Saturday, September 5, 2015

Tabula Rosa Systems Blog Of 9/5/2015 - Advanced Persistent Threat



Advanced Persistent Threat

An advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. APT usually targets organizations and/or nations for business or political motives. Wikipedia
Well funded APT adversaries do not necessarily need to breach perimeter security controls from an external perspective. They can, and often do, leverage “insider threat” and “trusted connection” vectors to access and compromise targeted systems.
Abuse and compromise of “trusted connections” is a key ingredient for many APTs. While the targeted organization may employ sophisticated technologies in order to prevent infection and compromise of their digital systems, criminal operators often tunnel in to an organization using the hijacked credentials of employees or business partners, or via less-secured remote offices. As such, almost any organization or remote site may fall victim to an APT and be utilized as a soft entry or information harvesting point.
A key requirement for APTs (as opposed to an “every day” botnet) is to remain invisible for as long as possible. As such, the criminal operators of APT technologies tend to focus on “low and slow” attacks – stealthily moving from one compromised host to the next, without generating regular or predictable network traffic – to hunt for their specific data or system objectives. Tremendous effort is invested to ensure that malicious actions cannot be observed by legitimate operators of the systems.
Malware is a key ingredient in successful APT operations. Modern “off-the-shelf” and commercial malware includes all of the features and functionality necessary to infect digital systems, hide from host-based detection systems, navigate networks, capture and extricate key data, provide video surveillance, along with silent and covert channels for remote control. If needed, APT operators can and will use custom developed malware tools to achieve specific objectives and harvest information from non-standard systems.

-----------------------------------------------------------------------------------------------------------------
At the very heart of every APT lies remote control functionality. Criminal operators rely upon this capability in order to navigate to specific hosts within target organizations, exploit and manipulate local systems, and gain continuous access to critical information.
If an APT cannot connect with its criminal operators, then it cannot transmit any intelligence it may have captured. In effect, it has been neutered. This characteristic makes APTs appear as a sub-category of botnets.
While APT malware can remain stealthy at the host level, the network activity associated with remote control is more easily identified. As such, APT’s are most effectively identified, contained and disrupted at the network level.

Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com 

Landing your next job has as much to do with getting your email opened and read as it does with your qualifications.  Job searches don’t work the way they used to. Employers use email to weed out job candidates as they search for the perfect match.  Crafting effective, professional messages could make all the difference in securing your next position.
It’s all about the email.  If your email is not opened and read, you can’t get to the next phase of getting your dream job!  Read this book and in just 60 minutes you’ll know how to write better email. Learn to compose emails effectively and soon you’ll hear those magic words:  “You’re Hired!”
“Being able to provide candidates with tips for using email more effectively in their job search, is something our MRINetwork recruiters truly value. This edition of Netiquette IQ provides a self-evaluative approach to improving email communication at every level… It offers recruiters a reference guide for ensuring candidates present themselves in the best manner when communicating with clients. The power of these best practices is measurable, especially when top clients land Impact Players.” Scott Bass, Director of Marketing and Communications, MRINetwork® EXPERTS IN GLOBAL SEARCH

Paul Babicki is the founder and president of Tabula Rosa Systems (www.tabularosa.net), a company that sells network, security, email filtering as well as email grammar, tone and content software. Paul’s first book is “Netiquette IQ A Comprehensive Guide to Improve, Enhance and Add Power to Your Email.” Check out his popular blog at (http://NetiquetteIQ.blogspot.com)

=========================================

  Great Netiquette To All!


===========================================================


For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
============================================== 
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net
===============================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". . You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================





Friday, September 4, 2015

Is Email Dying or Dead? Don't Bet On It

=======================================================

http://www.entrepreneur.com/

PETER GASCA
CONTRIBUTOR
Entrepreneur, Startup Consultant
      
SEPTEMBER 03, 2015
Email is dead? Not so fast.
Ever since Facebook COO Sheryl Sandberg made her highly visibly pronouncement that email was going away five years ago, the debate about the usefulness and longevity of email has raged. With new generations embracing new communication tools and apps every day, there might just be a strong argument that it could outlive its usefulness.
Like most debates around technology, however, facts trump opinions.
Take, for example, the widely-shared viewpoint that Facebook was fading into its twilight years, with younger users leaving in droves for Instagram. Facebook, however, recently hit a new milestone with 1 billion active users in a single day. That hardly sounds like fading.
Another recent study revealed a positive trend in emails sent and email accounts created, with both estimated to increase 8 percent and 19 percent respectively from 2014 to 2017.
Need more evidence? Consider a report released last week by Adobe which looked into our email-consumption behavior. The study, which surveyed more than 400 white-collar workers in the U.S., seems to indicate that email is clearly not fading, and indeed our addiction to email may never have been stronger. Consider the following statistics about respondents’ behavior around email:
·         70 percent check email while watching TV
·         50 percent check email in bed
·         50 percent check email while on vacation
·         42 percent check email while in the bathroom (also known as the second office)
·         43 percent check email while on the phone
·         18 percent check email while driving
·         Respondents spend six hours per day checking email
I definitely fall into these categories -- each one of them.
Of course, this is good news for marketers who have struggled to find a way to reach consumers in the ever-changing-technology and content-consumption landscape. Marketers should not, however, rush out and press that "send" button to their distribution lists just yet.
Patrick Tripp, senior product marketing manager for Adobe Campaign, an email-campaign-management system for businesses, states that while consumers are still using email, data shows that they are very selective about how they use it.
·         28 percent of consumers are annoyed to have to scroll through emails
·         24 percent are annoyed with the layout not being optimized for mobile
·         39 percent want to see fewer emails in general
And interestingly: 
·         58 percent say that email is their preferred way to be contacted by a brand, but 
·         32 percent say they want fewer repetitive emails from the brands with which they have relationships
With no historic numbers to compare, it is difficult to draw a conclusion about the trend in consumer preferences, but when you consider that almost one third of all respondents used email but had some issue with the format and content, marketers would be wise to take notice and adjust their strategies accordingly.
Before you swap your email-marketing strategy for a Snapchat strategy, consider these tips to get more benefit from your email campaigns.
1. Be mobile ready.
More people are consuming content via a handheld smart device, so email marketers should consider a "mobile first" strategy. In fact, all components of your email campaign -- from the email itself to the linked landing pages to the virtual checkout carts -- need to be mobile ready to assure a seamless experience.
2. Remember that less is more.
Though consumers are using email, they do not want to be inundated by it. Be respectful with their time, add value to their days and never send an email that does not make your customer’s life better in some way.
3. Let consumers set their pace.
Never make it feel like you are trying to manipulate the consumer to get contact information. Make it painfully easy for consumers to set their email options, including times and frequency. Also, ask for an occasional "re-opt in," which will clear out your email list while build trust with your loyal customers.
4. Personalize and add value.
As the Adobe study demonstrated, 58 percent of consumers want to be contacted by their favorite brands -- that is six in 10 customers who are giving you permission to send them an email. So how do you become one of the brands they want to hear from? More important, how do you avoid having that permission rescinded?  
The answer is to add value by providing useful content through personalized email campaigns using data and contextual information about your audience to help craft the right message, at the right time, to the right place (email address).
Consider, for example, that most business professionals have a business and a personal email account (sometimes more). Instead of sending one email to multiple email addresses several days a week, you should be targeting specific addresses based on your customer’s unique online behavior, perhaps using contextual data, such as location and weather.
Also, we spend much time talking about the “right time to send an email,” but the Adobe data shows we are consuming data at all times of the day. If you knew when your customer was in bed or in his "second office," you could better target delivery when they are reading email.
Of course, all of these tips are supplementary to a well-thought-out email strategy and requires time, effort and even some expense. The benefits, however, are quite substantial.
According to Adobe, "We know from data on actual site visits and conversions tracked within the Adobe Digital Index that loyal visitors who spend more and convert at higher rates are twice as likely to come from email than from the average channel."
That doesn't sound like email is dying.

For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618



==============================================

Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com


**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Thursday, September 3, 2015

Tabula Rosa Security Alert Via US-CERT 9/2/2015



(ISC) Releases Security Updates for BIND
Original release date: September 02, 2015
ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.
Available updates include:
·         BIND 9 version 9.9.7-P3
·         BIND 9 version 9.10.2-P4
Users and administrators are encouraged to review ISC Knowledge Base Articles AA-01291 and AA-01287 and apply the necessary updates.
                                                          
Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com 

Landing your next job has as much to do with getting your email opened and read as it does with your qualifications.  Job searches don’t work the way they used to. Employers use email to weed out job candidates as they search for the perfect match.  Crafting effective, professional messages could make all the difference in securing your next position.
It’s all about the email.  If your email is not opened and read, you can’t get to the next phase of getting your dream job!  Read this book and in just 60 minutes you’ll know how to write better email. Learn to compose emails effectively and soon you’ll hear those magic words:  “You’re Hired!”
“Being able to provide candidates with tips for using email more effectively in their job search, is something our MRINetwork recruiters truly value. This edition of Netiquette IQ provides a self-evaluative approach to improving email communication at every level… It offers recruiters a reference guide for ensuring candidates present themselves in the best manner when communicating with clients. The power of these best practices is measurable, especially when top clients land Impact Players.” Scott Bass, Director of Marketing and Communications, MRINetwork® EXPERTS IN GLOBAL SEARCH

Paul Babicki is the founder and president of Tabula Rosa Systems (www.tabularosa.net), a company that sells network, security, email filtering as well as email grammar, tone and content software. Paul’s first book is “Netiquette IQ A Comprehensive Guide to Improve, Enhance and Add Power to Your Email.” Check out his popular blog at (http://NetiquetteIQ.blogspot.com)

=========================================

  Great Netiquette To All!


===========================================================


For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
============================================== 
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". . You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Wednesday, September 2, 2015

Tabula Rosa Blog Of /2/2015 - Do Not Enter: ‘Shadiest’ New Internet Addresses

Do Not Enter: ‘Shadiest’ New Internet Addresses
Insurancejournal.com September 2, 2015
A new report warns that more than 95 percent of websites with new Internet addresses such as .zip, .kim or .party are suspicious.
Internet security firm Blue Coat says its research of the top 10 new top-level domains (TLDs), or “neighborhoods,” shows that most are associated with suspicious websites, with nearly 100 percent of the websites for .zip and .review considered “shady.”
A word from our sponsor:
Swett & Crawford's Executive Risk Solutions for Small Businessprovides end-to-end services giving you the freedom to focus on winning new business while we manage the details. Accelerate your business, support your clients, access unrivaled expertise, provide tailored products all with superior service and peace of mind. Contact Swett today!

The safest of the new neighborhoods include .london, .tel and .church.
“Shady TLDs can provide fertile ground for malicious activity including spam, phishing, and distribution of potentially unwanted software,” says the report, which the company hopes is useful for Internet users, enterprise security and IT departments looking to avoid viruses and other malicious activity.
Source: Blue Coat
Blue Coat said it analyzed hundreds of millions of Web requests from more than 15,000 businesses and 75 million users to create “The Web’s Shadiest Neighborhoods” report.
The domain naming world is exploding.
For the early days of the Internet, there were only six common top level domains: com, .edu, .gov, .mil, .net and .org. There were also country codes including .fr (France), and .jp (Japan).
However in 2013, ICANN, the organization that manages Web addresses, began allowing new domains for interests willing to pay a fee.  By June 2015, there were more than 1,000 new TLDs, “many of which may be considered for web security purposes as neither safe nor friendly,” according to Blue Coat.
================================================================
Good Netiquette to all!
================================================================

For a great email parody, view the following link:
https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618



==============================================

Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com

**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================