In a recent interview during the Info Security 2012 event, the CEO of Kaspersky, Eugene Kaspersky talked about Apple’s current state of security, or lack thereof.

“I think they are ten years behind Microsoft in terms of security,” Kaspersky told CBR. “For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms.”

Kaspersky’s statement comes at the heels of the Flashback malware that infected up to 600,000 Macs worldwide. And Apple wasn’t exactly the first ones out of the gate to get the fix up, even 3rd party security firms like Kaspersky deploying the fix for Flashback before Apple.

“Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on,” said Kaspersky. “We now expect to see more and more because cyber criminals learn from success and this was the first successful one.”

“They will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software.”

In a recent report published by Sophos security, a list of the ‘Dirty Dozen’ has been published, highlighting the top 12 countries in the world that originate spam messages. According to the latest list, that shows the stats from January to March 2012, India is the number spammer in the world, with 1 in 10 spam emails originating from there.

The top 12 spam-relaying countries for January to March 2012 are as follows:

1. India 9.3%
2. USA 8.3%
3. South Korea 5.7%
4. Indonesia tied with Russia 5.0%
5. Italy 4.9%
6. Brazil 4.3%
7. Poland 3.9%
8. Pakistan 3.3%
9. Vietnam 3.2%
10. Taiwan 2.9%
11. Peru 2.5%
12. Other 41.7%

Most of these spam messages come from a network of infected computers, or botnets, which are then used by hackers to send spam messages and DDoS attacks on websites. Such a high rise is contributed to a huge increase in internet owners who’re not aware of the risks posed online, as well as ISPs who’re not taking appropriate action against these emails. Interestingly, spam emails have decreased, while targeted messages on social networking sites that spread malware and phish for information are on the rise.

Top spam-relaying continents for January to March 2012 are as follows:

1. Asia 46.7%
2. Europe 26.9%
3. South America 11.9%
4. North America 10.9%
5. Africa 3.0%
6. Other 0.6%

“While traditional marketing spam may appear to be no more than an annoyance, offering pills that have questionable claims or ‘get rich quick’ schemes, they can often lead to more serious threats to your personal information,” said Graham Cluley, senior technology consultant at Sophos. “The latest stats show that, as more first-time Internet users get online in growing economies, they are not taking measures to block the malware infections that turn their PCs into spam-spewing zombies.”

Last week at the VMware Forum in Dubai, I managed to catch up with Elie Kanaan, VP Marketing EMEA, for VMware Inc. VMware has been at the forefront of virtualization technology for a number of years, and I was interested to find out from Elie what the company had planned for the rest of the year as well as what was in store for the Middle East Region.

Firstly Elie, thank you very much for your time – I know how busy you must be here at the VMware Forum.
Not at all, you have all of my time!

What is your typical day like for you at VMware?
My job is really to make sure that VMware as a brand is well-know by all of our customers and known for providing relevant value to their business. Each day my team and I across the various EMEA regions make sure that this message is being driven across to customers and partners, influencers, and analysts.

Elie Kanaan, VP Marketing EMEA, VMware

Why are businesses only now realizing the benefits of turning some of their servers virtual? What’s really been stopping them from adopting this sooner?
Adoption of virtualization is picking up quite significantly. I joined VMware two and a half years ago when we were talking about 25% of companies adopting virtualization, but now we’re talking about 50-55%. VMware specifically virtualizes x86 architecture, so if a business runs mainframes or other critical architecture, then of course virtualization won’t apply to them. Secondly, I think it’s as simple as companies not knowing about the real benefits of virtualization or that it’s not affordable or secure. Lastly, some companies might not have the IT infrastructure that would benefit from virtualization, so we’re talking about really small businesses that run maybe one or two non-critical servers.

So what would you say is the ‘checklist’ that a business should look at before deciding to approach virtualization?
Size is an important factor here – if you’re at three or four servers, then it’s questionable. As soon as you start having ten or more servers, then it’s something to seriously consider, because then you can cut it down to a few physical servers running VMs. You then allows you to cut down on operating expenses, maintenance, and other associated costs and divert that money elsewhere in IT.

The theme of the VMware Forum is on the cloud, and how it’s going to change how we consume IT resources. How will the cloud integrate into VMware’s current technologies – will we see VMs running off the cloud or being backed up to the cloud for example?
That’s a good question – we see two views on the cloud first and foremost. There’s the public cloud such as Amazon which allows you to sync and share information that it’s mission-critical. Then there’s the private cloud where you would take your enterprise datacenter, and integrate it with cloud-like services that you can offer to your end users. What we’re building is the technology to enable that private cloud and to ensure we have the right catalog of services and policies on hand for businesses.

Do you see introduction of other virtualization products such as Microsoft’s Hyper-V having any effect on your stance in the market?
It’s good to always have a choice in the market, and I understand that companies would like to have alternative options available to them. We enjoy such a massive market share that it’s healthy to have a bit of competition in the market, so that we’re constantly innovating new technologies that proves our market worth and stay a few steps ahead of everyone else.

Are you able to share any figures or research on how many companies in the region are moving towards virtualization with VMware?
There hasn’t been any formal study yet on the statistics for our region, but it could be anywhere between 10-20% of companies moving to virtualization. Of course, we are nowhere close to the figures in western markets, but we’re getting there.

Staying with the region, what do you think are some of the challenges you will face with having companies move to virtualization?
That’s another good question – my personal view is that there are really two main drivers for adopting virtualization. One is the cost, and the other is being able to have a much quicker and more reactive IT system which can recover from a disaster in two minutes instead of two days. The obstacle is that there might not be a lot of cost pressure on IT in this region – it’s less about cost-cutting and more about reapplying costs to provide a bigger competitive advantage for the company. If we our job well about educating companies, I think things are going to take off really well in the region.

Now obviously the bulk of your business comes from the enterprise, but do you ever see in the distant future any focus on the consumer side or any benefits that a consumer might get from some degree of virtualization?
Let me give you an example of where consumer virtualization could come in. We looked at mobile phones – so many people carry multiple phones; one for personal, one for business, and we thought that maybe there would be a way to combine the different profiles into just one phone. So we’re looking at a mobile virtualization platform that lets you have two virtual environments on the same physical device. So one profile would be for your personal email, Facebook, and contacts – the other profile with have your company email and company contacts. If you lose your phone, and IT administrator can send a remote command to the phone to wipe the profile from the device so that no data is compromised.  That I think will be really interesting to people – you can now have one device with several different virtual environments to cater to your needs, all separated and protected from each other. We’ve worked with a few telecoms at the moment to pilot the technology, and I think for the moment that’s about the closest you’ll get to consumer-level virtualization beyond products such as VMware Fusion and VMware Workstation.

Lastly, this is the first time you’ve held the VMware Forum in the Middle East – what kind of feedback have you received from the delegates and what are your plans for the next show?
The one feedback that I’ve got consistently from partners and customers is “finally” and to do it again in the future. It’s important for us to meet people from the community and those who use our products, so it’s a good learning experience for everyone. It’s certainly the beginning of a long journey ahead!

Texas based Higinio O. Ocha (the 3rd) was part of a hacking group “CabinCr3w” which is supposedly a member of the worldwide hacktivist group Anonymous. Wanted by various law enforcement agencies for releasing sensitive information about dozens of police officers, Ocha was also responsible for hacking at least four law enforcement websites.

Apparently in February Ocha posted a picture of his then girlfriend (now wife) on his Twitter feed (@Anonw0rmer) with a message saying “‘PwNd by w0rmer & CabinCr3w <3 u BiTch’s”.

In all his hacking wisdom, Ocha forgot to turn off the geo-tagging feature on the iPhone from which the picture was taken, and the FBI tracked down the house from where the picture was taken. However, the picture simply lead to Ocha’s girlfiend’s house in Mebourne, Australia; nothing much the FBI could have done there.

Ultimately Ocha was tracked down via various Twitter links he had posted against the police. His real name was tracked down through a website which linked to his hacker alias “w0rmer”, through which the FBI found his apartment in Texas which was then kept under surveillance. It wasn’t long before the FBI tracked his Facebook where Ocha named his girlfreind in the photo posted on Twitter, which basically linked him to the Twitter account and the photo proclaiming his hacker alias “w0rmer”.

Ocha and his grilfirend are now married and in the US, and according to The Age, scheduled to appear before the criminal court in Texas this week.

At the VMware Forum 2012 in Dubai today, VMware announced that growth in the Middle East across the public and private sector has seen a rapid increase in the demand for virtualization and cloud computing solutions. Vmware’s strong knowledge of virtualization technologies and broad portfolio of product offerings make it a highly desirable ‘go-to’ partner.

The company revealed that in 2012 over 65% of business applications were being run in a virtual environment, with a report from Gartner Inc stating that over 81% of these were on VMware. With $3.77b revenue in 2011, VMware dominates the virtualization market, despite competitive technologies from the likes of Microsoft and Oracle.

Focusing on the region, VMware reported that its partnerships with various local industry leaders are also helping to coax companies to move to a virtualized environment. Partners such as Trend Micro help deliver industry-standard security without deploying antivirus agents into VMs.

“Many customers in the region have already virtualized their IT, and cloud computing is now one of the most important topics on IT executives’ agendas in the Middle East,” said Carl Eschenbach, co-president, customer operations, VMware. “This region is often an early adopter of new technologies, especially in vertical industries such as oil and gas, telecoms and the public sector, and we want to continue enabling our customers and partners to be part of the ongoing technology transformation happening in organizations across this region.”

When Anonymous recently started their operations in China, it wasn’t clear how far or easily they could succeed in breaching the infamous Great Firewall of China. However, it seems that their efforts have been so successful, even the strict and close Chinese government had to accept that their security had been breached.

Talking to CNN regarding the attacks on the government websites that were defaced and left with various messages, a spokesman for China’s Ministry of Foreign Affairs gave a three-part statement on Thursday.

“First of all, China’s Internet is open to all, users enjoy total freedom online. China has gained 500 million netizens and 300 million bloggers in a very short period of time, which shows the attraction and openness of China’s Internet.”

“Secondly, the Chinese government manages the Internet according to law and regulations. Thirdly, certain reports prove again that China is a victim of internet hacker attacks.”

In some of the websites hacked by Anonymous, various messages were posted against the government and their control of the Chinese internet. One such message read, “Your government has been in control of your network and filters harmful things. Careful.”

Pastebin recently became very popular with all the data dumps being posted on their from hacktivists groups like Lulzsec and Antisec. Usually the website is used for people trying to follow trending topics around the world, but the anonymity with which people can easily post information on there has now become an issue for the site owner Jeroen Vader. Pastebin has to rely on user reports for sorting out sensitive information; which on an average is 1200 reports per day.

“I am looking to hire some extra people soon to monitor more of the website content, not just the items reported,” he told the BBC. “Hopefully this will increase the speed in which we can remove sensitive information.”

Pakistan and turkey in particular have outright blocked Pastebin when sensitive information from some of their institutes was posted on there.

Pastebin attracts a monthly 17 million unique visitors, but with scandalous information such as bank accounts, username and passwords being posted from various institutes around the world targeted by Anonymous and other hacktivist groups. The website itself is usually a target of DDOS attacks from various hacker groups as well.  ”I do hear from people in the hackers community that many hackers like to test their DDOS skills on Pastebin,” said Jeroen Vader.

Re-installing Windows is something of a ritual that we have all had to perform some time or another on our PCs. Whether it’s the system slowing down, or an incurable virus so bad that not even the best antivirus can make things good again. Of course, let’s not discount outright hard drive failure either. In any case, chances are when trying to re-install Windows, you won’t have your original disc handy.

Now one of the great things about mobile phones and tablets is that you can always restore or reset the device to original factory settings within minutes. And as Microsoft is bridging the UI and overall experience gap between handheld devices and PCs, it only makes sense to bring this core functionality over to PCs. So with Windows 8 users will have the ability to either “Refresh” or “Reset” their copy of Windows 8 without a disc, as pointed out by Slash Gear.

Basically ‘Refreshing’ your Windows 8 will re-install the OS, but without making any changes to your saved documents and most apps installed. ‘Restoring’ your PC will wipe all data and give you fresh copy of Windows 8 to start over with.

You can check out this new functionality in the Windows 8 Consumer Preview for yourself.

Microsoft has recently started censoring Thepiratebay.se links used in their Windows Live Messenger IM client, as reported by TorrentFreak. From now on if you send a Pirate Bay link to anyone within Live Messenger, it will give you the below message.

Now this is not the first time an IM client has actively blocked a warez or software sharing site link; Facebook’s IM has been blocking thepiratebay.se links for a long time. Interestingly, other torrent sites remain uncensored; it’s only The Pirate Bay that’s affected.

Obviously there are many ways to bypass this censorship, such as using tinyurl or bit.ly or just spacing out the links.

When it comes to releasing the latest hardware in the market, Kingston has always been proactive in this region with their solid state drives. Today I’ll be looking at their latest enterprise level V+ 200 Series 120GB SATA III SSD.

The V+ 200 SSD uses the famous SandForce SF-2281 controller with eight asynchronous Intel 25NM MLC NAND flash chips. This is good enough to give the V+ 200 120GB SSD rated read and write speeds of 535MBps and 480MBps respectively and a 1 million hours MTBF. Keep in mind that the height of the V+200 series is 9.5mm, so most notebooks should be able to accommodate it, except some slimmer models.

Packaging

Since this is the complete upgrade kit, with the V+ 200 250GB SSD you also get the 3.5” mounting brackets along with the appropriate screws. There’s a molex to SATA power cable and software disc to complete the whole package.

Of course, we also have a USB 2.0 external casing should you want to house your old 2.5” laptop hard drive in there. Keeping the V+ 200 SSD in that casing will severely limit the performance of the drive due to USB 2.0 limited bandwidth.

Since the V+ 200 Series is an enterprise level drive, it uses DuraClass and DuraWrite technologies to optimize writes which in turns increases data integrity to efficiently handle wear-leveling over the life of the drive. Of course, a lot of these benefits can also be attributed to the SF-2281 controller which nicely handles real-time compressions for a long lasting drive, especially given the AES-256 bit hardware level encryption.