AND THE NEWS JUST KEEPS ON COMING IN THIS FRIDAY

Surprise! More Malware Appears On Android

"Another week, another announcement of new mobile malware found infecting Android phones. The new bug this week is DKFBootKit, a nasty bit of work that can come packaged inside seemingly legitimate applications..."

FULL STORY HERE.

ANOTHER DAY, ANOTHER MONTH, ANOTHER YEAR

And yet, it's the same old song...

(Reuters) - "Four giant card-payment processors and large U.S. banks that issue debit and credit cards were hit by a data-security breach after third-party services provider Global Payments Inc discovered its systems were compromised by unauthorized access...."

Complete article can be found HERE.

SOMETIMES YOU CAN'T KEEP A BAD BUG DOWN -

Kelihos gang building a new botnet, researchers say

"The cybercriminal gang that operated the recently disabled Kelihos botnet has already begun building a new botnet with the help of a Facebook worm, according to security researchers from Seculert."

READ THE FULL STORY HERE

DON'T...."DRAW SOMETHING"

There is a Twitter scam going around offering users of "Draw Something" some sort of prize [I wouldn't be surprised if it showed up on Facebook as well]. Regardless, HERE is the link to the article with the Sophos warning.

FOLLOW UP ARTICLE ABOUT MAC/OFFICE EXPLOITS

See article from Cnet.com HERE.

MICROSOFT, ANDROIDS, AND APPLE - "OH MY"

Another Trojan has been spotted in the "Wild", it's mission: Attack-The-MAC. While it's been used before, that doesn't mean it can't be redesigned and remain effective. A Cnet article with the heading - "Tibet.A malware for OS X uses Flashback Java vulnerabilities" will fill you in, should you be a Mac user, HERE.

DATA ENCRYPTION: WHO? WHAT? WHY?

If you asked someone "What do you think Data Encryption mean?" You'd probably get a vague answer that is mostly correct, with many movies cited as examples.

If your company, or for that matter if you personally, use a laptop that has logins, passwords, income tax returns, discrete company info, etc. There is NO excuse not to have that data encrypted, and there is wide variety of companies that sell software that will do everything from, encrypt certain files, all files, or even go as far as formatting the hard drive if someone tries your login password more than X number of attempts. Past stories involve NASA losing a laptop which had controls for the space station! Here's another reminder (from a year ago no less) found on CW (Computer World) HERE.

WHEN BUYING A LAPTOP, YOU REALLY HAVE TO CHECK THEM OUT IN PERSON

Usually, when a client asks me what laptop should they buy, I'll jot down a top 10 list, and suggest that they go to Best Buy, Office Depot, Fry's, etc. to see how the screen looks, and how well the keyboard responds, etc.

Then I'll point them to Amazon.com to see if they can find the same laptop at a better price. But what tests could you run in the store? PC WORLD has an article just for you, HERE.

I'VE NEVER BEEN A BIG "AVG" FAN, BUT....

"AVG now blocks tracking ads, monitors Wi-Fi connections", interesting news off CNET, HERE.

IT'S STILL QUIRKY ON SOME WEBSITES, FOR SOME PEOPLE, AND I STILL PREFER I.E.8 OR FIREFOX, BUT....

This is funny.

MONDAY, AND MALICIOUS FILES

"Cybercriminals are uploading malicious Chrome browser extensions to the official Chrome Web Store and use them to hijack Facebook accounts, according to security researchers from Kaspersky Lab." Full Story HERE.

To add to the blogger's warning:"Think twice before installing a Google Chrome extension, or for that matter, ANY extension or add-in to ANY browser"

OTHER NEWS:

Last Friday, Firefox announced that it's newest version (12) would be the last to support Windows 2000 and early XP operating systems. XP users with XP Service Pack 3 will still be supported.

TRENDS OF THE WEEK, MID-WEEK

We're seeing more "Worms" on computers which can wreak havoc on a business or home network. Unlike a Computer Virus, which infects one PC, a worm is smart enough to travel around your network, looking for an attached item to infect. 1999-2003 were really bad years as far as "worms" go, so I'm surprised to see them back again.

Another threat discovered on a computer (today) is called "Trojan.spyeyes", which is your typical keystroke logger Trojan that sends every keystroke you make back to someones PC or Server, allowing them to get your online-banking login/password and much-much-more! You can read more about this Trojan from a January 6th article on the "Dailymail" in the U.K. HERE.

SECURITY BREACHES

It's seems like almost every week you'll read/hear/or see on the nightly news a story about some company being hacked into and large numbers of credit card data, social security numbers, and other information that could truly affect someone that now falls into the category of "Those Who Have Been Breached".

If you live in Sugar Land you know (or should know) that the Sugar Land police have a website which has a page which lists various crimes by the time, date, and area it happened. It wouldn't be to painful to visit that site once in awhile just to make sure a percentage of crime hasn't grown in your neighborhood.

You're wondering, "How is he going to tie these two together and make sense?". Well....

there is a website which has a chart of the most recent company website hacks, how many files were taken, date, etc. And it wouldn't hurt to visit that site every now and then to make sure it's not a place where you have personal data that could be compromised. It's run by the Open Security Foundation and you can just click on that link to get you there.

[OSF SCREEN CAPTURE CREDIT: Brian Woodbury]

SOMETIMES I PREDICT CORRECTLY

(and sometimes not)

In this case I'm talking about Microsoft Security Essentials - a decent anti-virus from Microsoft which lacks some of the more elegant features of Symantec's Internet Anti-Virus 2012, but what the heck, it's FREE.

When they first came out with this I was a tad suspicious (as to their intentions, and of course, quality of the program), but found Security Essentials to work pretty well.

-

(Credit: OPSWAT)
-

According to the article I just read "While Avast dominates worldwide security suite usage, and Symantec leads in North America, Microsoft Security Essentials is rising fast, says a new study by OPSWAT, a software development tool and data service company in San Francisco." My initial thoughts about this when it first came out was that Microsoft was going to pull paying customers from Symantec, Trend Micro, etc. to their free anti-virus software, and then at some point, begin charging for it. I've yet to see this come to fruition, but I expect this is the course it will take. For the complete story, on CNET.com, look HERE.

Russian police track down and finally arrest infamous 'Carberp' trojan gang

(followup TROJAN to ZEUS)

From Techworld: "Russian police are reported to have arrested the gang behind the notorious Carberp Trojan used to steal hundreds of millions of roubles from online bank customers during one of the most notorious cybercrime campaigns ever to hit the country."

Read the full story HERE.

IT USUALLY MONDAY - IF YOU HEAR ABOUT THE VIRUS ATTACK OVER THE WEEKEND

Yes, it's true, Kaspersky labs reported a new virus which is Java-based and lives not on your hard disk - but your computer's memory! I know you remember the drill, but I write it again: Keep your Anti-Virus current, make sure Adobe Reader, Adobe Flash, and Java are up-to-date NOT by clicking on the update "pop-up" but by going directly to their websites. Read the full report HERE.

AVOIDING THE "HONEYPOT"

You're probably wondering what a honeypot has to do with computers right? Well, "honeypot" in the IT world could be a fake website you've been mis-directed to via an open (unsecured) WiFi site.

Say, for example, you live in a large apartment complex. One day, you happen to click on your wireless icon to view available networks and see one that is not secured - so you connect to the open network for Internet access. A large percentage of the time what you'll get is free WiFi (which isn't legal to begin with) and access to the Internet.

But for a small percentage of users, when connected to the open WiFi, you may have been lured to a fake server which mimics a typical DNS server that assigns you a fake IP address, and as you jump from Amazon to Ebay to Online Banking, what you're really doing is being sent to a page(s) on that server which looks exactly like the real thing - only it isn't. The owner of the "Honeypot" can sit back and collect your login ID and Passwords for any of the sites you visit.

So the next time you're sitting in an Internet cafe, coffee shop, or any other location offering free WiFi, look around you - one of the many other laptop users you see may be running a honeypot on you, and if not hosting it on their laptop, they are mis-directing you to their honeypot server hoping to get a foothold on your identity.

MORAL OF THE STORY: Resist the temptation to jump onto an unknown persons "open" WiFi router because you might just be lured into a "Honeypot".

NOT ALL ROUTERS ARE EQUAL

Study your needs, choose one that fits them

-
Several years ago when we purchased two Roku boxes, we found that getting the signal to the bedroom was hit-or-miss, so I started looking around for a suitable replacement. Only one of our laptops had "N" wireless - the others were all "G", and the Roku boxes were "N". After careful study, I selected Netgear's 600n [WNDR3700], which is a dual-band router where everything up to and including "G" wireless was on the 2.4GHz frequency, while my "N" wireless devices used the 5GHz frequency. No more streaming issues, PLUS, the router had a USB port on it so I could attach an external USB hard drive to it and put photos and other stuff we both used on the shared drive and connect to it from anywhere in the house. It was a nice bonus. 2 years later - it's still working great, but now there is the Netgear 600n Premium edition (below).

WNDR3800

BACKSIDE OF WNDR3800

It's very close in specifications to the 3700 which a couple additions. The first one is that it supports Readyshare printing from the USB port, and has a dedicated video mode which helps streaming video to your other wireless devices at home. Other features include the ClearChannel selector which automatically scans the channels to determines what channel has little or no activity. Which helps get it's signal to you and your devices. For TIVO users, you can use that external hard drive to extend your TIVO media storage.

Finally, the WNDR3800 has a feature called "ReadySHARE Cloud" which, when set up correctly will allow you to access the data you have stored on your external hard drive from just about anywhere you can get Internet Access from, and yes, I have one now that I'm setting up (in between my other home IT duties) and when I get around to it I'll play around with my "CLOUD", just to see what happens**

** If you missed a couple of my earlier posts, don't forget to secure the router, and due to possible hacking issues with the WPS feature, make sure you disable it.

DO NOT DELAY YOUR PC FROM INSTALLING TUESDAY'S CRITICAL PATCH FROM MICROSOFT

I know, it's easy to do, you leave your PC "ON" 24/7 and have a bunch of documents opened with deadlines to be met, and it's easy to ignore the little blip in the lower right-hand corner that tells you there are Microsoft updates to be installed - because you know there's a very good chance it will want to re-boot your computer thus forcing you to save and close your work and wait for the computer to reboot so you can log in and open up everything again [ed. - Whew! that was a long sentence eh?].

Well, there is one really critical patch [ed. - read posts below, 'Nuff Said] that could make a world of difference to your home PC or computer at work, and cause untold damage to your data and possibly other computers within your network - so please, let those patches through....

Experts sound worm alarm for critical Windows bug

Microsoft patches Remote Desktop Protocol flaw, urges customers to apply update or workaround ASAP


If you recall, I mentioned this patch last week, and pointed a link to the article. It sounded serious, but after reading today's story, I'm ready to let my system install that rascal and re-start.

As usual, you can read the article from Computer World's website HERE.

On another note, I read an article on Techworlds website which said Microsoft's Security Essentials Anti-Virus was "The Most Popular Anti-Virus Program". Considering the fact it's "Free", I have no doubts about it popularity for those who cannot afford to purchase an anti-virus program (or those who can afford it but are "Frugal"). I've installed plenty MS Sec. Essentials in the last year, but at the same time I'm installing it, I am also pointing out several benefits that Symantec's Internet 2012 has that Essentials doesn't. Their article is HERE.

APPLE PATCHES SECURITY HOLES IN SAFARI

We're used to Microsoft and Adobe throwing patches at us on a fairly regular basis (in fact I believe Microsoft has a critical patch coming

out today), but yesterday it was APPLE who patched a whopping 83 security holes in their web browser "Safari", 72 were marked as "Critical".

This information coming from Computer World, and you'll find their article HERE.

How to Protect Your Laptop
Follow our guide to safeguard your laptop, as well as the data that resides on it.

[ed.- For many of you, this will not apply, but the percentage of laptop "ONLY" users increases each year. This article from PCWORLD could possibly give you pause for thought...]

"A laptop’s portability makes it convenient--and an easy target for thieves.

Losing your laptop can be devastating, especially if you keep important documents and files on its hard drive, without a backup. Here are five ways to protect your laptop from being stolen (or from remaining stolen), as well as to safeguard the data you store on it."

Read the full article HERE.

Next week's Patch Tuesday will only have one fix, says Microsoft
While the one fix is a critical one, this is the lightest patch of 2012 yet

Microsoft announced today that next week's Patch Tuesday will be the lightest of 2012, with six security bulletins and just one rated critical.

The critical patch will apply to all Windows customers as it addresses a vulnerability that affects the entire family of the operating system, up to and including Windows 7.

Read the entire article HERE.

Duqu Trojan written in mystery programming language, analysis finds

Possible Stuxnet cousin still baffling experts

"The mystery of the Stuxnet-like ‘Duqu’ Trojan has deepened with the news that elements of its payload appear to have to have been written in an unidentifiable programming language.

An ongoing analysis effort by Kaspersky Lab researchers has now uncovered much of the inner programming structure of the software, overwhelmingly written quite conventionally in C++.
However, delving inside the Payload.dll, the team discovered a section of the code dedicated to stealthy communication with the Trojan’s command and control servers that defied their analysis.

Dubbing it the ‘Duqu Framework’, the team has not been able to go much further than identifying it as an object-oriented language of considerable sophistication.

“The mysterious programming language is definitively NOT C++, Objective C, Java, Python, Ada, Lua and many other languages we have checked,” said Kaspersky Lab engineer, Igor Soumenkov.

Payload.dll looks to be a critical element of the program. According to Kaspersky, it is used to receive instructions from remote servers but also to relay stolen data, and can operate completely independently of the rest of the program. It was also important for spreading the Trojan to other Windows machines."

Read the full article HERE

Ransom Trojans spreading beyond Russian heartland
Security companies starting to see more infections

Read the whole story HERE.

SCARE TACTICS? NO. REALITY? YES.

FROM SYMANTEC:

"The level of technical innovation and social engineering, as well as the targeting of business executives, are some of the new security trends that Symantec is warning people to be vigilant against."

Read the full article HERE

I REALLY DON'T WANT TO SAY "I TOLD YOU SO", BUT...

For those people I have cleaned viruses from their computers I usually say: "Keep your Adobe Reader, Adobe Flash, JAVA, and Microsoft Security updates as up-to-date as possible" [ed. - and not by clicking on the pop-up, but by going directly to the appropriate website, 'Nuff Said]

This brings me to point you towards a recent article with the subject line of -

Adobe patches Flash Player for second time in 20 days
Quashes two bugs as it applies new patch priority ranking for the first time

Please take the time to read this article, HERE.

RESEARCH YOUR CHOICE FOR AN ANDROID ANTI-VIRUS APP

With all of the stories regarding a huge upwards swing of viruses for Android phones, many well known (and some not-so-well-known) Anti-Virus companies have jumped into the fray to save the day (ed.- or at least your information).

A chart from AV-Test's report showing the top 17 Android apps for malware detection. Red boxes mean the family of malware went undetected; orange through green indicates partial detection through full detection of the samples in a given malware family. App names are organized alphabetically.(Credit: Screenshot by Seth Rosenblatt/CNET)

"If you're worried about Android malware, choose wisely. There's a good chance that your trusted security app does little to protect you, says a new report from independent testing organization AV-Test. " Please read the full article HERE.

WHAT COULD TURN A BAD HACKER INTO A GOOD HACKER?

[Perhaps money, or jail time, a grudge, or all 3]

Anonymous hacker turns FBI informant

"Authorities have made a breakthrough in their campaign against the Anonymous hacking group and its offshoot, Lulz Security or LulzSec, after it emerged that an alleged leading member of the collective turned FBI informant...." Read the entire article HERE

REMEMBER 2008?

"April Fool's Storm Worm Attack Hits"

[excerpt from April 1, 2008 article] "A new storm worm with an April Fool's Day theme is targeting the Web, according to security software firm PC Tools."

"The Storm worm gang has done it again. This time e-mails are being circulated, which are associated with the April Fool's Day theme," said PC Tools chief threat officer, Kurt Baumgartner.

Apparently they expect a return of the "Storm Worm", and other things as well. Read full article on "6 Security Trends to Watch For" HERE.

Remote access malware growing problem for smartphones
Researchers show how to take control of Android phone

"Malware tools that allow attackers to gain complete remote control of smartphones have become a serious threat to users around the world, security researchers say. Read entire story HERE.