Recent reports of spoofed WhatsApp download website

January 27, 2014, 12:54 am

≫ Next: Happy Birthday - 10th Anniversary of Mobile Malware!

Spoofed websites for popular social apps have been observed for some time now - recent reports from Malwarebytes show that one of the most popular mobile app - WhatsApp has been targetted recently as well.

The particular site at question aimed at Russian speakers and offered app download for broad scope of mobile devices - IOS, Android, Windows Phone and Blackberry. The site was resambling the legitimate website quite a bit with lot of code scrambled from the oficial website. The unsuspecting users downloading the application would get infected by variant of Android SMS Trojan that once installed would start sending text messages to premium rate numbers.

Reference:
Spoofed Whatsapp site delivers polymorphic SMS Trojan
http://www.net-security.org/malware_news.php?id=2687
WhatsApp gets Rogue Download Page
http://blog.malwarebytes.org/mobile-2/2014/01/whatsapp-gets-rogue-download-page

↧

Happy Birthday - 10th Anniversary of Mobile Malware!

January 27, 2014, 3:02 am

≫ Next: Enterprise Vault.cloud: Archiving and Cybersecurity in 2014

≪ Previous: Recent reports of spoofed WhatsApp download website

Fortinet’s FortiGuard Labs has published a very interesting whitepaper about 10 years anniversary of mobile malware. According to the study mobile malware is evolving quite rapidly - only in 2013 researchers of FortiGuard have see more than 1300 new malicious applications per day with up to 400.000 malicious applications in total.

The whitepaper goes back up to 2004 and the first mobile worm - Cabir (infecting Nokia phones) up to year 2013 and arrival of first Ransomware for Android devices - FakeDefend.

Reference:
The World’s First Mobile Malware Celebrates its 10th Birthday
http://www.fortinet.com/resource_center/whitepapers/10th-anniversary-of-first-mobile-malware.html
http://www.fortinet.com/sites/default/files/whitepapers/10-Years-of-Mobile-Malware-Whitepaper.pdf

↧

Enterprise Vault.cloud: Archiving and Cybersecurity in 2014

January 27, 2014, 11:25 am

≫ Next: Join the Symantec Endpoint Management news feed!

≪ Previous: Happy Birthday - 10th Anniversary of Mobile Malware!

Enterprise Vault.cloud security

Many of our customers worry about security of their archive data. It is imperative that we not only protect their data, but that they actually have confidence and assurance of those security measures.

↧

Join the Symantec Endpoint Management news feed!

January 27, 2014, 3:32 pm

≫ Next: Mavericks Mac OSX 10.9 and Enterprise Vault

≪ Previous: Enterprise Vault.cloud: Archiving and Cybersecurity in 2014

All major announcements direct to your inbox!

Recently the Symantec Endpoint Management team launched a brand new news subscription feed to update customers and partners on major announcements and events. This is a one stop shop for all major product news and is a must for anyone involved with the Altiris product line.

Please pass this link to everyone and anyone that may be interested!

https://www-secure.symantec.com/connect/groups/endpoint-management-news

↧

Mavericks Mac OSX 10.9 and Enterprise Vault

January 28, 2014, 12:32 am

≫ Next: Are we headed towards Software-Defined Disaster?

≪ Previous: Join the Symantec Endpoint Management news feed!

In the past I have used my hackintosh to connect to corporate email servers, and I've used the Enterprise Vault OSX Add-in. It's something though that sometimes lags behind from a Symantec point of view.

When new versions or rather Service Packs of Office for Mac are released, and, when new versions of OSX are released there isn't the general 'rush' to support the changes. I suppose it's down to the amount of effort versus the number of users; there are just far fewer OSX users who need Enterprise Vault connectivity than Windows users. There are also far fewer testing resources (hardware and people) when it comes to OSX.

That being said it is good news! I spotted a note on the Connect Forums which says that OSX 10.9 *is* supported.

http://www.symantec.com/connect/forums/ev-10-sp3-and-mac-osx-109

I've not tried it, yet, have you? Let me know in the comments below.

↧

Are we headed towards Software-Defined Disaster?

January 28, 2014, 12:45 am

≫ Next: Authenticating your website through SSL Certification

≪ Previous: Mavericks Mac OSX 10.9 and Enterprise Vault

While I am generally upbeat about the latest developments in technology, it's also my job to be cynical. Symantec’s customers depend on a certain level of realism, so I don’t feel too bad about pointing out some of the downsides and risks.

When it comes to software-defined networking, storage and so on - in a nutshell, the ability to orchestrate and control a widening variety of hardware devices and resources - most potential issues boil down to a single question - can software be trusted?

The answer, as Douglas Adams might say, is “mostly harmless”. While software starts simple, it can often become highly complex and, therefore, very difficult to test. Software designed for enterprise-scale use cases inevitably tends to the complex, which is where the problems start.

If damage does happen, it can do so in a big way. Some organisations may have experienced the avalanche effect that can take place if a poorly constructed patch is rolled out across the environment. More recently, we’ve seen downtime issues in cloud services - most surprising is that commentators saw the major providers as too big to fail in the first place.

So, is software-defined everything heading in the same direction? Will we end up with tales of woe, when organisations have put too much reliance on inadequate management platforms? The answer is yes, probably, we shall see isolated incidents of major failure (to say otherwise would be to suggest the future will be different to the past).

The advice I’m giving to anyone who asks is, simply, not to put all the eggs in a single basket. Pan-enterprise, software-defined resource orchestration is an admirable goal, but while it is unproven it should be kept in moderation - for example by focusing on the dynamic management of specific resources.

While Symantec's stance continues to be, to protect against the unexpected, let's not create situations we can avoid.

↧

Authenticating your website through SSL Certification

January 28, 2014, 2:35 am

≫ Next: Installing Windows operating system on UEFI-based computers

≪ Previous: Are we headed towards Software-Defined Disaster?

An SSL certificate is a mode of authenticating a website and securing the transactions, as well as the data communicated through the website by users.

↧

Installing Windows operating system on UEFI-based computers

January 28, 2014, 10:16 am

≫ Next: How to force the AMAgent to send data faster than once a day

≪ Previous: Authenticating your website through SSL Certification

The following article depicts the basic workflow for Installing Windows OS on UEFI/EFI computers:

http://www.symantec.com/docs/HOWTO94433

↧

How to force the AMAgent to send data faster than once a day

January 28, 2014, 12:24 pm

≫ Next: Ancient Japanese Click Fraud Still Healthy and Alive

≪ Previous: Installing Windows operating system on UEFI-based computers

If you are testing Application Metering either in the lab or during a POC, you may wish to have the Application Metering Agent (AMAgent) send its data in a timely fashion, as its UI only offers either Daily or Weekly.

The following queries will allow you to do just this as well as to revert back to the original setting afterward for supportability:

--/ Obtain existing value (default = 86400)

SELECT State FROM Item WHERE [Guid] = '97D80113-8FE1-4ABD-AB08-EC7C8DDBDEF5'

--/ Change default using value in seconds (this example is for 5 minutes)

UPDATE Item SET State = '<item><Application type="inventory" interval="360" /></item>' WHERE Guid = '97D80113-8FE1-4ABD-AB08-EC7C8DDBDEF5'

--/ Rollback

UPDATE Item SET State = '<item><Application type="inventory" interval="86400" /></item>' WHERE Guid = '97D80113-8FE1-4ABD-AB08-EC7C8DDBDEF5'

↧

Ancient Japanese Click Fraud Still Healthy and Alive

January 28, 2014, 7:23 pm

≫ Next: 古典的な日本語のワンクリック詐欺が今なお活動中

≪ Previous: How to force the AMAgent to send data faster than once a day

In 2013, scammers published thousands of apps on Google Play that led to fraudulent sites. This form of scam is typically called “one-click fraud” in Japan. The very first variant appeared in January and while only a handful of these fraudulent apps survive for a few days at most, we confirmed that, in total, more than 3,000 apps were published on the market in 2013. By October, scammers for the most part have stopped publishing new variants of the fraudulent apps on Google Play for unknown reasons.

Figure 1. Total number of apps leading to one-click fraud sites published on Google Play throughout 2013

While apps that lure victims to fraudulent sites may no longer be available on Google Play, there are currently other vehicles leading victims to these sites, such as spam.

This scam typically begins with spam that has been sent to a mobile phone, ideally a smartphone. The spam message contains a link to an adult video website. The site claims that videos can be viewed free of charge.

Figure 2. Example of the spam message sent as part of this scam

Figure 3. The adult video site linked in the spam message

To view a video, the visitor is instructed to make a phone call in order to register for the site. Once the user calls the number provided on the site, an automated system will accept the call and save the phone number of the victim’s mobile device. The visitor will then be prompted to input their telephone number in order to access the site.

Figure 4. The site instructs the user to register to access the videos

When the user clicks on a video after they’ve registered for the site, another Web page opens. If you read the page carefully, you will notice that the term “free” has completely disappeared and a tiny note about a subscription fee has been added.

Figure 5. The adult video site with details of a subscription fee

If the visitor fails to notice this detail and clicks the download button, they will end up registering for the paid service and will be charged the hefty price of about US$1,000. If you actually compare the URL of the two adult video Web pages, you will notice that the two sites have different domains. The original site redirects the visitor to a different service and allows free videos to be viewed only on its own site, but no videos can be found. There are videos on the second site, but they are not available for free.

Figure 6. Registration page for the site that charges a subscription fee

The end-user agreement on the original site states that all content on the site can be accessed free of charge, however, other services linked to the site may not be free.

Interestingly, the site’s Q&A page warns visitors that they may receive phone calls from scammers asking them to pay for video services. The Web page instructs users to be carefully about making payments. The scammers do follow up by calling the visitors if the fee is not paid by the deadline.

Figure 7. The Q&A page with a warning about scammers

These scams occur on a daily basis and affect users with smartphones that run any type of operating system. Users should remain vigilant of one-click fraud scams and should avoid clicking on links received through unsolicited spam messages.

↧

古典的な日本語のワンクリック詐欺が今なお活動中

January 29, 2014, 12:13 am

≫ Next: Data Privacy Day / Data Protection Day - 28 January 2014

≪ Previous: Ancient Japanese Click Fraud Still Healthy and Alive

2013 年、ユーザーを詐欺サイトに誘導する何千ものアプリが Google Play で公開されました。日本では、この形態の詐欺は通常「ワンクリック詐欺」と呼ばれています。2013 年 1 月に初めての亜種が出現して以来、何日間も生き残る詐欺アプリはほんのひと握りですが、2013 年の 1 年間に公開された詐欺アプリは、合計すると 3,000 種以上にものぼることが確認されました。昨年の 10 月までに詐欺師たちは、新しい亜種を Google Play で公開することをやめていますが、その理由はわかっていません。

図 1.ワンクリック詐欺サイトに誘導するアプリが 2013 年中に Google Play で公開された総数

詐欺サイトに被害者を誘い出すアプリは、Google Play でこそ公開されなくなりましたが、最近は被害者を詐欺サイトに誘導するために別の経路が使われています。たとえば、それはスパムなどです。

この詐欺は携帯電話、特にスマートフォンに届いたスパムから始まるのが一般的です。スパムメッセージには、アダルト動画サイトへのリンクが掲載されています。そのサイトでは、動画を無料で鑑賞できると謳われています。

図 2.この詐欺の過程で届くスパムメッセージの例

図 3.スパムメッセージからリンクされているアダルト動画サイト

動画を見るためには、電話を掛けてサイトに登録しなければならないと指示されます。被害者がサイトで指定されている番号に電話を掛けると、自動システムが電話を受け、被害者のモバイルデバイスの電話番号を保存します。次に、サイトにアクセスするために電話番号を入力するよう求められます。

図 4.動画を見るためにサイトに登録するよう指示される

サイトへの登録を済ませて動画をクリックすると、別の Web ページが開きます。このページを注意深く読むと、「無料」という単語が完全に消えていて、購読料金に関する小さな注意書きが追加されていることに気が付きます。

図 5.購読料金の詳しい案内が載ったアダルト動画サイト

この注意書きを見逃してダウンロードボタンをタップすると、有料サービスに登録したことになり、約 10 万円という法外な料金を請求されてしまいます。実際に 2 つのアダルト動画ページの URL を比較してみれば、ドメインが違うことがわかるはずです。ユーザーは元のサイトから別のサービスにリダイレクトされています。動画を無料で見られるのは元のサイトだけですが、実際には動画は見つかりません。リダイレクト先のサイトには動画がありますが、それは無料ではないのです。

図 6.購読料金を請求するサイトの登録ページ

元のサイトの利用規約を読むと、そのサイトにあるすべてのコンテンツには無料でアクセスできるが、リンク先の他のサービスは有料の場合があると書かれています。

サイトの Q&A ページに、詐欺師からの電話に引っかかって動画サービスの料金を請求されることがあるという警告文が書かれているのは、何とも皮肉です。このページでは、料金の支払いには注意する必要があるとも指導しています。実際に、期日までに料金が支払われないと、詐欺師は督促電話を掛けてきます。

図 7.詐欺に関する警告文が書かれた Q&A ページ

こうした詐欺は毎日のように発生しており、オペレーティングシステムの種類を問わず、スマートフォンを持つユーザーが狙われています。引き続きワンクリック詐欺には警戒して、迷惑メール（スパムメッセージ）のリンクは絶対にクリックしないようにしてください。

* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。

↧

Data Privacy Day / Data Protection Day - 28 January 2014

January 29, 2014, 12:27 am

≫ Next: Understanding Always On SSL and SEO

≪ Previous: 古典的な日本語のワンクリック詐欺が今なお活動中

Data Privacy Day led by National Cyber Security Alliance being held in the United States and Canada on 28 January 2014 alongside of the Data Protection Day celebration in Europe. The purpose of Data Privacy day is to raise awareness and promote data privacy education. For those not able to attend - there is a free stream recording available at: http://www.ustream.tv/staysafeonline

- See more at: http://www.staysafeonline.org/data-privacy-day/about

↧

Understanding Always On SSL and SEO

January 29, 2014, 8:29 am

≫ Next: Digging Deeper Into Nest Security

≪ Previous: Data Privacy Day / Data Protection Day - 28 January 2014

‘I don’t know of any reason why you[r website] wouldn't be able to rank with just HTTPS,’ says Matt Cutts of Google.

↧

Digging Deeper Into Nest Security

January 29, 2014, 12:37 pm

≫ Next: PCAnywhere Windows 8/8.1 support demand

≪ Previous: Understanding Always On SSL and SEO

Bob Shaker's compelling "Consider Security Before Building Your Nest" blog post got me thinking about Internet of Things (IoT) security. In case you've been on the moon, earlier this month Google announced the acquisition of home automation company Nest Labs for $3.2 billion, thrusting the Internet of Things into the spotlight. According to Gartner the Internet of Things will include 26 billion devices by 2020. 26 billion! Attackers are likely salivating over such an incredible number of devices just waiting to be hacked. So let's ride the trending wave and consider Nest Labs, a representative sample of Internet of Things technology.

Nest Labs currently offers two lines of smart home devices: thermostats and smoke / carbon monoxide detectors. Nest devices include super cool self-learning capabilities and convenient remote administration facilities through a web interface and Android / iPhone mobile applications. But what about security? As Bob pointed out, you certainly need to consider security before stashing eggs in your Nest. So what could happen if malicious attackers took control of your Nest devices through that handy dandy web interface? Very. Bad. Things.

For example, attackers with access to your Nest Learning Thermostat could simply turn off your heat. Today in Chicago the temperature is -16 Fahrenheit. That's not the wind chill, mind you, but the temperature. That's freaky cold. If attackers turned off the heat in your trendy Chicago loft the pipes would freeze in short order, resulting in property damage and expensive repairs. A more profitable avenue of attack is robbery. Attackers could infer when you're home based on your Nest Learning Thermostat settings and Auto-Away status. After quickly building a profile attackers would know exactly when you're not home, and therefore would know exactly the best time to rob your trendy loft. But what about your home security system? I would be shocked if Nest doesn't offer a learning home security system in the coming years. So no problem there, attackers could simply disable your home security system through that handy dandy web interface.

2014 Security Predictions.png

What other Nest smart home device vulnerabilities might be lurking in the coming years? Well that depends on what new product lines Google introduces into the Nest portfolio. Nest has been surprisingly quiet regarding future product direction. However, last year Nest announced a developer API that allows third party developers to interface with the Nest Learning Thermostat. If this developer API is any indication of things to come, the possibilities will be endless. Let's brainstorm a few prospects, some of which Nest has already suggested:

Smart window blinds? Attackers could open your blinds and become technologically savvy Peeping Toms. Hopefully your mom won't stumble across the raunchy video that the attackers upload to the Internet.
Smart washing machines and dryers? Attacker could turn up the heat and shrink your favorite clubbing shirt. Yup, the black one with that fierce dragon and snazzy blue flames. Ouch.
Smart refrigerators and freezers? Attackers could turn up the heat and spoil your Kobe Filet Mignon. Takeout, anybody?
Smart aquariums? Attackers could turn up the heat and fry your poor tropical fish Arnold Schwarzefisher. Sushi, anybody?
Smart toasters? You remember the infamous USB Toaster, don't you? Well I hope you like your toast burnt to a scorched black crisp!

Privacy considerations are another issue altogether. Google has promised that Googlefying your Nest data will be 100% opt-in, but how hard would it be to bury the requisite opt-in clause within a terms of service form that 99% of us do not even pretend to read? And let's not even think about what might happen in the future when Nest devices interface directly with your brain. Researchers are currently "miniaturizing single electrode devices that can be placed in your hair and read electrical activity from the brain through a technology called electroencephalography." You thought Google stockpiled a lot of data before? Well monitoring your Internet searches (through Google.com), browsing habits (through Chrome browsers), and smartphone usage (through Android devices) pale in comparison to the privacy ramifications if Google could monitor your brain! And will bidirectional communication with the brain eventually be possible? I for one do not want Google to hack my brain!

So with all of these potential dangers lurking in the shadows, the most important question is simple. Are the Nest web interface and mobile applications secure? First I must state that I did not in any way conduct any type of penetration test against the Nest web interface. However, I can comment on certain design choices that Nest deliberately selected in order to make the web interface as user-friendly as possible. These design choices were conscientious decisions and therefore do not fall under the responsible vulnerability disclosure process:

The Nest login form does not explicitly disable the "AUTOCOMPLETE" attribute for the username and password parameters. Consequently, attackers with subsequent workstation access could compromise stored Nest authentication credentials.
The Nest login page does not enforce an effective account lockout mechanism. Users can successfully login after 100 failed login attempts. Consequently, attackers can launch brute force horizontal password guessing attacks.
The Nest password policy is weak. Passwords are only required to be six characters in length, and password complexity requirement are not enforced. Consequently, attackers can also launch vertical password guessing attacks.
The Nest web interface does not include the "X-Frame-Options" header. Consequently, attackers can launch clickjacking attacks.
Like virtually all online authentication mechanisms, the Nest web interface is susceptible to phishing (and spear phishing) attacks.

A user-friendly web interface is important, but a secure web interface is even more important. So what should Google do? First and foremost, Google should strengthen the security of the existing Nest web interface and mobile applications. For example, the following solutions would address the security concerns listed above:

Explicitly disable form autocomplete. Set the "AUTOCOMPLETE" attribute to "OFF" for the username and password parameters on the Nest login form.
Enforce an effective account lockout mechanism. For example, lock Nest accounts for 20 minutes after three failed login attempts within a 30-minute window.
Institute a strong password policy with sufficient password length and complexity requirements For example, require Nest passwords to be eight characters in length and contain at least one uppercase letter, lowercase letter, number, and special character.
Prevent clickjacking attacks against the Nest web interface. Set the "X-FRAME-OPTIONS" header to "DENY" or "SAMEORIGIN".
Educate Nest users regarding phishing and other essential security considerations.

Google has a golden opportunity in their hands, and could very well cultivate Nest into a powerful and profitable line of ingenious products. However, security must be designed into each and every Nest product blueprint. Otherwise your eggs could get cracked, and Google could end up with a whole lot of egg on their face. Let's wrap things up with one last interesting tidbit. Every page within the Nest web interface includes a ridiculously oversized Nest Labs logo hidden within the HTML comments:

<!--  Copyright 2013 by Nest Labs, Inc.  All rights reserved.

                               ####
                             ########
                           ############
                         ################
                       ####################     #######
                     ########################   #######
                   ############################ #######
                 ######################################
               ########################################
             ##########################################
           #############################################
         #################################################
       #####################################################
     #########################################################
   ############################################################
 ######## ####################     #################### #########
   ####   ###############               ###############   #####
    #     ############                    #############     #
          ###########                       ###########
          ##########          #####          ##########
          #########         #########         #########
          ########         ###########        #########
          ########        #############        ########
          ########        #############        ########
          ########        #############        ########
          ########        #############        ########
          ########        #############        ########
          ########        #############        ########
          ########        #############        ########                 -->

Less the copyright information, that's 1,621 extraneous bytes transmitted within every page of the Nest web interface. Google is known for minimizing page size and load speed by removing extraneous content whenever possible, even going so far as to strip spaces and newline characters. Take a look at the page source of Google.com to see what I mean. I would be shocked if Google does not eliminate or at least shrink this ridiculously oversized Nest Labs logo. However, with critical security and privacy considerations hanging in the balance, right now Google certainly has bigger fish to fry (hopefully on a smart stovetop).

For more security predictions from Symantec experts, please visit http://www.symantec.com/connect/blogs/2014-predictions-symantec-0.

↧

PCAnywhere Windows 8/8.1 support demand

January 29, 2014, 1:55 pm

≫ Next: ‘Xin Nian Kuai Le’: Spammers Say Happy New Year

≪ Previous: Digging Deeper Into Nest Security

Hello Everyone,

I'm currently working to understand the level demand in EMEA (or indeed worldwide) for Windows 8 and 8.1 support for PCAnywhere. We have introduced support for these platforms across the vast majority of our EPM products, however PCA is causing us some problems due to the deep-rooted incompatibility with our mirror driver.

If you see a need for this in the near future could I ask for the following details:

Customer name: <optional, this is not required>

Node count:

Business impact of not having support:

And finally, if anyone out in the community has had success with a workaround for this issue could you get in touch with me directly.

Thanks for your help.

↧

‘Xin Nian Kuai Le’: Spammers Say Happy New Year

January 30, 2014, 1:39 am

≫ Next: Come convertire un file di registro in un file batch

≪ Previous: PCAnywhere Windows 8/8.1 support demand

China is gearing up to usher in the Year of the Horse, which begins with the new moon on January 31 this year. With more than a billion people worldwide preparing to celebrate the new year for the lunar calendar, the celebration this year promises more color than ever before.

Chinese New Year, also known as the spring festival, is a day for reunion and thanksgiving, where exchanging gifts is at the heart of the celebration. Friends, family, colleagues and even businesses exchange gifts to show love, respect and loyalty. Business owners often send gifts to their customers and shops offer gifts and discounts to show their gratitude. However, spammers are all too aware of this practice.

The spammers and fraudsters are known to capitalize on special occasions and exploit the noble gesture of giving gifts in order to send out spam. They are known to pose as friends and business owners and send emails promising gifts and financial offers to attract unsuspecting victims.

We’ve observed spam that exploits Chinese New Year by pretending to be from a reputed company. The spam message appeals to the recipient’s benevolence, asking them to give the company’s products as gifts to loved ones.

Sample

Figure 1. The subject of the spam message

Translation

Subject: [COMPANY NAME] wish users, a happy new year.

Figure 2. Preview of the Chinese spam email related to the Year of the Horse

Translation

Greeting all customers,

As the year of the golden snake is coming to an end, year of lucky horse right at our door steps! It’s the beginning of a new year, everything is a new start! As we are about to approach the new year, [PRODUCT NAME] would like to send our greeting to you and your family with utmost respect and well wishes! We wish you a happy and healthy new year!

Thanks for your continuous support to the company. We wish you a great Year of the Horse. Happy New Year!

[COMPANY NAME]

2014 January

The spam sample in discussion has the subject line greeting the customers on behalf of the company. The body contains an image preview which looks cheerful to spread the holiday feeling. The message tries to make the name of the company linger in the minds of the readers so that they may consider its products while gift shopping.

In previous years, Symantec had observed a variety of Chinese New Year spam. The most prominent among them promoted fake gift offers and discounts. Scams formed another significant spam category, which included loan offers and job offers, making people think they can pay off any debt they may have and get a good start in the new year. All these spam emails were devised to exploit the strong traditions and values of the Chinese community worldwide.

The Chinese New Year festivities commence on January 31 and will continue for 15 days until the full moon, when Lantern Festival is celebrated. We can expect more spam of a similar nature during this time.

The New Year festival is a good opportunity for the spammers to target users. The best practice to avoid falling into the spammers’ traps is to be wary of opening unsolicited new year themed emails.

We wish you all the very best in the Year of the Horse!

↧

Come convertire un file di registro in un file batch

January 30, 2014, 4:09 am

≫ Next: Looking for ITMS SDRK's?

≪ Previous: ‘Xin Nian Kuai Le’: Spammers Say Happy New Year

RegToBat Converterè un semplice ma utile tool per la conversione di un file di regisitro (.reg) in un file batch (.bat).

Questo tool portatile consente la conversione di un file .reg in maniera molto semplice e immediata, infatti viene eseguita tramite Drag e Drop del file oppure con la selezione manuale del file REG .

Il risultato di questa conversione è un file batch che può essere copiato in una memoria USB oppure può essere inviato in una installazione remota tramite un programma di software remote management.

Sistemi Operativi : Windows Xp , Windows Vista , Windows 7 , Windows 8 , Windows 8.1 – (x86 e x64 bit)

Lingue supportate : Inglese

Licenza : Freeware

Link : RegToBat Converter

↧

Looking for ITMS SDRK's?

January 30, 2014, 7:08 am

≫ Next: Looking for the Mobile Management SDRK?

≪ Previous: Come convertire un file di registro in un file batch

As it appears that Symiqforpartners is no longer available, SDRK's can now be obtained by joining the following private LinkedIn group:

Symantec Endpoint Management (UPP) Specialist Partners

↧

Looking for the Mobile Management SDRK?

January 30, 2014, 7:10 am

≫ Next: EV v9 PST Migration with DFS - Sharing Information

≪ Previous: Looking for ITMS SDRK's?

↧

EV v9 PST Migration with DFS - Sharing Information

January 30, 2014, 8:56 am

≫ Next: Twitter Spam Bots Target NFL and Miley Cyrus Fans

≪ Previous: Looking for the Mobile Management SDRK?

Just sharing some information.

Following this forum post - https://www-secure.symantec.com/connect/forums/dfs... - I've been able to successfully migrate PSTs using the client-driven migration method. There are a couple of requirements:

At the client-side computer, the OS cannot be Windows XP. I've only been able to get this to function when the OS is Win7 / Win8.

On our primary EV server - where the PST migrator task runs - a HOSTS file entry must be created that resolves the IP address of your primary DFS server with the short name and the FQDN of your domain name.

10.1.1.1 domain domain.com

Once you enable the mailbox for client-side migration, and the user has a PST opened in Outlook that's on - for example - their home directory that exists on a DFS network share (like my environment), the PST will successfully migrate.

An additional challenge to client-side migration behavior is the system searching for PSTs on the local hard disk and migrating that content into the Vault for whoever first logs into that machine and is client-side enabled, regardless of who owns the PST or what the PST tag indicates. I realize this aspect may be open to debate, but the Administrator's Guide - and my personal testing - both confirm that client-side migration ignores the marking of a PST to determine who owns the content.

Here's how I got around that: Within the PST Migration Policy, check the box "Restrict search to PST files under users''Documents and Settings' folder. Then, create a symbolic link within %userprofile% that links to their DFS-located Home Directory:

mklink /D %userprofile%\Documents\Symlink p:\

I realize that you can use server-side migration to target indivudal Windows servers that run DFS and house the home directory data, but you forego the automatic email messages that EV sends to the employee when they're enabled and when each PST is migrated successfully.

↧

Latest Images