Sunday, September 30, 2012


IT'S TIME TO GO THROUGH THE COMPUTER SECURITY CHECKLIST




I know I had them off to one side of the blog, but they got lost in the transition when Blogger changed formats, so it's a good time to drill them into your head again before I forget.

BRIAN'S COMPUTER SECURITY TIPS
  • Unless needed for an online game or special program, uninstall JAVA
  • If you want to keep JAVA (and all of it's risks) keep up with the updates
  • Update Adobe Flash (very important) and Reader as updates become available
  • Always update from the vendors website. Adobe and Java have update links on their homepages
  • BUY an anti-virus product. You'll have a better chance of blocking something with one you paid for vs. a free anti-virus product.
  • I recommend Norton Internet Security, Norton 360, and Trendmicro Titanium
  • When Microsoft sends updates down to your PC - INSTALL THEM.
  • If you use Microsoft Outlook (not Outlook Express), close the preview/reading pane
  • If you don't have Malwarebytes on your PC, download it from a reliable source and install it. I use downloads at cnet.com
  • If you do have Malwarebytes installed, update and run a quick scan at least twice a month, and a full scan every other month.
  • Don't upgrade from pop-up windows telling you an upgrade is available and to "Click here"  to install it. I'm repeating myself, but it's worthwhile - upgrade from the vendor website.
  • When doing a search with GOOGLE, and if you have either of the Norton/Symantec products I mentioned above, pay attention to the colored squares that appear after each search link.


You may never have noticed it before, but they should be there. If you hover the mouse over the colored square a little box like the one in the picture pops up. The rule of thumb is: GREEN = They've gone to that link, and checked the links on that site and it's safe. ORANGE = They've gone to that link, and checked out the links on that site and they found the website okay, but, some of the links were questionable (avoid ORANGE). Last but not least, RED = STAY AWAY!!

  • If you do get infected, turn off your computer and call for help. Leave it off until someone arrives.
  • Keep backups. Some Trojans that have come out this year are very destructive and corrupt photo, music, document, PDF, and other files.
  • Use an online backup for your photos and music. I use Carbonite.
  • Even if you are just a "Home User", password protect your login account.
  • If you have children or teens and everyone uses the same PC, make their account profiles "Limited", so they can't install anything.
  • Don't give them your password because you're too lazy to get off the Lazy Boy and log into the PC to download a game or other program they just bought.
  • Don't use a word for password. Use phrases, sentences, etc. [Example: itrainsinspainbutmostlyintheplains
  • Use alpha/numeric swaps. i or L = 1; o = 0; s = $. [Example, using the phrase above: itrainsinspainbutmostlyintheplains becomes - 1tra1n$1n$pa1nbutm0$t1y1nthep1a1n$
  • Don't use the same password for every site you go to. Buy a notepad and write them down, or if using the Norton product, take advantage of their password "Vault" [ed. - I do both. I write them in a notepad and also use the Norton password vault.]
  • If you setup your wireless router yourself, change the SSID from it's default (netgear, d-link, cisco, etc.) so a casual neighborhood hacker won't know what you're using.
  • Avoid using your last name for an SSID choice [Example: TheAndersons] use a pets name, or maybe your favorite movie title.
  • Change the default wireless router administrator login [and write all of this down, including your wireless key]
I've offered enough suggestions this time around [probably too much and you're seeing white spots in your eyes] to help you remain as secure as possible. Surf the web cautiously, and be safe -

'Nuff Said
Brian

Saturday, September 29, 2012



ADOBE, ADOBE, ADOBE, AGAIN

BUT AT LEAST IT'S NOT JAVA THIS TIME

Adobe has a certificate problem; why should you care? and what is a certificate? I'll tackle the last one first. A certificate a like working for a top secret company and you're working in the highest level, so you're issued a security card that grants you access to the top floor. When the elevator door opens on that floor and you walk out of it, everyone assumes you have the highest level of security, after all - how else could you get there?

Software companies (along with vendors and computer mfg. to a lesser extent) have certificates of their own so when you get a request to update (for example) Adobe Flash, your computer trusts that request; you see the request and choose "Yes", "No", or "Later". So if I've been able to describe this in a manner we can all follow, I'm sure you realize that if the certificate was malicious in any way your computer could get a virus, trojan, or more.

Adobe had a certificate compromised and they will issue a new on one October 4th. Until then, if you should get an update request from Adobe please do what I've always asked you to do: close it, go to Adobe's website, scroll down the main page and you'll find links to upgrade Reader, Flash, and other Adobe products.

PC WORLD has an article related to this which you can read HERE. Until then, surf safely my friends -

'Nuff Said,
Brian








WHY DO PEOPLE MAKE VIRUSES, TROJANS, AND WORMS?

[THE LINK TO THE PAPER WORKS NOW]




I get this question asked of me quite frequently and I suppose I've been pretty close in my summation after reading a white paper by Tom Kellermann, VP of Cyber Security for Trendmicro. Obviously quite a bit of  time and studying various trends went into the paper which I encourage you to read via download on their website or HERE (click on link and another window should bring the PDF into view).

Wednesday, September 26, 2012




MONEY TALKS

[I'VE NEVER HEARD IT THOUGH]




Nonetheless it does. From Computer Worlds website comes a story about Google patching 24 bugs in it's browser "Chrome", and paying $29K to bug "Bounty Hunters". Chrome Ver.22 became available to the public yesterday. Microsoft and other companies are paying high bounties as well. To read the full article go HERE.

STAYING AWAKE AT NIGHT?

It's no wonder. Between Microsoft, Adobe, JAVA "Zero-Day" exploits, your bank website not being available and much, much more, comes another one of those "He was looking for one thing on the website and stumbled into....." stories, also via Computer World. Apparently a Danish student was looking for some research material and suddenly, before he eyes, were about 100,000 user names and passwords from other research associates working for NASA, and APPLE (to name just 2). [ed. - pace a few times across floor tonight for me while you're at it].

SPEAKING OF WINDOWS 8

I'm not, but someone, somewhere in the world is....
Intel's CEO said that Windows 8 bug's will "Sting" consumers. Hmmm, I.E.9 came out in March of 2011, still has issues, including the BIG one last week, and yet Microsoft is pushing out I.E.10. Meanwhile, Windows 7, which after more years than Microsoft cares to count, finally restored some confidence with consumers and businesses alike after the terrible "VISTA" affair, yet, pushing out 8 they are. The article about what Intel's CEO said is HERE.

FBI SCAM

Locally, we've seen a somewhat moderate increase in a virus/trojan which displays a full screen FBI warning page. Yeah, it's not real (unless you're doing something real bad, but then why would they warn you before they come crashing through your door, right?), and successful removal varies, depending on what other things have been downloaded without your knowledge. I've worked on several that all seemed to come in via JAVA, and if you've been reading this or the other blogs you know I've been without JAVA for over 2 months and haven't run into anything I couldn't do before. Perhaps you could try this experiment? Benefit - you're not going to worry about new security holes in JAVA. The worse that can happen? You find out there is something you need it for and re-install it!

(Hopefully)
'Nuff Said,
Brian


SAMSUNG PATCHES REMOTE WIPE HOLE ON IT'S GALAXY S III



According to an article on PC Worlds website, the security hole mentioned earlier today has been patched and Samsung is urging Galaxy S III users to run an update ASAP. No other models were mentioned regarding the fix and you can read the article HERE.


WHY SHOULD I BE SURPRISED?

ANOTHER ZERO-DAY EXPLOIT IN JAVA HAS BEEN DISCOVERED


Reporting on ComputerWorld's website, a researcher has discovered another zero-day exploit in JAVA. This one is in versions 5, 6, and 7. Whether you are a MAC or Windows user, your both wide open for something to slip in and bite you in your wallet. They verified the bug was present even in the last JAVA update which came just last week. Read the all the gruesome details in the Article HERE.

ARE YOU A SAMSUNG SMARTPHONE USER?

According to an article on PC Magazine's website you should stay off the Internet until a bug is fixed. This security flaw could potentially allow someone from the Internet to reset your phone [ed. - oh what fun that wouldn't be]. Read that news HERE.

Monday, September 24, 2012



WHY DO PEOPLE MAKE VIRUSES, TROJANS, AND WORMS?







I get this question asked of me quite frequently and I suppose I've been pretty close in my summation after reading a white paper by Tom Kellermann, VP of Cyber Security for Trendmicro. Obviously quite a bit of  time and studying various trends went into the paper which I encourage you to read via download on their website or HERE (right-click and select download, left-click should bring it into view).

Sunday, September 23, 2012



WHEN THE BLOOD BEGINS TO BOIL






Yeah, I'm back again. I was just reading about the new 2013 Security Suites, and scrolled a little too far past the end of the article and found myself looking at the comment section.

Some guy, calling himself  "computertech" went on a rage saying (yes, I'm quoting now so any spelling errors are his)-

"This article is a joke, I own and operate a computer repair shop, we do tons of virus removals, and so many of the computers we get in that are infected have norton or mcafee on them, and it did nothing to stop the virus.  Any tech will tell you norton is a joke and not worth the money.  We have tested them all, and kaspersky internet secuity has been perfect for us for over 6 years, never an infection in the shop, and not one customer has been infected while using it."

Fellow readers and fervent fans, this guy is a joke. Any PC Tech worth his salt knows that there is NO security suite that will block everything the hackers come up with today (unless they hire someone from "Men who stare at goats" to read the hackers mind). 

Yes, there are several suites better than others, but none of them are impervious, and I'm just venting a bit because if I heard a tech say something similar like that to a customer I'd correct that situation immediately. Whatever you're using, usually a purchased Security Suite will work better than a free one, but the weakest link in any computer security is the user - never let your guard down, keep your Flash, Adobe Reader, and JAVA updated via their websites as updates occur. Surf well, surf safe my friends. 


MICROSOFT I.E. CRITICAL UPDATES





Well, although I have my computer set for receiving automatic download updates on my computer I had to manually do a Windows update to get them, while on my other computer it was handled via automatic downloads. If your computer hasn't rebooted over-night and then, after login it told you that you were just updated, or, if the gold shield Icon isn't in that right-hand corner (near the clock and a bunch of other Icons) saying "Updates are ready for install" (and if they are, install them), try the manual way and click on start, select windows updates and see if you can get them by that method.

Let's hope there's nothing to report tomorrow morning, and don't forget to stop by one of my other Blog's "Everythingandthebathwater", where I've done some recent reviews, wrote about the new wireless routers, and will have a review on Seagate's 500gb, battery-powered, internal wi-fi hard drive! If it works as advertised this should be GREAT for those of us who want access to our Flix, Tunes, Photo's, and more from our wireless devices.

'Nuff Said,
Brian














Thursday, September 20, 2012


RE: MICROSOFT

INTERNET EXPLORER'S

ZERO DAY EXPLOIT


It's too early to be up on my day off with only 3 hours sleep, but the concert last night was great and I guess my adrenaline is still pumping. I digress....

On Friday, Microsoft will release a series of critical updates addressing this horrific exploit. PLEASE, do me and yourselves a favor by installing them when you're informed about new Microsoft Updates.

'Nuff Said,
Brian

Tuesday, September 18, 2012



UPDATE ON ZERO-DAY EXPLOIT ON MICROSOFT INTERNET EXPLORER


I thought I'd jot down a couple of quick notes during lunch as there has been more news regarding this threat. Today Microsoft came out and said it was aware of the security hole in all of it's current and non-current versions of Internet Explorer and is "working on a patch". It can be anybody's guess on WHEN they will have a patch and release it, but you can bet when they do it be marked "critical".

In the meantime, many [ed. - many = more than me and one other person] security experts are saying users should stop using Internet Explorer until the patch come out. The usual recommendations are to use either FireFox or Chrome in place of Internet Explorer 6,7,8, or 9.

'Nuff Said for now...
Brian

Monday, September 17, 2012

POP QUIZ: "WHAT DAY IS IT?"

IF YOU ANSWERED "MONDAY" YOU ONLY GET PARTIAL CREDIT.
CORRECT ANSWER:
TODAY IS "ZERO EXPLOIT" DAY



Yup, another Monday, another Zero day exploit to confuse, corrupt, and generally make life miserable for you. Of course, this exploit affects users of Internet Explorer versions 7, 8, and 9. If you get this Trojan, it will drop what's called a "Backdoor" onto your computer giving them access to whatever they want. From Computer Worlds website, they also addressed the exploit, and I'll share a brief quote:

Rapid7 urged IE users to ditch the browser and rely on a rival's application.
"Since Microsoft has not released a patch for this vulnerability yet, users are strongly advised to switch to other browsers, such as [Google's] Chrome or [Mozilla's] Firefox, until a security update becomes available," Rapid7 advised in a Monday post to its Metasploit blog.

May Tuesday be a better day....

'Nuff Said,
Brian

Friday, September 14, 2012


NEW FLASH!!
OOPS!
[SORRY ABOUT THAT, I'M SO USED TO WRITING ABOUT A NEW FLASH BUG I GOT CARRIED AWAY. LET ME CORRECT MYSELF]
NEWSFLASH!!

It was reported on PC WORLDS website that Microsoft found Malware pre-installed on new PC's sold in China which could infect thousands of computers around the world. Borrowing a quote from the article:

"The malware, embedded in counterfeit versions of Microsoft's Windows OS, is engineered to spy on users and conduct denial-of-service attacks, Microsoft said. It warned that the findings pose fresh questions over the integrity of computer-part supply chains."

One very good thing about Microsoft is they are serious about tracking down the bad guys. Please read the full article HERE.

Other things of note:

If you happen to live in Vietnam, Russia, or Mongolia, and work in fields like Military, Space, Aviation, Defense, etc. you have a virus running around called "Enfal" (modified). For more, check out Trendmicro's security blog. Oh, and while you're there - look at their September 13th post about tricky threats and Social Engineering.

Mozilla's "Firefox 18" is supposed to be slicker, faster, better, due to some Java scripting. Does anyone else see a problem in the future?

Dallas, Texas. The FBI raided a member of "Anonymous", while he was in the middle of a video chat, threatening the life of an FBI agent and possibly his children.

'Nuff Said
Brian

Tuesday, September 11, 2012

UGH....MICROSOFT EXPLORER WAS BAD ENOUGH
BUT,
TO INTEGRATE FLASH INTO THE NEWEST BROWSERS FOR WIN7/8?

UGH.




Microsoft is integrating Adobe Flash into it's latest Internet Explorers for use with Windows 8, not the first to do so, but considering their grade in security, I hope people have the option of taking it out of I.E. - more about this later.

Monday, September 10, 2012


Anonymous claims another victim:

"Godaddy Goes Down"





Yes, if you're site/email is hosted through GoDaddy, you are probably having difficulty in accessing one or the other, or both. Problems began late this morning (EST) and at this moment I don't whether or not they've been corrected.


Friday, September 7, 2012



JAVA'S ZERO DAY ROUNDUP
[via Trendmicro]

ALONG WITH OTHER SECURITY ISSUES



Trendmicro did a analysis on the various methods this exploit was used, where they came from and who was targeted the most. Here's their pie chart showing the percentages:

The article makes for good reading, and has some good information in it as well. You can read they're Sept. 6th post HERE.

HP

In an article about Microsoft "Tuesday Updates", a quote from Paul Henry, a security and forensic analyst with Lumension was thrown into it, and while it's good to know this, I'd like to read more about it. Until then, his quote was -

“It should also be noted that there are currently nine zero day vulnerabilities in HP’s enterprise products with no patch in sight. Eight of these vulnerabilities have been given the highest risk level rating and they should be keeping IT up at night they’re using any of the affected products.”

Yes Paul, if I were still an IT administrator and used any of those products, I would probably sleep lightly, waiting for the other shoe to fall.

MICROSOFT AND SSL

This was the brief meat of the subject from which the HP information was derived. In October, Microsoft is going to a higher level of Encryption, now that the current one has been stolen, hacked, or otherwise misused. If your website has SSL certificates, read up about that now - or find yours to be invalid in October. [Source: PC WORLD]

CRIME

And from Computer World, comes another article about some researchers who found a way to hack the "S" in "HTTPS". It's worth a read as well [ed. - after all, when we use HTTPS, and see the little lock, we assume we are protected, and btw, they named their hack "CRIME"].

'Nuff Said,
Brian

Wednesday, September 5, 2012




PLANKTON





Remember in science class (way back then) where you learned about plankton, and most recently, how Plankton can be use as a source of energy? [ed. - tsk,tsk, you should watch the Discovery channel once in a while]

Well, I'm not writing about THAT kind of plankton, but a virus using that name, ANDROID_PLANKTON. Yes, yet another Android virus that (much like real plankton) can increase at a rapid rate, a rate that I found astounding.


[CHART CREDIT: TRENDMICRO]

Please read more about this, and other threats on their September 4th blog entry. I would also ask anyone who still has JAVA installed on their computer to un-install it. If you find there are sites you visit that requires it, you can always re-install it, but I've yet to run across any that I typically use.


Saturday, September 1, 2012



REDUNDANT
AND
PAR FOR THE COURSE




What I'm writing about seems like a dream, but it's true. Earlier last week we had the Zero-Day Java exploits to worry about, then later in the week Oracle issued a patch [ed. Hurray!! People, put down your pitch forks!!].

But, late last night some smart guys on the other side of the big pond discovered - yes, a security hole within the patch-that-closed-the-security-hole [ed. BOO!!People, pick up your pitch forks!!].

FYI - I'm still not using JAVA. Try and have a good weekend -

Brian