Trend Micro CTF 2017


Hello Friends!!!

Our company is running a cool educational contest this summer that is worth checking out. It is a global competition intended to help build skills among young professionals and seasoned veterans in the area of cybersecurity.

This Trend Micro event, called Capture the Flag (CTF), will consist of challenges across 4 disciplines including targeted attacks, cybercrime, IoT, and SCADA. Winner gets JPY 1,000,000 (approximately US$8,700) plus much much more!!!

Trend Micro is also offering an amazing opportunity for the top 10 online qualifying teams and will cover travel expenses to Japan (up to JPY 200,000 / approximately US$1,810/ conditions apply) as well as three nights hotel accommodation. Even if you are not really interested in the prizes, this is a great opportunity for you to test your skills and learn!

With a global shortage of skilled cybersecurity experts, this is a great way for people to build their knowledge of this industry.

Think you have what it takes?

REGISTER NOW

Btw, I blogged about the Trend Micro CTF 2017 in my other tech blog 🙂 please check it  out  too 🙂

Before I end the post, the usual disclaimer/disclosure:
I work at Trend Micro. The information contained in this post is taken from Trend Micro press materials. The views expressed in this blog are mine alone and do not necessarily represent my employer’s positions, strategies or opinions.

To know more on what I do full-time kindly visit my blog’s about page. To read my blog’s disclosure policy, kindly visit my disclosure page

For infosec, malware and tech stuff, please follow me in Twitter

 

I love bitcoins and cryptocurrencies and I wrote some articles about bitcoin here at menardconnect.com and in our company security blog some years back.

I also delved into mining crypto-coins but my electricity costs and my alt-coin mining difficulty is at odds so I re-assessed the situation and concluded it was not cost effective anymore. So I stopped mining some years ago and I monitored the bitcoin  scene and its infosec connection from the sidelines of social media.

This year, I read that Bangko Sentral ng Pilipinas (BSP) issued some guidelines on virtual currencies  and for me this is some sort keeping up with the times of BSP (hehe acceptance of reality maybe)  and is a long awaited good news overall. So I decided that the time is ripe for Philippines and Bitcoin so I searched what my friend Dexter of TechAthand.net and BestofRiyadh.com mentioned in one of his posts that a PH-based company is offering an easy way to buy bitcoins and do purchases and remittances with cheaper costs. So I researched more about that company (Coins.PH) and find that it’s very promising 🙂 . Luckily, a friend IRL mentioned that he is using Coins.PH too so this sealed the deal.

I registered at the Coins.PH website and downloaded the iOS app and tried using the Coins.PH services. And I am very happy to say that Coins.PH is very easy to use and is really promising as lot of merchants are using it to sell e-loads, pay bills (for telco/utilities like meralco) and allow sending of remittances. Payment is very easy too (via G-cash, 7-11 stores, Cebuana Lhuillier or bank transaction (online or OTC (over-the-counter). These are my top choices of payment but you can see other options in the website or app and use what is convenient for you. From my personal checking, the app and the website is secure, but of course I will be constantly be vigilant about this and will check it from time to time. I know that good security practices with your mobile phone and computing machines (PC/Macs) is a must for the overall security and safety of bitcoins transaction and other online financial activities. Update: I also had some good experience dealing with the support folks on some issues so this is another plus for them 🙂

To show my appreciation and support to Coins.PH and the bitcoin community around the world and in the Philippines I am doing this awareness post on Bitcoins and Coins.PH. I strongly recommend that you, my readers, friends (online and IRL) and supporters try Coins.PH too by registering using my Coins.PH referral link . Registration is FREE, but the good thing with registering using my Coins.ph link, we both earn 50 pesos each (credited to our Coins.PH wallet) when you complete the verification process. To complete the verification process they will require Identification (ID) card upload as to prevent potential abuse (hehehe shoutout to our friends at BSP and AMLC 😀 ). If you are not comfortable about uploading your ID and complete the verification it’s A-OK too, the only drawback is that you will have some daily transaction limit (P2,000) but still, the basic account can be a good way to try and have a hands-on feel on how to do wallet and bitcoin transactions.

Again I invite you to try Coins.PH  its FREE and SAFE. And as the saying goes… there is no harm in trying 🙂

Hope you like my bitcoin and Coins.ph post. If you like bitcoin and coins.ph too please feel free to leave a comment at the end of this post or leave some comments at our facebook page.

Mobile Legends Tips and Cheats: My Favorite Six Heroes

Mobile Legends MoBA is a very exciting game. It’s so hot too that I’ve got lots of FB friends that are into it too. Even a local telco joined in the MoBA fray and organized a Mobile Legends MoBA tournament of sorts recently. For me Mobile Legends is like DotA (Defense of the Ancients) but for the mobile phones. My last MoBA was DoTA (haha forgive me if I’m an old school gamer) so it was an instant hit for me when my family members invited me to try it out.

And since I miss posting about games here at menardconnect.com and since Mobile Legends is one of my fave games now, I am posting my six favorite Mobile Legends heroes, in the tradition of my free six video series.

First fave hero is Layla, the starting hero from the tutorial

this one is using the old classic look of Layla, and this hero is the most simple and easy hero to use.

Miya,

my most played hero now (I think) as its very easy to play and have good damage output

Bruno, my alternate maskman/ranged hero

that is sturdier than either Layla or Miya.

Eudora, my favorite mage hero with her electric attacks,

kinda easy to use to (but caveat, shes a little bit fragile)

Yun-Zhao, my favorite assassin and fighter combo

with his trademark move 🙂

And last but not the least, the powerful Freya

The catch with Freya is that she is not free.

I will try to feature some of them (if not all) in future posts here at menardconnect.com but for now we can mark this as Part 1 of my Mobile Legends Tips and Cheats posts.

How about you? Do you like Mobile Legends too? If yes, please share your favorite hero by leaving some comments at the end of this post or leave some comments in our facebook page too.

The Farm Organics Nuvali

I missed doing foodie blog post here in menardconnect.com. I also want to give some commendation to the The Farm Organics Nuvali crew because we really enjoyed our recent dinner there.

So let me do the a short Post Pictures Now Blog Details Later for The Farm Organics Nuvali.

Here is a Terrific Trio pics from our The Farm Organics Nuvali visit

(Terrific Trio because *hint* see the connection hehehe 🙂 )

Will post the blog details part of this post this May 2017.

 

A Tribute to Raimund Genes, Trend Micro CTO

When your father dies, people say many things to you, much of it the same thing. Sorry for your loss. Condolences. May he rest in peace. You will not remember words. You will remember kindness.
Mary Schmich, Chicago Tribune

I had a privilege of being under one of Raimund Genes teams as he led the Core Technology group in Trend Micro. He was a lively speaker, a vibrant storyteller and a true visionary.

I remember my happy moments with Raimund; when he caught me wearing a controversial shirt in the office (and his reaction was precious), when one time he complimented me on a blog article I did for the TrendLabs Security Intelligence Blog :), while attending his training on presentation skills, he asked me why I have that kinda evil smile on my face while he was presenting one slide and I awkwardly have to explain the reason why. And who would forget all his hilariously catchy costumes at our TrendLabs Christmas Parties. Fun times indeed!!!

I will greatly miss his presentations, his cute way of saying “The malware, the threats, the cybercriminals”, his unique accent, his explanations on European laws (he usually discussed it together with the US ones) and his thoughts on how it may impact my projects and modules plus a lot of other technical and geeky discussions. I will forever cherish the learning and insights from Raimund.

I’m sharing our CEO’s Tribute to Raimund.


<video courtesy of Youtube and TrendMicro.com>

Words cannot express my sadness so let me share some lines from an old article I’ve read.

When your father dies, it doesn’t matter that other people’s fathers have died, that fathers have been dying since human time was born. What matters in the moment of his death is that he was your father. Your one and only. Your loss is unique, profound, yours alone.

When your father dies, people say many things to you, much of it the same thing. Sorry for your loss. Condolences. May he rest in peace. You will not remember words. You will remember kindness.

When your father dies, the small particulars of his life, the kind you barely noticed when he was alive, grow into revelations.

When your father dies, you will become more intrigued by the life he built from the childhood he was given.

When your father dies, you start to know him better. “Oh,” you think, a long time later, “now I get it.”

But every now and then, when the sky is a particular shade of blue, or you spot a man with a familiar build on the street, or you hear the chatter of a ballgame on the radio, you will feel a knot in your chest, and to no one in particular, you’ll say, “Dad.”
🙁

More of that touching article here courtesy of Chicago Tribune and Mary Schmich.

My thoughts are with Raimund’s family, his wife Martina, and his two sons.

And I am offering a short prayer for Raimund to end this post.

Eternal rest grant unto him, O Lord,
And let Your perpetual light shine upon him,
May he rest in peace, Amen!

Amen!

On Ransomware, PNP and Infosec

“I’m so three thousand and eight
You so two thousand and late”
Boom Boom Pow, Black Eyed Peas

And so our beloved Philippine National Police Anti-Cybercrime Group (PNP-ACG) warned the Filipino citizenry about ransomware. Wow! I’m lost for words, so let me just sing a song from the the Black Eyed Peas instead

We have this quote/saying in Filipino “Huli man daw at magaling, naihahabol din!” So let me welcome the Philippine National Police, PNP-ACG to the Ransomware party! Habol na lang mga Boss Chief, kaya natin ito!

On the brighter side of things, I’m happy that our PNP finally gave some warning about the dangers of ransomware. I know they are doing their best in keeping up with the latest threats and cybercrime and as a responsible Pinoy infosec (information security) dude here in the Philippines, I support  them on these efforts.

On the geeky tech side of things, Ransomware started sprouting like mushrooms in the last 2~3 years (or maybe more). How do I know this one? I’m just lucky, because I eat malware for breakfast (almost every day) 🙂  I am very thankful that I am part of this wonderful team that helps protect the world from these types of online threats! I love you TM Team! 🙂

So when I read GMAnews article on PNP, Ransomware it brings back “senti” ransomware moments because if I remember it correctly, the first ransomware that caught my interest was the Bundespolizei Police Ransomware (around 2012). Bundespolizei is Germany’s Police force and that ransomware variant pretends to becoming from the German Police entity and it demands payments/ransom from the victims. More geeky details of the German police ransomware here . Police and ransomware always go together pala talaga! Hehehe!

I also promised on my some blogging thoughts  post that I will do something different on my blog this year so let me take this opportunity to launch (or re-launch) my infosec/security focused blog AVsecurityProductManager.com. I have posted a Ransomware inspired article there and this is a shameless plug so please visit me there too.

For more details about Ransomware please visit Trend Micro Ransomware info page

Before we end, some disclosure: I work at Trend Micro. The views expressed in this blog are mine and mine alone (and do not necessarily represent my employer’s positions, strategies or opinions). Read my about page on what I do.

“It is a fool who repeats the same actions expecting a different outcome”
-Grom Hellscream, Lord of the Clans by Christie Golden

I was reading my friends article entitled Filipinos actually love their bloggers via Manila Bulletin  and I did some reflection on why there are very few posts here in menardconnect.com recently. So many reasons here and there 🙁 . But reading the names of blogs, bloggers and hashtags in Tonyo‘s article really made me “senti” and inspired me to do a more serious reflection on my blog and blogging in general. So I also revisited my old post back in 2009 (yup this blog was self-hosted wordpress blog since 2008). The scenario was we (my high school batchmates and I was discussing what blogs was then. I am pasting some snippet of the discussion.

“What is a blog?
wikipedia definition:
A blog (a contraction of the term “Web log”) is a Web site, usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video. Entries are commonly displayed in reverse-chronological order.

“Blog” can also be used as a verb, meaning to maintain or add content to a blog

blogger.com definition:
A blog is a personal diary. A daily pulpit. A collaborative space. A political soapbox. A breaking-news outlet. A collection of links. Your own private thoughts. Memos to the world. Your blog is whatever you want it to be. There are millions of them, in all shapes and sizes, and there are no real rules.

In simple terms, a blog is a web site, where you write stuff on an ongoing basis. New stuff shows up at the top, so your visitors can read what’s new. Then they comment on it or link to it or email you. Or not.

My say? Blogger.com describes it well, it can be a diary, a rant/rave site, a political movement site, an e-store to sell your stuffs… anything goes… “There are no real rules”. I’ll put it in filipino to express myself better: Blog is “a website tungkol sa mga kanya-kanyang trip”. That’s the menardconnect definition.

Blogging was so simple back then. Kanyang kanyang trip lang! Walang basagan ng trip 🙂

Fast forward to 2016 (and 2017). I admit I was affected by this toxic environment in politics and social media the last few months and this affected the frequency of my posting here. And its good to read that Tonyo made a strong point on accountability (of bloggers)

I’m sure many bloggers would share my view that we cannot stop these bloggers from blogging, and that they are ultimately accountable to themselves and to their readers. But for either administration or opposition to claim that their competing blogs and websites represent the blogosphere — that’s different. That’s misrepresentation.

Bloggers, be responsible and accountable. Period.

Quo vadis?

For me and my blog.

There is a saying in Filipino that “Pag gusto may paraan, pag ayaw me dahilan“. I choose action and positivity in blogging. For the action, I will continue to post more about interesting topics, maybe discuss my passions. But I will do something different just like what the opening quote is (I got it from an old Warcraft book, btw). NO! I don’t plan to post about politics (that’s too toxic hehehe and read some old post on why I avoid it) but if there is really a good mix of other with political tidbit (e.g pol+infosec or malware or games or others) why not?

Seriously, let me work with the action and positivity first. I really miss posting about games and practical internet security tips so that will be top on the list. Also some shout-out post to some new bloggers in the block in in the work so watch out for it OK?

To all readers out there: Thank you for your continued support!
And to all bloggers out there: Have fun and keep on blogging! Stop the hate! Spread love!

Happy New Year!!!

Happy New Year 2017!!!

Jyväskylä New Year 2017

And since its already the end of the month and will be Lunar New Year soon let me greet you all too Gong Xi Fa Cai!!!

Brussels - Chinese New Year 2017 02

I am wishing you, all my friends and readers to have a Prosperous New Year in 2017, the year of the Fiery Rooster.

Watch out for more posts here I will be blogging more in menardconnect.com this year 🙂

Image Credits: Tiia Monto, Vanvelthem Cédric, Wikimedia Commons

Happy 8th Year Anniversary to Menardconnect.com!!!

Menardconnect.com turned 8 last week!!! Yeah men 🙂

nuvola_cake_5nuvola_apps_3_cookie
image credits:
Wikimedia commons
www.icon-king.com, David Vignoni
wikimedia User:Kju

This is the traditional Blog Happy Anniversary post and here the links to the 1st post and the first full post 🙂

Blogposts like this are great opportunity to give thanks so here are some thank you notes:

First of all, I would like to thank God for all the blessings! Next I would like to thank my family and friends, you guys rock! Last but not the least, my thanks to the readers and supporters of menardconnect.com. I will do my best to make this blog better for all you readers. I love you all!!!

 

SMS Scam: Wrong Pasaload, Please Send It Back To Me

We got this SMS Scam yesterday. And as a public service to the readers of this blog, I am dissecting this sms scam attempt so that we can all avoid falling victim.

The sms scam is a 2-part text. The first message
sms scam

Sender: +63 907 664 9375

808

1/2 06-Nov 07:45: P200 has been transferred from 09076649375. To your mobile account Ref:290304390733

is supposedly a message about a pasa-load (sms load transfer) of PHP200 to your phone number, sent by the 808 number (local telco service number on sms load transfers).

and the second message:
sms scam

Sender: +63 907 664 9375

Sir/Ma’am
nagka mali po ako ng Pasaload sa inyo ko n load ang P200 para sa aking nanay, baka po pwede niyong ibalik ung load, kailangan niyo lang pong gawin ang instruction. 09108432236 (space) 200 send 808, replyan ng Yes ang susunod na mensahe, tx ko nlang po nanay ko n antayin ung load, pasensya n po s abala.

Rough english translation

Sir/Ma’am, I made a mistake in the pasaload/transfer load of PHP200 for my mother, and I sent it to you by mistake. Please be kind enough to return the load to me. Just follow this instruction, and reply yes to succeeding messages. I will message my mother to wait for the load. Sorry for the inconvenience.

Wow! The scammer levelled up from their former SMS Scam try. The new scam tries to play with some emotions now: first the “paawa” effect, next it tries to “exploit” Pinoy’s natural concern and consideration for the elderly (the money/load is for my mom, please return it), and they too are very courteous now. The spelling and sentence construction is good too in my opinion (wala na jejemon text, level up na talaga sila). Good try +63 907 664 9375 but you still phail Mister/Miss Scammer 🙂 Why? because I eat spam and scam for breakfast so I know you phail :-p and I wont tell you why. I just hope that you, Mr./Ms. scammer will have your own “karma” soon.

I have engaged my telco company support via twitter early this year, but they said they cannot do anything about this scam and they recommended I report it to the government agency (NTC) instead. (I might post about this some other time).

So my advice to my friends and readers is to ignore the SMS text scam, and DO NOT REPLY. If you have time, please report the incident to NTC too.

Some of my friends who replied and either played along with the scammer, “trolled” the scammer or even “cursed” the scammer to the ends of the earth had a funny convo with the scammer but this seems to be a not so good strategy in my opinion (but at least they got some good laugh that day). Most friends who trolled/cursed the spammer ended up receiving more SMS spam. I think this is because the perpetrators know that their mobile number is active and therefore it can be “recycled” for future sms mal-campaigns.

I am wondering why these SMS scams are always about 200 pesos. Maybe 200 pesos is their lucky amount? Hehe!

Again my advice is that if you receive similar messages/texts, ignore the SMS as it is an SMS scam, and DO NOT REPLY. If you have time report the incident to NTC too.

Do you also receive SMS scams like this? Share your stories by leaving some comments below 🙂