so much more likely to learn from your customers, make faster decisions, eliminate issues and problems, and have great creative new sparks and ideas because of the feedback you are getting from your customers base.

Small Business Trends: How do small and midsize businesses go about integrating these new concepts, along with these new technologies into their businesses?

Chris Ogburn: The important thing is just getting started.  If you are within your company already at a point where you have expertise, and you are executing, keep doing it. Fuel the engine.  Put in effort and initiate and invest time into it.  Because it is worth it on the backend.

If you are thinking about this, but maybe you don't feel comfortable with it, you don't have that expertise, reach out and talk to people.  Talk to peers and colleagues in your community. Get on Linkedin and communicate with business associates. Start to get feedback from people and suggestions around how to take in and integrate this type of technology.

We are seeing a lot of businesses now, even in the small and midsize space, get more comfortable with some of these newer technologies that are out there, and use those
heavily in their environment. Finding ways to incorporate tablets; incorporate smart phones; incorporate new thin Ultrabooks in their environment. Then they think through ways to more effectively to communicate to people through those specific types of devices.

Small Business Trends: How does HP help with this shift?

Chris Ogburn: HP invests a lot of time and effort.  It is not only the product development cycle, we are now specifically developing products with the consumerization of IT in mind. But we are also working on areas that are manageability focused, as well as security focused.  So we are giving them the tools to manage a secure environment while gaining all the benefits of utilizing these new technologies that enable them to do the kinds of things we are talking about today.

Small Business Trends: How do you see consumerization of IT, five years from now, when it comes to how it may impact small businesses?

Chris Ogburn: Well, we continue to see this merge of the historically corporate driven product sets and the consumer driven products sets.

HP recently just offered this product in the market place, the Spectre XT Pro. This is an Ultra Book product, it weighs 3 lbs.  It is only half an inch thick.  It has a 13 inch screen.  The design is very consumer centric. It's got really long battery life, eight hours on a single charge, and the interesting thing about it is it also has Beats Audio built in the notebook.

Now you may ask, why does a product you are delivering in the business space have Beats Audio? It talks to this whole consumerization of IT. People that are in the business environment need the tools to be successful, to do their job and to win every day. But at the same time we are all also consumers.  So the benefit in having that feature built into the product for premium sound capability, is something that has really resonated with users.

I think that is just an example of the types of things that we'll see over the next two years, that these technologies start to really blend, and bleed together.

Small Business Trends:  Can you tell us where people can learn more?

Chris Ogburn: Go to HP.com and navigate your way down to learn a little more about what HP is doing.

 


Three Online Services That Make Managing Your Small Biz Bucks Quick and Simple

In business, especially a small business where it might just be you running things, we strive for streamlining and simplicity as many tasks and processes as possible. The tools we use to get on top are essential. While I can appreciate the robust power of the many computer programs out there that can help organize finances, invoicing, contacts, and other information, most are expensive and have significant learning curves. So how can you find something in the right price range that is easy to use?

Enter an application called SohoOS, which says it is an “all-inclusive business enabler.” That's a pretty tall statement to make…especially for a program that is free to use. So I decided to take a look and having sorted through it for a solid few days, it actually comes pretty close to what it claims to be, which is no small feat!

SohoOS has many nice features, including:

  • Contacts. Your list of clients, vendors, leads, or anyone else that you might want to keep contact info on can easily be added.
  • Items. You can specify a service you might offer, or a product you sell, in a simple database set-up.
  • Invoicing. Do you use an Excel template to create your invoices? SohoOS will do this as well. If you have contacts already entered, you can easily plug them in. The item(s)/service(s) you offer can easily be added.
  • Estimates and Purchase Orders. These are just as simple to generate as invoices are; plug in your contact information, enter  the item(s)/service(s), and away you go.

Because the service is free, the SohoOS logo appears on your documents and invoices done through it, but this can be removed. For those looking to add some functionality to things, there are additional services that will cost a little bit of cash each month (from $1.95 to $7.95, with a few features ‘coming soon' and no rate listed). This includes a time tracking service, a currency converter, extra documentation storage, 24/7 help and support, invoice templates, and other useful items.

SohoOS is not unique in this kind of service, of course. Another product called Freshbooks offers a similarly free product, although it limits you to three clients. However, you get time tracking as part of that (unlike SohoOS), including team timesheets, as well as expense tracking and invoice generation. Further features include tracking of tax payments, profits and losses, and item sales. If you shell out $19.95 a month, you can increase your client list to 25.

PODIO is another product in this vein, but more unique in that it is more of a business/employee collaboration and coordination tool (and looks a lot like Facebook's format). Project management, employee sharing, CRM, and lead management help get everyone on the same page and in the same direction.

While SohoOS and Freshbooks would be great for small companies, PODIO looks more robust and better-suited for companies with several employees that are not centralized. Overall there are plenty of products to help get even the most basic business off the ground.



Researchers begin analyzing Black Hole exploit kit revisions

Researchers are still working to pick apart the internals of the latest version of the Black Hole exploit kit, which was announced this week by the cybercriminals behind the notorious automated attack tool.

Researchers at Trend Micro Inc. said it is unclear if all of the new features in version 2.0 have been fully released, but an analysis of the latest code detected in the wild found some retooled capabilities. A new URL generation algorithm used to deliver exploits was announced, but Trend said it is seeing both version 1.0 and 2.0 capabilities running concurrently in the code its team analyzed, indicating that testing may be taking place.  

"This unusual combination indicates that the authors of [Black Hole] 2.0 may still be beta-testing specific features before actually releasing [Black Hole] 2.0 fully into the wild," wrote Jon Oliver, the software architecture director at Trend Micro. "We will continue to monitor for new information related to this new threat, and release our findings as appropriate."

Black Hole is notorious for spreading malware, containing exploits that target a variety of vulnerabilities. Common flaws targeted by the toolkit include browser components, such as Flash and Java. The authors of the toolkit also update the kit to those who purchase a license. It recently was updated to exploit a Java zero-day vulnerability, which was patched by Oracle on Aug. 30.  

Researchers at Websense Security Labs said the updates appear to change the URL pattern used to identify the kit and obscure the IP so antivirus fails at detecting its presence on systems. The domain generation algorithm changes make it more difficult to detect Web pages that contain malicious code. The URLs are obfuscated differently, making identification difficult.

"The creator of this kit changes the obfuscation as often as a model changes clothes at a fashion show," wrote Chris Astacio, a researcher at Websense.

New system "written from scratch"
In an English translated message outlining the new capabilities posted to Pastebin, the authors included a number of performance and design improvements. New functionality added to the console enables quick viewing of statistics. Monitoring capabilities have been improved to enable cybercriminals to evaluate the quality of the traffic and performance of exploits.

"Version 2.0 is not a continuation of the old bunch, is a completely new system written entirely from scratch, given the client is going to request for more than two years of operation, version 1," according to the announcement.




Buts Are A Problem

ifs and or buts business sales cartoon

I love idioms, catchphrases, and jargon of all stripes. So when I hear something like, “no ifs, ands, or buts” it's like a little puzzle to be solved. And if you win you get a cartoon!

So there are a lot of ways to go with “no ifs, ands or buts:”

  • Empty store shelves with “Ifs,” Ands,” and “Buts” labels. Clerk says to customer,”Sorry, we're all out.”
  • Lawyer to client, “As your lawyer, we're going to embrace and exploit any and all ifs, ands, and buts.”
  • Sign on conference room door reads, “Sales Meeting 1:00.” Smaller signs below has Ifs, Ands, and Buts and circle-with-line symbols over them.

Those are all okay, but I like this version best because I'm curious as to what made the Buts go kablooey.

Good old idioms. They never let you down.




5 Steps to Landing a Government Contract

Federal, state, and city governments are looking for businesses to handle outsourced operations. Your small business is interested in growing its client base. It's a match made in corporate heaven.

“The best way for a small business to grow is to have the federal government as a customer,” Entrepreneur.com wrote. “The U.S. government is the largest buyer of goods and services in the world, with total procurement dollars reaching approximately $235 billion in 2002 alone.”

But federal government contracts aren't the only way for small businesses to participate. In fact, on a local level you may find you have a better chance at opportunities. Unfortunately, it's all too easy for these local government agencies to become dependent on the same core group of businesses they've always worked with. Getting in on this business can be tough, especially if these relationships are long-term. But new opportunities open up all the time and long-term contracts eventually run their course. The best way to be in the right place at the right time is to begin the process of persistently applying for local and federal government contracts.

But for many small businesses, landing those official contracts can seem like a daunting process. The paperwork can be overwhelming for a busy business owner with limited resources. Luckily, there are resources available for small businesses interested in pursuing government contracts. Follow these three steps to land a government contract:

  • Determine your business's niche. Before you can begin applying for opportunities, it can help to fully understand what makes your business stand out. Join associations or councils that represent your niche to add to your credentials.
  • Peruse the list of opportunities at the Small Business Administration (SBA) website. The SBA lists contracting opportunities on its website. If your small business doesn't have the resources to handle some of the larger government contracts, SBA's list of subcontracting opportunities may be a better fit. These opportunities are organized by state to help you narrow down only those that apply to you. SBA also has a mentor-protege program that can help pair you with a larger organization.
  • Contact your local government procurement office. State and city governments have officials tasked with handling contracts. Set up a meeting and work to determine what your business needs to do to be considered.
  • Register with SAM. The System for Award Management (SAM) acts as a clearinghouse for Federal contractors. SAM combines the Central Contractor Registry, Federal Agency Registration, Online Representations and Certifications Application, and Excluded Parties List System, with more systems to be added soon.
  • Be persistent. The SBA can be a valuable resource, not only for linking you to opportunities but to providing information on what you need to do to land those valuable contracts. Government contracts can be a valuable income source for small businesses, but the process can be slow and involve quite a bit of “red tape.” Don't give up at the first lost opportunity, understanding that the process is usually very competitive.

While dealing with the government can be frustrating, to say the least, with so many great opportunities lingering untapped, it's important to try to find a way to take advantage of them if you can. The SBA can prove a great resource for locating and landing those opportunities.



Microsoft disrupts Nitol botnet and takes control of malware hosting domain

Microsoft has detailed a botnet it has named ‘Nitol' that has infected computers via insecure supply chains.

According to Richard Domingues Boscovich, assistant general counsel of the Microsoft Digital Crimes Unit, it sought permission to disrupt 500 different strains of malware earlier this week.

According to report ‘operation b70', the Nitol botnet was hosted on the domain  ‘3322.org', which has linked to malicious activity since 2008 and contained 500 different strains of malware hosted on more than 70,000 sub-domains.

Boscovich said it found malware capable of remotely turning on an infected computer's microphone and video camera, recording keystrokes and carrying out distributed denial-of-service (DDoS) attacks, its primary function.

The report on operation b70 said that it purchased 20 computers from various cities in China and one was infected with Nitol, which was actively running and attempted to connect to a command and control (C&C) server.

Nitol infects users through removable media and mapped network shares, so once a removable media is connected to an infected computer, the malware copies itself and infects the new host. This can affect USB flash drives, external hard drives and/or mapped network shares.

Nitol is also selective about where it copies itself to the drives, as it picks directories that contain applications (.EXE, .DLL, .OCX files) and compressed file archives (RAR and .ZIP). Microsoft said that the Nitol developers knew this would result in a large number of files being copied to every directory on a drive, so they decided to hide the files with the file attributes SYSTEM/READ-ONLY/HIDDEN. Files with these attributes are considered ‘super hidden' and are not viewable by Windows Explorer by default.

Microsoft said that the reason Nitol copies itself to directories containing applications (primarily files with extensions .EXE) is to exploit the module loading process used by Windows when it runs applications. When an application is started, it is Windows that tries to find the file (on the application's behalf) in the application's directory first and if one is not found, then several other places are searched and then the process ends with a search in the Windows\System32 directory.

As Nitol's filename is LPK.DLL, applications will look for this in their current directory before any other place and Nitol will get loaded before the file (of the same name) provided by Microsoft in the System32 directory.

Microsoft has been granted an ex parte temporary restraining order against Peng Yong, his company and others and it has also taken control of the 3322.org domain through its created domain name system (DNS).

However Yong, who owned the 3322.org domain, told Associated Press that his company had a ‘zero tolerance' attitude towards illegal activity on the domain.

He said: “Our policy unequivocally opposes the use of any of our domain names for malicious purposes. We currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes.”



£3.8 million cyber security research institute to be established by the government

The government is to invest around £4 million into creating a cyber security research institute.

According to V3.co.uk, the £3.8 million institute will work alongside GCHQ to encourage closer cooperation between business and academia in the fight against online threats.

Named the Research Institute in the Science of Cyber Security (RISCC), it will bring together social scientists, mathematicians and computer scientists from seven UK universities to tackle some of the toughest cyber security challenges.

It has been awarded funding for three and a half years and will be led by Angela Sasse, a professor of information security at UCL.

Sasse said: “This is an opportunity to work closely with colleagues from different scientific disciplines to tackle the technical, social and psychological challenges that effective cyber security presents.”

Cabinet Office minister Francis Maude said: “The UK's first academic research institute will strengthen capability in a strategically important area, keeping the UK at the forefront of international research in the field.”

As recently reported, GCHQ is to work with the UK's private sector to educate them on cyber security threats and detail on how to thwart cyber attacks.

Tom Burton, head of cyber for defence at BAE Systems Detica, said: “The announcement is an encouraging step, signalling the government's commitment to public and private sector collaboration, something we have long championed. The institute should also help to safeguard the UK economy for future generations.

“In our view measures such as these serve a dual purpose, as not only do they help to protect the UK economy from online threats, they also strengthen the UK cyber industry, which should be viewed as an end in itself.

“Building an economically strong cyber industry in its own right will help to create the diversified economy that is being championed by the current government. Diversifying the economy can expedite the UK's economic recovery, and a strengthened cyber security sector will also help to prevent costly online theft.”

Paul Davis, director of Europe at FireEye, called RISCC "a good move" in terms of understanding the most complex cyber security challenges, and improving readiness should anything bad happen

He said: “When it comes to IT security and international cyber crime, there seems to be an ongoing sense of inaction and complacency. In fact, GCHQ recently admitted that businesses are failing to do enough to protect themselves from ‘real and credible threats to cyber security' â€" and in that respect, this is very welcome news indeed.

“Too many organisations are still stuck in their ways when it comes to security â€" believing that current defences are adequate to thwart today's advanced threats. Though we have seen a stream of headlines depicting the need to deploy holistic security solutions that plug all network vulnerabilities and offer the deep visibility required to keep up with the changing threat landscape, perhaps an even louder voice is now needed. I hope that this move, and the resulting media attention will encourage more of us to wake up to the realities of the age that we have entered into.”



BlockMaster introduces encrypted file sharing tool

BlockMaster has announced the launch of a secure file sharing tool for connection between a desktop and a secure USB stick.

According to the company, ShieldShare enables all data to be encrypted on the client desktop prior to it being added to central storage to enter the cloud where the user has full managed control over devices and users, and the encryption keys never leave their premise.

ShieldShare encryption keys are handled in an automatic PKI infrastructure through a separate key server that the organisation controls.

Anders Kjellander CSO of BlockMaster, said that ShieldShare offers the convenience of file sharing for security-conscious companies.

He said: “With ShieldShare, they can now make a no-compromise decision and get both maintained productivity and real security. ShieldShare offers true cloud security where you hold the encryption keys, not the service provider.

“All data is encrypted on the clients before touching any server. This is truly a break-through approach. For example, local government agencies can make use of global cloud infrastructure services to enable file sharing without risking breaches to privacy legislation.”

Clients are available for Windows, Mac and SafeConsoleReady secure USB drives (previously known as PIPE). The ShieldShare Key Management Server and ShieldShare Storage Engine can be hosted together or separately on any Windows machine on-premise, in private/public cloud infrastructure or in hybrid mode with maintained security.



RSA bolsters IAM solution with security enhancements

RSA has added new functions to its Identity and Access Management (IAM) suite to include extra security in hybrid IT environments.

According to the company, the solutions are designed to address evolving security challenges that require new ways to manage and protect the growing number of users and device identities, as well as the exponential growth in identity information and the need to help ensure consistent security across enterprise, cloud and mobile infrastructures.

These include the RSA Access Manager, which provides secure access to web applications through web single sign-on (SSO) and the ability to consolidate access controls. The company also said that Access Manager is designed to support a broad range of authentication methods, including tight integration with RSA Adaptive Authentication for out-of-band phone and the new support for out-of-band email risk-based authentication.

In the adaptive sector, the company has launched RSA Adaptive Directory which is engineered to correlate and aggregate identity information across a variety of enterprise sources, RSA said.

RSA Adaptive Federation is designed to provide secure identity federation-as-a-service to be certain that the right users have the right access at the right time to business-critical resources and sensitive data in SaaS applications.

Dan Schiappa, senior vice president of the identity and data protection group at RSA, said: “In today's increasingly mobile, distributed and cloud-based world, security teams need to enable trusted access to critical resources no matter where the user or resource is located, even if large parts of the infrastructure involved are outside of IT's direct control.

“Today's announcements go a long way towards achieving that goal and deliver on the RSA Cloud Trust Authority vision. Think of it as enabling the security infrastructure to deploy a dynamic perimeter around user access, with the level of authentication determined based on the unique risk of that session. It marries user convenience with far greater security and control for security practitioners.”



Apple Unveils the iPhone 5

Apple fans have been salivating in anticipation, and of course business owners know the growing importance of smartphone technology in an increasingly mobile and app driven world. Here are some things you should know about Apple's new iPhone 5, announced Wednesday, and then some news all business leaders should find interesting about the opportunities available via mobile tools today.

Mobile Marches On

World's thinnest smartphone. The iPhone 5 continues the march toward thinner, lighter, more mobile technology and that's good news for business users on the go. In fact the phone is 18 percent thinner and 20 percent lighter than its predecessor, and includes faster processing, a better camera, and compatibility with wireless LTE networks. The Wall Street Journal

The time is now. Business owners who want to get a hold of the new iPhone 5 for their companies can start ordering today. Pre-orders are being accepted beginning early this morning, though the phones officially go on sale in nine countries Sept. 21. With a starting price of $199, this device may offer an opportunity for many small businesses to keep up with the mobile trend. Wired

Brave New World

Managing mobility. With a greater emphasis on mobile technology, even at small businesses with little or no IT support, management of mobile devices like smartphones is becoming a big issue. An estimated four out of 10 employees at many small businesses work away from the office on smartphones, so cloud-based services are emerging to handle issues like lost device detection and remote setting configuration. Smallbiz Technology

All you need are apps. If you're tired of paperwork, then the best thing about smartphones may not be placing a call or accessing the Internet. No, there are a lot of cool apps out there to help you do everything from digitizing copies of the many forms your business uses to transcribing paperwork and converting it to Adobe PDF or Microsoft Word. Gosh, with tools like these, paperwork could even be fun. UPrinting

Rise of the mobile marketer. The rise of the smartphone should bring with it a different mindset for marketers too. Everyone's talking about making sure your Website is mobile ready, but how about your e-mail marketing campaign? If your e-mail marketing is aimed at customers who will be viewing your messages via smartphones, here are some things you may wish to consider. Step By Step Marketing

Marketing Stars and Stinkers

An Apple a day. With the release of the new iPhone 5, focus has again turned to the incredible marketing demonstrated by Apple over the years. There is a lesson to be learned here by any small business owner about how effective products and services combined with creative marketing will bring success again and again. Small Business Trends

Epic fail. To the other extreme, another smartphone maker, Nokia, took a serious misstep recently when announcing the release of its Lumia 820 and 920 phones, with the most exciting feature being the PureView Camera Technology intended to separate both smartphones from all other competition. Unfortunately, it turned out that neither a promotional video or still images used in the advertising materials were actually shot with the new phones! The PR Verdict



Subscribe to: Posts (Atom)