May 21, 2012

Posts Comments

You are here: Home / Archives for Joe Hackman

Calling Skilled WordPress Freelancers!

August 5, 2011 By Leave a Comment

With a rapid growing portfolio of WordPress based website customers we are looking to expand our developer team. We certainly don’t want to turn business away and that’s where you freelance WordPress Developers come in. Not a WordPress developer? Please tweet this post, who knows maybe you will help someone get a job! >>>>

What are we looking for?

We’re looking for WordPress developers that are familiar with creating custom child themes who can quickly, cleanly and effectively customize WordPress templates to meet our customers needs to look their best online. Most of our work right now is centered around custom child themes for the Genesis framework and we have a desire to continue to pursue that. We have several active projects right now that we have opportunity to share with the right developer(s).

If this is you and you’d like to be considered fill out this simple form to be considered:

Your Name (required)

Your Email (required)

Some recent work/portfolio

What else should we know about you?

Popularity: 1% [?]

Filed Under: Jobs, News Tagged With: , , , , ,

Welcome to the post computer virus Opportunity Center

June 14, 2011 By Leave a Comment

Opportunity Center

If your computer recently got infected and you paid to get it cleaned up or restored from a backup, this article was written just for you!

Fixing avoidable problems is not “fun”

Contrary to what many might believe, we don’t enjoy or look forward to fixing broken computers. What we really love to do is prevent them from needing to be repaired or otherwise enhancing your business using technology like WordPress. Since we don’t live in that perfect utopia and things do break on occasion and systems get compromised, the intention of this article is to help you avoid some of these issues in the future.

Information Security is Challenge

There are so many threats that face you as a user (Factoid: There are 43 posts on this site that use the Security category and that is practically all we share on our Facebook page these days!). In spite of what often appears to be a swell (Tsunami?) of threats, there are certainly things that you can do to protect yourself.

Step 1 – Admit that you have a problem Opportunity.

If your computer got infected it was due to a problem. The most likely three scenarios are:

  1. Critical security updates were not installed.
  2. You believe your Antivirus software will protect you.
  3. You were careless gave the bad guys the opportunity.

Step 2 – Don’t beat yourself up

Many users find themselves in your shoes. None of us are perfect and the fact that you are still reading this you can pat yourself on the back for working to improve the situation. An opportunity has presented itself, you now have added motivation to take some important precautions and raise your awareness.

Step 3 – Make sure you are installing security updates

In April of 2010 we shared with our readers why it is important to install Security updates. In that post we recommended that you should always install the following updates as soon as you can whenever prompted:

  1. Windows Critical Updates
  2. Adobe Acrobat
  3. Flash Viewer
  4. Oracle/Sun Java

It takes a while to learn what all these updates look like, but generally speaking they remain fairly consistent so once you do learn what to look out for you only need to validate it when it changes. Don’t let the fear of the updates being part of the problem stop you. It is greatly beneficial to take the time to learn to recognize the “normal” updates and apply them when prompted. It could save you from getting your computer infected.

Step 4 – Know your Antivirus Software Limits

Have you ever heard the term Zero Day? Zero day is something brand new and you often hear it combined with exploits: “Zero Day Exploits”. Since Antivirus and Anti-Malware software work off definitions (there is also heuristics or virus like characteristics but it is not perfect) it is only good if the virus or malware that you happen to get exposed to is well defined in your Antivirus/Malware Software.  In other words, there are plenty of things that will infect your computer if you click them, particularly “new” viruses and malware. Remember Viruses are written to try to avoid being detected.

Your antivirus software won’t always protect you.

Learn how to protect yourself from Zero Day Exploits.

Step 5 – Understand the importance of your role in your security

It is not a security that without users computer viruses as we know them today would not exist. It is important to recognize that you can make a difference and to take an active role in avoiding infection by the choices you make. We covered this thoroughly in our post about the role of personal choices in information security. In that article we shared 5 areas where choices had a substantial impact on your security including:

  1. Competency/Learning
  2. Hardware and Networking Devices
  3. Security Software
  4. Participation
  5. Gullibility and Greed

It’s no secret that virus and malware authors exploit us, our weaknesses, events, and a myriad of other things to compromise us. Make sure your personal choices aren’t giving them extra opportunities.

Step 6 – Subscribe to Our Updates

A lot of the content for this article was already on our site. Let us educate you and prevent you from harm and expense whenever possible. A simple way to stay plugged in is to to sign up for updates to this site so you never miss the latest news. You can Subscribe to Managed Solutions by Email and get our Facebook exclusive updates on our Facebook page.

Opportunity Center Image credit: Jason Tester, Guerilla Futures

Popularity: 4% [?]

Filed Under: Business/Productivity, News, Security Tagged With: , , ,

A simple demonstration of Thinkpad Durability

May 20, 2011 By Leave a Comment

While attending the Lenovo Accelerate event in Las Vegas earlier this week I observed live a Lenovo X1 laptop dropped from a scissor lift to the stage. This “test” was well above the 48″ most laptops are drop tested and much higher than the 72″ that the X1 had been tested for. The truth is ThinkPads are probably not going to be subjected to this kind of brutal exercise but it is satisfying to see that if we do have a mis hap that the product is durable.


It’s light, powerful and durable, I’d like to introduce you to my next laptop the Lenovo Thinkpad X1.

Popularity: 7% [?]

Filed Under: Featured, Hardware, Lenovo, Testimonials, Videos Tagged With: , , , , ,

Windows 7 Video Tip – Adding new items to the sendto menu

March 21, 2011 By Leave a Comment
Example Sendto Menu

Typical Sendto Menu

When you right click a file or folder on your Windows 7 computer there are several menus available, one of them is the “sendto” menu. This allows you to easily send that file or folder to that program or folder. One important option that is missing in this menu is the notepad program. In this video I demonstrate how to add new items to the sendto menu or specifically the notepad program in the example. You can use it for almost anything a program, network drive even an FTP server.

Popularity: 5% [?]

Filed Under: Business/Productivity, Howto, Quicktips, Videos Tagged With: , ,

The Era of Mobile Security has begun

February 17, 2011 By Leave a Comment

The era of mobile security has begun officially this February 2011. Some downright outrageous security flaws are being exposed for our growing fleet of mobile electronic devices such as Smart Phones and iPads. For the first time ever we posted two articles about security issues with substantial mobile security implications on our Facebook page:

Mobile Security Related Posts

Either one of those articles by themselves would have huge implications in the security of mobile devices, but the startling thing is that there are others popping up in the last 24 hours as well, and that is what compelled me to write this article for the Managed Solutions blog.

HongTouTou Android Trojan

A Chinese localized (targeting Chinese language users) Trojan emerged for the Android platform this week. The Trojan rode onto unsuspecting users via Android App marketplaces and forums.

$2,000 worth of equipment can extract Crypto Keys from Mobile Device Signals

Threatpost did an amazing job of describing a problem with how Cryptography is implemented on mobile devices. The problem results in the ability to actually capture and mimic the cryptographic key that could be for say your mobile phones payment system. This is particularly important because a lot of people see mobile as having a bright future in the payment arena.

iPhone Hacked and Passwords Stolen in Six Minutes

Fraunhofer has a video and press release demonstrating the ability to hack an iPhone and recover passwords in just 6 minutes. You don’t have to be an information security professional to realize that this is not good news for iPhone or iPad users that store anything of sensitive nature on their devices. Here is the video if you’re interested:

Thanks for the Wakeup calls today and kudos to Threatpost, Ben Jun, Cryptography Research and Fraunhofer.

Popularity: 4% [?]

Filed Under: IT Professionals, News, Security, Technology, Videos Tagged With: , , , , , , , , ,

Busy week for Adobe 52 Vulnerabilities on Current US Cert Advisory

February 15, 2011 By Leave a Comment

Adobe Reader LogoIt must be a very busy week at Adobe, with 52 vulnerability bulletins affecting Flash Player, Shockwave Player and Acrobat on today’s US Cert Cyber SecurityAdvisory bulletin SB11-045. These vulnerabilities all fall under the high end of the high vulnerability scoring range of 7-10 at 9.3 out of 10 which means that updates should definitely be applied without delay. In many cases these updates are applied automatically but to be safe we have made additional resources available here.

How do you test to see if you need updates? Follow these instructions:

For Shockwave Player Make sure you have version 11.5.9.620 or above (Update)

For Flash Player make sure you have version 10.2.152.26 or above (Update)

For Adobe Acrobat and Adobe Reader you will need to run the program and choose “About Adobe Reader # or About Adobe Acrobat” from the Help Menu at the upper right portion of the menu:

Help About Adobe Acrobat Reader

Make sure the resulting version of Adobe Reader and Acrobat 10.x is 10.0.1 or above, 9.x is 9.4.2 or above, and 8.x is 8.2.6 or above. (Update Windows or Mac)

Popularity: 3% [?]

Filed Under: IT Professionals, News, Security Tagged With: , , , , ,

Windows and Mac both vulnerable to potential USB Vulnerability

January 31, 2011 By 2 Comments

USB (in)security

There are bulletins at us-cert.gov today for both Windows and Mac OS X being vulnerable to potential Human Interface Device (HID) functionality over USB exploit. The simplest way to explain this vulnerability is that both OS X and Windows lack a warning when you connect a USB connected device such as a smart phone when it is given keyboard or mouse capability. This could lead to a number of different compromises of the host system. This vulnerability has existed since USB HID support was added to both operating environments but was only publicly demonstrated recently. An example was demonstrated at the Black Hat DC conference, Cnet ran an article about it on January 19th.

Other USB related risks

USB connected devices have become a more common source of virus and malware infections. In 2010 there was actually a worm that spread via USB memory sticks called “Conficker” worm. As early as 2008 USB was becoming recognized as a much more common vector for virus propagation.

Protecting yourself

Since USB devices involve user interaction, it is an area where user education and caution is key. We can count on Apple and Microsoft to respond to this HID issue, but we can also say with certainty that there will be others that will come up in the future. Here are some simple suggestions to prevent becoming a victim:

Tips for individuals

  1. Store your USB storage devices in a safe place.
  2. Use memory sticks only from extremely trusted sources.
  3. Do not allow others to use your computer to charge their USB devices.
  4. Purchase memory sticks from trusted sources in clearly sealed packaging.

Extra tips for businesses

  1. Include an area that governs USB devices in your Acceptable Usage Policy (AUP).
  2. Do not allow third parties to use USB devices or charge phones on your corporate systems.
  3. Consider implementing software or software policies that control access to USB ports on your systems.

You might also want to read these related articles on how you can function more securely:

Education: the Answer to Zero Day Exploits
Good Personal Choices – the most powerful Information Security Tool

Popularity: 8% [?]

Filed Under: Business/Productivity, Hardware, IT Professionals, Security Tagged With: , , , , , ,

Large batch of Google Chrome Vulnerabilities and How to Protect Yourself

January 24, 2011 By Leave a Comment

There is a rather large batch of critical Chrome Vulnerabilities in this weeks US CERT advisory report SB11-024. The CERT Advisories are part of a US Government effort to keep people informed of product security issues.  Most of them have a factor of 9.3 to 10 out of 10, the highest possible which means if exploited on your computer it is likely that the attacker could gain access to your computer. The actual bulletins include PDF and HTML document handling, denial of service and unknown impacts that lead to “stale pointer”. This would most likely occur when accessing a website or a PDF file with a vulnerable version of the Chrome browser.

Who should care?

Do you use the Chrome Browser or Chrome OS? If you do then you should take action to confirm that you will not be vulnerable.

How to tell

With your Chrome Browser open click the small tool icon in the top right of the browser window pictured below:

How to Open About on Google Chrome

Once the above drop-down menu appears click the “About Google Chrome” menu item. This will result in a screen that will tell you if your browser is up to date and what version it is running:

About Results Google Chrome

The critical piece of information is the green check mark at the bottom of the page. If Chrome is not update or in this case is a version older than 8.0.552 your browser is vulnerable and needs to be updated. In most cases Chrome will be up to date as it is configured to update automatically. This is actually one of the strengths of this browser platform.

Popularity: 5% [?]

Filed Under: IT Professionals, News, Security Tagged With: , , , , , , , , , ,

Chilling Introduction to the Cyber Crime Black Market

January 21, 2011 By 1 Comment

Cyber Crime CloudPanda Security recently released an excellent document entitled “The Cyber-Crime Black Market: Uncovered” that is probably the easiest to read and best piece that has been made available to the general public in recent years about these underground criminal enterprises. The picture that this document presents is of an illicit industry that is trying desperately to grow and earn more income at all of our expense. Here is a sobering view of the “competition”:

Price wars, numerous ‘special offers’ and the diversification of the business are all indications of how these mafias are desperately trying to drive up revenue. A few years ago, it was just a question of the sale of a few credit card details. Now, in addition to offering all types of information about victims -even the name of the family pet-, other services are available, including physical cloning of cards or making anonymous purchases and forwarding the goods to the buyer.

The document also integrates key information integrated from the FBI, perhaps the most interesting aspect is how they categorize the professional positions within these organizations. Here are the most common positions per the FBI:

  1. Programmers. Who develop the exploits and malware used to commit cyber-crimes.
  2. Distributors. Who trade and sell stolen data and act as vouchers for the goods provided by other specialists.
  3. Tech experts. Who maintain the criminal enterprise’s IT infrastructure, including servers, encryption technologies, databases, and the like.
  4. Hackers. Who search for and exploit applications, systems and network vulnerabilities.
  5. Fraudsters. Who create and deploy various social engineering schemes, such as phishing and spam.
  6. Hosted systems providers. Who offer safe hosting of illicit content servers and sites.
  7. Cashiers. Who control drop accounts and provide names and accounts to other criminals for a fee.
  8. Money mules. Who complete wire transfers between bank accounts. The money mules may use student and work visas to travel to the U.S. to open bank accounts.
  9. Tellers. Who are charged with transferring and laundering illicitly gained proceeds through digital currency services and different world currencies.
  10. Organization Leaders. Often “people persons” without technical skills. The leaders assemble the team and choose the targets.

Perhaps the most chilling aspect of this document begins on Page 18 “The Sales Process” where real examples of price lists, resources (as in how much are in the bank accounts, etc) ordering details:

Prices vary according to the vendor, although the average is $150 for a complete card and a minimum order of five units. There is an additional cost for the plastic: $30 white plastic, and $80 for color printing. You also have to add to the cost of the information (the card number, PIN and other details) for which, as we’ve seen before, there are various offers.

If you have the time it might be a good opportunity to better educate yourself on the operations of these organizations, this should be a “must read” for any aspiring information security professionals. Understanding the enterprise behind the malware, botnets and other security risks is a key aspect of understanding how to prevent it.

Disclosure – we are not a Panda Software reseller, nor were we paid to post this. We are not in any way advocating a product or service in this post. Please review our Product and Partner Policy for more information.

Popularity: 7% [?]

Filed Under: Featured, IT Professionals, Security

Why 2011 may be the Year of Privacy

January 4, 2011 By 3 Comments

As we roll into our 14th year here at Managed Solutions taking stock of the last 14 years many trends have dominated our priority list. In 2010 the focus was extending the life of under-maintained hardware, Cloud Computing and Security. Signs are pointing to privacy being a very relevant issue for 2011. The Wall Street Journal really started the ball rolling with their privacy series in 2010. That really set the tone with many consumers learning and becoming much more concerned about their data privacy. Also it seems like everywhere you looked in 2010 Facebook was being criticized for their at times what appeared to be utter contempt for the privacy of their users. See also “Frustrated by the new Facebook groups? So am I, and something you can do.” on amplify for some additional discussion on that.

Photo credit Opensourceway, Creative Commons

Spokeo.com got “spinsucked”

Gini Dietrich posted a great article this week that struck a chord with the readers. It’s been viewed, shared and commented on heavily since it came out. The post was about “Deleting Your Spokeo Profile” and it detailed what information could be found on Spokeo.com and how to delete the profile. I thought based on the comments that it was worthy of a screencast so I recorded it and shared it with Gini. You can view it on Youtube. At one point Spokeo was not able to process requests, so I joked with her on her blog that there is a new /. in town and that spokeo had gotten “spinsucked” so henceforth that will be my story, and I will stick to it.

As further proof that this issue really resonated with many of us, I had one person completely disconnected from the matter ask me on Facebook last night if I had “heard of Spokeo” at that point I realized this was really circulating far and wide.

Learning from the debate

Some debates did come up over the spinsucks post, here were the opposition arguments to removing your profile from spokeo:

  1. There are many other sites that mirror the same data
  2. They are probably harvesting the required email address to sell
  3. The information is public domain only, readily available

One less site is better

In response to argument #1, one less site is certainly better is it not? Not to mention Spokeo actually did a bang up job of getting a lot more data than other sites seem to have to offer. I’d rather not be listed there.

Avoid the harvest

Avoiding the email harvesting concept is easy, you should use either an alias that can be tracked and later deleted or a “junk” email that is only checked in these circumstances.

The information is public domain only

I don’t think this is the case, it appears that Spokeo has found or paid for some really unique data or at least their paid for service touts that. If it is all public domain it’s usually not in one place. If someone is going to go after it, let’s make them work for it, does that sound like a decent strategy?

What does it mean?

I think these developments solidify the position that 2011 is the year of privacy, why? We know now, and we care, and we’re reading and watching and opting out to the tune of disabling a website. Our current privacy laws are not reacting fast enough for the changes in this digital world. This disparity is creating a vacuum that will be filled one way or another.

What happen’s next? Predictions

So the question is do the companies that are gathering this information and making it available cave from the pressure cooker that is likely to develop from consumers this year? Does the government step in and pass new privacy legislation more geared to our digital and interconnected age? Or does a group of entrepreneurs put together a service that opts out and erases data that can be masked, opts you out of junk mail and create an opportunistic menu of other privacy features?

I’ll be talking privacy a lot more this year and making it a priority to educate and discuss both here on Managed Solutions and also on my blog. Please join the conversation and share your thoughts. The most compelling comments will be added to the post and the authors cited. Or perhaps you’d like to guest post about this, if so please contact me.

Related Posts Plugin for WordPress, Blogger...

Popularity: 4% [?]

Filed Under: Business/Productivity, IT Professionals, News, Security Tagged With: , , , , , , ,
« Older Posts
Newer Posts »