Infinity Blog

Article from CRN by Kevin McLaughlin

Security researchers have identified another OS X Trojan that exploits a Java vulnerability that attackers used recently to build a botnet of more than 600,000 infected Macs.

The new Trojan, called SabPub, is a “custom OS X backdoor” that miscreants appear to have built in order to carry out targeted attacks, and there is evidence to suggest that they may be targeting pro-Tibetan activists, Costin Raiu, director of research and development at Kaspersky Lab, said in a Saturday blog post.

Like Flashback, SabPub requires no user interaction and installs itself on a machine when the user visits an infected Webpage.

Once it infects a machine, the SabPub Trojan attempts to connect to command and control servers in order to remotely harvest data, Raiu said in the blog post.

On Sunday, remote attackers took control of one of Kaspersky Lab’s SabPub-infected test machines and stole some of the dummy files on it, which suggests an active Advanced Persistent Threat that is being controlled by an actual person, according to Raiu.

“We are pretty confident the operation of the bot was done manually — which means a real attacker, who manually checks the infected machines and extracts data from them,” Raiu said in a Sunday blog post.

Kaspersky also identified a second SabPub variant that appears to have been extracted from a Word document or was distributed as a Doc-file, Raiu said in the blog post.

Apple issued a patch for the Java vulnerability on April 4, but security researchers criticized the company for its slow response to the issue, which was brought to its attention in February.

Attackers used the Flashback malware to build a worldwide botnet encompassing some 670,000 infected machines. That figure has dropped considerably since Thursday, however, when Apple released an update for Mac OS X v10.7 and v10.6 that removes most common variants of Flashback.

Apple has also been working with Internet service providers to take down the command-and-control servers associated with the Flashback malware.

Read more from this article.

Article from MarketingProfs

“Blogs increase your credibility, boost your traffic, and put a personality behind your brand,” writes Lindsay Atkinson at the Renegade Search blog. “But how should [a blog] be executed? Should it be hosted on your website or on a completely different domain?”

The short answer is: It depends.

To help you decide where to host your company’s blog, Atkinson offers these insights:

Off-site hosting is ideal if:

1. Your brand’s website has strong rankings, high domain authority, and an excellent PageRank. Instead of using the blog to bolster your primary domain, it can be cultivated as a secondary domain to heighten visibility in search engine results.
2. You plan to cover topics that stray from the content at your website. Too many unrelated keywords might muddy the SEO waters at your site and begin attracting the wrong kind of traffic.

On-site hosting is preferable if:

1. Your purpose with the blog is driving traffic to your website. If you don’t rank well, for instance, a well-received blog could be the thing that moves you to the first search engine results page.
2. You rely on the blog for the fresh content that plays a critical role in your rankings. “[H]aving an on-site blog that is updated frequently will help contribute to an otherwise stale site,” Atkinson notes.

Summary: First, decide what you want. Your decision to host a blog on- or off-site depends on a keen analysis of your needs and goals. From there, it can be an easy choice.

Read more from this article.

By Cathy Davis, Infinity Mac Specialist

Have a laptop? Don’t leave it plugged in all the time.

Your battery needs to be trained as to the high points and the low points of its charge cycle. A charge cycle is the battery going from fully charged to fully depleted.

If it loses track of these points, the battery may appear fully charged but will only give you a mere percentage of actual charge time, meaning that it may say that you have 4 hours to work with, but then fully deplete within minutes.

Let your battery run down to about 10% occasionally, then recharge.

Article from CRN by Kevin McLaughlin

VMware announced last week its sponsorship of the Open Networking Research Center, a new organization dedicated to furthering development of software defined networking (SDN) technology.

SDN decouples the network control plane from the physical hardware, and it simplifies management by handling packet routing and other administrative tasks on a separate layer. Virtualizing this layer is seen as one of the final pieces of the puzzle needed to enable cloud computing to gain broad traction.

VMware dominates the server virtualization space, but given the Palo Alto, Calif.-based vendor’s ongoing effort to diversify its business, partners are not surprised by its sponsorship of the ONRC. If anything, they’re surprised it took VMware this long to get in on the action in the network virtualization space.

“VMware is not going to sit back and watch networking equipment become virtualized and not be a player,” said Robert Germain, vice president of engineering at Hub Technical Services, a South Easton, Mass.-based solution provider. “Networking is going to be more about software than hardware, and VMware wants to be part of creating the protocol for that.”

ONRC can be seen as network infrastructure players’ response to Openflow, the open source SDN protocol that is being standardized by the Open Networking Foundation (ONF), a group formed in 2011 by Microsoft, Google, Facebook, Deutsche Telekom, Verizon, and Yahoo.

Brad Maltz, chief technical officer at ICI, a Marlborough, Mass.-based solution provider, believes VMware’s involvement with ONRC will help counteract the perception that it is a “closed solution” vendor.

“With traditional switch vendors, Openflow is integrated for the ability of the industry to develop new and experimental protocols,” he said. “VMware is now proving that they are developing standards and technologies that will allow other technologies and solutions to integrate into the common open standards stack.”

ONRC consists of two networking research groups, one each at Stanford University and the University of California, Berkeley. It also includes the Open Networking Laboratory, an independent nonprofit entity that is tasked with developing open source.

VMware is joining 11 other networking vendors in sponsoring ONRC, including Google, HP, Huawei, Juniper and Intel.

Read more from this article!

Article from Tech Republic by Justin James

Over the last few years, there has been a fair amount of backlash against Google for a variety of things, most notably its use of personal data with advertising. A lot of people say they want to stop using Google’s services, but they don’t think they really can. Google is, after all, quite pervasive and makes itself easy to count on. Here are 10 Google services you can leave — some with more effort than others — and three you may not be able to abandon even if you want to.

1: Google Search

2: Gmail

3: Picasa

4: Android

5: Google Talk

6: Google Docs

7: Google Maps

8: Blogger

9: Google Reader

10: Google Checkout

Three Google services that are hard to live without:

1: YouTube

2: Google+ (maybe)

3: AdWords (maybe)

Read more about Google’s services you may or may not be able to live without.

Article from High Rankings Advisor by Jill Whalen

With that said, here’s what I’ve learned (so far) trying to market my new website:

1. It’s helpful to have a well-established online presence to jumpstart a new one.

2. Don’t be afraid to ask for help from your network.

3. Starting a brand-new Twitter account sucks.

4. The right way to start a new Twitter account. I decided to start a brand-new one — I wasn’t happy with the name on the old one anyway.

5. Whom you follow and who follows you on Twitter are not necessarily one and the same. At least not in this case.

6. Be mindful of my current followers and why they are following me. Google Analytics is a topic of interest to a good portion of my followers, but I doubt that they want all my posts to be about it or my new site.

Read more from this article.

In Verizon’s Annual Data Breach Investigations Report for 2012, Verizon reported that “97% of breaches were avoidable through simple or intermediate controls.” These hackers gained access a couple of ways – 81% utilized some form of hacking and 69% incorporated malware, according to Verizon.

Typical targets consist of organizations ranging in size from small to medium. According to Verizon, 85% of targets are organizations with fewer than 1,000 employees, which indicates large-scale automated attacks. This means many small and medium-sized businesses aren’t being directly targeted, rather exploited through known weaknesses.

Instances like these are why it’s important to frequently review and update your security, which includes educating your employees on different types of security risks that pose a threat to your business and customers, such as unsafe websites or opening unverified emails.

Read more from the Verizon Data Breach article.

Article from CRN by Ken Vanderweel

Cloud computing has finally grown to its next step in the market. Many companies are racing to enter the market, increasing competition to drive prices down and services up. Some companies are offering cloud computing consulting to learn how cloud computing can be used to make a business more effective, efficient and economical.

With this, come some risks for companies entering the cloud computing market. Ken Vanderweel, CRN writer, warns that “If you slap a ‘cloud’ label on a solution or service, you jeopardize your credibility out of the gate.” There is also the chance of picking the wrong service for your customers. The technology is still changing, so make sure you pick your technology partner carefully.

Make sure your technology partner considers:

• Security Challenges
• Compliance
• Timeline of Completion

Infinity offers cloud computing services and has been in the market for more than 5 years. Learn more about our services here!

Read more from this article.

Article from Tech Republic by Mark Kaelin

Microsoft has been working on shortcuts for Windows 8 to help any user quickly navigate around their computer. Although many of the shortcuts in Windows 7 will be carried over Microsoft, decided to make many new shortcuts specifically for the next version. With so much new content being added it seems like a good idea!

Here’s a few of the shortcuts that will be featured in Windows 8:

View the preview of 100 Windows 8 keyboard shortcuts here.

Article from Tech Republic

By Justin James

Ever wonder why certain IT jobs are hard to fill? A lot of positions in IT are very demanding, and here are some examples to see if these are the kind of jobs you want.

Project Managers
These positions are few and far between. It’s a tough job and requires some high level certifications. The certifications also require actual work experience in the field. Overseeing on-site projects requires extensive organizational skills as well. All these requirements make the position hard to fill and in high demand.

Technical Equipment Writer
Ever wonder who writes most of the manuals for the IT equipment around the office? Only the most qualified technicians. It’s a hard job to fill due to the high level of technical knowledge and writing skills required. Every manual has to be written in extensive detail so that any technician in any country can understand it enough to deal with installation as well as any problems that may arise from it.

Programmer
With technology changing so often one of the hardest jobs to fill is programming. Maintaining and updating old applications can sometimes challenge a person’s sanity. If wading through coding correcting compatibility issues and searching for errors all day sounds like fun then you’ll have no trouble finding a job.

Read more about hard to fill IT jobs here.