niwis consulting gmbh https://www.niwis.com/ niwis consulting gmbh ist spezialisiert auf IT-Sicherheit und Speicherverwaltung de Sat, 19 May 2012 22:02:10 GMT vBulletin 60 https://www.niwis.com/images/misc/rss.png niwis consulting gmbh https://www.niwis.com/ Worm Posts on SNS Sites and Wipes out Rivals https://www.niwis.com/threads/14822-Worm-Posts-on-SNS-Sites-and-Wipes-out-Rivals?goto=newpost Sat, 19 May 2012 09:35:56 GMT W32.Wergimog (http://www.symantec.com/security_response/writeup.jsp?docid=2012-031306-1802-99) is a worm that attempts to spread through removable... W32.Wergimog is a worm that attempts to spread through removable drives and opens a back door. When I looked into its variants, I found an interesting sample, which I named W32.Wergimog.B. Both samples are based on the same source code, but the .B variant contains even more interesting functionality that I would like to detail here.

For legitimate applications
W32.Wergimog.B injects itself into legitimate applications, such as Internet Explorer and Mozilla Firefox, as shown in Figure 1.


Figure 1. Threat injects itself into certain applications and then connects to the Internet

Once it confirms that the applications it has injected itself into have network connectivity, it performs the functions outlined below.

Posting on Social Networking Service (SNS) sites
If a user connects to any of the following SNS sites, the worm is capable of modifying a chat message, status update, or Tweet:

  • Facebook Chat
  • Facebook Wallpost
  • Hi5 Status Update
  • Hyves Status
  • Linkedin Status Update
  • Myspace Status Update
  • Omegle Chat
  • Tweet (Twitter)

Initially, the worm connects to the command-and-control (C&C) server to obtain the content that it posts to the SNS services. At present, we are unable to obtain these posts, but the posting command is called ‘spread’. It is likely, therefore, that the post contains a URL that points to a location where a user might download W32.Wergimog.B or some other malicious program.
This is not the first threat to attempt to spread through SNS sites. W32.Koobface, for example, also applied this approach. While there is an overlap in the sites that both of these worms use to spread, one distinction between the two is that unlike the Koobface family, W32.Wergimog.B does not make its own connection to the SNS servers by itself. Rather, it needs to wait for a user to make a new post and then the worm modifies it.

Account stealing
Another function of the worm allows it to steal user account and password information if a compromised user logs in to any of the following sites:

  • fileserve.com
  • hackforums.net
  • hotfile.com
  • megaupload.com
  • thepiratebay.org
  • uploading.com

It is interesting to note that some of the above sites are file sharing services. It is possible, therefore, that the stolen account information may be used to spread the worm through these download sites, thereby allowing it to spread even further.

Attack on rival threats
An interesting feature of this worm is that it also injects itself into other threats, as shown in Figure 2.


Figure 2. Injects itself into rival threats

The worm contains lists of rival threat names and signatures to determine if the threats exist on the same computer. The following threats are targeted:

  • DarkComet
  • IRCBot
  • Metus
  • RXBot
  • Warbot
  • xvisceral

The following image illustrates rival threat names and their corresponding signatures.


Figure 3. Threat names and corresponding signature “pairs”

After infection the worm hooks network communication on the computer. It then attempts to identify the signatures and end any processes of rival threats that it finds, as can be seen in the image below. This is very similar to how IPS software operates.


Figure 4. Wergimog.B kills processes of any rival threats that it finds

The targeted threats are very prevalent, so it may be that the W32.Wergimog.B author wants to avoid being removed along with these threats. This is because an increase in malicious network communications allows a user to be aware that an infection exists.
Sometimes we see a function in a threat that attempts to end the operation of rival threats, but generally speaking such functionality is very simple. For example, checking for a specific file path, process name, or registry entry. Conversely, the method employed by W32.Wergimog.B is very reliable as the signatures are very specific and thus it can be sure of stopping the rival threats.
In addition, both the original W32.Wergimog and the .B variant have three types of denial-of-service (DoS) attack vectors, which are UDP flooding, SYN flooding, and ‘Slowloris’. A DoS tool called Slowloris was released in 2009 and had a big impact on servers. It targets Apache 1.x, 2.x, and some HTTP servers. It’s a little old now but remains popular. W32.Wergimog variants use the same technique but we don’t know what the relationship is between the original tool and W32.Wergimog variants.
These two variants started to appear between April and June 2011, and both of them have continued to be reported on until April of this year. To avoid infection by the W32.Wergimog variants, keep your security products and OS updated. We are continuing to watch out for developments of the W32.Wergimog worm.


Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14822-Worm-Posts-on-SNS-Sites-and-Wipes-out-Rivals 419 Scammers Take Advantage of the Facebook IPO https://www.niwis.com/threads/14821-419-Scammers-Take-Advantage-of-the-Facebook-IPO?goto=newpost Fri, 18 May 2012 21:21:54 GMT Today sees the highly-anticipated IPO (Initial Public Offering) of the social-networking site Facebook. The IPO is expected to be several times... Today sees the highly-anticipated IPO (Initial Public Offering) of the social-networking site Facebook. The IPO is expected to be several times oversubscribed as the demand for shares greatly exceeds the number of shares being issued.
The high-profile nature of this IPO has not escaped the attention of the “419” or the “advance fee fraud” scammers. As a brief reminder, these scams typically promise vast sums of money in exchange for assistance. However, before said sums of money can be received, several increasingly-inventive up-front charges and fees must be paid. The fees keep coming and the promised money never materializes.
We recently spotted a 419 scam message offering a "FACEBOOK (IPO) SUBSCRIPTION PARTNERSHIP PROPOSAL". The use of an all uppercase heading is a common hallmark of such 419 scams.
The scam claims to be sent from a finance firm with offices in multiple locations around the world. The exact nature of the scam is unclear. The scam mentions loaning money under "soft" or generous terms to buy Facebook stock or shares and then selling them back to the finance firm at a price higher than the original purchase price.
The financial company claims to have offices in London, Hong Kong, and Dubai, yet the phone number included in the message is an answering service with a Sacramento, California phone number. The company's website claims that its registered office is in Cardiff, Wales.
A final strong indication that this is a scam is the email address, which the scammer is soliciting replies to. It is an amateurish-looking address at a common free Web-based email provider. A legitimate company would almost certainly use an email address at its own domain, rather than using a free Web-based address. The email address and name in the "From" header of the message are also different to the email address and name used in the message body.

Given the high profile nature of this IPO, we expect scammers to continue to take advantage of it in much the same way that they have taken advantage of previous news stories and events.
As usual, when receiving any kind of financial offer, exercise extreme caution. Use companies registered with the appropriate regulatory bodies for your jurisdiction, and if in doubt, don't hand over any of your money.
Symantec customers are protected against this and many other threats.



Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14821-419-Scammers-Take-Advantage-of-the-Facebook-IPO Malware Charges a Fee for Free Apps on Google Play https://www.niwis.com/threads/14820-Malware-Charges-a-Fee-for-Free-Apps-on-Google-Play?goto=newpost Fri, 18 May 2012 06:36:01 GMT Android.Opfake (http://www.symantec.com/security_response/writeup.jsp?docid=2012-012709-2732-99) is malware used to scam mobile device owners into... Android.Opfake is malware used to scam mobile device owners into paying a small fee for apps by sending out premium-rate SMS messages from Android devices. It has continued to grow and evolve into a threat that potentially affects a large population of Russian-speaking Android device owners. A quick Internet search will show over a hundred sites, including dedicated sites for popular apps and other sites, pretending to be app market sites with various apps available. There are several variants of Android.Opfake hosted on these sites with different methods to lure victims there initially, and different steps involved in each scam.
We recently came across one variant that carries out its actions in an interesting fashion. The end result makes it so obvious that Android.Opfake is fraudulent because it directs the device owner to Google Play to install the app even though installation had already happened. In this instance, the apps are hosted on dedicated sites as well as fake app markets—typical for Android.Opfake. Here is an example of one of these sites hosting a popular app:


After downloading, installing, and opening the app, an installation appears to run again:


That’s strange, we already installed the app; this installation must be fake.
When the fake installation completes, the device owner is asked to confirm an agreement and continue by clicking a button. Where is this agreement, you may ask? There is actually a link at the bottom of the screen. If read, the agreements states the user will be charged for using the app. It's difficult to notice. You may not even see it:



Let’s press the only button available. We next see a screen that displays a URL and only one button again:


Pressing that button opens the website shown below. There are many apps listed on the page, but we want to take note of the first URL at the top of the page. This is the URL for the app on Google Play that is supposed to be installed already:

Selecting this link does indeed open up Google Play, at least. If you take a close look at the title and the icon of the app on this page, you’ll notice the app we thought was originally installed is absolutely free on Google Play (where we recommend getting it from rather than from an untrusted site):



At this point, it might cross someone's mind that they had just become a victim of a scam or, at least, have a feeling there is something not right here. It’s a bit too late as far as the scam goes because the premium-rate SMS message has already been sent (in the background) during the fake installation.
You should only install apps outside of Google Play from trusted sites. Always check permissions before installation, regardless of where the app is found. If you are not comfortable with some of the permissions requested by the app, do not install it. This particular malware takes advantage of SMS-related permissions, for instance, to perform malicious activities. Games usually should not require such permissions. Finally, protecting your device with a security app such as Symantec’s Norton Mobile Security is also recommended.


Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14820-Malware-Charges-a-Fee-for-Free-Apps-on-Google-Play Mehrere Schwachstellen in Symantec Web Gateway https://www.niwis.com/threads/14819-Mehrere-Schwachstellen-in-Symantec-Web-Gateway?goto=newpost Fri, 18 May 2012 06:34:48 GMT Symantec berichtet im Security Advisory SYM12-006... Symantec berichtet im Security Advisory SYM12-006 von mehreren Schwachstellen in Symantec Web Gateway und empfiehlt das Upgrade auf Version 5.0.3. ]]> Symantec News uspange https://www.niwis.com/threads/14819-Mehrere-Schwachstellen-in-Symantec-Web-Gateway Delving into Andoid.Opfake https://www.niwis.com/threads/14818-Delving-into-Andoid-Opfake?goto=newpost Thu, 17 May 2012 19:36:27 GMT Pre-dating many of the mobile platforms it currently targets and outlasting several of the mobile platforms where it originated from, Android.Opfake... Pre-dating many of the mobile platforms it currently targets and outlasting several of the mobile platforms where it originated from, Android.Opfake has a tendency for survival on the mobile threat landscape not unlike roaches in the aftermath of a nuclear holocaust. Combing business savvy through a strong black market affiliate network and quick reaction time to adapt itself to thwart efforts by security vendors, Opfake has not only managed to stay in business for several years, the Opfake family has come to define the evolution of mobile malware.
Like many traditional Trojan horses, on the surface Android.Opfake purports to be a legitimate application. In fact, we have observed several variants of the Trojan masquerading as various apps and content, including an installer for the Opera Web browser and a pornographic movie. Analysis of the code behind the malicious program, as ever, reveals a truer sense of its nature. Numerous suspicious functions exist in its functionality that would have no reasonable place in any legitimate application. For example, encryption of its own configuration files—doubtless an attempt to prevent its behavior from becoming too obvious. It also contains functionality to collect contact details from the device—behavior that immediately raises concerns about information-stealing.
These suspicious activities and more are discussed in greater detail in a recent white paper, entitled Android.Opfake In-Depth.


Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14818-Delving-into-Andoid-Opfake Phishers Eye Korean Customers https://www.niwis.com/threads/14817-Phishers-Eye-Korean-Customers?goto=newpost Thu, 17 May 2012 10:17:54 GMT Phishers have enveloped the globe mimicking brands across a variety of industries and using many languages. From April 2012, phishing attacks in... Phishers have enveloped the globe mimicking brands across a variety of industries and using many languages. From April 2012, phishing attacks in Korean gained momentum, comprising of 0.5 percent of all non-English phishing sites. The increase was in particular targeting banks based in South Korea. The primary motive in these attacks is financial gain, as it is in most phishing attacks. Let’s explore some of the phishing sites we have observed.
In the first example, the phishing site asked for the customer’s name, social security number, cell phone number, account number, account password, and transfer password. After the information was entered, the customer was redirected to a page that asked for the security card serial number. The phishing site then redirected back to the legitimate site.

Figure 1. Phishing site asks for customer details


Figure 2. Phishing site directed to a page that asked for the security card serial number

In another phishing site, the customer was asked for their name and social security number. Customers were asked to accept the user agreement before entering their confidential information. Upon entering the required information, customers were redirected to a page that prompted them for further details. Here, the social security number previously entered was auto-populated. The other details required included debit account number, withdrawal account password, transfer password, security card serial number, and security card password. The phishing sites were hosted on servers based in the USA and China. If customers fell victim to these phishing sites, phishers would have successfully stolen their information.

Figure 3. Customers were asked to accept a user agreement before entering their details


Figure 4. Customers asked for further details and the social security number they previously entered is pre-populated

Phishers often wander over international waters in pursuit of prey and continually search for more victims. The increase we are seeing in phishing sites in Korean is proof of their frame of mind.
Internet users are advised to follow best practices to avoid phishing attacks:

  • Do not click suspicious links in email messages.
  • Avoid providing any personal information when answering an email.
  • Never enter personal information in a pop-up dialog box or screen.
  • When entering personal or financial information, ensure the website is encrypted with an SSL certificate by looking for a padlock icon, ‘https’, or the green address bar.
  • Frequently update your security software, such as Norton Internet Security 2012, which protects you from online phishing.



Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14817-Phishers-Eye-Korean-Customers Thieves in the Temple: Android.Opfake Makes Another Run https://www.niwis.com/threads/14816-Thieves-in-the-Temple-Android-Opfake-Makes-Another-Run?goto=newpost Wed, 16 May 2012 21:26:06 GMT The Opfake gang can be called many things but “lazy” isn't one of them. In the digital age we live in, they are taking the analog art of social engineering to new heights. Several dummy sites have been established, acting as a front for the distribution of popular game titles.
All of the front-end sites connect back to a central back-end site that acts as a file generator or repository. The following list includes some front-end sites we have identified so far:





You’ve got to love the fact that they are now showing actual screenshots from a device playing the game in an attempt to get people to believe that the game is a legitimate copy.
Users should always pay attention to the permission requests when installing apps and, when in doubt, check for the official developer’s website for an official download link. In my next blog, Android Apps Get Hit with the Evil Twin Routine: Part 2, we will take a closer look at the common tricks that we have seen being used by dodgy apps and how to avoid them.


Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14816-Thieves-in-the-Temple-Android-Opfake-Makes-Another-Run OSX.Flashback – How to Turn Your Botnet into $$$ https://www.niwis.com/threads/14815-OSX-Flashback-%C2%96-How-to-Turn-Your-Botnet-into?goto=newpost Wed, 16 May 2012 21:26:06 GMT Further analysis of the OSX.Flashback (http://www.symantec.com/security_response/writeup.jsp?docid=2011-093016-1216-99) botnet has shed more light on... Further analysis of the OSX.Flashback botnet has shed more light on how profitable such a botnet can be. Previously, we wrote that OSX.Flashback was generating money for its authors by displaying advertisements on compromised computers. We now have a much clearer idea of how many ads the attackers were displaying and how much those ads earned for the attackers.
From our analysis we have seen that, for a three-week period starting in April, the botnet displayed over 10 million ads on compromised computers but only a small percentage of users who were shown ads actually clicked them, with close to 400,000 ads being clicked. These numbers earned the attackers $14,000 in these three weeks, although it is worth mentioning that earning the money is only one part of the puzzle—actually collecting that money is another, often more difficult, job. Many PPC providers employ anti-fraud measures and affiliate-verification processes before paying. Fortunately, the attackers in this instance appear to have been unable to complete the necessary steps to be paid.
It is estimated the actual ad-clicking component of Flashback was only installed on about 10,000 of the more than 600,000 infected machines. In other words, utilizing less than 2% of the entire botnet the attackers were able to generate $14,000 in three weeks, meaning that if the attackers were able to use the entire botnet, they could potentially have earned millions of dollars a year.
For someone who is controlling a botnet of this magnitude, there are plenty of options. Recently we have seen many botnets using fraudulent ads to generate revenue for attackers. That is exactly the case with Flashback: the operators decided to leverage their botnet to commit fraudulent ad-clicks, also known as click fraud.
Analyzing the traffic delivered from the Flashback command-and-control (C&C) servers, we were able to follow the redirects used by the attackers. Compromised computers pass users' search keywords to the attackers. The attackers then contact various pay per click (PPC) services and route the ads from the PPC providers to the compromised computer—in the process earning money for those ads from the PPC providers.
We were able to identify patterns in the traffic sent to the compromised computers showing that the Flashback operators prefer some PPC providers over others. In fact over 98% of the ads being sent to compromised computers appear to originate from the same PPC provider. In such cases, the attackers are taking advantage of both users and the PPC providers by getting paid for ads that may not have been seen by users and may not be relevant to what the user searched for.

Process – Getting Paid
The OSX.Flashback bot-master hijacked Google’s search results and displayed their own PPC search results to create conversions. In the non-mainstream PPC world, keywords that generate the most pay out are usually related to pharmaceutical products, debt-mortgage consolidation, and auto-insurance. Generally, low demand search keywords such as yarn, glue, silly putty, etc., are usually the least expensive to use, but generate considerably less pay out.
Although the authors of Flashback had the opportunity to send users ads for search terms other than what the user had searched for, this is not what they decided to do. If a user searches for “toys” they are returned ads that are related to toys, likely avoiding the auditing programs that pay per click providers put in place. A search for “toys” on Google, for instance, results in a hijack by OSX.Flashback where the C&C server sends back the following encoded URL:
[http://][IP ADDRESS]/click.php?id=oilZLmquP5Xbg7U282f16g_6-uBw5r_xrTrfouhLHbOkwDfu0QZN4X21K6rK98QROh[REMOVED]
This URL redirects the user to the following URL that is related to the original search term “toys”:
[http://][REMOVED]search.net/?login=[REMOVED]&search=toys
Even though only a small fraction of the more than 600,000 compromised computers redirected users, the attackers still managed to display over 10 million ads in a three week period, generating $14,000 in revenue during. Had the attackers been more successful in installing the final payload they could have been earning considerably more than that, which makes this a profitable model for the attackers. Although per-per-click botnets are not a new idea—we have seen them on Windows for years—as the market share of Mac increases, we will see more Mac-related botnets similar to this one in the future.


Weiterlesen... ]]> ENGLISH: Symantec News RSS-Bot https://www.niwis.com/threads/14815-OSX-Flashback-%C2%96-How-to-Turn-Your-Botnet-into Update: Angriff auf Microsoft-Sicherheitslücke breitet sich weltweit aus https://www.niwis.com/threads/14814-Update-Angriff-auf-Microsoft-Sicherheitsl%C3%BCcke-breitet-sich-weltweit-aus?goto=newpost Wed, 16 May 2012 12:09:11 GMT Eine Angriffswelle, die eine vor kurzem von Microsoft geschlossene Sicherheitslücke missbraucht, nimmt weltweite Ausmaße an. Sie ist nun zu einer... Eine Angriffswelle, die eine vor kurzem von Microsoft geschlossene Sicherheitslücke missbraucht, nimmt weltweite Ausmaße an. Sie ist nun zu einer gezielten Attacke geworden.


Weiterlesen... ]]> Trendmicro News RSS-Bot https://www.niwis.com/threads/14814-Update-Angriff-auf-Microsoft-Sicherheitsl%C3%BCcke-breitet-sich-weltweit-aus Norton, übernehmen Sie: Sicherheitsexperten wirken beim „Cybergeddon“-Filmprojekt mit https://www.niwis.com/threads/14813-Norton-%C3%BCbernehmen-Sie-Sicherheitsexperten-wirken-beim-%C2%84Cybergeddon%C2%93-Filmprojekt-mit?goto=newpost Wed, 16 May 2012 09:28:45 GMT Yahoo! und CSI-Macher Anthony E. Zuiker starten digitales Filmprojekt/Olivier Martinez und Missy Peregrym übernehmen die Hauptrollen/Norton stellt... Yahoo! und CSI-Macher Anthony E. Zuiker starten digitales Filmprojekt/Olivier Martinez und Missy Peregrym übernehmen die Hauptrollen/Norton stellt Filmemachern Expertise zur Verfügung

Weiterlesen... ]]> Symantec News RSS-Bot https://www.niwis.com/threads/14813-Norton-%C3%BCbernehmen-Sie-Sicherheitsexperten-wirken-beim-%C2%84Cybergeddon%C2%93-Filmprojekt-mit Das neue Norton 360 Everywhere: Multiplattformlösung für grenzenlosen Schutz https://www.niwis.com/threads/14812-Das-neue-Norton-360-Everywhere-Multiplattforml%C3%B6sung-f%C3%BCr-grenzenlosen-Schutz?goto=newpost Wed, 16 May 2012 09:28:45 GMT Die neueste Lösung von Norton sichert User und ihre Daten gegen Online-Gefahren über Geräte und Plattformen hinweg Weiterlesen...... Die neueste Lösung von Norton sichert User und ihre Daten gegen Online-Gefahren über Geräte und Plattformen hinweg

Weiterlesen... ]]> Symantec News RSS-Bot https://www.niwis.com/threads/14812-Das-neue-Norton-360-Everywhere-Multiplattforml%C3%B6sung-f%C3%BCr-grenzenlosen-Schutz Deep Security 8.0 SP1 ist jetzt erhältlich! https://www.niwis.com/threads/14811-Deep-Security-8-0-SP1-ist-jetzt-erh%C3%A4ltlich%21?goto=newpost Wed, 16 May 2012 09:12:59 GMT Laden Sie das neue SP1 aus dem Download Center (http://downloadcenter.trendmicro.com/) herunter, um zusätzliche Unterstützung für Linux Red Hat /... Laden Sie das neue SP1 aus dem Download Center herunter, um zusätzliche Unterstützung für Linux Red Hat / Suse / CentOS Kernel, für VMware ESX/ESXi 4.1 und ESXi 5.0 sowie für neue lokalisierte Versionen zu erhalten.

Neu u. a.:
  • On Demand scan agent based anti-malware on Linux. Supported versions are Red Hat Linux 5, 6 (64 bit only), Suse Linux 10, 11 (32 and 64bit)
  • Protecting ESX 4.1/ESXi 4.1 hosts with Deep Security 8.Deep Security can now provide protection for virtual machines running on ESX/ESXi 4.1 and 5.0. You can use the same Deep Security Virtual Appliance in combination with the proper version of the Filter Driver.
  • Improved anti-malware scan exclusions. Exclusions were only possible for files. Now directories, files and file extensions are supported for the anti-malware scan, either by listing them specifically or through the use of wildcards.
  • More Localization. The manager is now also available in Japanese and Simplified Chinese. The agent and notifier are also localized in German, French, Spanish, Italian, Russian, Japanese, Korean, Simplified Chinese and Traditional Chinese.
]]> Trend Micro OfficeScan/ServerProtect uspange https://www.niwis.com/threads/14811-Deep-Security-8-0-SP1-ist-jetzt-erh%C3%A4ltlich%21 niwis Event: 2. niwis Security Day https://www.niwis.com/threads/14810-niwis-Event-2-niwis-Security-Day?goto=newpost Tue, 15 May 2012 12:48:11 GMT *niwis consulting gmbh bringt auch in diesem Jahr wieder die Experten zusammen * Nach dem Erfolg aus dem letzten Jahr, veranstalten wir am *02.... niwis consulting gmbh bringt auch in diesem Jahr wieder die Experten zusammen

Nach dem Erfolg aus dem letzten Jahr, veranstalten wir am 02. Juli 2012 unseren zweiten niwis Security Day in Ratingen. Themen diesmal u. a. aktueller Status zur Version SEP12, Virtualisierungs-Strategien, Symantec.Cloud und O3 sowie das gerade aktuelle Thema mobile Strategien. Auch in diesem Jahr haben wir wieder Gastredner von Symantec eingeladen.

Agenda

09:30 - 10:00 Begrüßung und Frühstück
10:00 - 10:15 Willkommen

10:15 - 11:45 Symantec Strategie und Roadmaps
11:45 - 12:45 Symantec Endpoint Protection in einer virtualisierten Umgebung

12:45 - 13:45 Mittagspause / Imbiss

13:45 - 14:45 Datenschutz und Management für Clouds mit O3

14:45 - 15:00 Kaffeepause

15:00 - 15:30 Notfallwiederherstellung mit Backup Exec 2012
15:30 - 16:30 Mobile Geräte im Unternehmen, Vorschläge zur Strategie

im Anschluss Fragen & Antworten, Verlosung

Ende ca. 17:00 Uhr


Wir freuen uns auf Ihre Anmeldung




]]> Generelle Fragen und Beiträge Angel https://www.niwis.com/threads/14810-niwis-Event-2-niwis-Security-Day Angebotspreise für ACT! 2012 Premium Web mit dem neuen Service Pack 2 https://www.niwis.com/threads/14809-Angebotspreise-f%C3%BCr-ACT%21-2012-Premium-Web-mit-dem-neuen-Service-Pack-2?goto=newpost Tue, 15 May 2012 12:45:05 GMT Bild: https://www.niwis.com/images/Diverse/act_b.gif Wir freuen uns, Ihnen mitteilen zu können, dass es in der Zeit vom 29.05. bis zum 29.06.2012...

Wir freuen uns, Ihnen mitteilen zu können, dass es in der Zeit vom 29.05. bis zum 29.06.2012 jeweils eine Neukunden- sowie eine Bestandskunden-Kampagne für das neue Service Pack 2 für ACT! 2012 Premium Web geben wird.

Neukunden-Kampagne:
Neukunden erhalten die Version ACT! 2012 Premium Web mit dem neuen Service Pack 2 zum Spezialpreis für 459 Euro statt 559 Euro.

Hier profitieren Neukunden also vom Preis der „Premium-Version“, erhalten jedoch zum gleichen Preis die „Premium Web“-Version.

Bestandskunden-Kampagne:
Diese Kampagne besteht aus 2 Preisstufen:

  • ACT! 7 und ACT! 8-Altkunden erhalten ACT! 2012 Premium Web für den Upgradepreis der Vorgängerversion, also für 429 Euro statt dem regulären Neupreis von 559 Euro
  • ACT! 9,10,11 und 12er-Kunden (2010) von ACT! erhalten 10 % Rabatt auf dem Upgradepreis – somit ergibt sich ein finaler Kampagnenpreis von 379 Euro statt bisher 429 Euro


Auch hier bleiben die Wartungspreise (Servicebundle) unverändert bestehen – es gelten die regulären Preise der aktuellen Preisliste.

Live-Demo:
Es steht ein Demo-Server zur Verfügung, auf dem Sie den mobilen Zugriff über HTML5 testen können. Wir empfehlen hierfür den Einsatz des Web-Browsers „Safari“ oder den direkten Zugriff vom mobilen Endgerät (iOS, Android, Windows Phone etc.).

Englisch:
http://184.72.19.109/apfw/m
Benutzername: Chris Huffman
Kein Passwort

Deutsch:
http://www.sage.de/actpremhtml5
Benutzername: Chris Huffman
Kein Passwort

]]> ACT! und Add Ons uspange https://www.niwis.com/threads/14809-Angebotspreise-f%C3%BCr-ACT%21-2012-Premium-Web-mit-dem-neuen-Service-Pack-2 Service Pack 2 für ACT! 2012 Premium Web, jetzt mit voller HTML5-Unterstützung! https://www.niwis.com/threads/14808-Service-Pack-2-f%C3%BCr-ACT%21-2012-Premium-Web-jetzt-mit-voller-HTML5-Unterst%C3%BCtzung%21?goto=newpost Tue, 15 May 2012 12:39:01 GMT Bild: https://www.niwis.com/images/Diverse/act_b.gif Wir freuen uns, Ihnen mitteilen zu können, dass es ab sofort das neue Service Pack 2 für...

Wir freuen uns, Ihnen mitteilen zu können, dass es ab sofort das neue Service Pack 2 für ACT! 2012 Premium Web gibt, wodurch der Zugriff von nahezu jedem mobilen Endgerät möglich wird durch die Unterstützung des HTML5-Standards.

Details:
Mit dem Service Pack 2 für ACT! 2012 Premium Web erhalten Neu- und Bestandskunden Kunden die Möglichkeit, von unterwegs auf ihre lokalen Daten in ACT! 2012 Premium Web direkt zugreifen zu können (hierbei wird direkt auf die Datenbank zugegriffen, so dass keine Synchronisation stattfinden muss) über die HTML5-Technologie. Die Administration erfolgt zentral über ACT! Premium Web, so dass kein doppelter Aufwand für die Benutzereinstellungen notwendig wird. Auch diese Lösung unterstützt alle HTML5-fähigen Endgeräte und es können noch mehr Daten und Einstellungen verwaltet bzw. angezeigt werden, unabhängig von der ACT!-Datenbankgröße auf dem Server.

Leistungen im Detail:

Kontakte:


  • Konfiguration und Bereitstellung aller vorhandenen Felder mit anpassbaren Layout
  • Aktivitäten, Notizen und Historien sind vollständig einsehbar, filterbar und anpassbar


Kalender:

  • Tages-, Listen- und Monatskalender
  • Separate Aufgabenliste mit Filter- und Suchfunktion
  • Erinnerungen können als „Banner“ auf den mobilen Endgeräten angezeigt werden


Aktivitäten:

  • Hinzufügen-/Editieren von Aktivitäten
  • Alle Aktivitätstypen werden unterstützt, Historien können abgeschlossen werden
  • Prioritäten können gesetzt werden
  • „Als Privat markieren“ kann verwendet werden
  • Termine mit anderen Kontakten vereinbaren
  • Zeitlose Termine
  • Ressourcen-Unterstützung
  • Folgeaktivitäten


Notizen/Historien:

  • Separate Ansichten für Notizen und Historien
  • Hinzufügen und Editieren von Notizen und Historien
  • Datum und Zeit kann bei Notizen und Historien hinzugefügt werden
  • Automatisches „Popup“ zum Aufzeichnen von Anrufen und Emails
  • Notizen- und Historien können mit multiplen Kontakten verknüpft werden


Dateianhänge:

  • Öffnen von Notizen, Historien und Anhängen (diese können auch mit der bekannten Stichwortsuche durchsucht werden)


Globale Suche:

  • Universal-Suche über alle verfügbaren Felder, Details und angehängten Dateien


Das Service Pack 2 steht allen ACT! 2012 Premium Web-Kunden kostenfrei zum Download zur Verfügung!

Live-Demo:
Es steht ein Demo-Server zur Verfügung, auf dem Sie den mobilen Zugriff über HTML5 testen können. Wir empfehlen hierfür den Einsatz des Web-Browsers „Safari“ oder den direkten Zugriff vom mobilen Endgerät (iOS, Android, Windows Phone etc.).

Englisch:
http://184.72.19.109/apfw/m
Benutzername: Chris Huffman
Kein Passwort

Deutsch:
http://www.sage.de/actpremhtml5
Benutzername: Chris Huffman
Kein Passwort

]]> ACT! und Add Ons uspange https://www.niwis.com/threads/14808-Service-Pack-2-f%C3%BCr-ACT%21-2012-Premium-Web-jetzt-mit-voller-HTML5-Unterst%C3%BCtzung%21