If any skiers out there are wondering about skiing the Whiteface Highway, it's not quite ready. Some have been out on skis, and some rode the snow on the grass on the shoulder all the way to the bottom, but even marginally skiable snow doesn't start until the Lake Placid Turn, 3.5 miles from the Toll House. Sunday's storm may make more of the highway skiable, but warming temperatures Wednesday through Friday will probably end any chance for skiing next weekend - at least not without a long walk or mountain bike ride.
samedi 31 octobre 2020
vendredi 30 octobre 2020
Kaspersky to address global cybersecurity issues at the UN Internet Governance Forum 2020
For the first time, Kaspersky is set to participate in the Internet Governance Forum (IGF), hosted by the United Nations. This year, the 15th annual event will be run online from November 2 to November 17 , with the overarching theme of: Internet for human resilience and solidarity. As part of IGF 2020, the global cybersecurity company is organizing four major activities to increase awareness, transparency and international cooperation in the fight against cyberthreats.
2020 has seen a surge in individuals, businesses and organizations relying on the internet. Coupled with the rapid rise in online criminal activity, this trend has made cybersecurity more important than ever to ensure the internet is both safe and sustainable. As a company that is focused on building a more protected world, Kaspersky aims to spark the global conversation among different stakeholder groups, including policymakers, on broadening international cooperation to negate global digital security challenges.
At the Forum, Kaspersky’s CEO, Eugene Kaspersky, will give a keynote speech to high-level leaders on November 13, where he will address, among other topics, the importance of international cooperation for global cybersecurity policies. The company will also hold an event on stalkerware, organized with the Coalition Against Stalkerware. A workshop on assurance and transparency in information and communication technology (ICT) supply chain security will also be organized together with fellow partners. Additionally, Kaspersky's multi-stakeholder best practices will be represented at an online booth.
“Cybersecurity is an enabler for successful and sustainable digital transformation, which has become even more important amid the global pandemic. Therefore, international cooperation to ensure stable and secure development of cyberspace is all the more crucial. We have decided to take part in IGF 2020 as, first – it brings various communities, regions and leaders together to discuss pressing current issues cyberspace is facing, and, second – it inspires those with decision-making power in both the public and private sectors to take action. We’re honored to be a part of this international dialogue and to contribute to building a secure and trusted cyberspace to make sure it is safe and open for everyone,” comments Eugene Kaspersky.
IGF 2020 will feature over 200 sessions in total, organized around four main areas of focus: data, environment, inclusion and trust. The theme of ‘digital cooperation’ and the United Nations Secretary-General's roadmap for digital cooperation will also feature prominently. The Forum will also feature a dedicated roundtable for governments to discuss the notion of trust during COVID-19 times.
‘‘Despite the extraordinary challenges the COVID-19 pandemic has brought, it has undoubtedly underlined the importance of everyone having meaningful access to a safe and open internet. The IGF 2020 discussions will engage some of the most prominent leaders and experts in a dialogue on a broad spectrum of people-centered perspectives on how digital technologies and related policies help societies become more resilient,’’ says Chengetai Masango, Head of the UN IGF Secretariat.
Traditionally, the Forum welcomes over 3,000 onsite participants, on average, and a similar number of online attendees. This year, it is expected that these numbers will grow. High-level leadership from governments, international and regional organizations, civil society, academia, businesses and the technical community from all parts of the world are expected to actively participate.
Details of Kaspersky activities at IGF 2020:
● Day Zero Pre-Event - Stop stalkerware: tackling digital stalking helps victims of domestic violence will be held on November 2 at 16:15-17:15 UTC. The event will be held together with members of the Coalition Against Stalkerware as well as Europol, and aims to draw attention to the growing problem of stalkerware, the commercial spyware used in the context of domestic violence. The session will include discussions about how to raise awareness around the subject, how to help users protect themselves and how to identify new fields for multi-stakeholder activities
● A workshop on assurance and transparency in the ICT supply chain security will be held on November 12 at 9:00-10:30 UTC. The event is organized together with EastWest Institute, Ministry of Information, Communications and Technology of Kenya, and the Association of Users of Information Systems in Morocco (AUSIM). The workshop will also feature experts from Europol's European Cybercrime Centre (EC3) and CyberSecurity Malaysia - the national cybersecurity specialist agency under the purview of the Ministry of Communications and Multimedia of Malaysia (KKMM). The workshop will facilitate outcome-oriented discussions to gain insights on information and communication technology (ICT) supply chain security, with a focus on how this impacts developing countries and emerging markets.
● Eugene Kaspersky’s keynote speech will take place during a high-level leaders session, dedicated to security implications of the role of internet governance in the age of uncertainty. The event will be held on November 13 at 18:30-20:00 UTC.
The speech will cover the following aspects: priority concerns for the online environment, actions taken to combat cybersecurity threats, stakeholder cooperation for global cybersecurity policies, and how best to support vulnerable and marginalized groups.
● A Kaspersky Online Booth dedicated to increasing trust and accountability in cyberspace and multi-stakeholder best practices will be available in the virtual IGF Village throughout the Forum, starting from November 2. At the booth, online visitors will be able to learn more about Kaspersky’s pioneering international projects, including the Global Transparency Initiative (GTI), the ‘No More Ransom’ project, and the Coalition Against Stalkerware.
Live broadcasts of the high-level sessions will be available at UN Web TV webtv.un.org, the other IGF 2020 events will be streamed via the Forum’s official YouTube channel - youtube.com/user/igf/. The full schedule of this year’s IGF events is available at intgovforum.org/multilingual/igf-2020-schedule/ (access requires registration).
2020 has seen a surge in individuals, businesses and organizations relying on the internet. Coupled with the rapid rise in online criminal activity, this trend has made cybersecurity more important than ever to ensure the internet is both safe and sustainable. As a company that is focused on building a more protected world, Kaspersky aims to spark the global conversation among different stakeholder groups, including policymakers, on broadening international cooperation to negate global digital security challenges.
At the Forum, Kaspersky’s CEO, Eugene Kaspersky, will give a keynote speech to high-level leaders on November 13, where he will address, among other topics, the importance of international cooperation for global cybersecurity policies. The company will also hold an event on stalkerware, organized with the Coalition Against Stalkerware. A workshop on assurance and transparency in information and communication technology (ICT) supply chain security will also be organized together with fellow partners. Additionally, Kaspersky's multi-stakeholder best practices will be represented at an online booth.
“Cybersecurity is an enabler for successful and sustainable digital transformation, which has become even more important amid the global pandemic. Therefore, international cooperation to ensure stable and secure development of cyberspace is all the more crucial. We have decided to take part in IGF 2020 as, first – it brings various communities, regions and leaders together to discuss pressing current issues cyberspace is facing, and, second – it inspires those with decision-making power in both the public and private sectors to take action. We’re honored to be a part of this international dialogue and to contribute to building a secure and trusted cyberspace to make sure it is safe and open for everyone,” comments Eugene Kaspersky.
IGF 2020 will feature over 200 sessions in total, organized around four main areas of focus: data, environment, inclusion and trust. The theme of ‘digital cooperation’ and the United Nations Secretary-General's roadmap for digital cooperation will also feature prominently. The Forum will also feature a dedicated roundtable for governments to discuss the notion of trust during COVID-19 times.
‘‘Despite the extraordinary challenges the COVID-19 pandemic has brought, it has undoubtedly underlined the importance of everyone having meaningful access to a safe and open internet. The IGF 2020 discussions will engage some of the most prominent leaders and experts in a dialogue on a broad spectrum of people-centered perspectives on how digital technologies and related policies help societies become more resilient,’’ says Chengetai Masango, Head of the UN IGF Secretariat.
Traditionally, the Forum welcomes over 3,000 onsite participants, on average, and a similar number of online attendees. This year, it is expected that these numbers will grow. High-level leadership from governments, international and regional organizations, civil society, academia, businesses and the technical community from all parts of the world are expected to actively participate.
Details of Kaspersky activities at IGF 2020:
● Day Zero Pre-Event - Stop stalkerware: tackling digital stalking helps victims of domestic violence will be held on November 2 at 16:15-17:15 UTC. The event will be held together with members of the Coalition Against Stalkerware as well as Europol, and aims to draw attention to the growing problem of stalkerware, the commercial spyware used in the context of domestic violence. The session will include discussions about how to raise awareness around the subject, how to help users protect themselves and how to identify new fields for multi-stakeholder activities
● A workshop on assurance and transparency in the ICT supply chain security will be held on November 12 at 9:00-10:30 UTC. The event is organized together with EastWest Institute, Ministry of Information, Communications and Technology of Kenya, and the Association of Users of Information Systems in Morocco (AUSIM). The workshop will also feature experts from Europol's European Cybercrime Centre (EC3) and CyberSecurity Malaysia - the national cybersecurity specialist agency under the purview of the Ministry of Communications and Multimedia of Malaysia (KKMM). The workshop will facilitate outcome-oriented discussions to gain insights on information and communication technology (ICT) supply chain security, with a focus on how this impacts developing countries and emerging markets.
● Eugene Kaspersky’s keynote speech will take place during a high-level leaders session, dedicated to security implications of the role of internet governance in the age of uncertainty. The event will be held on November 13 at 18:30-20:00 UTC.
The speech will cover the following aspects: priority concerns for the online environment, actions taken to combat cybersecurity threats, stakeholder cooperation for global cybersecurity policies, and how best to support vulnerable and marginalized groups.
● A Kaspersky Online Booth dedicated to increasing trust and accountability in cyberspace and multi-stakeholder best practices will be available in the virtual IGF Village throughout the Forum, starting from November 2. At the booth, online visitors will be able to learn more about Kaspersky’s pioneering international projects, including the Global Transparency Initiative (GTI), the ‘No More Ransom’ project, and the Coalition Against Stalkerware.
Live broadcasts of the high-level sessions will be available at UN Web TV webtv.un.org, the other IGF 2020 events will be streamed via the Forum’s official YouTube channel - youtube.com/user/igf/. The full schedule of this year’s IGF events is available at intgovforum.org/multilingual/igf-2020-schedule/ (access requires registration).
mercredi 28 octobre 2020
Allen Winter Climb
Is anyone here familiar with a winter climb of Allen, and if so, willing to share some words of wisdom?
I've done Allen in the summer, and it was LONG. So for the winter I'm thinking it's going to be an overnighter at least. What's the ascent like? I remember it being pretty wet when I did it, so I'm sure it'll be at least somewhat icy.
Anything I should be aware of?
Thanks!:)
I've done Allen in the summer, and it was LONG. So for the winter I'm thinking it's going to be an overnighter at least. What's the ascent like? I remember it being pretty wet when I did it, so I'm sure it'll be at least somewhat icy.
Anything I should be aware of?
Thanks!:)
Social networks are mostly used by employees but often exploited by cyber-fraudsters
There are several web services that employees of small and medium businesses most frequently access while working, according to Kaspersky. These include YouTube, Facebook, Google services and WhatsApp, with some of these applications being the most exploited by malefactors as a springboard for phishing. However, this list differs from the services that employers tend to limit for use on corporate devices. While organizations can have different priorities and permissions for what web services can be used by their employees, it is still important to make sure they stay protected from any cyber-risks.
It is important for organizations to understand relevant threats and how they can infiltrate corporate endpoints – for example, through phishing in cloud services. Once a web service becomes popular, it may turn into a more attractive target amongst scammers. For example, the TikTok app has gained enormous popularity over the past few years. It appeared to be flooded with fake accounts and scammers who are gradually improving their skills as the service rises in popularity. Protection from such scams and phishing attempts is crucial to ensure both personal user accounts and corporate data and devices remain safe.
According to anonymized statistics of events captured in a Kaspersky product, voluntarily provided by its customers , the top five web services employees access more often from their corporate devices include a video sharing platform, a social network, a mail service and a messenger: YouTube, Facebook, Google Drive, Gmail and WhatsApp - all leading services in their respective segments.
Unfortunately, these same web services are also exploited for phishing and other malicious actions. Kaspersky analysis revealed the top five applications where phishing attempts were found most often: Facebook (4.5m phishing attempts), WhatsApp (3.7m), Amazon (3.3m), Apple (3.1m) and Netflix (2.7m). Google’s offerings bundled together, including YouTube, Gmail and Google Drive, took sixth position with 1.5m phishing attempts. With the two lists sharing many of the services, these results only confirm the trend that popular applications have become valuable platforms for fraudsters’ malicious actions.
The product statistics also showed what web applications are most likely to be limited on organizations’ corporate devices. The top five most blocked applications only include social networks: Facebook, Twitter, Pinterest, Instagram and LinkedIn. These decisions can be made for a variety of reasons, such as complying with data regulations, or in line with specific organization requirements for social media use. And while it includes Facebook, which is actively exploited by scammers, it doesn’t include messengers, file sharing or mail services – probably because they are often used for working purposes as well as for personal needs.
“We can’t imagine our daily lives, and work, without different web services, including social media, messenger apps and file sharing platforms. They allow us to communicate and share thoughts, ideas, images and inspiration – and this has become even more of a reality when the entire world has spent many months online this year. However, it is important for any organization to understand where threats may come from and what technology and awareness measures are needed to prevent them. Businesses also need to provide their employees with comfortable use of services they require, so it is crucial to get the balance right. We at Kaspersky appreciate this and provide organizations with relevant protection tools and expertise,” says Tatyana Sidorina, security expert at Kaspersky.
Kaspersky suggests that businesses should follow these steps to ensure their employees use web services safely and securely:
• Show employees how to recognize fake or insecure websites and phishing messages. Encourage them to never enter their credentials before checking a website’s credibility, or open and download files from unknown senders.
• Conduct basic security awareness training for your employees. This can be done online and should cover essential practices including those that protect against phishing, such as account and password management, email security, endpoint security and web browsing. Kaspersky Automated Security Awareness Platform provides such training in an easy and effective way.
• Adopt a proven endpoint security product with web, network and mail threat protection.
• It is also important to enhance IT managers’ expertise on relevant cyberthreats and how to prevent them. Kaspersky Endpoint Security Cloud now provides Cybersecurity for IT Online training that allows them to learn new skills on how to classify malware and how to recognize malicious and suspicious behavior in software. It is available as a beta version on the product management console.
It is important for organizations to understand relevant threats and how they can infiltrate corporate endpoints – for example, through phishing in cloud services. Once a web service becomes popular, it may turn into a more attractive target amongst scammers. For example, the TikTok app has gained enormous popularity over the past few years. It appeared to be flooded with fake accounts and scammers who are gradually improving their skills as the service rises in popularity. Protection from such scams and phishing attempts is crucial to ensure both personal user accounts and corporate data and devices remain safe.
According to anonymized statistics of events captured in a Kaspersky product, voluntarily provided by its customers , the top five web services employees access more often from their corporate devices include a video sharing platform, a social network, a mail service and a messenger: YouTube, Facebook, Google Drive, Gmail and WhatsApp - all leading services in their respective segments.
Unfortunately, these same web services are also exploited for phishing and other malicious actions. Kaspersky analysis revealed the top five applications where phishing attempts were found most often: Facebook (4.5m phishing attempts), WhatsApp (3.7m), Amazon (3.3m), Apple (3.1m) and Netflix (2.7m). Google’s offerings bundled together, including YouTube, Gmail and Google Drive, took sixth position with 1.5m phishing attempts. With the two lists sharing many of the services, these results only confirm the trend that popular applications have become valuable platforms for fraudsters’ malicious actions.
The product statistics also showed what web applications are most likely to be limited on organizations’ corporate devices. The top five most blocked applications only include social networks: Facebook, Twitter, Pinterest, Instagram and LinkedIn. These decisions can be made for a variety of reasons, such as complying with data regulations, or in line with specific organization requirements for social media use. And while it includes Facebook, which is actively exploited by scammers, it doesn’t include messengers, file sharing or mail services – probably because they are often used for working purposes as well as for personal needs.
“We can’t imagine our daily lives, and work, without different web services, including social media, messenger apps and file sharing platforms. They allow us to communicate and share thoughts, ideas, images and inspiration – and this has become even more of a reality when the entire world has spent many months online this year. However, it is important for any organization to understand where threats may come from and what technology and awareness measures are needed to prevent them. Businesses also need to provide their employees with comfortable use of services they require, so it is crucial to get the balance right. We at Kaspersky appreciate this and provide organizations with relevant protection tools and expertise,” says Tatyana Sidorina, security expert at Kaspersky.
Kaspersky suggests that businesses should follow these steps to ensure their employees use web services safely and securely:
• Show employees how to recognize fake or insecure websites and phishing messages. Encourage them to never enter their credentials before checking a website’s credibility, or open and download files from unknown senders.
• Conduct basic security awareness training for your employees. This can be done online and should cover essential practices including those that protect against phishing, such as account and password management, email security, endpoint security and web browsing. Kaspersky Automated Security Awareness Platform provides such training in an easy and effective way.
• Adopt a proven endpoint security product with web, network and mail threat protection.
• It is also important to enhance IT managers’ expertise on relevant cyberthreats and how to prevent them. Kaspersky Endpoint Security Cloud now provides Cybersecurity for IT Online training that allows them to learn new skills on how to classify malware and how to recognize malicious and suspicious behavior in software. It is available as a beta version on the product management console.
mardi 27 octobre 2020
What are the best maps to download for use with Gaia GPS app (for the Adirondacks)?
What are the best maps to download for use with Gaia GPS app (for the Adirondacks)?
dimanche 25 octobre 2020
Hunting season and hiking/backpacking
Now that hunting season has begun in the Adirondacks, I'm wondering whether it alters your hiking or backpacking adventures.
In years past, I've always kept to my normal schedule, and locations, of hiking and backpacking. I wear a blaze orange hat, fleece top, and covering for my backpack and should be easily seen from a distance. I do discontinue my off-trail
hiking as I'm concerned it might increase a chance of getting shot.
Does hunting season reduce, or end, your hiking or backpacking trips?
In years past, I've always kept to my normal schedule, and locations, of hiking and backpacking. I wear a blaze orange hat, fleece top, and covering for my backpack and should be easily seen from a distance. I do discontinue my off-trail
hiking as I'm concerned it might increase a chance of getting shot.
Does hunting season reduce, or end, your hiking or backpacking trips?
jeudi 22 octobre 2020
Trail Camera Use
Is putting up a trail camera on NYS State Land permitted? I tried doing a quick search on the Encon website and couldn't find anything specific.
mardi 20 octobre 2020
Tips for small enterprises on how to choose an EDR solution that suits their needs
The attacks taking place on small and medium enterprises (SME) are becoming more sophisticated, meaning that they cannot be easily prevented by traditional endpoint protection mechanisms. In such cases, timely incident detection is essential to minimizing any potential negative impact. However, this challenging task cannot be done without enhanced endpoint visibility, exploring suspicious activities and understanding attack execution processes.
From our experience, SMEs understand that they need to improve their security capabilities and they usually contact our sales representatives to enquire about our products. However, for an organization where its IT department is responsible for cybersecurity — as is typically the case for SMEs — translating this intention into practice can be hard. They simply don’t know where to start. It may seem that the ideal plan is to buy a solution that combines all the high-profile features at once.
But what can go wrong with this approach? Will the companies be able to sift through all the data and events that modern Endpoint Detection and Response (EDR) solutions provide, as well as distinguish between false alerts and real threats?
Serious functionality involves big investments – and it’s not only about money
First of all, it is a matter of price. A Kaspersky report, ‘IT security economics in 2019: How businesses are losing money and saving costs amid cyberattacks’, shows that, on average, the share of spending on information security equates to around a quarter of an entire IT budget. This is true for both small and large companies, but in absolute numbers there is a significant difference. Spending on cybersecurity in organizations with 50-999 employees is estimated at $267,000, while their counterparts with more than 1,000 employees spend $18.9 million on average. So, a solution intended for enterprise customers may not suit smaller businesses’ budgets.
Moreover, required investments are not only monetary. Enterprise-grade products may be hard to install and integrate with existing security solutions. In an enterprise with a large IT security department, some staff can simply devote their time to this task. This can be an issue for a smaller company though, as fewer employees are responsible for maintaining the whole infrastructure.
Don’t use a sledgehammer to crack a nut
Of course, all these efforts are worthwhile when a new security solution benefits the company’s level of protection. But, in practice, even if an SME manages to secure a budget and implement an enterprise-grade solution, without sufficient expertise in information security, it will be difficult to fully leverage the scope of functionality.
First, the advanced functions may simply be irrelevant to their particular requests. For example, if a previously unknown suspicious object is detected, some organizations that are not very mature in cybersecurity just need to know if it is malicious, or needs blocking. Meanwhile others just need a full picture of the object’s actions and background for a deep investigation. It is important to understand what an organization’s requirements are and what its existing team can work with. Depending on this, a company can decide whether they are ready to purchase, for instance, a sandbox designed for security researchers.
Secondly, products which were created for security analysts are not appropriate for a “set-and-forget” approach. For example, a feature-rich EDR solution requires a team of expert analysts capable of tuning the detection logic and creating new rules to continuously improve detection levels. Without such specialists, the solution’s ability to proactively search for indicators of intrusion will not be useful.
It is common in SMEs for a system administrator to manage an endpoint protection solution. But even EDR, which provides essential capabilities, requires an employee with basic cybersecurity knowledge. Of course, hiring a full team of threat hunters or advanced security analysts at once is hardly a feasible task – such professionals are highly-paid and quite rare to find. Therefore, it is worth starting with an employee who has knowledge in information security. Combined with an understanding of the IT landscape, this allows for validating alerts, eliminating threats while taking into account the risks of their actions, such as isolation of a certain workstation or server, or stopping a critical business process.
When EDR becomes a piece of shelfware, rather than an effectively-used solution, it is not just a waste of an SME’s budget. Such a failure at the very beginning can demotivate company leaders to develop cybersecurity initiatives in general: if they do not see a benefit, why should the business invest in other security products?
Therefore, an organization should first decide if it is ready to hire an employee who is responsible for information security issues. If not, the most effective option will be to ask for help from external incident detection and response professionals.
For those businesses that decide to develop this capability internally, it is essential to initially find a beneficial solution without making substantial investments in additional resources - both monetary and human. And to avoid the above pitfalls, we recommend paying attention to the following guidance:
- To provide visibility without ‘blind spots’ and centralized response features, EDR needs to be integrated with an Endpoint Protection Platform (EPP). Enhancing cybersecurity capabilities should be a step-by-step evolution. Once a company can detect a malicious object with an endpoint protection solution, it can expand existing technology with the ability to understand where it came from and search for this threat on other workstations.
- If an EDR solution can be smoothly integrated with existing endpoint security solutions in a centralized way, it cuts the time required for deployment. So, before purchasing a product, ask if it supports turnkey integration with your EPPs.
- If you have a limited number of staff responsible for security, make sure your chosen EDR solution provides good visibility and automation, but doesn’t overwhelm a specialist with irrelevant information. All the incident information should be readily available from a single console and a path of the attack spread should be visualized to simplify threat analysis. Automated search for Indicators of Compromise and incident response features will speed up the work and increase staff productivity.
by Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky
From our experience, SMEs understand that they need to improve their security capabilities and they usually contact our sales representatives to enquire about our products. However, for an organization where its IT department is responsible for cybersecurity — as is typically the case for SMEs — translating this intention into practice can be hard. They simply don’t know where to start. It may seem that the ideal plan is to buy a solution that combines all the high-profile features at once.
But what can go wrong with this approach? Will the companies be able to sift through all the data and events that modern Endpoint Detection and Response (EDR) solutions provide, as well as distinguish between false alerts and real threats?
Serious functionality involves big investments – and it’s not only about money
First of all, it is a matter of price. A Kaspersky report, ‘IT security economics in 2019: How businesses are losing money and saving costs amid cyberattacks’, shows that, on average, the share of spending on information security equates to around a quarter of an entire IT budget. This is true for both small and large companies, but in absolute numbers there is a significant difference. Spending on cybersecurity in organizations with 50-999 employees is estimated at $267,000, while their counterparts with more than 1,000 employees spend $18.9 million on average. So, a solution intended for enterprise customers may not suit smaller businesses’ budgets.
Moreover, required investments are not only monetary. Enterprise-grade products may be hard to install and integrate with existing security solutions. In an enterprise with a large IT security department, some staff can simply devote their time to this task. This can be an issue for a smaller company though, as fewer employees are responsible for maintaining the whole infrastructure.
Don’t use a sledgehammer to crack a nut
Of course, all these efforts are worthwhile when a new security solution benefits the company’s level of protection. But, in practice, even if an SME manages to secure a budget and implement an enterprise-grade solution, without sufficient expertise in information security, it will be difficult to fully leverage the scope of functionality.
First, the advanced functions may simply be irrelevant to their particular requests. For example, if a previously unknown suspicious object is detected, some organizations that are not very mature in cybersecurity just need to know if it is malicious, or needs blocking. Meanwhile others just need a full picture of the object’s actions and background for a deep investigation. It is important to understand what an organization’s requirements are and what its existing team can work with. Depending on this, a company can decide whether they are ready to purchase, for instance, a sandbox designed for security researchers.
Secondly, products which were created for security analysts are not appropriate for a “set-and-forget” approach. For example, a feature-rich EDR solution requires a team of expert analysts capable of tuning the detection logic and creating new rules to continuously improve detection levels. Without such specialists, the solution’s ability to proactively search for indicators of intrusion will not be useful.
It is common in SMEs for a system administrator to manage an endpoint protection solution. But even EDR, which provides essential capabilities, requires an employee with basic cybersecurity knowledge. Of course, hiring a full team of threat hunters or advanced security analysts at once is hardly a feasible task – such professionals are highly-paid and quite rare to find. Therefore, it is worth starting with an employee who has knowledge in information security. Combined with an understanding of the IT landscape, this allows for validating alerts, eliminating threats while taking into account the risks of their actions, such as isolation of a certain workstation or server, or stopping a critical business process.
When EDR becomes a piece of shelfware, rather than an effectively-used solution, it is not just a waste of an SME’s budget. Such a failure at the very beginning can demotivate company leaders to develop cybersecurity initiatives in general: if they do not see a benefit, why should the business invest in other security products?
Therefore, an organization should first decide if it is ready to hire an employee who is responsible for information security issues. If not, the most effective option will be to ask for help from external incident detection and response professionals.
For those businesses that decide to develop this capability internally, it is essential to initially find a beneficial solution without making substantial investments in additional resources - both monetary and human. And to avoid the above pitfalls, we recommend paying attention to the following guidance:
- To provide visibility without ‘blind spots’ and centralized response features, EDR needs to be integrated with an Endpoint Protection Platform (EPP). Enhancing cybersecurity capabilities should be a step-by-step evolution. Once a company can detect a malicious object with an endpoint protection solution, it can expand existing technology with the ability to understand where it came from and search for this threat on other workstations.
- If an EDR solution can be smoothly integrated with existing endpoint security solutions in a centralized way, it cuts the time required for deployment. So, before purchasing a product, ask if it supports turnkey integration with your EPPs.
- If you have a limited number of staff responsible for security, make sure your chosen EDR solution provides good visibility and automation, but doesn’t overwhelm a specialist with irrelevant information. All the incident information should be readily available from a single console and a path of the attack spread should be visualized to simplify threat analysis. Automated search for Indicators of Compromise and incident response features will speed up the work and increase staff productivity.
by Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky
lundi 19 octobre 2020
Lost:Wilcor camping/beach chair
On the portage trail to Fawn Lake near Speculator.
Would very much appreciate it if someone finds it. Small reward.
Would very much appreciate it if someone finds it. Small reward.
vendredi 16 octobre 2020
Black Forest Trail PA
Last week I hit the Black Forest Trail as an overnighter. The hike was much easier than the hype on how difficult the trail is. I wasn't sure if I could do it as an overnight trip with the short days but I covered 27 miles on the first day- the miles really just flew by especially on the plateau. There are lots of views and the foliage was decent. Much of the first wave of color blew off the trees with heavy winds but still plenty of color. Water was scary low. Many of the smaller streams were dry.
I have the full TR with lots of photos at my website at the link below.
http://www.tomcatsadventures.com/202...est-trail.html
I have the full TR with lots of photos at my website at the link below.
http://www.tomcatsadventures.com/202...est-trail.html
River paddling in the Eastern 'Dacks
As a new paddler to the Adirondacks, I mostly done lakes in the Saranac and St. Regis lakes areas, but I am interested in exploring some of the rivers near(ish) to Elizabethtown. I've heard that the Schroon River as some good stretches, but I don't want any whitewater. Also the Boquet. Any ideas of good stretches? Don't have to be too long.
To play or not to play?
When a child plays video games, parents inevitably think about how harmful it can be. Will this game affect the child's behaviour? Will he/she start suffering from nightmares? Will there be ineradicable fears? What if the child is already addicted?
In fact, research conducted last May by global cybersecurity company Kaspersky showed that four-in-10 of parents from Southeast Asia (SEA) believe that their children are “more grumpy than usual” after a gaming session.
Titled “More Connected Than Ever Before: How We Build Our Digital Comfort Zones”, the fresh survey among 760 respondents from the region confirmed that kids are spending more time online given the current pandemic situation. A total of 63% of parents surveyed agree on this while only 20% refute this observation.
“Parents are raising kids who are digital natives, children who are born exposed to digital devices and the internet. This generation gap often leads to miscommunication as it is a common scenario when a child knows more trend and tricks online than the mom or the dad. The lockdown measures highlighted this with the increase of reliance on the internet and how parents now need to juggle work and parenting at the same time inside their homes,” says Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky.
“While it is understandable for parents to have their worries about their kids’ habits online, parental fears associated with video games are sometimes quite objective and sometimes a little far-fetched. There are undeniable harms with too much of it but several researches have also discovered how playing games online can benefit kids. After all, everything is good but moderation and guidance is definitely necessary,” he adds.
To help parents navigate their kids’ gaming habits, Kaspersky today shares each of the potential problems associated with video games and suggest solutions for mom and dad’s reference.
Fear: a child will be a black sheep if games are banned
Parents who are especially afraid of video games are seriously thinking about complete gaming ban in the family. At the same time, such parents are often stopped by the fear that this will lead to the fact that the child will be a black sheep at school if everyone plays games, and he/she does not have such an opportunity.
Should you be afraid?
A ban on computer games is not a good decision: a child, whose peers play videogames, will definitely feel like an outcast. In addition, games are a new kind of art, it will be not only interesting for a child to touch it, but it can also be very useful, especially if the parents can correctly direct him/her.
Solution
As with many situations, banning is not an option. Parents should not prohibit the child's activity in video games, but effectively control it, using special software and device settings, as well as communicating with the child and explaining the rules.
Fear: harm to eyesight and posture
Many parents worry that if the child spends a lot of time playing, his eyesight may be damaged. Others worry that prolonged sitting at a computer or leaning over a smartphone can have a negative effect on a child's posture.
Should you be afraid?
Yes, especially if the child has a predisposition. Already existing vision problems are a reason to organize the gaming process more carefully. As for posture, it can also be threatened especially if the child does not play sports.
Solution
● Installing a good monitor can help alleviate the problem with eyesight. Manufacturers of modern screens are trying to find a solution that will minimize the harm caused by the monitor to the human eye.
● Remember about a comfortable position while playing and working on a computer. A good chair, a table of the right height, a comfortable posture and a good distance from the monitor will help your child's vision and posture.
● Of course, the way to take care of the vision of a child playing is to limit the time of the game. At the same time, it is important that such restrictions are made both at the program level and at the level of agreements between you and the child.
Check with your doctor if your child is seen by an ophthalmologist, how much time to spend a day with the device, or if the child is not seen by an eye doctor, set a reasonable limit based on the child's age. Software level restrictions can be set with the help of online safety programs, such as Kaspersky Safe Kids or of internal device settings, such as set-top boxes and iOS-based mobile devices.
For parents in Malaysia aiming to secure their children better, a three-month free Safe Kids subscription also available online on Kaspersky’s shop on Lazada and Shopee.
Kaspersky is also offering a three-month free trial of Kaspersky Total Security, available through this link https://bit.ly/safekids011.
Fear: Viruses on Your Computer
Some parents fear malware that their child might install with or instead of a favourite game.
Should you be afraid?
Of course, after all, the desire of a teenager to play this or that game may lead to attempts to download a pirated version.
Recent research by Kaspersky shows that the activity of hackers using the gaming theme as a lure has increased significantly since the outbreak of the coronavirus pandemic. At the same time, criminals using the gaming theme in their attacks do not use sophisticated technical methods, they rely on the gullibility and ignorance of the users.
Solution
● First of all, it is necessary to explain to the child what malware is, where you can download it, and what harm can it do.
● It is also worth taking the time to talk with your child about the bad side of piracy.
● Use an antivirus. This is useful not only if a child accidentally installs malware, but also in many other situations.
Fear: Aggressive behavior caused by violent games
Parents who are not versed in computer games, reading the postulates that “children become aggressive from computer games” give in to panic and forbid children to play video games.
Should you be afraid?
A child's aggressive behaviour is not driven by the video games they play, but by a much broader range of reasons. Do not show your child video games at all, but he/she will still compete for kung fu with friends, shoot invisible enemies with a bow, pistol, grenade launcher or blaster. Both boys and girls do this, although it is believed that playing war is the prerogative of boys.
At the same time, if you allow, say, a six-year-old kid to play horror games like Doom and the Alien series, then such scary, frightening, violent games can really adversely affect the psyche of a young child, cause nightmares and other sleep disturbances, and irrational fears. The same can be said about the effect of such games on older children who already have certain fears or tendencies.
It should be remembered that there are different games for every age and every child.
Solution
● Use an age rating. Keep in mind that the age rating even suffers small deviations, if you do not enter the 16+ segment: if you are quite sure that a 12+ rated game is good, then why not install it for your ten-year-old son?
● To prevent your child from launching games that are not suitable for their age (for example, those that you bought for yourself, or that he/she downloaded from the Internet), use software that limits the ability to launch games or any content based on age rating.
● The most important thing is to always remember that whenever you try to restrict your child's access to games, you first need to talk to your son or daughter and explain why you are doing this.
In conclusion, do not prohibit your children from playing video games, but to keep your child safe, remember that the following six points will help you better control this area of children's life:
• Communication
• Age rating
• Time limit
• Protection against malicious code
• Settings restricting in-app purchases
• Promote hobbies in the real world
In fact, research conducted last May by global cybersecurity company Kaspersky showed that four-in-10 of parents from Southeast Asia (SEA) believe that their children are “more grumpy than usual” after a gaming session.
Titled “More Connected Than Ever Before: How We Build Our Digital Comfort Zones”, the fresh survey among 760 respondents from the region confirmed that kids are spending more time online given the current pandemic situation. A total of 63% of parents surveyed agree on this while only 20% refute this observation.
“Parents are raising kids who are digital natives, children who are born exposed to digital devices and the internet. This generation gap often leads to miscommunication as it is a common scenario when a child knows more trend and tricks online than the mom or the dad. The lockdown measures highlighted this with the increase of reliance on the internet and how parents now need to juggle work and parenting at the same time inside their homes,” says Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky.
“While it is understandable for parents to have their worries about their kids’ habits online, parental fears associated with video games are sometimes quite objective and sometimes a little far-fetched. There are undeniable harms with too much of it but several researches have also discovered how playing games online can benefit kids. After all, everything is good but moderation and guidance is definitely necessary,” he adds.
To help parents navigate their kids’ gaming habits, Kaspersky today shares each of the potential problems associated with video games and suggest solutions for mom and dad’s reference.
Fear: a child will be a black sheep if games are banned
Parents who are especially afraid of video games are seriously thinking about complete gaming ban in the family. At the same time, such parents are often stopped by the fear that this will lead to the fact that the child will be a black sheep at school if everyone plays games, and he/she does not have such an opportunity.
Should you be afraid?
A ban on computer games is not a good decision: a child, whose peers play videogames, will definitely feel like an outcast. In addition, games are a new kind of art, it will be not only interesting for a child to touch it, but it can also be very useful, especially if the parents can correctly direct him/her.
Solution
As with many situations, banning is not an option. Parents should not prohibit the child's activity in video games, but effectively control it, using special software and device settings, as well as communicating with the child and explaining the rules.
Fear: harm to eyesight and posture
Many parents worry that if the child spends a lot of time playing, his eyesight may be damaged. Others worry that prolonged sitting at a computer or leaning over a smartphone can have a negative effect on a child's posture.
Should you be afraid?
Yes, especially if the child has a predisposition. Already existing vision problems are a reason to organize the gaming process more carefully. As for posture, it can also be threatened especially if the child does not play sports.
Solution
● Installing a good monitor can help alleviate the problem with eyesight. Manufacturers of modern screens are trying to find a solution that will minimize the harm caused by the monitor to the human eye.
● Remember about a comfortable position while playing and working on a computer. A good chair, a table of the right height, a comfortable posture and a good distance from the monitor will help your child's vision and posture.
● Of course, the way to take care of the vision of a child playing is to limit the time of the game. At the same time, it is important that such restrictions are made both at the program level and at the level of agreements between you and the child.
Check with your doctor if your child is seen by an ophthalmologist, how much time to spend a day with the device, or if the child is not seen by an eye doctor, set a reasonable limit based on the child's age. Software level restrictions can be set with the help of online safety programs, such as Kaspersky Safe Kids or of internal device settings, such as set-top boxes and iOS-based mobile devices.
For parents in Malaysia aiming to secure their children better, a three-month free Safe Kids subscription also available online on Kaspersky’s shop on Lazada and Shopee.
Kaspersky is also offering a three-month free trial of Kaspersky Total Security, available through this link https://bit.ly/safekids011.
Fear: Viruses on Your Computer
Some parents fear malware that their child might install with or instead of a favourite game.
Should you be afraid?
Of course, after all, the desire of a teenager to play this or that game may lead to attempts to download a pirated version.
Recent research by Kaspersky shows that the activity of hackers using the gaming theme as a lure has increased significantly since the outbreak of the coronavirus pandemic. At the same time, criminals using the gaming theme in their attacks do not use sophisticated technical methods, they rely on the gullibility and ignorance of the users.
Solution
● First of all, it is necessary to explain to the child what malware is, where you can download it, and what harm can it do.
● It is also worth taking the time to talk with your child about the bad side of piracy.
● Use an antivirus. This is useful not only if a child accidentally installs malware, but also in many other situations.
Fear: Aggressive behavior caused by violent games
Parents who are not versed in computer games, reading the postulates that “children become aggressive from computer games” give in to panic and forbid children to play video games.
Should you be afraid?
A child's aggressive behaviour is not driven by the video games they play, but by a much broader range of reasons. Do not show your child video games at all, but he/she will still compete for kung fu with friends, shoot invisible enemies with a bow, pistol, grenade launcher or blaster. Both boys and girls do this, although it is believed that playing war is the prerogative of boys.
At the same time, if you allow, say, a six-year-old kid to play horror games like Doom and the Alien series, then such scary, frightening, violent games can really adversely affect the psyche of a young child, cause nightmares and other sleep disturbances, and irrational fears. The same can be said about the effect of such games on older children who already have certain fears or tendencies.
It should be remembered that there are different games for every age and every child.
Solution
● Use an age rating. Keep in mind that the age rating even suffers small deviations, if you do not enter the 16+ segment: if you are quite sure that a 12+ rated game is good, then why not install it for your ten-year-old son?
● To prevent your child from launching games that are not suitable for their age (for example, those that you bought for yourself, or that he/she downloaded from the Internet), use software that limits the ability to launch games or any content based on age rating.
● The most important thing is to always remember that whenever you try to restrict your child's access to games, you first need to talk to your son or daughter and explain why you are doing this.
In conclusion, do not prohibit your children from playing video games, but to keep your child safe, remember that the following six points will help you better control this area of children's life:
• Communication
• Age rating
• Time limit
• Protection against malicious code
• Settings restricting in-app purchases
• Promote hobbies in the real world
jeudi 15 octobre 2020
Pelajaran jarak jauh.
Korang, saya dah buat keputusan nak sambung study. Tapi saya nak sambung online je, dah survey dan minat untuk ambik BA/BSc (Honours) Design and Innovation dari Open University. Ok tak korang rasa? Agak - agak ada biasisawa tak untuk Malaysian?
Walkie Talkie Help
I'm looking for some advice on the purchase of a pair of walkie talkies to use during deer season this year. I've never owned any, though I have used them in the field before while hunting with friends.
I'm not really sure what specs or specific things I should be looking out for as I research what model to buy. Does anyone have advice or recommendations about where to start or about what has worked best in your experience?
I realize that being in the mountains can cause problems with the actual range they will be effective, but do some models/brands seem to work better than others?
Anyone have a specific walkie talkie they would recommend? I'm not really looking for the world's best, most expensive unit with every bell and whistle imaginable, but rather a basic, well made pair that can be relied upon in the field.
I'm not really sure what specs or specific things I should be looking out for as I research what model to buy. Does anyone have advice or recommendations about where to start or about what has worked best in your experience?
I realize that being in the mountains can cause problems with the actual range they will be effective, but do some models/brands seem to work better than others?
Anyone have a specific walkie talkie they would recommend? I'm not really looking for the world's best, most expensive unit with every bell and whistle imaginable, but rather a basic, well made pair that can be relied upon in the field.
Peck Natural Area- PA
https://endlessmountains.wordpress.c...a-lake-winola/
The Peck Natural Area protects a grove of old growth pine trees in Lake Winola. The height of some of these trees is impressive, maybe exceeding 150 feet. A beautiful forest that is similar to Cook Forest, but much smaller in size. Loop trail is about a mile long.
https://www.instagram.com/p/CFstkRqD..._web_copy_link
https://www.instagram.com/p/CFsuZz3j..._web_copy_link
https://www.instagram.com/p/CFvjIu9D..._web_copy_link
The Peck Natural Area protects a grove of old growth pine trees in Lake Winola. The height of some of these trees is impressive, maybe exceeding 150 feet. A beautiful forest that is similar to Cook Forest, but much smaller in size. Loop trail is about a mile long.
https://www.instagram.com/p/CFstkRqD..._web_copy_link
https://www.instagram.com/p/CFsuZz3j..._web_copy_link
https://www.instagram.com/p/CFvjIu9D..._web_copy_link
mardi 13 octobre 2020
Looking for paddle suggestions
Hello everyone. I am planning a paddle trip that will most likely be 2 to 3 nights. I'm looking for something that is a relatively short paddle (around 5 miles or less) with a lean to. 2 of my friends that are going are new to paddling so I'm looking for an easy paddle. Any suggestions would be appreciated. Thanks everyone.
Pack Basket repair
I acquired a 70 or so year old pack basket that could use some minor repair work. Anyone know of someone that would do this type of work?
Thank you
Thank you
Kaspersky shares best practices with SAMENTA to secure SMEs’ assets during the pandemic
Kaspersky teams up with Small and Medium Enterprises Association Malaysia (SAMENTA) in an effort to bring cyber awareness to its members and employees.
The workshop session, hosted online by Kaspersky for SAMENTA’s members and employees, focuses on understanding the monetary aspects of cyberthreats to Malaysian small and medium enterprises (SMEs), identifying the common vulnerabilities in the SMEs eco-systems, finding the right professional security solutions, and deploying integrated cybersecurity practices amidst the current pandemic situation.
Globally, COVID-19 has wreaked havoc economies, hitting hard the SMEs. To survive the unprecedented challenges the pandemic brought about, SMEs embrace digitalisation to keep their businesses afloat. The increased online transactions also open opportunities for cybercriminals.
According to Kaspersky’s latest statistics, cybercriminals targeting small and medium businesses (SMBs) in Southeast Asia (SEA) spent their months seeding phishing emails proactively. The global cybersecurity company’s anti-phishing software applications prevented 1,602,523 phishing attempts against companies with 50-250 employees, a 39% increase compared with the same period last year.
During the online session, Kaspersky team shared that, in the first half of this year, Kaspersky has foiled the most phishing attempts in the region against SMBs in Malaysia, Indonesia and Vietnam. Singapore tolled the fewest phishing emails in the region, but still witnessed an increase of 60.5% compared with the same period last year.
Speaking on the initiative for Malaysian SMEs, Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky says, “We are very much eager to align our promos and programs with the SMEs’ needs in Malaysia. This sector has been battered by COVID-19 and we have to help them as much as we can in protecting their assets. It is important for us to hear, first-hand, the challenges SMEs face in terms of cybersecurity, to allow us to figure out how we can assist them better. We are honoured to partner with SAMENTA on this initiative and we believe that with secured tools and right knowledge, SMBs can survive this pandemic,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
Both entities joined forces to achieve their mutual goal of preparing and enhancing the skills of SAMENTA members to be able to secure their networks and systems as they drive towards further digitalisation.
Datin Lorela Chia, Chairman, Central Region at Small and Medium Enterprises Association Malaysia (SAMENTA) says, “SMEs have been pushed to accelerate digitalisation in the past few months as they shift to WFH culture and cloud-based solutions. Many have re-engineered internal processes, with some mapping out their automation blueprint ready for implementation in stages. Security policies and procedures must be implemented to reflect the shift. Many of our members are aware of the importance of cybersecurity but few are confident that they know how to analyze and address cyber risks. With our partnership with Kaspersky we hope our members can protect their businesses securely, identify attacks, assess risk levels and develop a response plan in the event of intrusion. We are happy to address the cybersecurity gap among SMEs with Kaspersky."
At the online event, the SAMENTA members learnt the various technologies and solutions from the global cybersecurity company – Kaspersky Endpoint Security for Business and Kaspersky Automated Security Awareness Platform (ASAP). Kaspersky also offers SAMENTA members and their employees special packages of Kaspersky Antivirus, Kaspersky Internet Security, and Kaspersky Total Security.
Among the tips Kaspersky shared in the session with the SMEs to avoid being lured by cybercriminals through phishing are:
● Teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address and other personal information.
● Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
● Enforce the use of legitimate software, downloaded from official sources.
● Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that could cause a breach.
● Configure Wi-Fi encryption. It is imperative to configure your network connection correctly and set your router’s log-in and password regularly.
● Use a VPN if connecting to Wi-Fi networks that don’t belong to you. When you’re connected through a VPN, all of your data will be encrypted regardless of the network settings, and outsiders will not be able to read it.
● Use corporate services for e-mail, messaging, and all other work. Stick to corporate resources when exchanging documents and other information. Those cloud drives, but configured for business, are generally far more reliable than the free user versions.
● Protect devices with an antivirus solution. It is vital that you install a reliable security solution on all devices that handle corporate data.
The workshop session, hosted online by Kaspersky for SAMENTA’s members and employees, focuses on understanding the monetary aspects of cyberthreats to Malaysian small and medium enterprises (SMEs), identifying the common vulnerabilities in the SMEs eco-systems, finding the right professional security solutions, and deploying integrated cybersecurity practices amidst the current pandemic situation.
Globally, COVID-19 has wreaked havoc economies, hitting hard the SMEs. To survive the unprecedented challenges the pandemic brought about, SMEs embrace digitalisation to keep their businesses afloat. The increased online transactions also open opportunities for cybercriminals.
According to Kaspersky’s latest statistics, cybercriminals targeting small and medium businesses (SMBs) in Southeast Asia (SEA) spent their months seeding phishing emails proactively. The global cybersecurity company’s anti-phishing software applications prevented 1,602,523 phishing attempts against companies with 50-250 employees, a 39% increase compared with the same period last year.
During the online session, Kaspersky team shared that, in the first half of this year, Kaspersky has foiled the most phishing attempts in the region against SMBs in Malaysia, Indonesia and Vietnam. Singapore tolled the fewest phishing emails in the region, but still witnessed an increase of 60.5% compared with the same period last year.
Speaking on the initiative for Malaysian SMEs, Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky says, “We are very much eager to align our promos and programs with the SMEs’ needs in Malaysia. This sector has been battered by COVID-19 and we have to help them as much as we can in protecting their assets. It is important for us to hear, first-hand, the challenges SMEs face in terms of cybersecurity, to allow us to figure out how we can assist them better. We are honoured to partner with SAMENTA on this initiative and we believe that with secured tools and right knowledge, SMBs can survive this pandemic,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
Both entities joined forces to achieve their mutual goal of preparing and enhancing the skills of SAMENTA members to be able to secure their networks and systems as they drive towards further digitalisation.
Datin Lorela Chia, Chairman, Central Region at Small and Medium Enterprises Association Malaysia (SAMENTA) says, “SMEs have been pushed to accelerate digitalisation in the past few months as they shift to WFH culture and cloud-based solutions. Many have re-engineered internal processes, with some mapping out their automation blueprint ready for implementation in stages. Security policies and procedures must be implemented to reflect the shift. Many of our members are aware of the importance of cybersecurity but few are confident that they know how to analyze and address cyber risks. With our partnership with Kaspersky we hope our members can protect their businesses securely, identify attacks, assess risk levels and develop a response plan in the event of intrusion. We are happy to address the cybersecurity gap among SMEs with Kaspersky."
At the online event, the SAMENTA members learnt the various technologies and solutions from the global cybersecurity company – Kaspersky Endpoint Security for Business and Kaspersky Automated Security Awareness Platform (ASAP). Kaspersky also offers SAMENTA members and their employees special packages of Kaspersky Antivirus, Kaspersky Internet Security, and Kaspersky Total Security.
Among the tips Kaspersky shared in the session with the SMEs to avoid being lured by cybercriminals through phishing are:
● Teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address and other personal information.
● Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
● Enforce the use of legitimate software, downloaded from official sources.
● Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that could cause a breach.
● Configure Wi-Fi encryption. It is imperative to configure your network connection correctly and set your router’s log-in and password regularly.
● Use a VPN if connecting to Wi-Fi networks that don’t belong to you. When you’re connected through a VPN, all of your data will be encrypted regardless of the network settings, and outsiders will not be able to read it.
● Use corporate services for e-mail, messaging, and all other work. Stick to corporate resources when exchanging documents and other information. Those cloud drives, but configured for business, are generally far more reliable than the free user versions.
● Protect devices with an antivirus solution. It is vital that you install a reliable security solution on all devices that handle corporate data.
Best Corporate Training and Placement Institute
What is the best Best Corporate Training and Placement Institute in Pune?
Best Corporate Training and Placement Institute
Best Corporate Training and Placement Institute
lundi 12 octobre 2020
Best Corporate Training and Placement Institute
Which is the Best Corporate Training and Placement Institute?
Best Corporate Training and Placement Institute
Best Corporate Training and Placement Institute
dimanche 11 octobre 2020
Industrial espionage in action
Kaspersky researchers uncovered a series of highly targeted attacks against industrial holdings dating back to 2018—far more rare in the world of advanced persistent threat (APT) actors than campaigns against diplomats and other high-profile political actors. The toolset used—originally named MT3 by the malware authors—has been dubbed by Kaspersky as “MontysThree”. It uses a variety of techniques to evade detection, including hosting its communications with the control server on public cloud services and hiding the main malicious module using steganography.
Government entities, diplomats, and telecom operators tend to be the preferred target for APTs, since these individuals and institutions naturally possess a wealth of highly confidential and politically sensitive information. Far more rare are targeted espionage campaigns against industrial entities—but, like any other attacks against industries, they can have devastating consequences for the business. That’s why, upon noticing the activity of MontysThree, Kaspersky researchers were quick to take note.
To carry out its espionage, MontysThree deploys a malware program consisting of four modules. The first—the loader—is initially spread using RAR SFX files (self-extracted archives) containing names related to employees’ contact lists, technical documentation, and medical analysis results to trick employees into downloading the files—a common spear phishing technique. The loader is primarily in charge of ensuring the malware isn’t detected on the system; to do this, it deploys a technique known as steganography.
Steganography is used by actors to hide the fact that data is being exchanged. In the case of MontysThree, the main malicious payload is disguised as a bitmap (a format for storing digital images) file. If the right command is inputted, the loader will use a custom-made algorithm to decrypt the content from the pixel array and run the malicious payload.
The main malicious payload uses several encryption techniques of its own to evade detection, namely the use of an RSA algorithm to encrypt communications with the control server and to decrypt the main “tasks” assigned from the malware. This includes searching for documents with specific extensions and in specific company directories. MontysThree is designed to specifically target Microsoft and Adobe Acrobat documents; it can also capture screenshots and “fingerprint” (i.e. gather information about their network settings, host name, etc.) the target to see if it is of interest to the attackers.
The information collected and other communications with the control server are then hosted on public cloud services like Google, Microsoft, and Dropbox. This makes the communication traffic difficult to detect as malicious, and because no antivirus blocks these services, it ensures the control server can execute commands uninterrupted.
MontysThree also uses a simple method for gaining persistence on the infected system—a modifier for Windows Quick Launch. Users inadvertently run the initial module of the malware by themselves every time they run legitimate applications, such as browsers, when using the Quick Launch toolbar.
Kaspersky has not been able to find any similarities in the malicious code or the infrastructure with any known APTs.
“MontysThree is interesting not just because of the fact that it’s targeting industrial holdings, but because of the combination of sophisticated and somewhat “amateurish” TTPs. In general, the sophistication varies from module to module, but it can’t compare to the level used by the most advanced APTs. However, they use strong cryptographic standards and there are indeed some tech-savvy decisions made, including the custom steganography. Perhaps most importantly, it’s clear that the attackers have put significant effort into developing the MontysThree toolset, suggesting they are determined in their aims—and that this is not meant to be a short-lived campaign,” comments Denis Legezo, senior security researcher with Kaspersky’s Global Research and Analysis Team.
Learn more about MontysThree on Securelist. Detailed information on Indicators of Compromise related to this group, including file hashes, can be accessed on the Kaspersky Threat Intelligence Portal.
Register for SAS@Home to watch the presentation about MontysThree and learn more about APTs and top-level cybersecurity discoveries here: https://kas.pr/tr59
To protect your organizations from attacks like MontysThree, Kaspersky experts recommend:
• Provide your staff with basic cybersecurity hygiene training, as many targeted attacks start with phishing or other social engineering techniques. Conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails.
• Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for the company’s TI, providing cyberattack data and insights gathered by Kaspersky over more than 20 years.
• For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions, such as Kaspersky Endpoint Detection and Response.
• In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats at the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform.
• Make sure you protect industrial endpoints as well as corporate ones. The Kaspersky Industrial CyberSecurity solution includes dedicated protection for endpoints and network monitoring to reveal any suspicious and potentially malicious activity in the industrial network.
Government entities, diplomats, and telecom operators tend to be the preferred target for APTs, since these individuals and institutions naturally possess a wealth of highly confidential and politically sensitive information. Far more rare are targeted espionage campaigns against industrial entities—but, like any other attacks against industries, they can have devastating consequences for the business. That’s why, upon noticing the activity of MontysThree, Kaspersky researchers were quick to take note.
To carry out its espionage, MontysThree deploys a malware program consisting of four modules. The first—the loader—is initially spread using RAR SFX files (self-extracted archives) containing names related to employees’ contact lists, technical documentation, and medical analysis results to trick employees into downloading the files—a common spear phishing technique. The loader is primarily in charge of ensuring the malware isn’t detected on the system; to do this, it deploys a technique known as steganography.
Steganography is used by actors to hide the fact that data is being exchanged. In the case of MontysThree, the main malicious payload is disguised as a bitmap (a format for storing digital images) file. If the right command is inputted, the loader will use a custom-made algorithm to decrypt the content from the pixel array and run the malicious payload.
The main malicious payload uses several encryption techniques of its own to evade detection, namely the use of an RSA algorithm to encrypt communications with the control server and to decrypt the main “tasks” assigned from the malware. This includes searching for documents with specific extensions and in specific company directories. MontysThree is designed to specifically target Microsoft and Adobe Acrobat documents; it can also capture screenshots and “fingerprint” (i.e. gather information about their network settings, host name, etc.) the target to see if it is of interest to the attackers.
The information collected and other communications with the control server are then hosted on public cloud services like Google, Microsoft, and Dropbox. This makes the communication traffic difficult to detect as malicious, and because no antivirus blocks these services, it ensures the control server can execute commands uninterrupted.
MontysThree also uses a simple method for gaining persistence on the infected system—a modifier for Windows Quick Launch. Users inadvertently run the initial module of the malware by themselves every time they run legitimate applications, such as browsers, when using the Quick Launch toolbar.
Kaspersky has not been able to find any similarities in the malicious code or the infrastructure with any known APTs.
“MontysThree is interesting not just because of the fact that it’s targeting industrial holdings, but because of the combination of sophisticated and somewhat “amateurish” TTPs. In general, the sophistication varies from module to module, but it can’t compare to the level used by the most advanced APTs. However, they use strong cryptographic standards and there are indeed some tech-savvy decisions made, including the custom steganography. Perhaps most importantly, it’s clear that the attackers have put significant effort into developing the MontysThree toolset, suggesting they are determined in their aims—and that this is not meant to be a short-lived campaign,” comments Denis Legezo, senior security researcher with Kaspersky’s Global Research and Analysis Team.
Learn more about MontysThree on Securelist. Detailed information on Indicators of Compromise related to this group, including file hashes, can be accessed on the Kaspersky Threat Intelligence Portal.
Register for SAS@Home to watch the presentation about MontysThree and learn more about APTs and top-level cybersecurity discoveries here: https://kas.pr/tr59
To protect your organizations from attacks like MontysThree, Kaspersky experts recommend:
• Provide your staff with basic cybersecurity hygiene training, as many targeted attacks start with phishing or other social engineering techniques. Conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails.
• Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for the company’s TI, providing cyberattack data and insights gathered by Kaspersky over more than 20 years.
• For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions, such as Kaspersky Endpoint Detection and Response.
• In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats at the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform.
• Make sure you protect industrial endpoints as well as corporate ones. The Kaspersky Industrial CyberSecurity solution includes dedicated protection for endpoints and network monitoring to reveal any suspicious and potentially malicious activity in the industrial network.
samedi 10 octobre 2020
Sawyer re-route?
Has there been a re-route of Sawyer Mtn trail recently? I've climbed it 4 or 5 times but not in several years. I did it to day and it just felt... different and unfamiliar in chunks so I was curious.
vendredi 9 octobre 2020
Permits Coming?
Hi All,
I've been reading recently about the DEC might start requiring permits in the High Peaks Region due to conservation efforts. Does anyone know how soon this may start or how it will be enforced? Just wondering how far in advance you will need to request a permit and how it will be regulated.
I've been reading recently about the DEC might start requiring permits in the High Peaks Region due to conservation efforts. Does anyone know how soon this may start or how it will be enforced? Just wondering how far in advance you will need to request a permit and how it will be regulated.
Stand Hunt 2020
Here I go deer hunting. Waiting for a nice buck to come by.
Sent from my SAMSUNG-SM-G890A using Tapatalk
Sent from my SAMSUNG-SM-G890A using Tapatalk
mercredi 7 octobre 2020
Casting LC Wabblers
I know that this lure is designed and at its best for trolling and not casting. Nevertheless, with the limited trout season days left and fish moving in closer to shore, casting might attract a fish. How would you alter the rig for casting - smallest size, no swivels, shorter worm/streamer line, garden worm vs nightcrawler, etc?
Best Corporate Training and Placement Institute
Which is the best Corporate Training and Placement Institute in Pune?
Best Corporate Training and Placement Institute
Best Corporate Training and Placement Institute
Kaspersky expert: Targeted ransomware groups such as Maze spotted in Southeast Asia
Evolving ransomware which blackmails enterprises to get ransom highlights the need for proactive, intelligence-based security
If there is one positive consequence brought about by the COVID-19 situation in Southeast Asia (SEA), it is to prove that the region has the capability to embrace digitalisation. In fact, a 2020 research conducted by Kaspersky among 760 respondents from the region revealed that nearly 8-in-10 are currently working from home.
An additional two to five hours have been added on top of the 8-hour daily surfing average of consumers in SEA. In terms of financial matters, 47% of the surveyed individuals have shifted their payment and bank transactions online due to the lockdown restrictions and safety precautions on their respective countries.
Technology and the World Wide Web are stepping up as powerful tools which everyone can leverage to survive this period. Increased reliance on the internet, however, also open more vulnerabilities cybercriminals can exploit. With the combined digital aftermath of the pandemic and the geopolitical situation in the region, Kaspersky announces the top threats public and private organisations should watch out for.
“The year 2020 is not like any other. This year is not only the time of changes, but it changed the time itself. It changed the way we travel, the way we shop, the way we interact with each other. The computer threat model has evolved since COVID-19 started,” says Vitaly Kamluk, director for Global Research and Analysis Team (GReAT) Asia Pacific at Kaspersky.
Rise of Targeted Ransomware
Through a virtual media conference with select journalists in SEA, Kamluk revealed how cybercriminals have added blackmailing on their arsenal to ensure that their victims will pay ransomware. He also confirmed the presence of top ransomware groups in the region targeting the following industries:
• State enterprise
• Aerospace and engineering
• Manufacturing and trading steel sheet
• Beverage company
• Palm products
• Hotel and accommodation services
• IT services
Among the notorious ransomware families, and is one of the first to conduct such operation, is the Maze family. The group behind Maze ransomware has leaked the data of their victims’ who refused to pay ransom — more than once. They leaked 700MB of internal data online back in November 2019 with an additional warning that the published documents are just 10% of the data they were able to steal.
Aside from this, the group has also created a website where they revealed the identities of their victims as well as the details of the attack – date of infection, amount of data stolen, names of servers, and more.
The attack process being used by this group is simple. They will infiltrate the system, haunt for the most sensitive data, and then upload them to their cloud storage. After that, these will be encrypted with RSA. A ransom will be demanded based on the size of the company and the volume of the data stolen. This group will then publish the details on their blog and even make anonymous tips to journalists
“We are monitoring an uptick on Maze detections globally, even against a few companies in Southeast Asia, which means this trend is currently gaining momentum. While the public shaming part of the attack adds to the pressure of bowing to the demands of these cybercriminals, I strongly advise companies and organisations not to pay ransom and to involve law enforcement agencies and experts during such scenarios. Remember that it is also better to have your data backed up, your cybersecurity defenses in place, to avoid falling victims to these malicious actors,” adds Kamluk.
To remain protected against these threats, Kamluk suggests enterprises and organisations to:
• Stay ahead of your enemy: make backups, simulate attacks, prepare action plan for disaster recovery.
• Deploy sensors everywhere: monitor software activity on endpoints, record traffic, check hardware integrity.
• Never follow demands of the criminals. Do not fight alone - contact Law Enforcement, CERT, security vendors like Kaspersky.
• Train your staff while they work remotely: digital forensics, basic malware analysis, PR crisis management.
• Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
• Know your enemy: identify new undetected malware on premises with Kaspersky Threat Attribution Engine.
If there is one positive consequence brought about by the COVID-19 situation in Southeast Asia (SEA), it is to prove that the region has the capability to embrace digitalisation. In fact, a 2020 research conducted by Kaspersky among 760 respondents from the region revealed that nearly 8-in-10 are currently working from home.
An additional two to five hours have been added on top of the 8-hour daily surfing average of consumers in SEA. In terms of financial matters, 47% of the surveyed individuals have shifted their payment and bank transactions online due to the lockdown restrictions and safety precautions on their respective countries.
Technology and the World Wide Web are stepping up as powerful tools which everyone can leverage to survive this period. Increased reliance on the internet, however, also open more vulnerabilities cybercriminals can exploit. With the combined digital aftermath of the pandemic and the geopolitical situation in the region, Kaspersky announces the top threats public and private organisations should watch out for.
“The year 2020 is not like any other. This year is not only the time of changes, but it changed the time itself. It changed the way we travel, the way we shop, the way we interact with each other. The computer threat model has evolved since COVID-19 started,” says Vitaly Kamluk, director for Global Research and Analysis Team (GReAT) Asia Pacific at Kaspersky.
Rise of Targeted Ransomware
Through a virtual media conference with select journalists in SEA, Kamluk revealed how cybercriminals have added blackmailing on their arsenal to ensure that their victims will pay ransomware. He also confirmed the presence of top ransomware groups in the region targeting the following industries:
• State enterprise
• Aerospace and engineering
• Manufacturing and trading steel sheet
• Beverage company
• Palm products
• Hotel and accommodation services
• IT services
Among the notorious ransomware families, and is one of the first to conduct such operation, is the Maze family. The group behind Maze ransomware has leaked the data of their victims’ who refused to pay ransom — more than once. They leaked 700MB of internal data online back in November 2019 with an additional warning that the published documents are just 10% of the data they were able to steal.
Aside from this, the group has also created a website where they revealed the identities of their victims as well as the details of the attack – date of infection, amount of data stolen, names of servers, and more.
The attack process being used by this group is simple. They will infiltrate the system, haunt for the most sensitive data, and then upload them to their cloud storage. After that, these will be encrypted with RSA. A ransom will be demanded based on the size of the company and the volume of the data stolen. This group will then publish the details on their blog and even make anonymous tips to journalists
“We are monitoring an uptick on Maze detections globally, even against a few companies in Southeast Asia, which means this trend is currently gaining momentum. While the public shaming part of the attack adds to the pressure of bowing to the demands of these cybercriminals, I strongly advise companies and organisations not to pay ransom and to involve law enforcement agencies and experts during such scenarios. Remember that it is also better to have your data backed up, your cybersecurity defenses in place, to avoid falling victims to these malicious actors,” adds Kamluk.
To remain protected against these threats, Kamluk suggests enterprises and organisations to:
• Stay ahead of your enemy: make backups, simulate attacks, prepare action plan for disaster recovery.
• Deploy sensors everywhere: monitor software activity on endpoints, record traffic, check hardware integrity.
• Never follow demands of the criminals. Do not fight alone - contact Law Enforcement, CERT, security vendors like Kaspersky.
• Train your staff while they work remotely: digital forensics, basic malware analysis, PR crisis management.
• Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
• Know your enemy: identify new undetected malware on premises with Kaspersky Threat Attribution Engine.
mardi 6 octobre 2020
Lean to shelfs
Coming off 6 straight nights in 6 different lean to's along with a lifetime of various lean to's being slept in, is it safe to say that the shelves in these shelters are actually the junk drawers of the Adirondacks?? A mix of books,batteries,bug spray,mouse chewed toilet paper, broken flashlights, 3/4 used jars of peanut butter, ect.ect.ect......
Murphy Lake reclaimed
FYI, I saw this sign hanging at the Pumpkin Hollow Rd trailhead for Murphy Lake in the Wilcox Lake Wild Forest.
Group/Organized Rides
Does anyone know of rides planned for 2021, or is it too early for them to be posted?
Rocky Peak Ridge
I went in from the Route 73 trailhead via the washbowl and it was 6.5 miles round trip, with 3527’ of elevation gain, plus the 700’ on the return to the trail junction with Giant Mountain for a total of 4227. This was a huge leg day for me, plus I had company.
My friend Justin and I signed in at the trail register at 6 am under headlamp. The trail takes on a completely new perspective in this regard. The first part of this trail, up to the washbowl is sparsely marked and can be difficult to follow under headlamp, just need to pay attention to rock scraps and dirt. The switchbacks help with the 650 plus feet in elevation gain in just over half a mile. While climbing this peak, there are many spectacular views all along the way, the first being the ledge just before the washbowl. This view prominently presents the Great Range along with the northeastern side of the Dix Range.
From the washbowl up it is a steady climb with several steep sections. The trail offers a variety of obstacles to navigate, boulder fields, switchbacks, ledges, slabs, blowdown, and mud.
We arrived at the junction with the Rocky Peak ridge trail at 11 am. After a quick break, We were on our way to Rocky Peak. The trail drops around 700’ in .3 miles to the col. I probably spent more energy avoiding a fall than I did climbing up out of the col on our return. It would be nice to see a ladder in one section (about 300' below the junction) that is pretty hairy. The drop in elevation can be discouraging, but the trail from the col up to the summit of Rocky Peak is a pleasant climb gaining around 600’ in just over a half-mile.
We arrived at Rocky Peak at 1:30 pm. The summit was not what I had expected. Based on photos from other hikers. I was led to believe the summit was rocky and had a large cairn on it. While there were cairns and it was somewhat open and rocky, it just was not what I had expected. It was a pleasant surprise. The summit has a long, bare ridge, a result of a forest fire in the region in 1913.
We laid down and relaxed in the sun on the summit enjoying the views; and even came close to falling asleep. After about a half-hour, we started our trek back. The climb back up to the trail junction was easier than the climb down. I took a quick break at the junction, while Justin tagged Giant (I previously had climbed Giant before), we made our way back down to the car arriving at 7 pm.
We would have several people pass us today as we made our way up the mountain, we did not mind, we were hiking our own hike. It is nice to meet new people, especially those who enjoy and respect the great outdoors. One of those who passed us was a 78-year-old man; I believe he also mentioned this was his 104th time climbing this mountain, and he was number eight or nine on the Adirondack 46er Grid list. Respect.
7.2 miles round trip
4227’ elevation gain
Start time 6 am
End time at 7 pm
Additional photos
My friend Justin and I signed in at the trail register at 6 am under headlamp. The trail takes on a completely new perspective in this regard. The first part of this trail, up to the washbowl is sparsely marked and can be difficult to follow under headlamp, just need to pay attention to rock scraps and dirt. The switchbacks help with the 650 plus feet in elevation gain in just over half a mile. While climbing this peak, there are many spectacular views all along the way, the first being the ledge just before the washbowl. This view prominently presents the Great Range along with the northeastern side of the Dix Range.
From the washbowl up it is a steady climb with several steep sections. The trail offers a variety of obstacles to navigate, boulder fields, switchbacks, ledges, slabs, blowdown, and mud.
We arrived at the junction with the Rocky Peak ridge trail at 11 am. After a quick break, We were on our way to Rocky Peak. The trail drops around 700’ in .3 miles to the col. I probably spent more energy avoiding a fall than I did climbing up out of the col on our return. It would be nice to see a ladder in one section (about 300' below the junction) that is pretty hairy. The drop in elevation can be discouraging, but the trail from the col up to the summit of Rocky Peak is a pleasant climb gaining around 600’ in just over a half-mile.
We arrived at Rocky Peak at 1:30 pm. The summit was not what I had expected. Based on photos from other hikers. I was led to believe the summit was rocky and had a large cairn on it. While there were cairns and it was somewhat open and rocky, it just was not what I had expected. It was a pleasant surprise. The summit has a long, bare ridge, a result of a forest fire in the region in 1913.
We laid down and relaxed in the sun on the summit enjoying the views; and even came close to falling asleep. After about a half-hour, we started our trek back. The climb back up to the trail junction was easier than the climb down. I took a quick break at the junction, while Justin tagged Giant (I previously had climbed Giant before), we made our way back down to the car arriving at 7 pm.
We would have several people pass us today as we made our way up the mountain, we did not mind, we were hiking our own hike. It is nice to meet new people, especially those who enjoy and respect the great outdoors. One of those who passed us was a 78-year-old man; I believe he also mentioned this was his 104th time climbing this mountain, and he was number eight or nine on the Adirondack 46er Grid list. Respect.
7.2 miles round trip
4227’ elevation gain
Start time 6 am
End time at 7 pm
Additional photos
lundi 5 octobre 2020
I finally did it
The Northville/Placid Trail has been on my bucket list for over a decade and last week I finally got the time and chance to do it. I did a 7 day solo trip from Godfrey Rd to Averyville Rd. Lots of rain ,blistered feet, inches of rain and a bunch of missing my family, but sure did have a great time!
Attachment 19737
Attachment 19738
Attachment 19739
Attachment 19740
Attachment 19737
Attachment 19738
Attachment 19739
Attachment 19740
samedi 3 octobre 2020
Lost: Trekking Poles
Left at the Upper Works trail head on Thursday afternoon. Black Diamond poles.
Checked this afternoon and they were not there.
Thanks!
Checked this afternoon and they were not there.
Thanks!
2020 Hunting Season
Thought I'd get this started. I hope everyone is getting ready, if not out already doing some bowhunting or after small game. I've been out a few times but this weekend is camp/work/meeting weekend. This week was pretty warm and the deer didn't seem to move much. But on Wednesday I got three different bucks on this camera, all in the afternoon. Not sure if it was the front passing, or the moon? Too bad I was working, but I'm taking a kid to this spot next weekend for the youth hunt. Good luck everyone.
vendredi 2 octobre 2020
Early autumn in the PA Wilds
Just returned from a multi-day trip in the Pennsylvania Wilds and surrounding areas of PA/NY. Overall a good trip besides aggro pick-up truck drivers tailgating me on one-lane highways - even when I was going 20 miles over the speed limit!
My trip started in Allegheny National Forest where I visited a few new sights: the uniquely-shaped Hector Falls and the multi-loop Minister Creek Trail System:
Camped in Allegany State Park on the New York side and then made the longish drive down to Central Pennsylvania the following morning to hike part of the Standing Stone Trail around Jack's Mountain (already did the 1,000 Steps so I hiked from the north this time around). The journey was approximately seven miles long and I didn't encounter another soul the entire time.
I then made my way into the heart of the PA Wilds: the Quehanna Wild Area and Elk State Forest. This was my favorite part of the road trip. The Beaver Run Dam area was like a hybrid between Iroquois National Wildlife Refuge and the Dolly Sods. Quite spectacular this time of year! I spent the better part of the day hiking on- and off-trail there, and made a brief stop at Table Falls where I got a chance to experiment with my camera's shutter speed. After that, I made my way to Elk State Forest where I saw... you guessed it... several elk. From the driver's seat of my car, I spotted one a few feet from the road and a whole family of them at the edge of the scenic Sinnamahoning River. Unfortunately, I didn't have a chance to snap any photos since there was one of the aforementioned pickup truck drivers behind me and no place to pull off on the side of the narrow road. I hope to explore that area a little more in depth the next time I'm in the area because I really liked what I saw from the road!
My trip started in Allegheny National Forest where I visited a few new sights: the uniquely-shaped Hector Falls and the multi-loop Minister Creek Trail System:
Camped in Allegany State Park on the New York side and then made the longish drive down to Central Pennsylvania the following morning to hike part of the Standing Stone Trail around Jack's Mountain (already did the 1,000 Steps so I hiked from the north this time around). The journey was approximately seven miles long and I didn't encounter another soul the entire time.
I then made my way into the heart of the PA Wilds: the Quehanna Wild Area and Elk State Forest. This was my favorite part of the road trip. The Beaver Run Dam area was like a hybrid between Iroquois National Wildlife Refuge and the Dolly Sods. Quite spectacular this time of year! I spent the better part of the day hiking on- and off-trail there, and made a brief stop at Table Falls where I got a chance to experiment with my camera's shutter speed. After that, I made my way to Elk State Forest where I saw... you guessed it... several elk. From the driver's seat of my car, I spotted one a few feet from the road and a whole family of them at the edge of the scenic Sinnamahoning River. Unfortunately, I didn't have a chance to snap any photos since there was one of the aforementioned pickup truck drivers behind me and no place to pull off on the side of the narrow road. I hope to explore that area a little more in depth the next time I'm in the area because I really liked what I saw from the road!
Jobs | Career - Malaysia | Singapore
asiazonecareer.my - Job search site - find job vacancy | career opportunities in Malaysia and Singapore.
Cari kerja - Malaysia - Singapore
找工作 - 马来西亚 - 新加坡
Cari kerja - Malaysia - Singapore
找工作 - 马来西亚 - 新加坡
Southeastern Adirondacks Trip
I spent a brief amount of time in the Southeastern Adirondacks last weekend. The fall colors were out in full force, as were the massive crowds.
There was heavy traffic going northbound on I-87 between 4-5 AM, with most people presumably heading to the High Peaks region. It's amazing to think that anyone going to the Loj at that ungodly hour wouldn't have been able to find a parking spot, as it was reported that the parking lot was completely full at 5:00!
It wasn't just the High Peaks that got slammed, though. On one short firetower hike (under two miles each way) near Glens Falls, I counted over a hundred people and passed groups of hikers every... single... minute of my hike. I tried counting from 1 to 60 in my head to see if I could even get one measly minute of peace and couldn't. It was a constant stream of hikers parading up and down the mountain unlike anything I have ever experienced in decades of hiking. Not even Cascade on a sunny Saturday morning in the middle of summer was so insanely crowded! Although I did anticipate there being a fair amount of people given various factors (time of day, time of year, the pandemic, etc.) I wasn't expecting it to be anywhere near that bad! Honestly, I got more solitude in the middle of Downtown Buffalo at lunch hour when I used to work there.
The highlight of my trip was walking around Great Sacandaga Lake where I actually had some space to spread out and enjoy the pleasing early-autumn scenery. It looked like an ideal place to go paddling sometime.
The rest of my trip didn't go so well. I received minimal sleep due to inconsiderate $#!+#3@d$ making too much noise and also had a kidney stone attack that left me in excruciating pain for a while. Between those experiences and the weather forecast looking unpromising between 9/28 and 10/2, I decided to cut my trip short and make the long drive back to Western New York. I'm hoping that when I return to the 'dacks (probably during the off-season or perhaps after this covid nightmare is finally behind us), I'll have a more enjoyable time like I did in past years.
Now for some photos to hopefully make up for all the complaining I did :)
There was heavy traffic going northbound on I-87 between 4-5 AM, with most people presumably heading to the High Peaks region. It's amazing to think that anyone going to the Loj at that ungodly hour wouldn't have been able to find a parking spot, as it was reported that the parking lot was completely full at 5:00!
It wasn't just the High Peaks that got slammed, though. On one short firetower hike (under two miles each way) near Glens Falls, I counted over a hundred people and passed groups of hikers every... single... minute of my hike. I tried counting from 1 to 60 in my head to see if I could even get one measly minute of peace and couldn't. It was a constant stream of hikers parading up and down the mountain unlike anything I have ever experienced in decades of hiking. Not even Cascade on a sunny Saturday morning in the middle of summer was so insanely crowded! Although I did anticipate there being a fair amount of people given various factors (time of day, time of year, the pandemic, etc.) I wasn't expecting it to be anywhere near that bad! Honestly, I got more solitude in the middle of Downtown Buffalo at lunch hour when I used to work there.
The highlight of my trip was walking around Great Sacandaga Lake where I actually had some space to spread out and enjoy the pleasing early-autumn scenery. It looked like an ideal place to go paddling sometime.
The rest of my trip didn't go so well. I received minimal sleep due to inconsiderate $#!+#3@d$ making too much noise and also had a kidney stone attack that left me in excruciating pain for a while. Between those experiences and the weather forecast looking unpromising between 9/28 and 10/2, I decided to cut my trip short and make the long drive back to Western New York. I'm hoping that when I return to the 'dacks (probably during the off-season or perhaps after this covid nightmare is finally behind us), I'll have a more enjoyable time like I did in past years.
Now for some photos to hopefully make up for all the complaining I did :)
jeudi 1 octobre 2020
FOUND Dog Leash
If you left a dog leash behind on Cat Mountain on 9/30/20 or around there- it is in the trail register box at the Thomas Mountain Trailhead near Route 11.
Inscription à :
Articles (Atom)