Monday, May 28, 2012



Not to say I didn't tell you so, but, here we are again. Credit for this info came to me via Trendmicro's Blog:

"Recently ZTE acknowledged the existence of a vulnerability in its Android-based smartphone Score M. The said vulnerability, if exploited, can allow attackers to operate with root privileges—a scenario that can mean an attacker will have complete control over the affected phone. We have taken some time to analyze this backdoor in order to help affected users remove it from their Score M handsets." (WBY - ya gotta love this one, the backdoor is called and "ELF"). Read the rest HERE, and, photo credit for the Droid picture goes to SHADOWINKDESIGN.COM.

Wednesday, May 23, 2012


[Usually, in regards to small business networks the answer is - "NO"]

Many times, as an IT consultant my job is to figure out why something that has worked from day one, has suddenly stopped. I'll use a network device scanner of one sort or the other and then ask questions like: "What is this Asus device with a 192.168.1. 153?"; Is it a Router? Is it a wireless device or perhaps a PC? And somewhere between the 2nd and possibly 6th question the person who has been deemed responsible for the companies network sez...."I dunno".

No, this is not an exception, but more the norm. A small business gets a network setup and then years (and many replacement or additions later) no one really knows what is doing what on the network. To be fair with the designated "Network Guy", it's really not his fault. He (or she) is probably more of a company administrator that tries to take care of the overall needs of its employees. This is where I come in. I take inventory of every physical piece of equipment I can find, compare it to the list of equipment "Discovered" on the network, determine what each device does, then map it all out into a nice VISIO-converted-to-PDF document so the designated person can answer these questions.

Whether you company has 4 or 5 computers, or 50, it would be a good idea, as well as a good time to have your network appraised, and mapped out.

'Nuff Said

Sunday, May 20, 2012


The continuing increase in visitors to the Pinterest site may be a primary cause why it’s becoming a hit for cybercriminals’ scams and schemes. In March, we spotted scammers using popular brands to lure users into “pinning” fake posts that led to surveys scams. This new wave of survey scams I found came from my search using “pinterest” as keyword.

Users who re-pin the posts from the sample above will most likely spread the post.
In addition, I also spotted posts using URL shorteners such as and When clicked, the shortened URLs/the fake posts lead to any of the following URLs:
  • http://pinterest.{BLOCKED}
  • http://pinterestgift.{BLOCKED}
  • http://pinterests.{BLOCKED}
Upon clicking the link, users are redirected to a Pinterest-like webpage offering prizes, vouchers, gift cards and others:

Made to resemble like a typical Pinterest webpage, the fake site features a search field, add+, an about. However, these are mere images and are not clickable. The clickable links are those that redirect to survey scams such as Body Age Quiz.

After a user fills out the fields required in the scam page, users are also required to enter their mobile numbers. Users who do provide their numbers will receive a code on their mobile phones and will continue to receive unwanted messages, charges and other scams via text message.
And Via Email, Too
Another thing I’ve noticed is that the fake site requires an email address:

Users entering their email addresses are brought to complete several steps to get the supposed offer. Users receive an email claiming to be from Pinterest. The email urges the user to click on the link found in the message body to confirm the subscription. Clicking on the link redirects the user to a Pinterest-like scam page. Again, all the clickable links lead to the same scam pages.

Upon closer investigation of these attacks, I noticed that before users are redirected to the fake Pinterest sites, the connection passes through ad-tracking sites. This way, the number of visitors are tracked, determining the supposed earnings of the scammers. Based on our data, the fake Pinterest URLs are being visited since May 2. Fake Pinterest posts hosting scams are likely to spread within Pinterest via users who re-pin the posts. The “offers” in these fake Pinterest posts look enticing after all. Plus, some users would want to ask the rest of the Pinterest community to verify such offers, like this user.
Pinterest has since removed some of the fake Pinterest posts. Trend Micro users are also protected from these scams by the web reputation technology in our Smart Protection Network™.

Friday, May 18, 2012



Yup, I said it. Folks, there's a new "Worm" in town and it's ripping through the Internet as I type! This guys preferred vehicle of infection is via FACEBOOK private messages, as well as Instant Messengers (oh, I'm sure you can think of a few you use). According to Trendmicro:

 "Once executed, this malware (detected as WORM_STECKCT.EVL) terminates services and processes related to antivirus (AV) software, effectively disabling AV software from detection or removal of the worm. WORM_STECKCT.EVL also connects to specific websites to send and receive information. Another noteworthy routine is that this worm downloads and executes another worm, one detected as WORM_EBOOM.AC. Based on our analysis, WORM_EBOOM.AC is capable of monitoring an affected user’s browsing activity such as message posting, deleted posted messages and private messages sent on the following websites such as Facebook, Myspace, Twitter, WordPress, and Meebo. It is also capable of spreading through the mentioned sites by posting messages containing a link to a copy of itself."

The rest of the story is HERE.


[Note: I did not say I was looking forward to it]

Yeah, everyone and their brother has heard, or read a lot about this new version. I'm more of sidelines kinda guy who will wait before I stick my toe in the water (It took a couple years to get me on Windows 7). Being a security Blog, I thought I'd mention an article I just read about enhanced security in Win8, the first of which comes as no surprise: Unlike previous versions of Windows, Win8 will have an anti-virus program already installed and it sure looks a lot like Security Essentials (it is) which Microsoft has offered without charge for about 2 years now. Read the full story HERE, which will inform you of other security improvements.

Tuesday, May 15, 2012


Yesterday I mentioned the first 802.11AC wireless router.

Today, NETGEAR has announced a USB adapter for your PC to take advantage of the new 11AC speeds. Their own wireless routers are still supposed to be on schedule for mid-summer, while this adapter won't be on shelves until August.Expect the price to be around $70.

Monday, May 14, 2012



If you haven't been taking note of the increase in Android OS viruses - you should be. Sure, you may not have SIRI, but dang it, your phone has that robotic "D-R-O-I-D" announcement that lets folks know who you are (ed. - too bad it didn't roboticly say "V-I-R-U-S" when you got some infected APPS, but, there's still hope....)

Yes, Apple's IOS is a target as well, but for now, it doesn't have such a large bulls eye on its back like the Android or Microsoft OS does. IMHO, I think things might have been fairly even between Apple and Android phones - "If", Droid Apps had been screened a bit better. You can't blame them (well yes, I suppose you could) as they needed as many apps ASAP to compete with the Apples I-phone.

Of related note, not all scams come via email, or nefarious websites. I was visiting a client recently when they told me about receiving phone calls from someone who didn't quite have 100% grasp of the English language, yet insisted that their computers were infected and required a remote connection from this person to clean their PC. Fortunately, they were well prepared in blocking this attack ("click"), but I wonder how many of our senior citizens fall for this sort of thing every day? If you have a parent or other elderly family member or friend, you might give them a phone call to be alert of this recent scam.

Windows 8, which is supposed to be released this fall, is for me, somewhat easy to predict a failure in capturing end users anticipation and $$$. I've had it on a laptop, and I've used an interface to use my touch screen iPad to control the PC, like it will be intended for and I'm not really excited about it. The coin is still tossing in the air on whether-or-not it will be this decades "ME" or "VISTA". Touchscreen tablets, even with disposable screen savers still look kinda grubby after a day or so of use, so I can only imagine what a Windows 8 PC with touchscreen capabilities will look like. Remember when Windows 7 came out? It's taken quite a few years to knock down the percentage of XP users (which are still in the high 30% range), so place your bets in Vegas on Windows 8, and it's ability to conquer the masses.

WiFi with the speed of a Formula One race car! It looks like Buffalo Technology has beat its competitors to the finish line by being the first to have a wireless router touting the new wireless "11ac" standard which really (yes - REALLY) makes wireless fast (up to 1300Mbps) which compared to the fastest "N" routers (450Mbps) and is a sure fire winner for streaming video content within your home network!  Yep, Netgear, Cisco/Linksys, et. all will have their products out soon, but you can buy the Buffalo Technology router on today (unless it's sold out). Of course, in order to enjoy the speed, on the receiving end you will need an adapter which compliments it, and eventually, new Blu-ray players (wireless) should have this built-in to their motheboards as well. If you've ever struggled with stop-go-stop video streaming, or continuous buffering, I'm here to tell you that hope is on the horizon.

'Nuff Said

MAY 14, 2012:

"Android users targeted by premium-rate SMS malware"

"Design of Russian attacks sends warning"


Tuesday, May 8, 2012

Microsoft Patches More Than 20 Bugs in May Patch Tuesday

Microsoft fixed 23 security flaws across all versions of Windows, Microsoft Office, .NET Framework, and Silverlight, as part of May's Patch Tuesday release.
Of the seven bulletins, three were rated as "critical" and four as "important," Microsoft said in its Security Bulletin summary released May 8. All but two bulletins addressed remote code execution vulnerabilities. While none of the bugs fixed in this month's update are currently being actively targeted, Microsoft said exploit code for 18… Full story HERE!
Targeted Attack Uses Recent Adobe Flash Player Vulnerability (CVE-2012-0779)
Reports of a targeted attack surfaced recently. One such attack arrives as an email message that trick users into executing a malicious attachment. The malicious attachment, as expected, is a file that exploits CVE-2012-0779, found in several versions of Adobe Flash Player. Exploitation results to a possible attacker taking over the infected system. Read full story HERE.

Monday, May 7, 2012


Malware Demands Payment for Alleged Copyright Infringement

"A new wave of malware freezes a computer and demands payment to unlock it, this time falsely alleging victims have infringed copyright."
Read the complete story from PC WORLD, HERE.

Saturday, May 5, 2012

Adobe Patches New Flash Zero-day Bug With Emergency Update

"Adobe today warned that hackers are exploiting a critical vulnerability in its popular Flash Player program, and issued an emergency update to patch the bug."

"There are reports that the vulnerability is being exploited in the wild [so get thee to Adobe and do the update] Remember, ADOBE= and the version you are updating to is: