Skip to main content

Posts

Showing posts from November, 2014

Regin Malware

On November 24, 2014, Symantec released a report on Regin, a sophisticated backdoor Trojan used to conduct intelligence-gathering campaigns. At this time, the Regin campaign has not been identified targeting any organizations within the United States.
Description Regin is a multi-staged, modular threat—meaning it has a number of components, each dependent on others to perform an attack. Each of the five stages is hidden and encrypted, with the exception of the first stage. The modular design poses difficulties to analysis, as all components must be available in order to fully understand the Trojan.
Impact Regin is a remote access Trojan (RAT), able to take control of input devices, capture credentials, monitor network traffic, and gather information on processes and memory utilization. The complex design provides flexibility to actors, as they can load custom features tailored to individual targets. [1]
Solution Users and administrators are recommended to take the following prevent…

Office 365 - How to remote wipe your email.

If you're an Office 365 Email Administrator and creating a policy to support security and manage risks introduced by using mobile devices (smart phones).

Here''s how you can remotely wipe your user Office 365 email through their smart phones e.g iPhone or Android devices.
Login to Office 365 websiteClick on Outlook, this will open your Outlook Web App.In your Outlook Web App, Settings, click Mobile Devices.You will see your mobile device, select your mobile device and click the Wipe Remote. Wait to complete the process.
That's all.

Security Advisory - Holiday Greetings with Phishing, Malware and Viruses coming to your email.

Security Awareness for the Holidays. 

Every holiday seasons there are thousands of phishing, malware, and viruses related scripts releases by a malicious users. If you are using Google Apps for Work or Microsoft Office 365 (Cloud), the incoming and outgoing are continuously scan for these scripts to keep us safe. The security is not 100%, I'm sure your security or network administrator applied additional layers of security measures to minimize risks.

Question is what do we have using our home computers, iPad (Tablets) and smart phones? Here are some preventive measures to protect your computer network from phishing campaigns.

Do not follow unsolicited web links in email. Delete it right away.Use caution when opening email attachment.Follow safe practices when browsing the web. You need to keep your internet browser up to date.Maintain up to date anti-virus software. Microsoft provides Security Essentials tool for free. Go to www.microsoft.com/security for more details.Keep your ope…

WordPress on Google Apps Engine

I am moving my website(s) from VPS Server to Google App Engine (Google Cloud). It's too early to list the benefits of using Google Cloud while still building my infrastructure and making it work the way it suppose to.

A little background of the existing hosting environment.
I'm using a dedicated VPS Server with Solid State and 6.5GB Memory to host a multisites using WordPress for Content Management Systems (CMS).

The VPS Server is only hosting the WordPress files e.g. CMS core files, themes, plugins, etc.
I am using Amazon RDS for database so I don't have to worry about managing database server.
And I'm using Amazon CloudFront for images storage.

Current issues.
When it gets busy, the website(s) response time spike from an average of 1.5msecs to 8-10msecs.My current hosting provider can't see what's going on. I will use the Quick Start WordPress for Google App Engine simple tutorial. Here's the link if you're interested or continue to read my adventure. ht…