REMINDER

I KNOW YOU KNOW IT'S THERE, BUT...











I have my TOP TEN security list always posted on the right side of every post so it's only natural to ignore it over a period of time, or even forget it's there, so here it is, in it's own Blog Post:

TOP TEN SECURITY TIPS

1. Verify that your wireless router is secured, has a name that does not indicate either your name or the router manufacturer, has WPS disabled, and the admin password is not the default password.

2. Keep your Anti-Virus up-2-date. If you have Symantec Anti-Virus 2011, purchase 2012, and when 2013 comes out, upgrade to it.

3. Quick scan your PC twice a month with Malwarebytes.

4. Update your Adobe Reader/Flash, and Java, directly from their websites. Do not trust the pop-up that says you have updates to install.

5. When a pop-up jumps onto your screen, if you don't know what it is, close it.

6. Outlook users (not Outlook Express), keep your "Viewing Pane" closed.

7. If your PC becomes infected, turn it off until a tech arrives.

8. Keep your data backed up, either via external USB drives, or an online service like Carbonite.

9. Don't be cheap. Free anti-virus software only protects you to a certain point. Symantec Internet 2012 will let you know if a link is good or bad when doing a search. If you consider the cost of the software vs. expensive and time consuming virus/trojan removal, it's a small price to pay.

10. Don't trust your email - too many emails which appear to be legit, are not.

'Nuff Said,
Brian



GOOGLE PLAY STORE FILLED WITH BAD (FOR YOU) APPS

I'VE SAID IT BEFORE

  SECURITY REPORTS HAVE SAID IT  BEFORE

AND NOW

Re-enforcing this, is a report by Symantec that Google's own "Play Store" is infested with infected APPS. In only 7 months Symantec found over 1200 App's that were in doubt of being secure. For more details, catch the story HERE.

TODAY'S WIN8 GRAPHIC

'Nuff Said,
Brian

I'M A DOCTOR, NOT A BRICK LAYER....

I suppose they would have ironed out things like that several hundred years or so from now when "Bones" snapped a zinger like that to Kirk, but we haven't reached that point today, in fact, we're drifted further apart in the IT world.

In today's world of IT, whatever your job description is when you are hired may be very different when you start. I would go as far to say that a Job description for an IT position should be brief and to the point:

Position: IT

And that would be that, because you have to wear many hats today due to lost employees [ed. - not really "lost", like on the island with the smoke monster, but laid off employees], retirements, and the fact that the world of IT is like standing on quick sand.

Maybe you were hired to be backup to the guy who does servers, but only see a server once that year, what do you do? Answer: make yourself useful. In my case, I found that I liked killing virus and Trojans, especially when guy on the other end of the remote server was trying to counter my moves. I think I average only having to bring 1-3 PCs back to shop because of viruses, and it pains me when I have to.

But if I'm asked to take a call regarding things like email issues, setting up wireless routers, etc. I'm happy to do it, for 2 reasons:

1. It's keeps me current with newer products and releases
2. It's job security

Working in a corporate environment is like working in a dome -

• The brand of PCs are the same
• If a problem developed, re-image the drive
• If a keyboard or mouse requires replacing - do it, your a corporate Zombie.
• For the most part, all software used by employees are the same

Working outside a corporate environment you get to see just about every PC made in that last 14 years, a variety of Video cards, mult-monitor setups, many different brands of wifi routers (and their peculiarities), viruses, Trojans, AOL, ATT/Yahoo, Godaddy, Webcams, finding hot and cold wifi spots within a residence or building. Servers that are made to be servers, and servers that are just a desktop PC. Website creation and instructions on setting up websites, teaching people about certain Adobe products, and much, much more.

In today's world of IT, it pays to be non-corporate and learn as much as you want, or can.

'Nuff Said,
Brian

IS IT REAL, OR IS IT A TRAP



I'm sure you heard of this, read about them (possibly from here), or this is your first time learning about scams found usually on social media sites like...Facebook.

They are usually posted by a friend who finds the item interesting enough to pass along to their circles of friends, who find it as interesting and pass it along to their friends, much like a chain-letter-email.

WHEN YOU SEE SOMETHING LIKE THIS YOU HAVE TO QUESTION IT

Why should you? It came from a friend? [ed. - and I'll make it clear upfront that I don't know if this is, or isn't, but it caught my attention]

• Usually an ad like this would have the monitor on display, perhaps in front of the box.
• Just by looking at where they took the photo is odd - on the floor, with a crummy background (waste basket or maybe a paper shredder on right edge of photo and what appear to be kitchen doors in the background)
• And the last line "Some of last weeks winners we're Roy Smith & Andy Whitehead".

You would think someone would have done a spell check on this, or maybe they were just in a hurry. I just used the word "were" properly. In the ad above they use "we're", as in we are.

Once again, I don't if this is a real ad, or a phishing expedition (yes, phishing is a word used in the security world), but be careful when giving out info and always doubt the ad.

'Nuff Said,

Brian

PASSWORDS

Yes, passwords. They have become the albatross around our neck, the chain around our ankles, and as we use more websites - increasingly difficult to remember. A good example of this was last week, while on a call, the client asked me if I could help him with his email. I asked him what was wrong and he said he couldn't get mail on his tablet anymore, and it all started when he had to change his mail password at GMAIL two days earlier.

"Well then", I said, "What did you change your password to?" [ed. - silence, crickets in the night, more silence] The client's head slung down like he couldn't hold it up any longer, but finally, he pulled his head up and said those all too familiar words - "I don't remember". Only two days had passed and he was clueless to what his password was.

It's times like these I scratch my head; decades ago we were also told to never write a password down which is impractical in the World of today. I probably have over 100 passwords with different password schemes, and the only I can remember is the one I use to log into the daily work schedule. There are several ways you can manage your passwords:

• A secure password utility that stores your (encrypted) passwords and is a program unto itself
• Norton has what they call a password "VAULT". This comes with it's anti-virus software and requires just one password to open it. Once it is opened, if you click on VAULT OPEN a long list of places you go to that require a login name and password appear (like your favorites list) only when I click on a place like my bank, it pulls up my banks homepage and fills in the name and password for me - easy.

• This 3rd one is simple: write them down on a pad, in a journal, or a blank book - but all in one place and put it somewhere you can easily get to, but doesn't stick out and shout "HEY, I have passwords in here".

And it should go without saying (if you're a regular reader here) to make your passwords as creative as possible. Use phrases rather than one word, and an exclamation point in the middle or at the end of it, along with other tips I've passed along -

'Nuff Said,

Brian

WHAT'S NEW? IT'S JUST ANOTHER JAVA HOLE

THIS IS REALLY REDUNDANT









As reported by ComputerWorld, a security research firm has found a major hole in Java 7 that apparently was overlooked or, just forgotten as this hole existed 10 years ago. So, when patching up all the other holes someone forgot to include previous blocks on older security breaches. You can read the full article HERE.

'Nuff Said,
Brian

DO YOU HAVE PROBLEMS WITH WIRELESS PHONE RECEPTION IN YOUR HOME?

Well, you can feel better about it because a lot of others have similar issues. About a year ago I had to install a booster for an AT&T customer in his house so he wouldn't miss a call (he works out of his house), and the box did what it was supposed to do - give him solid reception whether upstairs, downstairs or on the porch.

Very recently, researchers hacked a Verizon box (even after they applied a security patch to prevent this), which would allow them to listen in on your phone calls. Read the article HERE.

FORECAST? HEAVY SNOWDEN. IT'S TIME TO MOVE THIS SHOW TO SATURDAY NIGHTS

SNOWDEN

The latest news from the man who can't keep his mouth shut is that he has a blueprint on how the NSA operates.

If I were a network or news organization I would just let Snowden drop from sight as he seems to feed on all of this media attention.CNET

RANSOMWARE

You should all be familiar by "Ransomeware" by now [ed.- especially if you read this Blog]. For those with short memories, the people behind Ransomware tend to target small businesses, as well as the average home owner, usually with an official FBI warning but effectively cutting off their Internet until either they're paid, or 3rd party company is called in to get rid of it. As far as small businesses, there is an article on PC WORLD about it HERE.

GUTLESS COWARDS, OR, NON-GUNS OWNERS?

A business recently sent out text messages to their employees that they were closing the business, thus firing said employees. Is this the new way of doing things, or, a safer way to avoid mass shooting from angry ex-employees? How long these former owners will have to hide in their secret underground bunker is unclear. CNET

May your Monday be uneventful -

'Nuff Said,
Brian

DON'T ALWAYS TRUST ONE SOURCE WHEN IT COMES TO SECURITY

It's a tough world out there and sometimes security watchers like myself  miss a thing or two because of  a number of things like: job, health, a spouses health, etc. An excellent example of this is my July 1st post where I wrote about two virus/worm/trojans helping each other out to keep from being detecting.

So if you read this Blog, you already know about it. If you only read Computer World's posts then you would not read about it until today (July 3rd) where they had a story about the same thing. I probably read, or at least look at twenty or more sites to see if there is anything special going on that I should write and let you know about, but even twenty sites is small potatoes when it comes to finding out about the latest security issues.

I'd suggest you start off by picking five sources for security information and just make it part of your daily routine to look at each site to see if some new Malware has risen like Godzilla and is terrorizing computers around the world.

'Nuff Said,

Brian

IT'S ONLY GETTING WORSE

IT'S ONLY GETTING WORSE

OR

1 + 1 = 2

It's bad enough when you have one malware infection on your computer (which is rare - usually if you have one then you have a nest of 'em breeding in your system), but when you have two specific programs designed to work with each other it makes the removal task almost impossible.

One is a Trojan downloader from 2009 called Vobfus which downloads pieces of Malware code onto your computer. It's partner is called Beebone, and the two of them work together to monitor what you, or your anti-virus are doing in removing part of their "BORG COLLECTIVE".

What happens? Depending on which one spots the attempted removal first, it notifies it's undetected partner which contacts a remote server and downloads a variant (slightly different pieces of code) that now pass your virus and/or other virus removal programs from detection. Could it get any worse?

YES...

Vobus is also a worm that will copy itself to any removable drive, i.e. - USB flash drive, mapped network drive, etc. Once on the drive it activates autorun so the next computer you put that stick into will - infect that computer. Would you like to read more about this? If so, you can find the article HERE, in an excellent piece complete with photos, from Microsoft's "MALWARE PROTECTION CENTER".

'Nuff Said,

Brian