Here’s another Post Picture Now Blog Details Later slash free six pics mashup post :)

For Raven’s birthday we went to Anilao, Mabini, Batangas and had a relaxing and fun-filled weekend at Le Chevrerie Resort and Spa. I am posting these six photos as a teaser for a future blog post here at menardconnect.com.

Thanks to the Le Chevrerie staff for making our stay memorable!

Here is another Post Picture Now Blog Details Later post with some free six twist. We recently went to Bicol, and had a weekend at Misibis Bay Resort in Cagraray Island, Bacacay, Albay, Philippines. I am sharing these wonderful six photos as a sampler and placeholder for a future blog post.

Malacañang announced the official list of Philippines Holiday 2015 last year (around July 2014). And to help you out my readers who are searching for 2015 Philippines Holidays, I am posting this here at menardconnect.com.

Here are the Official Holidays in the Philippines for 2015, as per Proclamation No. 831, s. 2014

January
January 1, 2015, Thursday – New Year’s Day (Regular holiday)
January 2, 2015, Friday – Additional special non-working day (Special non-working day)

February
February 19, 2015, Thursday – Chinese New Year (Special non-working day)
February 25, 2015, Wednesday – EDSA Revolution anniversary (Special holiday for Schools)

April
April 2, 2015, Thursday – Maundy Thursday (Regular holiday)
April 3, 2015, Friday – Good Friday (Regular holiday)
April 4, 2015, Saturday – Black Saturday (Special non-working day)
April 9, 2015, Thursday – Araw ng Kagitingan (Regular holiday)

May
May 1, 2015, Friday – Labor Day (Regular holiday)

June
June 12, 2015, Friday – Independence Day (Regular holiday)

August
August 21, 2015, Friday – Ninoy Aquino Day (Special non-working day)
August 31, 2015, last Monday of August – National Heroes Day (Regular holiday)

November
November 1, 2015, Sunday – All Saints Day (Special non-working day)
November 30, 2015, Monday – Bonifacio Day (Regular holiday)

December
December 24, 2015, Thursday – Additional special non-working day (Special non-working day)
December 25, 2015, Friday – Christmas Day (Regular holiday)
December 30, 2015, Wednesday – Rizal Day (Regular holiday)
December 31, 2015, Thursday – Last day of the year (Special non-working day)

Other proclamations will be issued by Malacanang Palace for the observance of Eid’l Fitr and Eidul Adha when dates of these holidays are finalized.

Source:

http://www.gov.ph/2014/07/23/infographic-list-of-2015-nationwide-holidays/


Image Credits: www.gov.ph

We Are Under Attack!!!”

That is what the orcs will shout (in their very unique husky and grunty voice) when the enemies attack their orc base in Warcraft 3.

That is also my topic of this post:

“WAUA!!!”

No I’m now screaming about the attack on my blog. I have this good mindset about threats and attacks: I don’t panic. I am also not feeling kawawa or wawa (poor victim in loose filipino translation) in this situation. I think I survived the onslaught of the attack and to spread some good vibes why not share some useful tips here at menardconnect.com :)  OK enough of the intro. Let’s get it on:

Late last month, this blog experienced some form of attack from malicious actors who-must-not-be-named. We all know I’m using WordPress, and some dudes out there are trying to login to this blog’s WordPress administration panel and do some brute force attack on  guessing my password. Simply put, this means some bad guys (I will collectively call it hax0r) are trying to pretend to be me (me, the website blog admin) and try to get into the wordpress admin console so that they can control the website and blog. More basic info on brute force attacks here.
I will not delve into the technical details of the attack , but in tradition of my good old free six video and free six series, here are six easy to-do tips and tricks that users/admins can do to prevent or better prepare themselves (blog owners) against these WordPress WP-ADMIN Bruteforce attacks.

1. Update your WordPress core files as soon as possible
Just like any software, WordPress have its own security flaws and it needs to get updated from time to time. Admins are advised that they should always update WordPress to the latest version, for more info on this go here. When a new version of WordPress is available admins will receive an update message in your WordPress Admin consoles.

2. Update your WordPress plugins too
Just like the wordpress core files, plugins needs to get updated too. If your blog relies on many plugins, do not worry because when a new version of WordPress plugins are available you will also receive message in the WordPress Admin console that its time to update. There are also automated update settings if you want to try it out.

3. Do not use Admin as the username of the administrator account.

Yes the hax0rs are trying to login via the “admin” username, but as a basic security practice, I disabled it every time create a wordpress blog. I suggest the you be creative. Use NIMDA instead!

4. Do not use your name as the blog admin username account
This piece is quite a revealing one, the hax0rs are trying to get in via the username menard. My name is public info in this blog, so they are clever and they tried it too. But luckily I did not use that name so I avoided that loophole in this admin account issue.

5. Discard unused wordpress themes and plugins
If you are not using the wordpress themes and plugins, do not keep it.  Delete it asap. This one caused me some issues several years ago, but my advise here is if you are not using any theme or plugin that theme or plugin should be deleted ASAP because these are like low hanging fruits for attackers.

6. Have good WordPress security plugins installed
Just like security softwares (antivirus, antimalware, anti-threat) for your PC, Macs, iPads, smartphones and other devices, wordpress blogs needs some security tools too. There are some good free wordpress security plugins that works well but I will try to share two: Login Lockdown and Sucuri .

Login lockdown locks the admin console after several failed attempts, a good old trusted plugin. A recent good addition to my security plugin arsenal is Sucuri Security- Auditing, Malware Scanner and Hardening, a free plugin and it has helped me detect this attack. How? See this…

email alert by sucuri

 

So I’m giving the good folks at Sucuri some love link here in my blog. Kindly go visit them at Sucuri

That’s all for now, i will try to share other tips in the future. Hope you liked my free six tips and tricks to combat WordPress Admin Brute-force Attack

Happy New Year!!!

I just want to greet all my friends online and IRL and all the readers of this blog a Happy New Year!

I am not really good at writing blog New Years resolution posts, but I will do my best to post more here at menardconnect.com (and launch all the other blogs here as promised in my anniv post)

May we all have a fruitful and blessed year this 2015!!!

Will post more soon…

Menardconnect.com turned 6 several weeks ago!!! Yes six, just like the free six series :)

This is the traditional Blog Happy Anniv post and here the links to the 1st post and the first full post (non-hello world ;) ). as well as links to the anniversary blog posts for the 1st, 2nd, 3rd4th and 5th year.

 

Happy 6th to Menardconnect.com

Image Credits: Wikimedia Commons, Cary Bass de Morburre

After 600 posts, and a lot more of stats that is hard to keep track of :D I am happy that menardconnect.com is still alive and kicking!!!
The only challenge this year was I was so busy with a lot of things and I forgot about my domain reg so my blog was pawned on the anniv date.

Anniversary posts are great opportunity to give thanks and some shout outs  so without further ado here are some thank you notes:

First of all, I would like to thank God for all the blessings He has given me and my family!

Next I would like to thank my family, they are my inspiration for this blog and all of my blogs!

Next my thanks goes out to my friends (IRL and online ) for all the support they have given me and my blog! Special thanks to my webhost admins (Melvin and Daryl) at web.com.ph for their timely assistance to me during my blog anniv snafu.

Last but not the least, my thanks to the readers and supporters of menardconnect.com.
I will do my best to make menardconnect.com better and better for all you readers out there.

Watch out for my other blogs soon (to be launched here at Menardconnect.com)…

Blizzard, creator of Warcraft, Starcraft and Diablo game franchises is having some Thanksgiving holiday sale now!

World of Warcraft® Digital download is now USD 4.99 (75% of orig price of USD 19.99)

wow-75-off

This download contains the 30 days of free game time and players can adventure up to level 90 (vanilla to Mist of Pandaria expansion)

StarCraft® II: Wings of Liberty® Digital download and StarCraft® II: Heart of the Swarm expansion Digital download are now both USD 9.99 each (50% off, orig price of USD 19.99)
sc2-50-off
Diablo® III Digital download is now USD 19.99 (50% off the usual USD 39.99 price) and Reaper of Souls expansion is now USD 19.99.
diablo

If you are a WoW, SC2 or D3 gamer this is definitely a good deal so grab one now as this may last until December 2, 2014 only!!!

Thank you friends!

Thank you friends! Words are not enough to express my gratitude so why not do a blog post.

Sharing this old school video from Garfield and Friends Show…

Friends are there
to help you get started
to give you a push on your way
Friends are there
to turn you around
get your feet on the ground
for a brand new day
They’ll pick you up when you’re down
help you swallow your pride
when something inside
got to break on through
to the other side
Friends are someone you can open up to
when you fell like you’re ready to flip
When you got the world on your shoulders
friends are there to give you a tip
Friends are there when you need them
They’re even there when you don’t
For a walk in the park
For a shot in the dark
Friends are there
(Garfield) “I Don’t Care”
But Friends will care….
For you….

Again thank you my friends….

Last week, I was “literally” fooling around with the bash bug by reposting 9gag images about it :)

and mashing it up with old movie flicks:

but by the end of the week things are getting a little bit serious as my colleagues found some live malicious files in the wild

As part of the usual sharing of good tech info to my blog readers and friend and as part of public service of a responsible netizen, here are some cool links about this vulnerability:

Infographic from TrendLabs on the Bash Bug aka Shellshock vuln

Shellshock

Some useful links too below:

All image/link credits to Trend Micro, TrendLabs Security Intelligence Blog and CNN.

Before I end the post, the usual disclaimer/disclosure:
I work at Trend Micro. The information contained in this post is taken from Trend Micro website and TrendLabs Security Intelligence Blog. To know more on what I do full-time kindly visit my blog’s about page or visit my linkedin page. To read my blog’s disclosure policy, kindly visit my disclosure page.

For infosec, malware and tech (and not so techie) stuff, please follow me in Twitter :-)