DON'T IGNORE THOSE MONTHLY REPORTS

[NORTON REALLY HAS SOMETHING TO TELL YOU]

Yes, it's true, Norton keeps your logins and passwords, let's you know if a website you just pulled up on a search is good, bad, or ugly, tries to protect your PC, and, at the end of the month, gives a report [which you probably close].

It doesn't hurt to look at these reports (many are mundane), but occasionally it gives insight to what sort of attacks are aimed at you.

Like many pop-up/slide-out boxes, it can be just another frustrating thing to close so you can feed your chickens on Farmville, but then - you never know.....

Below is something I was checking out on my monthly report, and you'll have to click where it sez to click to get a better look at what I'm writing about.

CLICK HERE FOR LARGE VIEW

CLICK HERE FOR LARGE VIEW

And as you can see, if I want more details it will show me where that IP address is from, or, supposed to be (as this part can be faked too).  But it did point out that someone tried to get a FAKE AV (fake anti-virus) on my system, and for many readers, you know how much it costs to get it removed.

'Nuff Said

Brian

ADVERTISEMENT

MAC USERS BEWARE: THERE'S A NEW MALWARE IN TOWN

Yes, it's true, and this one's nasty! OS X users have a BIG target on their backs from what I've read about it. This is the second one I believe that is cross-platform. By "Cross-platform", I mean MAC OS or Windows OS. It is smart enough to determine where it's landed, like a little green Alien with GPS and OS-Detector devices.

Depending how/where it gets into your system, and if it had administrator access or not, it will affect your system differently. If this is anything at all, it should be a wake up call for MAC users still living in la-la-land: GET PROTECTION!!

WHO DAT SINGING THE 'OL "JAVA BLUES"?

Fresh from my daily Computerworld Security e-mail, I immediately noticed the subject header of the e-mail: "Java flaws increasingly targeted by attackers, researchers say".

A little piece from inside the e-mail reads: "Java vulnerabilities are increasingly exploited by attackers to infect computers, and the problem could become worse if Oracle doesn't do more to secure the product and keep its installation base up to date" [ed.- we have noticed an increase in Java malware in the last few months. Yes, there are still holes in "Flash", but I figured I'd throw my two cents in while I had the keyboard, and two cents in-hand]. And how do you update Java? When a pop-up tells you to? NO. Direct from their website (you can't miss it, the download tab is bright red and on the first page). Just remember to go to http://www.java.com

'Nuff Said

Brian

I THOUGHT IT WOULD HAVE HAPPENED SOONER

Various sites are reporting that Malware affecting Windows was found hidden within an APPLE IOS App. Naturally if it's Windows Malware it won't do anything to the APPLE owner, but if one were to download apps before syncing to their iPod, iPhone, on their windows PC, then it would certainly not be welcomed by the Windows owner.

This abnormal App (which slipped by the eyes of App security) has been labeled a worm by Microsoft and tagged as "Win32/VB.CB" [ed. - nope, nothing to do with CB Radio]. It's been reported by CNET, Computer World, and I'm sure, many other places - including here. You have been informed, so be wary.

YIKES!!

THIS IS JUST WHAT I'VE BEEN TALKING ABOUT

While dozing off [ed. - I mean reading articles] at the keyboard this morning I read an article on PC World's website where they were talking about a report they had read about vendors like SKYPE, Tom-Tom, Symantec, etc. studying who updates when and who doesn't. Yes, I also read about Microsoft (which recently bought SKYPE) putting a backdoor into the program for something equivalent to wire-tapping, but that's a rumor, and until it's proven that is all it will be (as far as I'm concerned). Back to the article at hand: Long story, short version. People tend to put off updates until they are tired of seeing the pop-ups [ed. - and you know what I say about pop-ups right? Close the box, and go directly to the website to get the


latest updates, thus avoiding fake pop-ups]. The article can be found HERE. Meanwhile, there's a nifty chart just to the left. Click on the "CLICK ME" to see the larger image [something you can actually read].

CLICK ME

SPEAKING ABOUT SCAMS/SCAMMERS

THOUSANDS OF PEOPLE RECEIVE IDENTICAL DEATH THREAT TEXT MESSAGE

Yep, it's true. Apparently the "Scammer" counted on each recipient not to contact authorities. Apparently the "Scammer" can't count, because phone lines to the Police were swamped. The text message read: "Sum1 paid me to kill you. get spared, 48hrs to pay $5000. If you inform the police or anybody, death is promised. E-mail me now: killerking247@yahoo.com"

Story was from Y!Tech, on Yahoo news.

I DID FORGET TO ADD SOMETHING TO THIS MORNINGS EARLY POST...

[It was early, and we all hate Mondays]

Just a couple things I forgot to mention, then remembered them while working on something.

First, the Olympics are hot on our heels so expect the scammers and hackers to try and take advantage of you via an email link or something more nefarious. That's the second time I've used that word today - I guess it rolls off my brain and onto the computer easily. Let's call "Nefarious" the word of the day.

Secondly, here are two scams I've heard within the last week. Scam No.1 is a phone call from the "Microsoft Security Center", and some fellow with an Indian accent tells you that their massive server center has determined that your computer does not have a valid copy of Windows on it. To avoid any penalties, it's best to come clean and pay for it now, over the phone with a credit card. Scam No.2 took advantage of an older retired woman. She received a phone call and heard a young man's voice on the other end. Not having the best hearing, she said "Is that you Hastings?" [ed. - the names have been changed because I forgot them], and the young man replied "yes grandma it's me". So the usual questions ensue: I haven't heard from you in awhile/What have you been doing since graduating from college?/etc.

And to make a long story short he tells grandma that he chose to do missionary work overseas and please, don't tell mom and dad because they just wouldn't understand so that's why I'm calling you because I'm in a jam for money and can't call them or they'll find out I'm not in the states. She withdrew money from her bank account and went to Western Union and wired him the money, as well as the next week after, and the one after that until a month had gone by. That's when her husband [they must not talk much] noticed a $9,000 deficit in their savings.

This ends another edition of "Misery Theatre".

'Nuff Said,

Brian

RUSSIAN RESPONSIBLE FOR DDOS ATTACKS ON AMAZON AND OTHER U.S. WEBSITES IS CAUGHT

The guy who pulled off the DDOS attacks, which basically ties up a websites server so it becomes non-accessible, has been caught 4 years later and is coming to the good old United States for trial. Don't worry 'bout my picture, I'm still bummed about Office 2013 (see my other blog for that news).

And as I type this now on Monday morning, I've made my usual rounds of various security sites and SURPRISE, either someone didn't wake up in time to write about one, but, I did not read about any new, nefarious viruses.

So, to end this brief blogpost, REMEMBER:

• Make sure your Anti-Virus software is up-2-date.


• If it's been awhile, run that Malwarebytes scan (after you update, 'natch)


• Check and make sure that your Adobe Reader, and Flash are current versions - yep, that's right, not from the pop-up box, but directly from their website [ed. - The links are on the front page]


• Take your Vitamins


• Make sure JAVA is current


• If you find out you are infected and can't correct it - turn off the PC and call for help.

Brian

Until I figure out the "NEW" Blogspot way of doing things, here's a link to one of my new ones:

http://everythingandthebathwater.blogspot.com/

MONDAY'S NEVER SEEM TO BE FUN FOR ANYONE

[Viruses make it worse]

I'll touch on a couple of topics, one of my favorites [ed. - as my fervent readers know] is the increase in Malware on Android devices [i.e. - Android phones, Tablets, etc.] Today all my calls were virus/trojan related, but in the windows environment, however after reading some facts off of Trendmicro's blog I can't help but pass on a few tidbits for you.

The researchers at Trendmicro have discovered that in just ONE months time (30days), Android Malware has doubled from 10,000 to 20,000 viruses. More than 1 seems bad enough to me. I'll beat the bushes with a stick again and remind you to get some protection installed on your Android device.

Just before that post was another Android related post about a security hole found in the Yahoo !  APP for androids, that goes into your contacts and starts spamming. If interested, read all about it HERE!.

I did have a fairly interesting Virus call this morning. While the computer is "ON", out from the speakers come a variety of spliced together sounds. This morning, while trying to kill the little bugger, I heard several commercials, part of a audio teaching lecture, some music off a radio station, an interview with someone starring in some movie, and much-much more. Yeah, I could have just unhooked the PC and dropped it off at the shop on the way to my next call, but there's no fun in that - I want to eradicate 'em.

I'm still looking at the ticket and I had to use almost the complete arsenal:

• Malwarebytes didn't find anything wrong
• Symantec's Endpoint was not disabled (figured that one out when it deleted some of my utilities off of my USB stick.
• It couldn't find MSconfig
• Combofix wouldn't run
• Autorun's worked briefly, enough to uncheck one suspected item, then shutdown
• But it was enough for MSconfig to work, allowing the unchecking of two more items.
• Cleantemps now worked, and got rid of over 16,000 temp files
• And now Hitman could work, found 6 infections but the viruses had cut out the "Activate Free License" part. I was able to manually navigate to one file and delete it.
• The MBR (Master Boot Record) was infected/corrupted. Fortunately I had a Windows XP SP3 disk handy and booted to it, and picked repair mode. Once on C:\ I could fix the mbr from the CD I booted to.
• Kaspersky TDSS Killer snagged one rootkit and zapped it with a reboot.
• Combofix finally ran and found a ton of stuff to delete.

The result: No more pop-ups, a faster PC, and no strange noises from the PC speakers. Needless to say, this took hours of time and thinking because not ever infection is cleaned the same way. How it got infected? Who knows? and if they do, they won't tell you. Surf safe, Surf securely -

'Nuff Said

Brian

WAS IT REALLY A VIRUS?

[TECHNICALLY "NO"]

Last week there were murmurs about the same APP for ANDROID (declared Malware) was also an APP on APPLE's IOS products. This was true, however it was missing a key component to it's ANDROID counterpart. But......(ed.- you knew there was a but coming), it did have one part in it that would send the users contact's to a remote server. The APP, btw, is called "Find and Call". As they pointed out on Trendmicro's blog there have been other APP's caught doing the same thing (a HUGE breach of privacy), so when IOS 6 arrives, expect one change in particular, where you must give consent before an APP can forward your contacts, calendar, photo's, etc. (I wrote "Expect", but it's actually on the IOS6 Beta now.)

While this news is not security related, I'd like to announce two new blogs-in-progress: "Anytingandthebathwater", along with "Buddythefatcat". The first will be interesting things I've found on the web, or life, that doesn't fit the cbdaze, or security daze format. The latter is co-pawed by our cat "Buddy", and how he views life through his eyes.

'Nuff Said
Brian

WELL, I THINK IT'S SAFE TO SAY THAT THE MAJORITY OF US SURVIVED "DOOMSDAY"

[ANOTHER EXAMPLE OF MEDIA OVER-HYPE, OR, END USER AWARENESS]

Nary a call taken had anything to do with those Rogue DNS servers being shut down. Quite a few people called in, semi-convinced that they were a victim, but they turned out to be typical IT type issues (Virus, Fake-AV, Trojan, Bad Network Cable, Bad Port On A Switch, etc.).

This should be a wake up call for many people though. I'm always surprised to find out how many people don't have ANY anti-virus software at all. At the least, you should be running Microsoft's "Security Essentials", which happens to be a FREE anti-virus program that's pretty good at what it does.

• Have anti-virus software running and up to date on your PC (I prefer Symantec Internet Security 2012 or Norton 360)
• Keep your Adobe Flash, Reader, and also Java current (go directly to their websites to do this)
• Install Malwarebytes (also FREE), and run a quick scan twice a month.
• Make sure you are backing up your files (doc's, photos, music, etc.) by external drives or via an online service like Carbonite.
• Keep in mind that Hard Drives can fail at any given moment. It could happen within the first year, just after the first year, or anytime after 3 years of use. If your hard drive is over the 4 year mark, whether you like it or not - you're living on borrowed time.
• Try and visit this site once a week to keep abreast of the latest dangers, whether they be PC, MAC or Android.
• Questions? Shoot me an email!
• Have fun, be productive, but play it safe.

ANDROID TAKES ANOTHER HIT

[OR TWO]

Yes, it's true:

Fake Skype for Android Leads to Malicious .JAR File

Another fake/malicious APP for Android (this time for SKYPE) that could cause problems for you. The complete story can be found on the link above.

"X" CLASS SOLAR FLARE SHOOTS FROM SUNS SURFACE

[DON'T WORRY - BE HAPPY]

Just before it disappeared from our view Sunspot 1515 shot an "X" class solar flare out into space. Fortunately for us, because of the angle, we only have a slight chance of a glancing blow to our Planet. These things usually take a day or two to get here, so usually there is time to change the altitude on the satellites above us that provide phone, video feeds, and other communications. I don't if you'll remember this or not, but I think it was back in 2006 when we were hit dead-on by a lower level CME (Coronal Mass Ejection) which affected the power grid in the Midwest to the East coast.

Regarding the hype about hundreds of thousands of people losing access to the Internet [ed. - scroll down a few posts to read mine], like anything, the news reporters are going to make it sound like the end of the world, and "by-the-way-don't-change-that-dial-or-you-may-miss-the-latest-reports". We get a lot of that here on the Gulf coast, usually weather related, but from what I've read, the fact remains official estimates predict only 60,000 computers in North America are affected. When you consider how many people there are on this Continent that have computers and Internet access, the odds that you have one is astronomical.

There are several safe places to check your computer (I have a link for one of them), but please don't fall for any emails sent to you saying you are infected with this bug and they can fix your computer for $59.95. Trust only your trusted sources, whether it be pcworld.com, pcmag.com, cnet.com, or even SugarlandPC.

If you Google for a site, hopefully you're using Symantec Internet Security 2012 or Norton 360 which will tell you, via colored dots, whether or not to click on a link that came up on your Google search. Green dots = the website checks out and the links on the website are good too. Orange dots = the website is generally good, but it has some suspicious links on it. Red dots = Don't click on that link.

SUNSPOT 1515

You may or may not have heard about Sunspot 1515, which is towards the lower right section of the Sun.  The other day 1515 blasted two "M" Class flares at Earth. The estimated date of arrival is July 7th.

During the solar cycles, where the Sun is quiet and has next to no sunspots on it vs. when it's active and has heavy Sunspot activity. This is very exciting for HAM Radio operators because it becomes much easier to talk greater distances. The downside is - Depending on how strong a Flare it is, it can disrupt communications around the world. While 1515 will be pointed away from Earth in a short time, it still has the potential to blast us with an "X" Class flare (not good). A direct hit from an "X" class flare can cause disruption/damage to communication satellites (cell phones, Internet, etc...) as well as power grids (no a/c, or cold drinks). I don't think it's time to put the aluminum foil on your head yet, but you should keep abreast of what is happening out there in space, especially with the Sun, that could affect your daily lives. For a daily check, click HERE, which is a link to spaceweather.com

FINALLY, THE MAC CROWD HAS HEARD THE NEWS AND HAVE HEEDED IT BY LOOKING FOR ANTI-VIRUS PROGRAMS!

Yes, many security experts have been saying for years - "APPLE can get hit with terrible malware just like Windows", only it never really came about so consumers shrugged their shoulders and said "Ehhh".

The reason for this abnormality, was the huge share of the market dominated by Windows, vs. the tiny share (more like a crumb) where APPLE was. Well, we all know what happened next......right? ..... RIGHT? [ed.- alright, maybe we all don't know, so here it is]

APPLE had a humongous hit with its iPod and subsequent variations thereof, and then WHAM!! Out came the iPhone and it just blew everyone away, and consumers thought "WOW! It can't get any better than this" and suddenly "POW" [ed. - Nope, not the purple Kool-aid dude], the iPad was here and it shared the same OS as the iPhone, and if you started adding all the iphone variations, along with the iPad 1, 2, and 2.5, suddenly APPLE is in the crosshairs of the virus-trojan-worm club. Gosh, I thought I'd opted out of that club when I hung up my Atari patch-laden jacket.

Now I understand, if you've always been a MAC person, you've perceived yourself as invincible, and finding out you aren't has sent you spinning into a vat of latte's, but pull those boots on cowboy and let protect that laptop, iPad, or iPhone of yours! PC Mag (.com) has a rundown of some programs and/or APPS you can use to keep yourself (along with friends and family) safe.

Trendmicro [click on Trendmicro to get to Oz], which runs an excellent virus Blog btw, is but just one of many apps or programs that can help you out. PC MAG says:"Trend Micro Smart Surfing for Mac $49.95

Newly nervous Mac owners looking for antivirus protection have quite a few choices. Trend Micro Smart Surfing for Mac ($49.95 direct) offers full-scale protection against viruses, Trojans, spyware, and other types of malware. It can steer users away from dangerous or fraudulent websites, and it even includes a simple parental control system."

ADVERTISEMENT

PC WORLD HEADLINE:

Facebook Timeline Change Said to Affect E-mails, Contacts

It's not just PC WORLD, it, and other websites and blogs are chattering about this problem. It hasn't happened to me (yet), but I'm curious if you have been affected by whatever changes they have made. Shoot me an email and let me know what kind of experience you had.

TROUBLESHOOTING 101:

NO INTERNET

[There are too many variables which can cause something like this to happen so I will only address the most frequent causes]

So, it's Sunday morning as you stumble toward your PC to check email and news. Your fingers know the routine but by the time you can actually read the screen you find a blank Internet page telling you ERROR 404 - PAGE NOT FOUND. Some 20-30 refreshes later (not to mention trying most of your favorites), you are defeated, angry, and loathe those evil words "ERROR 404 - PAGE NOT FOUND". Worst of all (I mentioned it earlier) - it's a Sunday. One whole lousey stinking day without Internet. A few hours later when your wife wakes up and begins looking for you, she finds your body curled up in a fetal position in a corner next to your computer desk......

Start with the obvious - call your internet provider (Comcast, Windstream, etc.), usually they have an automated message when calls come in from an area that has problems they are aware of and are currently working on it.

Next - Look at the lights on your wireless router, as well as your modem. It they look good, GREAT. But if your modem lacks a solid DSL light, or if your Cable modem  lacks a solid Cable light, make sure the correct cables (phone line for DSL, coax cable for Cable) are connected at both ends (modems and at wall). If it all looks good, call your internet provider again, choosing the line for technical support.

"At this point all it takes is gravity to pull it out completely"

But what if the lights are all normal? Look at the back of your desktop PC, where everything connects, and see if there is a light lit by the jack where the network cable plugs into. What? there IS NO CABLE PLUGGED IN? Let's get that sucker plugged in then. It's a common problem with the CAT5 cable, where the clip, that holds the cable in the jack - breaks. At this point all it takes is gravity to pull it out completely, or just enough to where all the pins are making a good connection.

Your wife hoses all the sweat off you (again) as you begin to turn into the HULK. It's time to take a break. When I taught computer trouble-shooting back in the day, that would be my advice: If this were a professional job, make an excuse to leave the room, but if you are home, go out and get the paper, wave a "HOWDY" to the guy across the street. Go back inside and get a cup of coffee or a soda, and sit down with a blank piece of paper - pen in-hand. Take your time, keep your cool, and just crudely make a diagram of your network [ed.- like my crude example below].

As you can see, I doodled two possible configurations. Now if you had the first configuration (wall-to-modem-to-wirelessrouter-to-pc) how could you figure out where the problem might be? Going back to the classes I taught, I would try to get them to cut the problem in half to make things easier. EXAMPLE: You're not sure if it's the modem, router, or even your PC at this time correct? well, take the router of of the equation and connect the pc directly to the modem. If it works, you have cat5 cable or router issues. If it doesn't, shutdown computer, unplug power from modem, and disconnect the cable from the wall. Wait a couple minutes then screw the cable back onto the modem, plug the power cord into it, and boot up your PC. If it still doesn't work, just look at your diagram - it's fairly simple: computer cable problem, modem or Internet service issue, network card in your PC, or yes, it could even be a virus. Most homes have at least two computers and possibly several laptops. Substitute your laptop for your pc. If you get the same results, it's unlikely it is the network card or virus in the computer. Take another break.....

I've given you enough to think about for one day, and down-the-road I'll continue with PART II. As my instructor taught me, and I then taught other classes, I would tell them to keep one word in your memory - KISS (keep it simple stupid). I keep that in mind on every call I go to.

GOOD NEWS FOR ANDROID USERS

Trendmicro reported on it's blog (June 29) that they had a "Fix" tool that could possibly repair 48 infected utility apps! [Perhaps one you have?] Anyways, it's worth a look.