My personal belief for the last number of years and still currently is that his is the market to be creating malware in to make a profit. It’s only going to get worse from now. With mobile phones with banking apps now this is a juicy market to be in.
The report is here;
Sounds so simple.
I started up my VMWare Converter and aimed at a Windows 2000 server, and it would not go? That’s strange.
I tried a few times, still wont start. Next I attempted to log in and run the client from the target, same issue but now I get a message that only XP and up is now supported.
Well does that not make for an afternoon, after a few attempts at other version I did get v4 to go. I connected to the VCenter ok-ish. It did work but I had to select a host and not the cluster also picking the datastore it was going to go to was not going to happen. No matter what I selected it went to the first datastore on the host.
So the short version is that you need V4 and be prepared to move some machines around, but other then that success.
I have to admit I do not do very much web / app development. Maybe a one or two times a year and I am not sure how you end up with storing passwords in plain text?
I guess you would have to write your own authentication, not sure why you would go through all of that when there is stuff already made. Strange.
If you have missed it, individuals claiming to be connected to anon have stolen source code to Norton AV and PC Anywhere. They attempted to blackmail Symantec in to paying them to keep it under wraps. From what I have been able to find the contact at Symantec was FBI, playing as an employee.
I would think that this will become more prevalent over the next 18 months, once one story like this goes around there will be copy cats. More details;
Also the code is posted on some bittorrent sites, I will not link to that. If you really want it, it’s not hard to find.
Excellent recap of 2011.
A few links;
It makes no sense to continue to use the CRL. My personal experience is limited with it, but I have to agree with the experts on this one.
While it happened a while ago, it just came to light in a filing to the SEC.
The details in the story are lacking, but this type of attack can be very serious. It also seems to be a trend of attacking certificate signors. Having a legit signed bank or Google cert can net you a ton of money.
FreeBSD has released production version 9,
Some of the highlights;
- High performance SSH
- PowerPC Playstation 3 support
- ZFS version 28
Very simple concept, and it does not surprise me that people are using this and banks are seeing a loss on it. If you work for a FI it’s time to try it out and see if you need to get on the phone.