Blog Box

The 9-11 tragedy made a lot of people and businesses look further into their disaster recovery planning and business continuity planning solutions. Data backup is an integral part of DRP and BCP. But performing data backups onsite alone won’t give you the protection you would need should that particular site be compromised.

The most common backup strategy that companies have is having a copy of their backup media on site and another one to an off site facility where they are stored securely. Bigger companies with bigger budgets who have several sites also tend to replicate their data across several sites to achieve redundancy and have a robust backup solution.

Backup solutions don’t need to be expensive. There are plethora of options you can choose from if you are looking for solutions to backup up your personal files. Take Tilana System’s Tilana Reserve for instance who offer free continuous data protection (CDP).

You can take advantage of their Enterprise CDP infrastructure running on their Cloud storage system which runs on fully redundant systems.

You can avail of their free service or opt for their paid services which gives you bigger online storage capacity.

• FREE 1 GB for 12 months
• $4.95 per month for 5 GB
• $8.95 per month for 10 GB
• $16.95 per month for 20 GB
• $41.95 per month for 50 GB
• $79.95 per month for 100 GB
• $149.95 per month for 200 GB
• $219.95 per month for 300 GB

Tilana Reserve runs only on these Microsoft Windows operating systems:

• Windows Server 2008 (32-bit tested)
• Windows Server 2003
• Windows Vista
• Windows XP, 32-bit versions (SP2)
• Windows 2000 (SP4)
• Tilana Reserve is not compatible with Windows XP x64 (64-Bit) Edition.

Mac versions are currently being developed.

Download a copy of Tilana Reserve.

invites you to

SQL Injection 2.0: SQL Injection 2.0: Bigger, Badder, Faster…and More Dangerous Than Ever (Webinar)

Thursday, July 31, 2008 2:00 am
Singapore Standard Time (GMT +08:00, Philippines)

SQL Injection has existed as a very real – and documented – threat to enterprise security for years. While the concept is far from novel, the techniques, tools, and scope of SQL Injection attacks is growing exponentially – and at a rate that far outpaces traditional, time-consuming defense mechanisms such as code review. Need proof? A quick scan of the industry headlines produces a lengthy list of international SQL Injection victims, including the United Nations and UK Civil Service.

Join Amichai Shulman, CTO of Imperva and Director of the Application Defense Center (ADC), as he pulls back the covers on the next generation of SQL Injection attacks and provides directions on how you can protect your organization against these increasingly sophisticated and dangerous threats. Mr. Shulman will highlight how hackers are launching non-customized attack code via “botnets” and Google searches to distribute malware with lightning-fast speed and precision efficiency. This educational webinar will also feature live demonstrations of several different types of SQL Injection attacks. Specific topics that will be covered during the webinar include:

• SQL Injection Cocktails
• Mass SQL Injection Attacks and Google Hacking
• SQL Injection Automation Tools
• SQL Injection DoS Attacks
• Lateral SQL Injection and other Database-Related SQL Injection Attacks

Sign up for the free webinar.

SANS Gateway Asia 2008 in Singapore is coming up soon on June 30, 2008 to July 5, 2008! This is just 8 weeks away, and the deadline to receive a S$495 discount for early registration is 15 May, 2008. So don’t delay - start making your training and travel plans now! (http://www.sans.org/info/28309)

SANS is partnering with NM Training to bring you three of our most popular courses taught by top-rated SANS instructors. Choose from:

- Security 401: SANS Security Essentials Bootcamp Style
- Security 504: Hacker Techniques, Exploits & Incident Handling
- Security 508: Computer Forensics, Investigation & Response

Hackers continue to target application vulnerabilities in their attacks, so this security training should not be missed! Complete course descriptions can be found by clicking on the following link: http://www.sans.org/info/28314

Certifications corresponding to the skill sets taught in these courses are available. You may purchase a certification attempt for an additional reasonable fee. Holding a GIAC certification gives you credibility as a technical expert and, thus, more respect within your organization.

Classes will be held at the Furama Riverfront, Singapore’s premier downtown business hotel. This elegant hotel is located in a vibrant quarter of Singapore’s city centre, just a step away from Singapore’s business hub, shopping haven, and nightlife!

The SANS Promise: “You will be able to apply our information security training the day you get back to the office!”  Remember, for the best savings register by 15 May, 2008 at http://www.sans.org/info/28309.

Let your colleagues and friends know about SANS Gateway Asia 2008. See you in Singapore!

With the advent of the internet and online shopping. Identity theft and use of stolen credit cards have further proliferated. So what measures do you have in place to protect your identity and credit?

LoudSiren, LLC. is a member of the Identity Protection Network™ and marketing partner of Debix, Inc., of Austin, Texas. The Identity Protection Network™ was established in 2004 and is the first national network dedicated to protecting individuals and organizations from identity fraud.

LoudSiren protects consumers from financial fraud through a of a state-of-the-art process for authenticating customer identities that facilitates the right the US Congress gave consumers to protect themselves. LoudSiren ensures that consumers have access to their credit while keeping it secure from others.

LoudSiren™ STOPS identity thieves and puts you in control by preventing unauthorized use of your credit by making creditors contact you before opening new accounts in your name.

You get these benefits and protections when you join LoudSiren:

• STOP thieves from opening unauthorized credit accounts in your name
• SAVE time by limiting junk mail and pre-approved credit card offers
• KNOW where you stand with optional free Credit Reports
• PROTECT your privacy by stopping unwanted telemarketing calls

How it works is that right after you join LoudSiren, you will be assigned a unique phone number which they call LoudSiren Safe Phone Number. Everytime there is a request for credit made in your name, the creditor will have to contact LoudSiren, afterwhich LoudSiren reviews and automatically processes it then you will receive a call from LoudSiren where you will hear the creditor’s request for credit approval afterwhich you should enter your PIN number should you approve or deny the request.

You have NOTHING TO LOSE! Try LoudSiren.com TODAY, cancel anytime.

Have you ever experienced that an .exe file is being created with the same name as the folder itself in all drives but you  cannot delete them?

How about getting a message “Task Manager has been disabled by your administrator” when you try to run task manager?

Does your USB flash disk seem to be having the same problem and your system is running so terribly slow?

Then your system is most probably are infected with the Newfolder.exe virus.

What is Newfolder.exe?

The real name of this virus is Iddono. This threat copies its file(s) to your hard disk. Its typical file name is Iddono. Then it creates new startup key with name Iddono and value newfolder.exe. You can also find it in your processes list with name newfolder.exe or Iddono. This virus is very difficult to eliminate manually.

So how do you solve Newfolder..exe problem now?

There are actually two ways. There is the quick and easy way and there is the manual way where you dig in deep in to your system and fix files one by one.

The quick solution would be to download Iddono virus remover tool. Security Stronghold’s True Sword solve Newfolder error. True Sword will find and eliminate this problem and more than 280,000 other dangerous threats including trojans, spyware, adware, riskware, problemware, keyloggers, dialers and other kinds of malicious programs in several seconds.

Fast, easy, and handy, True Sword protects your computer against malicious programs that do harm to your computer and break your privacy. True Sword scans your hard disks and registry and destroys any manifestation of such malicious programs. Standard anti-virus software can do nothing against privacy breakers and malicious programs like that. Get rid of trojans, spyware, adware, trackware, dialers and keyloggers in one click now.

If you want to do it manually then check out the guide here.

Search engines are online researchers’ best friend. Next to that would probably be wikis. A wiki is a type of website that anyone can easily edit and help grow through collaboration. Over the years wikis seemed to have replaced encyclopedias.

The most famous of the wikis would probably be wikipedia. There are a lot of others available out there but what seemed to have caught my attention is the free wiki service by wetpaint.com.

Wetpaint powers free wiki websites that are available to anyone and easy to use. In fact, that’s one of the many things that sets Wetpaint apart from other wikis on the web. Creating a Wetpaint wiki is as simple as 1-2-3, so anyone can start a free wiki website they can then share with their family, friends, and the friends they haven’t even met…yet

Wetpaint features everything you would ever want to start and grow a collaborative website. They give you abilities to easily integrate photos and videos, customize your own page templates, include attachments, dynamic page organization, privaye messaging, get notifications via rss and email and even monitor site stats via google analytics and sitemeter. And it doesn’t end there as wetpaint is continually adding features all the time, so there’s always something new for you to try.

So what are you waiting for? Start a wetpaint wiki now.

VTC and FileMaker invite you to avail of their promotional offer to get FREE 30 days unlimited access to all IT trainings available in the VTC library.

A regular VTC subscription will set you back around US$30 a month, or US$250 for a year. But you can get avail of a whole month of free access simply by entering the promo code “fmfr33trial” (case sensitive without the quotes).

http://www.vtc.com/promos/filemaker/signup.php

Enjoy!

SanDisk makes backup effortless and automatic with the SanDisk FlashBack Adapter which turns your SD memory card into a convenient and automatic backup solution in laptops.

You’re at a conference and someone spills coffee on your laptop PC, shorting out the system and cutting you off from your presentation and notes. Or your computer slips out of your hands and crashes to the floor. These are moments that everyone dreads, but today SanDisk unveiled a rescue option – a lifeline for laptop users called the SanDisk® FlashBack™ Adapter. This unique device fits into the ExpressCard™ slot of your PC, automatically and continuously backing up and encrypting critical data onto an SD™ flash memory card.

Whether your PC suffers a system failure or a full hard drive crash, the SanDisk FlashBack Adapter allows you to access your content safely from the memory card. Designed for the millions of newer notebook computers that have an ExpressCard slot, the SanDisk FlashBack Adapter offers a reliable, easy-to-use system to protect critical files by copying them automatically and instantly to an optional SD or SDHC™ memory card of any capacity. And with the backup card nesting completely inside the laptop, the system is literally out of sight. Nothing protrudes from the PC and nothing needs to be attached to any other port.

To use the SanDisk FlashBack Adapter, purchase an SD or SDHC memory card of any capacity and slide the card with the adapter into your computer’s ExpressCard slot, where it can be left for continuous backup protection.

This is a ‘set it and forget it’ solution for every laptop user with an ExpressCard slot who wants to be protected from unintended data loss.

The adapter comes with easy-to-set up software for Windows-based laptops. Once installed, users pre-select backup sources by individual files, folders and/or file types. Then the device backs up and encrypts the user’s data, images, music and other files – automatically and continuously – from the computer’s hard drive to the memory card. Backup occurs as soon as there is a change to a designated file, or when a file is added or deleted. There is no need for scheduling backups and no need for further user intervention. Also, the application has a handy screen indicator to show the amount of storage available, along with a taskbar icon that displays the ongoing backup status.

Restoring individual files, complete folders or the complete set of backed-up data is easy. Just open the application, log in to access, select the encrypted files on the memory card and indicate the restore destination. Voila – your critical files are back and they are within the same folder structure as the originals. Also, you can restore data from the memory card on any PC that uses Windows 2000, Windows XP or Windows Vista and has an SD memory card reader. The SanDisk FlashBack Adapter is not needed for this process.

“We all know that we should frequently make backups of our critical files. But most of us don’t get around to it because it seems like too much of an effort, or we simply forget to do it.”

This practical solution does the job and does it automatically. So if your PC suffers a breakdown, you can flash back to your latest files wherever you are. The SanDisk FlashBack Adapter truly gives you peace of mind.

For protection against laptop theft and to easily share backed-up files, the SanDisk FlashBack Adapter also offers users an option for backing up content online. This service is provided by BeInSync Inc. for a nominal fee and in addition to local storage on an SD or SDHC memory card (more information at www.beinsync.com).

Pricing and Availability
The SanDisk FlashBack Adapter includes a two-year warranty, a mini-CD containing the backup software and a user’s guide. The product will start shipping worldwide in Q2 and carries a suggested retail price of $29.99 (memory card sold separately).

Prevent Fire: Be Informed, Get Involved! is the theme of the Fire Prevention Month for this year.

Fire Prevention Month is observed every year per Presidential Proclamation No. 115-A aimed at raising the level of awareness of the public of the ways to prevent fires and save lives and properties.

Here are some simple tips that could go a long way in helping with fire prevention (source: PIA):

• Candles and Lamps
  • Do not set the lamp too close to the curtain; never read in bed by candle or lamp
  • Do not leave a burning candle unattended
• Vehicular fires
  • Do not smoke or use an open flame while refueling and when inspecting the gas tank, the radiator or the battery;
  • Install a portable fire extinguisher in your vehicles
  • Check wiring insulation frequently to avoid short circuit
• Cigarettes and Matches
  • Never smoke in bed (better yet, don’t smoke at all… remember! smoking is dangerous to your health!)
  • But if you still like to smoke… Do not allow cigar and cigarette butts into the waste basket.
  • Always have ashtray available in your home
  • Crush your cigarette thoroughly before discarding them
  • Strictly obey “No Smoking” signs
  • Keep matches and lighter away from the reach of children.
• Electrical Equipments and Appliance
  • Unplug electrical appliance after use
  • Avoid octopus connections
  • Don’t replace a blown fuse with tin foil, wire or any other metal to short circuit the current. Use only approved standard fuse
  • Don’t leave electric iron with the current on
  • Never let electrical cords trail across floors or under rugs
  • Don’t hang electrical wiring cover pipes, nails, etc.
  • Avoid the use of illegal electrical connections.
• When your clothes catch fire…
  1. Do not run. Running fans the flame.
  2. Drop to the ground
  3. Roll over and put out the flame while covering your face with your hands for protection
  4. The victim can be helped by covering with any heavy woolen cloth to smother the flame.

It is always good to know the phone number of the fire station nearest you.

In case of a fire, do not to panic, stay calm but act quickly.

Do you have some other fire prevention tips you’d like to share with us?

HackaCon 2008: International IT Security Convention

August 8, 9 & 10, 2008

SM Megatrade Hall, Mandaluyong City, Philippines
The topics to be covered are:

• Certified Ethical Hacking and Countermeasures (CEH)
• Linux Security
• Disaster Recovery (DR)
• Licensed Penetration Tester (LPT)
• Security+
• Microsoft Security
• Hardening Against TCP/IP Attacks
• Wireless Hacking and Security
• Computer Hacking Forensic Investigator (CHFI)

The fee is only P500 per topic inclusive of materials and certificate.  This is a first-come first-served basis. The organizers can only accommodate 200 pax per topic.

Check their website for more info - http://www.hackacon.com

TPC Events

presents

DIY Surveillance Seminar

Date: Jun 10, 2007 - Sunday
Time: 8:30am to 1:00pm

Speaker: Mr. Gilbert Villanueva

Description:
Surveillance using CCTV (Closed-circuit television) is the use of videocameras to transmit a signal to a specific, limited set of monitors. CCTV is often used for surveillance in areas which need security, such as banks, lan shops, casinos, hotels and resorts, airports or military installations.

Topics:
1. CCTV and equipments to be used
2. Setup and Installation of cameras
3. Webcast or live viewing thru internet
4. DIY equipments and innovations.
 
Venue: Capinpin Place
Fee: 280
Save cost on IT Learning!
 
As the world of Information Technology continues to move towards advancement, the demand for a highly efficient and knowledgable IT person for home or for business remains increasing. That’s why getting an IT knowledge is one way to achieve success in today’s environment
 
 
Most businesses nowadays are looking for I.T. people, but the truth is I.T. education is expensive. The institutions, colleges and universities are not for everyone because of factors such as financial, age, time, etc. Hence we, at TPC Events, would like to offer you the perfect solution to learn I.T. 
 
TPC Events is all about saving cost on your IT learning. TPC Events specializes in different information technology tools that is designed to your needs and interest. 
 
TPC Events is a nonprofit organization whose mission is to advance higher education by promoting the intelligent use of information technology in the Philippines

More info at TPC Events

Trend Micro

presents

2007 Virtual Security Summit

Save the Day, Every Day

• Live presentations on the latest trends in threats and security strategies from the Trend Micro Executive panel 

• Interactive booths covering solution areas from Messaging to Web Threats to Network Security and more 

• Real-time chat with the pros about your pressing questions 
     

Don’t let the bad guys put your business at risk. Take advantage of the latest in security thought leadership, and start mapping your strategy for a secure future.

Register now: http://www.1105info.com/zmvpwfn_zmptnmm.html

Microsoft releases Microsoft Office Isolated Conversion Environment, or MOICE, to help protect users from malware placed in Office files.

More info about MOICE at Information Security Philippines.

WordPress just released updates for both the 2.1 and the 2.0 branches. The 2.1 branch will get the 2.1.3 update while 2.0 branch will get the 2.0.10 update.

The update fixes several security issues which can be exploited via cross site scripting as well as a fix for a major XML-RPC problem. In this release, Wordpress performed a proactive full sweep of their codebase to minimise potential future problems.

Grab a copy of WordPress 2.1.3 and 2.0.10

Microsoft Releases Windows 2003 Server Service Pack 2

• Windows Server 2003 with SP2 
• Windows Server 2003 R2 with SP2 
• Windows Server 2003 x64 Editions with SP2
• Windows Server 2003 R2 x64 Editions with SP2
• Windows Server 2003 for Itanium-based Systems with SP2 
• Windows XP Professional x64 Edition with SP2 

On Windows Update now, or see below (links are not all working yet, Bink.nu is too quick)

SP2 (32-bit x86)

SP2 for x64 Editions

SP2 for Itanium-based Systems

Windows Server 2003 Service Pack 2 32-bit Support Tools

System Preparation tool for Windows Server 2003 Service Pack 2 Deployment

System Preparation tool for Windows Server 2003 Service Pack 2 Deployment (x64)

Windows Server 2003 Service Pack 2 MUI Pack (32-bit x86) Update

Windows Server 2003 Service Pack 2 MUI Pack Update for x64 Editions

SP2 ISO-9660 CD Image (32-bit x86)

SP2 ISO-9660 CD Image Itanium-based Systems

SP2 ISO-9660 CD Image x64 Editions

KB Analyzer Tool for Windows Server 2003 Service Pack 2 Deployment

KB Analyzer Tool for Windows Server 2003 Service Pack 2 Deployment (Itanium)

KB Analyzer Tool for Windows Server 2003 Service Pack 2 Deployment (x64) + XP64

Hotfix Scan Tool for Windows Server 2003 Service Pack 2 Deployment

Hotfix Scan Tool for Windows Server 2003 Service Pack 2 Deployment (Itanium)

Hotfix scanning tool for Windows Server 2003 SP2 Deployment (x64)

System Preparation tool for Windows Server 2003 Service Pack 2 Deployment

System Preparation tool for Windows Server 2003 Service Pack 2 Deployment (x64)

SMS Template Files for Windows Server 2003 Service Pack 2 Deployment

General SP2 info KB914961 (still old page)

http://www.microsoft.com/technet/windowsserver/sp2.mspx (still old page)

Toolkit to Temporarily Block Delivery of Windows Server 2003 R2 Service Pack 2