Protection from Ransomware Malware

Ransomware is a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan, whose payload is disguised as a seemingly legitimate file; thus, ransomware is an access-denial type of attack that prevents legitimate users from accessing files.
While initially popular in Russia, the use of ransomware scams has grown internationally;in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities,and CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

if you think that you are attacked by this virus or your server is attacked please search that highlighting file *.Locky ,_HELP_instructions.html or DDHMTTF.exe  

Please delete that file if you find that .

or if you use the mcafee antivirus please update the antivirus and the update version is 8164.

** This is to alert you that a spam email is currently being spreading globally from some malicious domains ( eg. wdru30918773@gaetanosonline) attached a word document file, notepad, *.zip, *.rar ,*.docm with it and the subject of the emails are like: Invoice, Ref. 54468561or bank statement or picture

So, if you got this type of email. Immediately delete it without opening the attachment file ASAP.

Basic Switch Configuration

Switches are one of the most numerous devices installed onto the corporate network infrastructure. Configuring them can be fun and challenging. Knowing how switches normally boot and load an operating system is also important.

Switch Boot Sequence

After a Cisco switch is powered on, it goes through the following boot sequence:

Step 1. First, the switch loads a power-on self-test (POST) program stored in ROM. POST checks the CPU subsystem. It tests the CPU, DRAM, and the portion of the flash device that makes up the flash file system.

Step 2. Next, the switch loads the boot loader software. The boot loader is a small program stored in ROM and is run immediately after POST successfully completes.

Step 3. The boot loader performs low-level CPU initialization. It initializes the CPU registers that control where physical memory is mapped, the quantity of memory, and memory speed.

Step 4. The boot loader initializes the flash file system on the system board.

Step 5. Finally, the boot loader locates and loads a default IOS operating system software image into memory and hands control of the switch over to the IOS.

The boot loader finds the Cisco IOS image on the switch using the following process: The switch attempts to automatically boot by using information in the BOOT environment variable. If this variable is not set, the switch attempts to load and execute the first executable file it can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory. On Catalyst 2960 Series switches, the image file is normally contained in a directory that has the same name as the image file (excluding the .bin file extension).
The IOS operating system then initializes the interfaces using the Cisco IOS commands found in the configuration file, startup configuration, which is stored in NVRAM.
In Figure 2-1, the BOOT environment variable is set using the boot system global configuration mode command. Use the show bootvar command (show boot in older IOS versions) to see the current IOS boot file version.

Figure 2-1 Configure BOOT Environment Variable

Bangladesh’s banks face up to 300 malwares a day, security investment neglected: Study

A study reveals poor knowledge and insufficient investment in cyber security in Bangladesh’s banks, despite the fact that they are facing different types of cyber attacks every day.

Md Mahbubur Rahman Alam, associate professor of Bangladesh Institute of Bank Management (BIBM), said banks face up to 300 malicious software attacks a day, 60 percent of them by the local hackers who he said can be trained as “ethical hackers” for defence.
He presented his study findings at a seminar on cyber defence on Saturday in the wake of the recent Bangladesh Bank cyber heist that led to $101 million being stolen.
The Chief Technical Officer (CTO) Forum Bangladesh organised the seminar, with the support of cyber security solutions FireEye and TVN, an ADN company, to make bank executives and technical professionals aware of the latest in cyber defence.
Global security experts along with Bangladesh officials including central bank executive director Subhankar Saha spoke at the seminar.
Alam said since the central bank’s incident, he has observed a growing interest among bank managements to invest on IT development. They have been pouring money into gap analysis and training.

“But even then eight percent managements are reluctant to invest in IT and 24 percent will wait for the central bank’s directives,” he said.
“They don’t invest in IT, but they blame IT after incidents”.
While seventy percent banks have no separate and independent IT security and risks management division, many banks have installed costly software in an “ineffective way”, the study found.
Prevention is not enough
An estimated Tk 300 billion has been invested in banks’ IT development since 1968 when Agrani Bank first installed a computer.
Each year Tk 10 billion is being invested in the IT processes in the overall banking segment except in the central bank.
But a major portion of the budget goes to buying hardware first, and then software.

Allocation for security, training and audit was “very poor” in the last four years, the study found. Only four percent of the IT budget is being used for security purposes and two percent for training
But cyber attack has become the key threat for any system’s security with the technological advancement.
Subhendu Sahu, head of commercial sales for the Asia Pacific region for FireEye said, about 60 percent organisations come to know from external sources that they have been attacked.
He said with the technological advancement the threat also increases, and the average time to contain a cyber attack has also increased. It took 31 days in 2014, 27 days in 2013.
“It takes an average 164 days just to get to know that your security has been breached,” he said.
“Prevention is not enough. The best prevention solution can be breached. Always keep in mind that you will be breached.”
“And for that there are some preparation,” he suggested.
He said preparing for the breach should be a part of the daily security routine of a company.
“The company should draw up a detailed plan and select those from the board who will deal with the attack when it happens. Each incident is unique.”
“But today is the best time for preparation,” he said, insisting that companies should not wait to be attacked.

“The whole security compliance should be looked at from the attackers’ point of view, not the consumers.”
Five key pillars
According to the security experts, a company must have the capabilities to identify, detect, protect itself from, respond to and recover from cyber security attacks.
The security experts at the seminar said those were the five key pillars. But the BIBM teacher, Alam, lamented that when he asked 25 Chief Technical Officers about those pillars, they replied: “We don’t know”.
“Seventy-four percent IT heads lack ‘adequate knowledge’ of IT security,” he said citing his study that also found that banks had to spend money for many purposes particularly reimbursements, and audit and consulting services, after facing software attacks.
“But banks do not want to spend money on improving the IT security department,” he said, adding that the IT departments are poorly staffed and those who work there are overburdened.
“This is also a risk from the security point of view. They may cause intentional or unintentional security harms”.

“It is very much alarming that 91 percent banks do not have Data leakage prevention (DLP) solution. To protect sensitive data, banks should introduce DLP as soon as possible,” he said.
The DLP solution is a system designed to detect potential data breach and protect data from any type of malicious activity.
Alam suggested setting up of an information sharing and analysis centre – as India did 20 years ago -- so that all financial institutes can be notified if an incident happens at a bank.
“What happened in the Bangladesh Bank, other banks came to know a month later, but by this time, they could face a similar kind of cyber security threat. If they knew, they would be alert.”
He said the central bank can also develop “ethical hackers” like Singapore and Malaysia who will help the other banks know their “vulnerability”.

Apple updates MacBook with faster processors

Apple Inc on Tuesday updated its 12-inch MacBook line of laptops with faster processors, Retina display, Force Touch trackpad and made it available in rose gold colour.

The new MacBook is 13.1 mm thin, weighs 2 pounds and has a battery capable of up to 10 hours of wireless web browsing on a single charge.

The device, which starts with a price tag of $1,299, will be available for sale from Wednesday.

USA Immigration DV Visa Lottery for 2017 opened

Those applicants who have qualified are strongly recommended for registering as soon as possible. System delays could occur due to heavy demand in the registration period’s last day.

The US Department of State annually administers the DV Lottery by providing the immigrant visas (green cards) annually to the people from the countries which are having low immigration rates to the US.

There are 50,000 DVs available in the current year. The visas are being distributed between the 6 geographic regions, with maximum number of visas will be going to the regions who has low immigration rates. More than 50,000 immigrants have been send to the US in the last five years.

The natives of Hong Kong SAR, Taiwan, and Macau SAR are eligible to apply for this DV visa. People may qualify to apply if their spouse is born in the eligible country.

The people who are registering should possess high school education or its equivalent,  or they should have two year’s work experience in previous five years of job in an occupation, requiring a minimum of two year training or experience for performing the job.

Overseas national must submit the online form and a digital photo through the official website of the DV Lottery. Per person, only one entry is permitted. Multiple registrations made on behalf of one person is disqualified. This is free of cost application.

All the DV lottery applicants are required to visit the website of E-DV Entrant Status for finding their entry selection. Selected candidates will be notified through Entry Status Check, which will be available from 3rd May 2016 till 30th September 2017. The selected applicants can also apply for PR in the year 2017.

If you are a native of one of the following countries, then you are excluded from entering the DV2017 Green Card Lottery program this year:

Linux Samba Configuration

Installing Samba

1.    Use yum to install the Samba package:

        yum -y install samba

Creating Samba Test Directory and Files

For this part of the procedure, you'll use the su - (switch user) command to work as root. Although it’s not best practice to do this regularly, there are times where it's much more practical to work directly as root instead of trying to use sudo to do everything. This is one of those times.

You're going to create a new directory containing three empty files which you'll share using Samba.

2.    While logged on as root, create the new directory /smbdemo with the following command:

       mkdir /smbdemo

3.    Change the permissions on the new directory to 770 with the following command:

       chmod 770 /smbdemo

4.    Navigate to the new directory with the following command:

       cd /smbdemo

5.    Add three empty files to the directory with the following command:

        touch file1 file2 file3

Figure 1: Using touch to create files for the Samba exercise.

Adding the Samba User

You must add users to the Samba database in order for them to have access to their home directory and other Samba shares.

6.    Use the following command to add a new Samba user (the new Samba user must be an existing Linux user or the command will fail):

       smbpasswd -a <username>

        For example, to add the user don, use the command smbpasswd -a don.

Creating the Samba Group

7.    Perform the following steps to create a smbusers group, change ownership of the /smbdemo directory, and add a user to the smbusers group:

        groupadd smbusers
        chown :smbusers /smbdemo
        usermod -G smbusers don

Figure 2: Adding the smbusers group, changing ownership on /smbdemo, and adding a user to the smbusers group.

Configuring Samba

Note: In several of the steps in this exercise, I mention specific line numbers. The line numbers I mention are based on CentOS version 6.5. If you’re running any other version, your line numbers may be different. In that case, just search for the relevant text string.

Samba configuration is done in the file /etc/samba/smb.conf. There are two parts to/etc/samba/smb.conf:

• Global Settings: This is where you configure the server. You’ll find things like authentication method, listening ports, interfaces, workgroup names, server names, log file settings, and similar parameters.

• Share Definitions: This is where you configure each of the shares for the users. By default, there’s a printer share already configured.

Configuring smb.conf

8.    In the Global Settings section, at line 74, change the workgroup name to your workgroup name. I’m going to use soundtraining as a means of shamelessly promoting my company during your quest for knowledge. I’m sure you understand.

soundthinking point: Enable Line Numbering in vimYou can enable line numbering in vim with the command :set nu. If you want to turn it off, use :set nu!.

Figure 3: Changing the workgroup in the Samba configuration file.

9.    Now, confirm that the authentication type is set to user by going to the authentication section, still in Global Settings, and line 101. Make sure there is no hash mark at the beginning of the line to enable user security.

Figure 4: Confirming user authentication in the Samba configuration file.

This change allows users on your Red Hat/CentOS server to log in to shares on the Samba server.

10.    Next, add a section for /smbdemo, which you created earlier. You can just add it to the very bottom of /etc/samba/smb.conf with the following lines:

Figure 5: Configuring Samba share definitions.

11.    Be sure to save your changes with a :wq. 

You can use the command testparm to test the configuration. In order for the server to re-read the configuration file and make the changes, you must restart the Samba service with the commands service smb restart and service nmb restart.

When properly configured, you should be able to connect from a computer running the Windows operating system and see both the general share and the user’s home directory:

Figure 6: Viewing Samba shares from a Windows computer.

You can test it by opening the user’s home directory in Windows, adding a file, and then viewing that file on the Linux server.

Troubleshooting Samba

In addition to checking for spelling and typographical errors, check to ensure the Linux firewall is permitting Samba traffic. Similarly, if you're using SELinux on your system, you must explicitly permit Samba traffic, and finally you must enable Network Discovery on the Windows client machine.

MAC Mail Setup

1. Open Mail. If you haven't added a new account yet, you'll be taken directly to the Add Account prompt. If you're adding an additional account, or this prompt doesn't otherwise load automatically, you'll need to select Add Account from the Mail menu. 
   
2. From the Add Account prompt, select Add Other Mail Account... and click Continue.
3. Enter your email account information.
   • Full Name: Your name as you would like it to appear.
   • Email Address: Your full email address.
   • Password: The password for your email account. 
     
   Click the Create button when you're ready.
4. Mail will attempt to contact the mail server. The default search uses "autodiscover.example.com" -- unless you have this subdomain already created and an SSL Certificate installed, this will not work. However, don't worry! It's totally normal for this to happen, since Media Temple's servers do not have autodiscover settings enabled by default. 
    
   When an autodiscover setting has been unsuccessful, an "Account must be manually configured" message will appear. Click the Next button to complete setup manually.
5. Next, enter your incoming mail server information.
   • Account Type: We strongly recommend connecting via IMAP. To learn more, please see Using Email: How IMAP works.
   • Mail Server:Use your IP address or mail.yourdomain.com.
   • User Name: Your full email address.
   • Password: The password for your email account.
6. Click the Next button to proceed. You will be taken to a second screen to confirm additional details. 
   
   • Path Prefix: Leave this area blank.
   • Port: You will want to connect using the correct port based on the settings you have selected.
     • IMAP: 143, or 993 if you are using SSL.
     • POP: 110, or 995 if you are using SSL.
     TIP:

     Recommended settings:

     • For incoming mail, we recommend using Port 993 with the Use SSL checkbox selected.
   • SSL Checkbox: Check this box if you wish to connect using SSL encryption. Note that you will also need to use an SSL port (above) if you select this option.
   NOTE:

   You may encounter an Unverified SSL Certificate warning if you have chosen to connect with SSL. This is common if you do not have your own SSL Certificate installed. You can add the certificate to your trust settings to avoid seeing this message in the future. The encryption in use IS safe, so you can safely select "Connect" to continue.
   • Authentication: Be sure that Password is selected from the dropdown menu.
7. Next, we'll configure the Outgoing Mail Server. 
    
   
   • SMTP Server:Use your IP address or mail.yourdomain.com.
   • User Name: Your full email address.
   • Password: The password you assigned to the email account.
8. Click the Create button when you're ready.
9. Your email account has been created, but you'll want to verify a few steps before you get started. Select "Preferences" from the Mail menu, and click on the "Accounts" tab from the Preferences window.
10. Select your new account from the left hand column. 
11. Click the "Advanced" tab and uncheck the box to "Automatically detect and maintain account settings."
12. Navigate back to the "Account Information" tab. This time, select Edit SMTP Server List... from theOutgoing Mail Server (SMTP) drop-down menu. 
     
13. You will be taken to the SMTP server list. Click the Advanced tab and verify the following settings:
    • Be sure the box to "Automatically detect and maintain account settings" is not checked!
    • Enter your desired outgoing mail port. Since many ISPs block port 25 (the default outgoing mail port), we strongly suggest using port 587, or port 465 if SSL is enabled.
    • Select "Password" from the Authentication drop-down menu, and make sure the "Allow insecure authentication" box IS checked. If you don't see this option, you may need to update Apple Mail or Yosemite to the newest version.
       

That's it! You just configured your Media Temple email address on Apple Mail.