Security

Learn to Protect Your PC

You can register for this event by emailing Ms Arlyn Tamondong at arlynt[at]pangasinan.com

Bitstop Re-enrolled in Microsoft Partner Network

Bitstop Inc successfully completed the requirements for us to be re-enrolled into the Microsoft Partner Network. As part of the benefits, Bitstop Inc is now eligible to sell Microsoft Online Services (Cloud based offerrings) Office 365, Exchange Online, Office Live Meeting, Sharpoint ONline, Windows Intune. Windows Intune is specially useful for organizations that need to centrally manage their PC inventories, provide Security and malware protection, AND upgrade their PCs to windows 7 on a very low 11 USD per device per month fee!  

Pirated Windows XP leads in Infections

A study that has been conducted by the AVAST Virus Lab has identified unpatched and pirated versions of Windows XP as the perfect target for rootkit infection. The study found that rootkits infecting via the MBR were responsible for [more than] 62 percent all rootkit infections. Driver infection made up only 27 percent of infection. The clear leader in rootkit infection is the Alureon (TDL4/TDL3) family, responsible for 74 percent of infections. For more details: http://www.sectechno.com/2011/08/06/pirated-copies-of-windows-xp-top-rootkit-target/

IE 9 vs 99% of Malware

The Internet Explorer 9 beta protects against 99 percent of “socially engineered malware,” according to independent researcher NSS Labs. What is socially engineered malware? Cybercriminals use socially engineered malware to gain access to your computer. According to NSS Labs, socially engineered malware describes any link that leads to malicious websites or downloads that could harm your computer. Research shows that these links appear on popular websites and services such as Facebook, Twitter, and LinkedIn as cybercriminals are increasingly taking advantage of people’s trust in these sites. How Internet Explorer 9 protects against socially engineered malware NSS Labs says that the success of Internet Explorer in...

IE Security Vulnerability

Microsoft Warns of Zero-Day Flaw in Internet Explorer (November 3, 2010) Microsoft has issued an advisory warning of active attacks on a zero-day flaw in Internet Explorer (IE). The vulnerability is being exploited to install malware on users' computers. The flaw affects IE 6, 7 and 8; users who have not already done so are being urged to upgrade to IE 8, which includes Data Execution prevention technology that makes the flaw harder to exploit. IE 9, which is in beta release, is not affected. Microsoft says it is working on a fix for the vulnerability, but it does not...

52 Percent of New Virus dead within 24 hours

Panda Software has research that shows: An average of 37,000 new viruses, worms, Trojans and other security threats appear every day The amount of cataloged malware totaled 30 million individual samples by July 2009 Hackers are modifying their creations every day to avoid detection by security companies Every day, PandaLabs receives nearly 37,000 samples of new viruses, worms, Trojans and other types of Internet threats, 52 percent of...

BNS Adopts ITIL Hosted Solution

As part of ITIL v3.0 initiatives at Bitstop Inc, Bitstop Network Service is proud to announce the adoption of ITIL Software to manage, track and identify our service assets. The hosted solution enables us at Bitstop Inc to quickly enter our inventory including warranty, license and supplier information for quick reference and fast servicing.  

Brace for Conficker Worm

Major News organizations have highlighted a possible surge in Conficker worm. Users are advised to go to http://safety.live.com to conduct a free scan of their computers to make sure that the malware is neutralized.  

Protect yourself from Conficker Worm

Scan all files Since Conficker uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions. Update Windows The alarmingly high number of Conficker infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it's important that Windows users, if they haven't already, download the latest Microsoft security patch that went out earlier this week. Use a blocklist This is less relevant for...

Join our Partner Associate Program

Bitstop Inc is inviting IT trainors and professors to join us in our Partner-associate program. Bitstop Inc is offering access to our vast IT resource library that includes Cisco, Microsoft and other IT vendor manuals (except those that are specifically covered by NDA with our Principals). Some of these items include our Keystore IT video courses andMicrosoft TECHNET DVDs. These materials can not be taken OUT of Bitstop Inc, but must be 'consumed' on site. In return, we ask that the IT professors and trainors do two things for us: 1. Echo the learning materials to their students and give us first crack...

Call for security Papers

Greetings Fellow DEFCONPH Forum Members, It is commonly acknowledged that security requirements cannot be addressed by technical means alone, and that a significant aspect of protection comes down to the attitudes, awareness, behavior and capabilities of the people involved. Indeed, people can potentially represent a key asset in achieving security, but at present, factors such as lack of awareness and understanding, combined with unreasonable demands from security technologies, can dramatically impede their ability to do so. We are looking for specific expertise to be shared with our delegates, both technical and non-technical, in the following interests: Topics of interests: * Risk Assessment * Policies and...

State of Cyber Security in the Philippines

Photo taken before the start of the presentation by Sec Ray Anthony Roxas Chua, below from left to right: Dr Bill Torres, Sec Roxas Chua, Wilson Chua, Atty Bill Pamintuan and Phiiip Varela

Cisco Workshop Seminar PIX

More pictures in Pangasinan ICT website.

Oracle Multiple Vulnerabilities

Systems Affected: * Oracle Database 11g, version 11.1.0.6, * Oracle Database 10g Release 2, versions 10.2.0.2, ,0.2.0.3, and 10.2.0.4, * Oracle Database 10g, version 10.1.0.5, * Oracle Database 9i Release 2, versions 9.2.0.8 and 9.2.0.8DV, * Oracle Secure Backup, versions 10.1.0.1, 10.1.0.2, 10.1.0.3,10.2.0.2, and 10.2.0.3, * Oracle TimesTen In-Memory Database, versions 7.0.5.1.0, 7.0.5.2.0, 7.0.5.3.0, and 7.0.5.4.0,* Oracle Application Server 10g Release 3 (10.1.3), version,10.1.3.3.0, * Oracle Application Server 10g Release 2 (10.1.2), versions, 10.1.2.2.0 and 10.1.2.3.0, * Oracle Collaboration Suite 10g, version 10.1.2, * Oracle E-Business Suite Release 12, version 12.0.6, * Oracle E-Business Suite Release 11i, version 11.5.10.2, *...

Watch out for Conficker Worm

Also Known As: TA08-297A (other),CVE-2008-4250 (other),VU827267 (other),Win32/Conficker.A (CA), Mal/Conficker-A (Sophos) Trojan.Win32.Agent.bccs (Kaspersky),W32.Downadup.B (Symantec) Summary

Worm:Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is...

Firewall Software Free

If you are looking for a free or affordable firewall software that you can easily install on a PC, then check out Firewall Software for more details. This software performs other roles as well. Aside from Firewall capability, it can also do Spam blocking, Anti-virus control, Intrusion detection AND intrusion prevention. Advance modules enable VPN and remote access capabilities as well

DefconPH Soft Launching

The soft launching of Defcon Philippines (DefconPH) on December 20, 2008 will bring together IT Security Professionals and hackers to discuss their solutions, exploits and experiences in this complicated and critical field of IT Security arena. Attending this launching puts you one step ahead in preserving your company's reputation, keeping your company solvent, and showing your value to your employer.  DefconPH is a registered Defcon Group International as DC6332. This half-day power packed event will cover the latest topics in IT security, hacking and protection. Learn how to avoid embarrassing and expensive data breaches, protect valuable information, and many more. DefconPH stands...

ManilaCon2K8 @ NCC

Message from the Organizing Committee: Dear IT Security Colleague, On September 11, 2008 we will make history. And we invite you to this round table discussion/forum on "Ensuring the Security of the 2010 Election" to be held at the NCC, Audio Visual Room from 1:00pm to 5:00pm. For now, calendar this event for September 11, 2008 in your schedule. We will be sending you a special invitation by Monday and 3 great reasons why this is one round table discussion/forum that you should not miss. Excited? We'll see you on September 11 at the NCC in Quezon City. The ManilaCon2k8 Organizing Committee

TechEd 2008 Malaysia Pics

 

Help us and Win Cool Tshirts!

Here is your chance to enjoy and win cool World Cyber Games Tshirts! Bitstop Inc would like to invite you to use our game server http://gamer.bitstop.ph:27015 to play CounterStrike CS Source. We are running this game server using some cool new server hardware and on Windows server technologies. We would like to find out the server capacity and loads it can take. We installed the CounterStrike game server for this purpose. The winners will be based on the stats as recorded in: http://gamer.bitstop.ph/stats as of Sept 15, 2008 at 12 pm (noon). The first World CyberGames Tshirt winner will be the one...

TECHED 2008 News

The key new technologies being highlighted in several presentations including the keynote include Windows 2008 support for Hyper V (server visualization), Microsoft System Center (Virtual Machine Manager) to manage the HyperV machines, SQL 2008 enhancements like data compression that not only saves storage space but also improves query results performance. SQL 2008 also includes enhancements for audit tracking. Bitstop Inc was also interested in Sharepoint service portals and joined the Malaysian Sharepoint User's group to further enhance the skills and learning in the product.  

Fortinet, APC and Buffalo Wifi Training

Picture shows the MSI group that conducted product orientation and training for Bitstop Inc on Fortinet Security, APC UPS and Buffalo Wifi:  

New Tools in AntiSpam

The following is taken from Matt Cutt's Blog: There are several services that will help you reduce your junk mail: GreenDimes offers a free basic service, but I decided to do their $20 one-time fee because it offered a few extra things I wanted. GreenDimes walks you through some easy steps that will reduce unsolicited mail, and also lets you decline catalogs. Each time you receive an unwanted catalog, you go to GreenDimes and type the name of the catalog in. GreenDimes takes care of removing you from that catalog’s mailing list. I’ve been quite happy with this service, especially since it’s...

Beef Up your Internal Control Attend the Digital forensic Investigation Platform

MgDelxis in Singapore is now accepting registrations for their Digital Forensics Investigations Platform (Workshop) to be held on May 8 and 9, 2008 in Kuala Lumpur, Malaysia. The facilitator of the event is Mr Seamus E. Byrne, COO eDiscovery Tools. He is a lawyer with extensive forensic technology and electronic discovery experience. Participants of the platform will gain usefull skills and best practices to beef up their internal audit procedures. This will help them manage their digital information assets better. Interested parties are urged to email sales-dfi[at]mgdelxis.com for the more information.

Hacking Unpatched IEs

This cool hacking video tutorial shows how a hacker could put malware into a webserver and then use it to infect unpatched IE (Internet explorer) browsers to load the exploit code into victim units. The hacking tool will then connect to the IRC channel and await further commands from its 'master'. This video is courtesy of Ian Wate. Visit his security blog. The lesson here is to always patch your systems. This attack would not work on systems that are fully patched. Get anti-virus software as an added measure of protection as well.

Microsoft Partner Readiness Program

Bitstop Inc is sending two of our marketing staff to attend the Partner Readiness program organized by Microsoft on Feb 27, 2008 at Microsoft Offices in Makati, Metro Manila. The event is targetted at Sales Representatives and product managers 8:30-9:00  Breakfast & Pre Exam 9:00-12:00 Opening & Welcome  People Ready Business Growing your Business with Annuity IO & RPV World Class Selling  12:00 - 1:00 Lunch 1:00 -2:00 WAVE Launch 2:00 -2:45 Microsoft in Battle 2:45 -3:15 Value of Genuine Software 3:15 - 3:30 Break 3:30-3:45 The Latest on Windows Client 3:45-4:00 Whats up with IW? 4:00-4:15 Security 4:15-4:30 Customer & Partner Experience 4:30-5:00 Kaakbay - The Evolution 5:00-5:15 Closing 

Microsoft Partner Readiness Program

Bitstop Inc is sending two of our marketing staff to attend the Partner Readiness program organized by Microsoft on Feb 27, 2008 at Microsoft Offices in Makati, Metro Manila. The event is targetted at Sales Representatives and product managers 8:30-9:00  Breakfast & Pre Exam 9:00-12:00 Opening & Welcome  People Ready Business Growing your Business with Annuity IO & RPV World Class Selling  12:00 - 1:00 Lunch 1:00 -2:00 WAVE Launch 2:00 -2:45 Microsoft in Battle 2:45 -3:15 Value of Genuine Software 3:15 - 3:30 Break 3:30-3:45 The Latest on Windows Client 3:45-4:00 Whats up with IW? 4:00-4:15 Security 4:15-4:30 Customer & Partner Experience 4:30-5:00 Kaakbay - The Evolution 5:00-5:15 Closing 

In house training for System Admin

Bitstop Inc has engaged Mr Francis Vidal to conduct an inhouse system administration training for our support staff. The event will be on Sept 22-23, 2007.  The system admin course will be intensive, hands on and will cover unix system administration, security procedures, maintainance and other critical skills needed in support on Medium to Large installations.

ISSSP Manila Con 2007 archived webcast

Here are the initial video coverage of the some of the sessions of ManilaCon 2007. Day 1 Part 1, and Day 1 part 2.

ManilaCon 2k7

This year’s "ManilaCon 2k7:world@risk” conference and exhibit is organized by the Information Systems Security Society of the Philippines (ISSSP), in cooperation with the Commission on Information and Communications Technology (CICT) and the National Security Council (NSC) towards the development and implementation of a National Cyber Security Strategy. We need one to ensure the integration of public and private efforts to counter threats and institutionalize the protection of national and local cyber infrastructures and businesses.For registration or more information, please call Ellen at the ISSSP Secretariat telefax no. 750-3742 or mobile 0920-2413954. Or send email to isssphil@yahoo.com. You may also visit...

Aanval Snort based Intrusion and Correlation Software

Aanval was introduced to me by Francis Vidal. (Thanks Pran!) “Aanval (pronounced: "anvil") is an advanced data management, correlation and analysis console designed specifically for Snort and Syslog data. Aanval is a complete web-based software solution designed to manage and correlate snort intrusion detection data and / or syslog device data. Aanval is available in a free, downloadable single sensor version in addition to a commercially licensed and supported version“ I am seriously thinking of getting the FULL training. It cost 800 USD, but it allows for 5 web participants. Anybody interested to chip in and learn this software, please reply to...

Internet Voting in Singapore

Picture shows Comelec Chairman Abalos with Ambassador Belen at the conference room of the Philippine Embassy where the former answered questions about the voting system. Also shown in picture is the representative of Syctl which developed the online application. Also, Commissioner Tuazon did confirm that they have invited the Pinoy IT community to test the security of the system. At the forum, it was also clarified, that Commission Tuazon was misquoted. He did not refer to the Pinoy IT community in Singapore as "Hackers". This may have lead to some concerns as the press had inaccurately reported Comm Tuazon as referring...

Panda Bot Warning: Barracuda.A bot

PandaLabs has discovered a network of almost 15,000 computers infected with the new Barracuda.A bot. This malicious code is designed to allow its creators to launch distributed denial of service (DDoS) attacks from each computer infected. A DDoS attack consists of launching a denial of service attack from several computers simultaneously to crash other computers. This could prevent users from, say, accessing a certain website.   “Distributed denial of service attacks are an excellent source of economic benefit for cyber-crooks. A network like this can be used to blackmail companies that use the Internet for...

Cyber Security: Building Our First Line of Defense

The Information Systems Security Society of the Philippines (ISSSP) in coordination with the National Cyber Coordinator of the Office of the President, Malacanang, will hold a forum dubbed “Cyber Security:Building Our First Line of Defense” on May 9, 2007 from 8am to 5pm at the Makati Sports Club, Salcedo Village Makati City. Interested Parties are urged to contact Ellen or Rhea at 750-3742

New Cisco ASA 505 Firewall+IPS device

bitstop was honored to have attended the Cisco Threat and containment seminar held at Sheraton Towers in Singapore. The seminar basically provided a bird's eye view of security and the latest trends and statistics of hacker activity and threats (FBI Sans 2006). It also introduced the Cisco ASA 5500 series of firewall cum IPS (Intrusion protection system). The devices allows for the early detection of known and unknown activities and automatically works with the edge routers to block them. (Cool!) The Cisco ASA 5500 series are supposed to be the upgrade to the cisco pix firewalls. They also introduced the mysdn.com site...

Workaround for Rinbot Against Microsoft DNS server

A critical flaw has been uncovered and while we are waiting for a patch from microsoft to fix this problem, Microsoft has issued an advisory as to a possible workaround for DNS problem which is to disable remote management over RPC capability for DNS Servers through the registry key setting.  

SMU Hosts 2006 Regional (Region 2) IT Congress

Saint Mary’s University,  (www.smu.edu.ph) through the College of Computing Sciences and Information Technology (CCSIT), will host the 2006 Regional IT Congress with the theme: “Accord. .Collaborate. .Commune through IT Education” on Dec 5 to 7, 2006 at the Audio Visual Room, SMU Teacher’s Center.

Security Service Need

Would there be a market niche for a firewall and network monitoring service for small cybercafes, hotspots and businesses if bitstop were to provide the all in one solution (Hardware and software) for only 3,500.00 one time activation fee and a monthly service fee of 1,500.00 ? The firewall will protect the computers behind it in the LAN, while the network monitoring will provide statistics on bandwidth link quality, uptimes, and latency. It also features an optional WiFi hotspot service with builtin authentication and radius server proxying capability. Please post your comments here.

Metrobank Phising Alert Advisory

Metrobank users are warned about a currently active phising site. A phising site is a fake site that attempts to capture your id and passwords. The phising site in questions comes in the form of an email as follows: ====== Dear customer, Due to concerns, for the safety and integrity of the Metropolitan Bank direct account we have issued this warning message. It has come to our attention that your Metropolitan Bank direct Secure Banking account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. take a...

Wifi Hotspot Training Seminar 2006

Here are pictures of the recently concluded Wifi Hotspot workshop. The event was conducted at Farmout Call Center Training at the 3rd floor of New Sim Too Bldg., Dagupan City. The participants were shown how to setup a Wifi Hotspot, and enable the built-in user authentication, accounting and management system. Firewall basics, and wifi security was also demonstrated. Also discussed was web acceleration basics like DNS, DHCP, and proxy cacheing.

Wifi Seminar on Oct 13, 2006

There are still a few slots available for our seminar on “Setting Up WiFi Networks“. Mr Wilson L. Chua will be conducting the workshop and the topics include: How to setup user authentication and billing How to setup a basic firewall How to accelerate web access How to diagnose common wireless access problems The seminar will be on Oct 13, 2006 from 10am to 12noon. At the 3rd floor of New Sim Too Bldg., AB Fernandez Ave., Dagupan City. Interested parties are asked to contact sheila[at]bitstop.ph for registration details.

Manila Con 2006 Event Pictures

Here are some pictures taken during the recently held Manila Con 2006 event:  

Miktrotik Seminar in Singapore

Mr Wilson L. Chua, attended the Mikrotik course held in Golden Landmark Hotel, Singapore last Sept 4-6, 2006. He successfully completed the course and passed the certification exam. Not only was the course an eye opener, Mr Chua also met up with a lot of like minded sys ads from India, Bangladesh, Indonesia, China and Malaysia. The course was conducted by Arnis from Latvia.

5th IT Security Conference

ISSSP.org.ph is organizing this year's 5th IT Security Conference. The event will be from Sept 11, 2006 to Sept 12, 2006 and will be held at the Hotel Intercon, Makati Metro Manila. BNSHosting will have a booth (#11) where we hope to see you there!

Patch Up Now!

Here is an excerpt from the SANS email: “Within a day after Microsoft's monthly security update, proof-of-concept exploits for at least five of the vulnerabilities addressed have been detected. Microsoft's June security release included twelve bulletins that addressed 21 vulnerabilities in Windows, Microsoft Office and Microsoft Exchange; eight of the bulletins received severity ratings of "critical." Some of the exploits are for flaws that had been disclosed prior to the security updates, but at least two are for flaws that were not known before the updates were released.“ The above means that if you still have servers or workstations that remain unpatched,...

Security Workshop Session

A security primer was held at bitstop's 3rd floor where bitstop staff and our guests take turns at doing hands-on exercises on the makeshift lab that bitstop set up for the purpose. The lab was made up of several windows 2003 servers, cisco 1750 router, ordinary switch and 4 open source machines that will take the role of attacking computer. The attacking computers used standard nmap, nessus and metaxploit to prepare for and launched the attacks against windows computers. While the windows computers were setup to 'sniff' the traffic dump the tcp traffic coming from such attacks for review. Nmap, xsteg,...

Microsoft Security Roadshow @

Microsoft Security Roadshow Security is a top priority for you and a top priority for Microsoft. Join us at the 2006 Asia Security Roadshow to learn about key trends in the Security Industry, discover how to best prepare for advances in security technologies and find out what Microsoft is doing to help our customers address risk while still taking advantage of the connected world. Date: March 28, 2006Location: Rizal Ballroom, Makati Shangri-La Address: Ayala Avenue corner Makati Avenue Time: 8:30am - 5:00pm

Powertips Security Conference @ Dusit Hotel

Jerry Liao of INFOCHAT is organizing the “Powertips Security Secrets and Strategies” conference that will be held on March 16, 2006 at the Dusit Hotel. The Powertips Security conference is supported by the International Information Systems Security Certification Consortium, Inc., or (ISC)², and by the Philippine Certified Information Systems Security Professionals (PH-CISSP). Don't miss this unique opportunity to learn the best practices and listen to reviews of cutting-edge technology for stringent security standards from the security experts. Come and join the Powertips "Security Secrets and Strategies" conference on March 16, 2006 at the Grand Ballroom of Dusit Hotel Nikko. Tickets are available at...

Telcos! Please stop your Unfair Practice

Bitstop has information that leads us to believe that some unscrupulous members of Telco/s are eavesdropping on our subscribers and getting their numbers and names. Whether or not they are sanctioned by their top management is of no concern to us.These telco/s, in turn use this to generate leads for their marketing campaigns. Bitstop appeals to the Telcos to come to their senses and STOP this practice immediately. This is an unfair business practice and will only generate ill will among its subscribers as well. Would the telcos want Bitstop to do the same to their DSL subscribers as well?...

Microsoft Workaround for serious vulnerability

Users are encouraged to visit and read this Microsoft Security Advisory (912840). The vulnerability allows an attacker to gain access via graphics engine. You may want to disable this by following the steps outlined in the article above.

Google Bombing on Bitstop hosted site Backfires

This article just in from INQ7.net. http://news.inq7.net/infotech/index.php?index=1&story_id=57438 The www.op.gov.ph is a bitstop hosted site and was developed by Softrigger.

Google Hack Honeypots

An alarming increase in the number of sites that were hack recently may have something to do with misconfigured PHP shell code. Here is a great article on how to track the malicious attacks by implementing a honeypot. http://www.antionline.com/showthread.php?s=&threadid=266049 Excerpt from Anit-Online.com : What is GHH?GHH is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence. What is a honeypot?A honeypot is,...

Hosted site hacked

One of our hosted sites was hacked by a group of hackers from Greece. They were able to find a vulnerability (SQL injection) in a script that was installed by our client in their hosting space. We were notified of this issue at around 9:00am (GMT 8, 10/14/2005). Our client was immediately informed and was advised measures on how to ensure that this doesn't happen again. We would like to thank the talented guys at PHACKERS for the heads-up.

Join the ISSSP Manila Con Event

Bitstop is proud to be the webhost of ISSSP. They have a security conference held every year called Manila Con. This year's event details are located here: http://www.isssp.org.ph/manilacon.htm#september13 

Users Beware of Free Stuff

Hackers are increasingly resorting to social engineering technics to get you to download the latest trojan. Trojans are software that enable hackers to take control of your PC. So Users, beware before you download the stuff. Here is a sample exploit from AdroitByte: Dear Sir/Maam, My name is Tandang Sora, I'm a 4th year student of Hacked Edu Ph. Our teacher in programming subject said that I should ask you to test my program. This program is a Billing System Program for our school. Your satisfaction in this program will be greatly appreciated as it helps me get a good grade. Just email...

New Microsoft Patches Out

Today, as part of its regular monthly security update cycle, Microsoft is releasing 6 security bulletins for newly discovered vulnerabilities and is re-releasing 2 security update. These are described in detail below. If you have any concerns regarding these matters, please feel free to contact either your Microsoft Account Manager, Microsoft Reseller, or the Microsoft Customer Care Center at 1800-1441-0158, or you can e-mail me at phsecure[at]microsoft.com.

Hackers release Zotob worms to exploit new Microsoft security vulnerability, Sophos reports

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, are warning that hackers have released new worms onto the internet that exploit a recently discovered security vulnerability in Microsoft's software. Over the weekend, hackers launched two versions of the Zotob worm which exploit Microsoft security vulnerabilities, including one only announced last week: the MS05-039 Plug and Play vulnerability. The W32/Zotob-A and W32/Zotob-B worms do not travel via email, instead they spread to other networked computers in a similar way to last year's hard hitting Sasser internet worm, by exploiting security holes in Microsoft's software. "Microsoft only issued a patch...

Massive spyware-based identity theft ring uncovered

Researchers from a little-known security software company named Sunbelt Software have seemingly uncovered a criminal identity theft ring of massive proportions. According to one of their employees, Alex Eckelberry, during the course of one of their recent investigations into a particular Spyware application—rumored to be called CoolWebSearch—they've discovered that the personal information of those "infected" was being captured and uploaded to a server. Source: Arstechnica

Check Your Browsers Security Setting

This link came in from ASTI (Pregi.net) http://bcheck.scanit.be/bcheck/ Visit this site to check your browser's vulnerability to a list of 39 tests.

Introduction to Spyware Keyloggers

Spyware is a categorical term given to applications and software that log information about a user's online habits and report back to the software's creators. The effects of these programs range from unwanted pop-up ads and browser hijacking to more dangerous security breaches, which include the theft of personal information, keystroke logging, changing dialup ISP numbers to expensive toll numbers, and installing backdoors on a system that leave it open for hackers.

Cryptography Seminar @ UP Diliman

We have received an invitation from esteemed technologist, Dr Jaime Caro as follows: INTERNATIONAL WORKSHOP ON CODING, CRYPTOGRAPHY & COMPUTER SECURITY** (IC³) Location: NISMED Auditorium, University of the Philippines, Diliman on July 9 and 10, 2005 The UP-Information Technology Training Center  (UP-ITTC) and VCTI-IT will host the International Workshop on Coding, Cryptography and Computer Security (IC³). This international event is in cooperation with Center International de Mathematiques Pures et Appliquees (CIMPA Le Dubellay, 4 avenue Joachim - Bât. B, 06100 Nice France*), UNESCO, University of the Philippines, Computing Society of the Philippines (CSP) and Information Systems Security Society of the Philippines (ISSSP). The IC³...

Behind the Scenes of Phishing Attacks

Phishing is the practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or other reputable organisations, with the intent of luring the recipient into revealing sensitive information such as usernames, passwords, account IDs, ATM PINs or credit card details. Typically, phishing attacks will direct the recipient to a web page designed to mimic a target organisation's own visual identity and to harvest the user's personal information, often leaving the victim unaware of the attack. Obtaining this type of personal data is attractive to blackhats because it allows an attacker to...

Securing Windows Server 2003

Bitstop has just received our autographed copy of Mike Danseglio's “Securing Windows Server 2003”. The book is published by O'Reilly and contains hands-on advice for securing and implementing Windows Server 2003.

CSO Summit at Makati Shangrila

Microsoft organized a Chief Security Officer (CSO) summit along with notable security firms like Computer Associates, Trend, Symantec, McAfee. The event was well attended at Makati Shangrila on June 9, 2005. Here is a link to an INQ7.net article about it.

Thank you Adroit Byte!

Bitstop would like to thank AdroitByte (bisaya nga white hat hacker) for alerting the team to a [******] vulnerability in one of our [******] hosted sites.

Security Course by ATCD-CIDG, PNP

The Anti-Transnational Crime Division of the CIDG, Philippine National Police is conducting a 5 day workshop on computer crime , security and prevention.

New Virus Variants

From Panda Software: The creator (or creators) of the Mytob worms are continuing in their attempt to spread as many malicious code across the Internet as possible. With the detection of the new CU and CX variants, there are now 103 members of this family of worms.   The great danger of the Mytob worms lies in the fact that they have backdoor characteristics, allowing remote control of the computers that they infect.  According to Luis Corrons, director of PandaLabs: "The real intention of the creators of these worms is to form a network of infected...

Improve RDP Security

This article shows us how to improve the security for Remote Desktop Protocol.  “You can connect to a remote computer that is running Microsoft Windows Terminal Services by using a Remote Desktop Protocol connection. This kind of connection provides encryption for the data that is sent between the terminal server and the client computer. However, this kind of connection does not provide authentication for the terminal server. You may want to make sure that your terminal server is correctly authenticated before you connect to it. To do this, configure your terminal server to use Transport Layer Security (TLS) to...

journal.com.ph defaced

We received a report that journal.com.ph was hacked by a Turkish hacker last Sunday (4/17/2005). We would like to clarify that journal.com.ph is no longer hosted with Bitstop Network Services since March 2005. The hacked site can be viewed using this link.

Missing Laptop Recovered

An inq7.net article by Mr Erwin Oliva, outlines the story of how one of our subscribers, Mr Ramon Abalos, was able to recover his stolen laptop. Swift NBI action on the part of Special Agent Robert Gonzales resulted in BOTH the recovery of the laptop, AND the apprehension of a suspect. Click here to read the article.

Sir Sonny Did it Again!

We just heard from the grapevine that Sir Sonny Santiago of the PMS just passed his Microsoft 70-227 ISA server. He is now officially an MCSA+Security professional. Next week meron pa ba?

Manhunt Ensues for Gov.PH Hacker

Inq7.net has just released the story and the picture of the alleged hacker of gov.ph and other sites. Click here to read the article. One wonders why Mr Giner has to go into hiding, since bail is set to only 25,000.00.

Security Related Conferences in Asia

On March 23-25, 2005, in Jakarta Indonesia, there is the Bellua Cyber Security Conference. Click here to learn more about it. Also on April 5-8, 2005, in Singapore, there is the Asia Black Hat 2005 conference. Click here to learn more about it.

Bitstop & Jay Paloma to collaborate on Security Manual

Bitstop president, Mr Wilson L. Chua entered into an agreement with Mr Jay Paloma, Ports and Packets president, to collaborate on creating a training workbook on security. The training workbook is envisioned to provide a crash course for systems administrators in defending and hardening their systems against common data threats.

Microsoft Anti-Spyware Initiatives

Microsoft Windows AntiSpyware (Beta) is a security technology that helps protect Windows users from spyware and other potentially unwanted software. Known spyware on your PC can be detected and removed. This helps reduce negative effects caused by spyware, including slow PC performance, annoying pop-up ads, unwanted changes to Internet settings, and unauthorized use of your private information. Continuous protection improves Internet browsing safety by guarding more than 50 ways spyware can enter your PC. The worldwide SpyNet™ community plays a key role in determining which suspicious programs are classified as spyware. Microsoft researchers quickly develop methods to counteract these threats,...

Bitstop Tests Biometric Access Control Locks

Bitstop has just received a Biometric Door lock that totally eliminates the use of keys. Access is gained by users upon proper fingerprint verification. Pin code and mechanical key are added options to this device. Integrated cast steel Stainless steel finish All critical parts within inside housing Unique normal open state for meeting and gathering Concealed mechanical override for emergency No external wiring is required Outside handle is free to rotate in locked mode

Microsoft CIO Breakfast Series

Cybercrime: What It Is And What You Can Do If You Are A Victim

This session is organized by Microsoft Philippines and is conducted in conjunction with the Philippine Internet Commerce Society. The venue is at 41st Floor, Discovery Suites, Magellan Room, Ortigas Center on 8:00 – 10:30 am, December 14, 2004. The speakers are:

Albert P. dela Cruz, President, Ph-CERT, and CTO, Level-Up!, and Atty. Geronimo Sy, State Prosecutor, Department of Justice

Please RSVP by s

CIO Forum @ Lumiere

The CIO forum was held at Lumiere, which was nestled between 2 buildings, the PLDT locsin building and the British embassy. The only landmark given to Bitstop was the mango tree in front of it. The CIO forum was organized by Microsoft Philippines, and Mr Wilson L. Chua was the invited speaker to discuss the recent spate of hacking around the country. In attendance was a veritable who's who of the industry: Supreme Court, DOTC, NTC, GCSIRT, OP, DOJ, PMS, PCS, ITECC, PLDT, NCC, SMART, Computerworld, PhilStar, INQ7, Today etal. Here is a link to INQ7 writeup : http://news.inq7.net/infotech/index.php?index=1&story_id=19050 

Migz Paraz Security Vid Con @ SPU

Mr. Migs Paraz will be the speaker at this Cyber Security and Ethical Hacking event which will be live via Bitstop's Vidcon Facilities. This is the link to the video conference on Nov 24, 2004 1-5 pm. The conference will be open early from 9:00am onwards. But the actual event will be on 1:00 pm. Online Meeting I will participate in your seminar, just tell me the exact time. I respect Migz very much he taught me many things.“ -- PI_Flashbulb of www.phackers.org

Security Alert -- RDP Man in the Middle attacks

Bitstop wishes to thank PI_flashbulb and his crew (www.phackers.org) for alerting us to a hacker post about security breaches in our network. We have done steps to protect ourselves, but much is still needed to determine the extent of the intrusion. We would like to warn other sys ads that hackers are now teaming up with TELCO insiders to launch attacks against networks. Therefore, sys ads at other networks must be made to be aware that intervening ISP/TELCO networks must be looked upon as being compromised. Man in the middle attacks are launched by placing rogue servers in between the remote user, and...

SQLInjection and XSS Vulnerability

From our friend abroad: Christian Wendell Gueco: ...We all know that SQL Injection and XSS have now become some security buzzwords on website attacks. But these are only icing on the cake. You can easily search for website for howto's on these. But remember, only perform these test on your own jurisdiction and most importantly with permission. Meaning if you plan to perform this test on your website ensure proper authorization are complied unlesss you're prepared to take the chances (but then again who would know, just kidding) here is a good site to begin with that i find very easy to...

Who's Vulnerable?? Log in to Phackers!

In most parts of the world, hacker culture is thriving. I read about Brazilian hackers, Moroccan hackers, Romanian Hackers, etc. etc. but no Philippine Hackers!? That's funny because I know a number of Filipino hackers yet there is not a single community online where programmers, script kiddies, system/network admins, security specialists/consultants, PNP/NBI, ph-cert, etc. etc. can share ideas/works/exploits just for fun and also to protect our homeland online security. Good thing PI Flashbulb and the contributors of ISAW have somewhat filled this void. To me this blog is an excellent breeding ground to start the first hacker community in the Philippines....

Hackable Computer to be retired

Bitstop is ending the access to acme.bitstop.ph by noon of Saturday. The temporary license is set to expire on that date. We shall be saving the logs and the screen shots for compilation into a case study for our staff use. Partial logs are already shared with the DLSU MIS department.

Acme.bitstop.ph New Edition

We have installed a new edition of acme.bitstop.ph. Like the older acme.bitstop.ph, it is a hackable server. However, unlike the old one, this new one is more realistic and comes with a lot of running applications. It has dynamic asp applications, mail services, sql backend database and a CRM application running on top of it. It is also a domain controller running active directory. This configuration is harder to defend than the old acme.bitstop.ph so to even the odds, we have enabled the builtin firewall and put in antivirus protection.

Hack and Counter-Hack Seminar Updates

The seminar will be webcasted from the Dagupan City Museum. This is the principal venue. This is on the 2nd floor of the building in front of the City Plaza. There will be 3 additional relay venues: St Mary's University in Bayombong, NV (Contact: Edwin Gonzales, 1mbps), Northwestern University, Laoag, Ilocos Norte, (Contact: Jenifer Gaspar, 512kbps) and DMMMSU-NLUC, Sapilang, Bacnotan, La Union (Contact: Franz Loyola or Elvie Bugaoan, 1mbps). Certificates of attendance from PSITE, our co-organizer, will be given for all registered participants attending in either of the 4 locations. All seats in Dagupan are now fully booked. Interested parties are advised to register...

Panda Reports....

“..The last worm in this report is Sdbot.AQA, which spreads across computer networks. It does this by checking if the PC it has infected is connected to a network. If that is the case, it attempts to access and copy itself to shared resources, by trying typical or simple passwords. Sdbot.AQA allows hackers to gain remote access to the affected computer in order to carry out actions that compromise user confidentiality or prevent the computer from working properly. Sdbot.AQA uses its own IRC client in order to join an IRC channel and accept remote control commands, such as launching Denial of...

Hack & Counter Hack Seminar

Bitstop is pleased to announce the participation of Mr Jay Paloma, Mr Migs Paraz and Mr Albert Dela Cruz in the “Hack & CounterHack Seminar” on Sept 17, 2004 from 9:00am to 12:00 noon. The seminar will be at Dagupan City Museum, in front of the public plaza, courtesy of Dagupan City Government. Certificates of attendance will be issued. This seminar will be free of charge. Limited seats are available. Reservations are being accepted on a first come first serve basis. Please register by sending an email to spg@bitstop.ph The event is planned to be webcast live also at St Mary's...

ISSSP Website Hosted @ Bitstop

Bitstop is proud to have been chosen by the Information Systems Security Society of the Philippines as its official webhosting provider. ISSSP has in the past 3 years sponsored a yearly 9/11 conference and exhibit to create awareness on the importance of Information Security. This year's 9/11 event is called Manilacon@911:Business at Risk. It will be held at the Hotel Intercontinental Manila on Sept 9-11, 2004.Their website url is http://www.isssp.org.ph

Updates from ManilaCon@911

Shown in picture is  “Van Hauser“, one of Europe’s renowned global security experts from The Hackers Choice (THC), where he is demonstrating a series of advanced hacking techniques at the highly successful ManilaCon@911.THC is an acronym for 'The Hacker's Choice' and a group of international experts involved in network and system security. THC was founded in 1995 in Germany, has published over 60 software releases and technical papers and currently is among the top ten security groups worldwide.

Bitstop 'Hackable' Server

As part of Bitstop's ongoing security training, we will be putting online a server that is open to hack attacks. All white hat hackers are invited to take a swipe at this server. We will publish the URL details sometime soon.

3rd Annual Philippine IT Security Conference

If you are simply hearing about the biggest IT Security event this September, get the details from the ISSSP office at the National Computer Center or call 433-8508. Or simply text 0920-2413954 and we will give you a return call.

PISO Advisory on Gov.ph issue

"..Attached email from Wilson Chua of Bitstop - you may want to block the ip address that was found to have defaced gov.ph. While we have discussed this during the recent PISO meeting, I want to make sure you have the necessary information to allow you to implement the ip block immediately. Jojie.."

Major telephone companies mull blocking IP

Major telcos that are supporting a call to block the ip address 81.192.0.0/16 include PLDT, Digitel and Eastern. Globe is still consulting with their legal department on this action.

NCC to call emergency Meeting

NCC Director Tim Diaz De Rivera has called a meeting this friday 1pm at the NCC offices in Diliman to discuss the recent defacement of the gov.ph website. Government sysads and network administrations are welcome to attend the meeting. Please call ahead to reserve your seat.

Urgent Security Advisory from NCC

In view of the recent defacement of the Philippine Government Portal , www.gov.ph, that is currently being hosted at a Bitstop IDC, we wish to issue an advisory to the general public to be wary of IP addresses coming from the 81.192.0.0/16 block.

Gov.PH defaced

Bitstop has provided the activity logs to the TFSCI (Task force for Securing Critical Infrastructure) on the recent defacement of the gov.ph. No other details can be given at this time.

Copyright © Bitstop Network Services, Inc

Design by Bartosz Brzezinski

Design by Phil Haack Based On A Design By Bartosz Brzezinski