A BRIEF LOOK AT WINDOWS 8

YOU CAN DOWNLOAD A PRE-RELEASE VERSION HERE

ANOTHER IMPORTANT WAY TO PROTECT YOUR DATA, AND COMPUTER EQUIPMENT

THE UPS (Uninteruptable Power Supply)

Yes, it's true you really need at least a couple of these in your house. Use them to protect your expensive electronic equipment, not necessarily computer gear. Brown outs, loss of power with a sudden burst when it comes back on in a matter of micro-seconds all take their toll on electronic equipment like: Computers, Monitors, Printers, Wireless Routers, Scanners, Big-Screen TV's, Blu-Ray Players, etc. We have several large UPS units in the house including units for each flat screen TV, cable box, Blu-ray player, and anything else in the typical entertainment center.

When choosing a UPS, make sure it has enough Volt Amps to keep your equipment going long enough for you to power them off. Try to get one that Isolates EMF and/or RF interference, and one that also has a feature called A.V.R. [ better known as Automatic Voltage Regulation].

AVR technology stabilizes the AC voltage and maintains a safe voltage level without switching to battery-mode. This conserves battery life, and delivers cleaner AC power to connected equipment. The UPS should be considered a necessary part of any home computer network.

GOOGLE'S NEW POLICIES TAKE EFFECT ON MARCH 1st

Take action now before it's too late

"March 1 is the day Google's new unified privacy policy goes into effect, which means your Google Web History will be shared among all of the Google products you use...."

READ ABOUT IT HERE

Microsoft warns hackers may have customer credit card data
Online store in India may have leaked payment details

READ ABOUT IT HERE

THINGS PEOPLE FALL FOR, AND END UP WITH A INFECTED COMPUTER

I've mentioned this before, but keep your anti-virus software up-to-date. When I say "Keep your anti-virus updated", I'm not just talking about updating your current AV engine, but update/upgrade to the newest anti-virus engine. If you're still under a current subscription it could actually be free. Last year my wife and I upgraded to Norton 360 Ver.5, and last week I received a pop-up telling me I could get the newest AV engine (version 6) for free. I practice what I preach so yes, I closed the pop-up and then opened up my Norton 360, went to the last drop down window to the right (SUPPORT) and clicked on "Check for new version". Sure enough, version 6 was there and we're running it now.

If you don't use Microsoft Outlook, the Symantec Spam filter wouldn't do you much good, but always be aware of emails from people you don't know with subject lines that read (examples) "Family Reunion 2012 info", or emails from the BBB (Better Business Bureau),increasingly the IRS and Intuit [example from this mornings email - "Download your Intuit.com Invoice"] and especially - strange emails with attachments. I know you'll be tempted to open it up just to see what is says, but sometimes that's all it takes to have your computer infected these days.

To be redundant: If you do click on a pop-up for and Adobe product, pay attention to your computer when it asks you if you really want to install this because usually it will include the URL and if says xyz@adobe.abc.com, it's probably a ruse. And what's the "Golden Rule"? Go to directly to that companies website to download updates.

WHAT YEAR WILL THIS BE?

While Microsoft Windows-based computers kept us busy last year (and continue to do so), last year was declared the "YEAR OF THE MOBILE VIRUS". In one report, McAfee estimated 75 MILLION new/individual viruses last year. They came in short with that prediction.

[SOURCE: McAfee]

As you can see from the chart above, while there were some viruses related to I-Phones, etc. The largest and most consistant jumps dealt with the "Droids". And in December, from the mouths of McAfee came these words "iOS users seem to be much safer than Android fans". This could flip-flop in 2012 very easily, but if you've noticed, there are several anti-virus apps for a variety of phones this year trying to stem the tide.

I suspect that mobile platform OS's will continue to rise this year because (IMHO) they never expected it to happen too soon. Whatever phone you chosen, just be careful on the next App you dowload.

AND SOMETHING ELSE FOR MAC USERS TO READ

Apple Mac user logins hunted by Flashback.G Trojan
Java exploits target user logins

"Apple Mac users have been warned to be on the lookout for a new variant of the Flashback Java Trojan that has already hit an unknown number of victims running OS X 10.6 Snow Leopard." READ MORE ABOUT IT HERE...

FOR YOU ANDROID USERS.....

Free Android app from Lookout sniffs out aggressive ad networks
New tool reveals app conduct serving ads and collecting info

"Lookout Security launched its free Ad Network Detector tool yesterday that scans Android devices for evidence of apps that use any of 35 different ad networks, and tells users what kinds of ads will be displayed and what user information those networks collect"

Read the full article HERE

New Flashback Trojan variant found for OS X Read more:

"Intego has found a new variant of the Flashback Trojan, which uses unique methods for tricking Mac users...."

Read the full article HERE

Samsung SB-208BW Optical SmartHub
Not security related, but an interesting approach to streaming content at home

FRESH FROM CNET:

Note to self: Encrypt data, memorize password

Elinor Mills writes and interesting article about current legal judgements regarding data encryption. It could make interesting reading for some of you, and you can read her article HERE.

DISASTER RECOVERY

DISASTER RECOVERY, ARE YOU PREPARED?

I know there are plenty of computers in homes that are 5-10 years old and haven't had one backup made. One day, those computers will have a terrible hard drive crash and lose all of their data.

"Data" can mean a variety of things to the computer owner, but when it comes to saving it the number one pick are photos. Why? digital cameras have no negatives to get reprints. Music is usually second, followed by typical word, excel-type files.

There are plenty of small footprint but large drive capacity external backup drives out there, and some users will buy them and actually make a backup, maybe even two backups - then forget about it.

In the Gulf coast of Texas we face many variables and I had a terrible thought one night: "What if we get our computers and backups stolen, or worse, a fire or Hurricane destroys the place - what good would my backups be then?"

I still backup my data, but I also use Carbonite, the online backup service. Naturally I wouldn't trust the security of anything that calls itself "The Cloud", but for pictures and music, I have no issues. Once you've done a backup, you can configure it to backup as necessary. Example No.1 - You haven't added or subtracted any files on your computer in two weeks, thus, no need to backup. Example No.2 - You just opened a word document and added a sentence or two, then saved it. Carbonite takes that file and replaces it with the older file in their "Cloud".

No, I don't get any kickbacks from Carbonite - I just know a good deal when I see one, and paying around $60/year to have my photo's and music safely backed up off-site, allows me to sleep a little better. How well are you sleeping tonight....?

GOOD NEWS!!! [FOR A CHANGE]

Price of DRAM plunges to all-time low of around $1
DDR3 DRAM prices will continue to fall and possibly stabilize in the second half, analysts said.

IDG News Service - Prices of DDR3 DRAM memory used in laptops and desktops have dipped to an all-time low of around $1, and will continue to fall, which could help PC makers pack more memory into computers, analysts said. Read the full story HERE.

Researcher: 200,000 Windows PCs vulnerable to pcAnywhere hijacking

Users aren't patching problem-plagued remote access program; up to 5K point-of-sale systems at risk

I almost missed this article: Computerworld - As many as 200,000 systems connected to the Internet could be hijacked by hackers exploiting bugs in Symantec's pcAnywhere, including up to 5,000 running point-of-sale programs that collect consumer credit card data, a researcher said today.

As usual, the complete story can be found HERE.

Facebook account hijacked?

Get a little help from your friends

"Social network to let you set passwords for apps on Facebook and enlist friends to help log into blocked accounts."

Facebook is set to announce new security features today that will let people set passwords for third-party apps and get help from friends when they can't get into their account.Read the full article on Cnet.com HERE.

Scared of Anonymous?

NSA chief says you should beRead more:

"The director of the National Security Agency says the hacktivist group is growing more powerful and could eventually attack our power grid. So beware..."

Read entire article from Cnet.com HERE.

Hacker steals one million user logins from YouPorn website

Spanks site admins for lax security

"A million logins for the hugely popular YouPorn sex site appear to have been leaked after a hacker chanced upon an URL linking to a user list apparently left exposed for several years...."

Read more HERE

Browser Add-On Stops Google (and others) from Tracking You Online

Unless you've had your head in the sand over the past few days, you have already heard about certain companies and tracking you wherever you go. A company has come up with a solution to this. Is it good? dunno. Is it bad? dunno. Read the story and judge for yourself.

MARCH 8, 2012

There's a buzz going around that the FBI "might" shutdown the Internet. Have you heard this one? Some say Hoax, Some say Truth, but there could be a little of each one in this rumor.

PC WORLD had the scoop on this one, so read their article here!

Shylock

Shylock Malware Returns, Refreshed

"Trusteer, a Boston-based in-browser web security vendor, issued a warning this week about the return "with a vengeance" of "Shylock," a polymorphic financial malware variant the company discovered last September that is now showing up again in end-user machines.

It is aimed primarily at global financial institutions. Trusteer code-named it Shylock because, "every new build bundles random excerpts from Shakespeare's 'The Merchant of Venice' in its binary," according to a blog post by Trusteer CTO Amit Klein. (See also "How to Remove Malware from Your Windows PC.")"

Read more about it here on PCW.

Waledac malware returns after two years with password-stealing capabilities

A new version of the Waledac malware, capable of stealing passwords and BitCoins, has been detected in the wild

"IDG News Service - A new version of the Waledac malware has been spotted on the Internet, but unlike previous variants, which were mainly used for spamming purposes, this one steals various log-in credentials and BitCoins, a type of virtual currency...."

[read full article from Computerworld]

ALERT

Adobe confirms new zero-day Flash bug
Patches Google-reported XSS flaw hackers now exploiting in targeted attacks

"Computerworld - Adobe on Wednesday patched seven critical vulnerabilities in Flash Player, including one reported by Google researchers that hackers are using in "active targeted attacks." The bug attackers have been exploiting is a cross-site scripting (XSS) flaw in the Flash Player plug-in used by Microsoft's Internet Explorer (IE)...." Read the whole story here.

This news comes from Computerworld, in an article posted today. I would suggest you go to the Adobe website and download the Flash patch.

WHICH ROUTER IS THE ROUTER FOR YOU?

5 years or so ago it would be a no-brainer - any wifi router that could connect you to the Internet would be fine. But at this point and time you have to really figure out what you want this router to do.

I would suggest:

• Determine what wireless devices are G or below



• Determine how many are "N" capable



• Put it down (on paper) along with the things you want to do via wireless, and then come up with a list of potential candidates.

Everything that is 1011.b - G operates in the 2.4GHz frequency band. "N" will work there as well, however, if your "N" devices are for streaming video content, you should consider what you really require.

Most wifi routers were only 2.4GHz, but recently almost any manufacturer that makes wireless routers also have (at the higher price spectrum) dual-band routers. These are great (IMHO) because it allows laptops, etc. to operated in the 2.4GHz range, while leaving the 5GHz "N" devices to wide open spaces that transmit further with little traffic.

My wife and I use a dual-band router for the exact reasons I just mentioned. We can connect to the Internet via "G" (2.4) with our laptops, while streaming video on the "N" (5) bandwidth, and everyone is happy.

The moral of this story is to do some homework before going out to purchase a wireless router so you can make a better decision.

Symantec releases updated Norton 360 client security
Integrated suite secures desktop and mobile endpoints

"Symantec today released an updated version of its Norton 360 desktop and mobile security software, while also rolling out a new licensing arrangement for combined PC, Mac and Android use.

In addition, the company announced a novel plan for a new kind of customer support called "Norton One" that involves individualised unlimited assistance for customers who are mystified by computers, security and software, if they're willing to pay the annual membership fee.."

Read the rest of the story on the News at Techworld.com

Software vendors fail to stem tide of security flaws, report shows

Admins overwhelmed by scale of patching task

"Many of the software industry's top vendors are still struggling to reduce the number of vulnerabilities across all classes of products, an analysis of 2011’s flaw figures by research company Secunia has revealed...." Read more of this article here.

TicketWeb issues second warning following fake Adobe spam hack

Ticketmaster subsidiary urges those who fell for scam to 'contact card issue immediately'

"on February 12, issued a statement advising customers not to click the link after they had received up to four emails with the subject 'Action Required: Update Your PDF Application'"

READ COMPLETE STORY HERE.

Hard drive prices to remain high through 2014
Inventories won't be back to normal until later this year

Ugh...I suspected as much, having read all of the ongoing announcements, but I really didn't expect this to go too much beyond 2012. My suggestion to you is to find the best price on the hard drive you want now (or in the near future) and buy it.

I'm still not too keen on the 2 and 3 Terabyte drives (quality issues), however I just picked up a good deal on a 1.5TB off amazon.com because I know I'll need it in about a month, and who knows what price it will be at that time. For more information about the dreary details, read this article on Computerworld.com.

ONE OUT OF ONE THOUSAND:

GREAT ODDS FOR LOTTERY, BAD ODDS FOR INFECTED PC

If you were going to purchase a lottery ticket with a 1-in-1000 chance to win, you'd feel fairly confident, but when that same ratio is applied towards the chances of your computer getting infected, it really sucks.

As I've pointed out in previous posts, you don't even have to click on anything to get infected - you can just be on an infected web page, unknowingly setting yourself up for a big fall (and cleaned out bank account). And yes, once again I'll point out that Symantec Internet 2012 will help you decide which link to click on after doing a search, because.......it works. Read this story on TechWorld and you'll get that "Zombie-in-the-closet" feeling.

Mozilla patches critical Firefox bug
Firefox 10 is third straight release needing follow-on patch

Microsoft, Adobe, and Java aren't the only ones having to push out patches to fix a bug or security hole in as recent release by Firefox joins the club. In March of 2011 they went from FireFox 3.6 to version 4. They are on version 10 now, which, when I checked last week still did not support my Norton Internet Security 2012 add-in. It is noteworthy to say that they still support Windows XP users, while Microsoft has cut the rope with Internet Explorer 8. Read more about this patch via this link to ComputerWorld.

FRESH OFF THE NEWS WIRE FROM "COMPUTER WORLD"

Yes, those rascals are at it again (and they should be); trying to patch security holes and bugs related to the OS (Operating System) and IE (Internet Explorer). 4 patches are "Critical", and some apply to Server 2008 R2. Read more about it at this link for Computer World.

WHAT'S YOUR PASSWORD (S)??

It's easy to use the same password for every online account you use, because it's so easy to remember. But what if you get hacked? Or your computer is infected with a keystroke logger? Well then, the Hacker will know your password for all accounts.

Whenever I do virus cleanups, I recommend that the user change all of their online passwords (online banking, amazon, ebay, facebook, etc.) and see the spirit of life drip off their faces like an oil painting subjected to intense heat [ed. - not a pretty sight]. And finally I give them some good ideas about selecting new passwords. One approach, which I like quite a bit, is to substitute alpha characters for numerical:

• o = 0 (zero)



• i = 1



• l = 1



• S = $

I also recommend using a phrase or sentence you are familiar with for a password. Take the sentence "I have rats in the attic" and using the formula above your password becomes "1haverat$1ntheatt1c" (you can always add a $ or ! before and after each password as well to make it even more secure).

How can you remember all of these? For home users - write them down. Some places like Office Depot sell actual "Password Pads" so you can write down your login name and password. Norton Internet 2012 offers an encrypted password locker which is great for storing these. To get into the locker, a user must know the locker password (which I suggest it to be highly secure, i.e.- not the name of your pet, child, etc.). It's a beginning, and I know....it sounds difficult - but after using my formula above, it only took me a few weeks to memorize it. Good luck on securing your passwords, and safe web surfing to all -

Brian

FOR EVERY HOLIDAY, THERE IS A VIRUS THREAT

And Valentines Day is no exception. Beware of those emails with subject lines like: "Buy her a dozen roses for $8", or of similar nature. Even if it appears to come from a legitimate source, check the email headers and REPLY TO information before you go clicking on a link within the email.

EXAMPLE: Did you get an email from FTD? Make sure it really is from FTD by hovering your mouse over the link (and not clicking) to see just where it's taking you. There are many people out to get your personal information and I suggest you read an article on TECHWORLD!

E-mail viruses most likely to appear in the morning

Not exactly the time of day when your brain is de-fogged. Read story on CNET.

[Credit: Trustwave]

How to Tell if a Link Is Safe Without Clicking on It

Here's what to do with a link that looks suspicious.

I'm including a how-to from PC-World, however I have to say that if you owned either Norton 360 v5, or Symantec Internet Security 2012 you would have a much more successful and safe searching experience. When you search for something (say via GOOGLE) Norton actually checks out the links and the links on the site of that link and posts little colored dots by each link: Green (Everything looks good), Orange (The website is basically okay, but there are a few suspicious links on it) and finally Red (DON'T GO THERE). Subscriptions really aren't that expensive if you consider the cost of virus removal, loss of data, or Identity theft, but...'Nuff Said on that, here's the link to the PC-WORLD article!

Citadel banking virus adopts open source development

ZEUS TROJAN PICKING UP SPEED!!
-


Either here, or on one of my security emails I wrote about "ZEUS" and how it was the next worst thing to happen to consumers, and not to my surprise I found a recent article (today) which explains how it is growing, and going after on-line banking customers.

Citadel banking virus adopts open source development

Read the article on the link above for complete details.

THIS IS WHAT I'VE BEEN TALKING ABOUT

Many customers that I visit often ask "What purpose do these people have for infecting my PC", and I usually give a run-down of several scenarios, one in particular where identities and bought, sold, and traded on the criminal market.

Read this story from Techworld - it will prove interesting reading.

Spammers pretend to be popular developers to distribute rogue Android apps

Spammers use font tricks to deceive Android Market users into trusting rogue app developers. Read the article on Techworld.

UPDATE:

In an earlier post I linked an article about Adobe releasing a Beta version of FLASH for Firefox, that will "Sandbox" it. Adobe says they are working on a similar approach for Internet Explorer (although it remains to be seen if it will work on anything other than I.E.9)

Antivirus software powerless to stop data breach attacks, study finds....

"In 100 percent of the incidents, malware undetectable by a representative sample of antivirus products was found to be the root cause of what had happened, typically entering an organisation via an employee’s PC."

Read this article on Techworld now

Trendnet IP webcams open to remote spying, researcher finds
Many models vulnerable to Internet hacking

-

READ FULL STORY ON TECHWORLD

How to Set Up Your Wireless Router for HD Video Streaming

READ FULL STORY ON PCMAG

-

[Ed. - But before you do, please verify you have a secured wireless device. I visit many homes that have NO security at all]

Adobe releases new sandboxed version of Flash Player for Firefox



Adobe has launched a beta version of Flash Player for Firefox that uses sandboxing technology to prevent exploits

Read full story on Techworld

Welcome To "Security Daze", Cousin to "CB DAZE"

I've had plenty of email which helped me to decide to start another Blog so I could concentrate on Radio's on the "CB DAZE" Blog, while using this one to post recently security flaws, new viruses or Trojans, as well as lending some personal tips which may just keep you from infecting your computers!

-

I'll start this with some common sense tips for you to consider:

My reason for sending this email is to let you know about an extremely deadly virus going around the Internet, it is the latest version of the ZeroAccess! Trojan (Version 4).

You do not have to click on anything - it can happen just viewing a web page, or, you may get a fake pop-up telling you there is a new java, flash, adobe reader update available, click on it and get infected. This virus completely destroys your operating system to the point where you have to have your drive re-formatted and a new OS installed. Previous versions mainly infected Windows XP systems. This version attacks XP, VISTA, and Windows 7 (32 and 64bit versions).

Here is my advice:

If you get one of those "Pop-ups" telling you there is an update available, close them. Then go directly to that software's website (example: www.adobe.com for Reader and Flash) and download the latest update. Adobe Reader is at Version 10x.x, Flash, 11x.x.
(a link to Adobe can be found on the right side of this Blog)

Things you can do now:

Make sure your PC is setup to install Windows critical and security updates, and make sure that your computer is "ON" for the updated to be applied. I usually choose "Download Updates, and let me know" so I can install them as soon as possible. You might have to reboot your PC after the updates have been installed. Installing your Windows updates are super critical. XP users should all have Service Pack 3 on their systems by now, but you'd be surprised how many I find still using Service Pack 2.

If you need to use Java make sure you install Java updates and go to Java.com, download and install the latest version of Java.

Install the latest version of Adobe Reader and Adobe Flash from their website - NOT a pop-up.

If you are on XP and still using Internet Explorer 6 - upgrade to I.E.8 (please)

Buy a new Anti-Virus every year. Download it, buy it from SLPC, or go to the store, just do it. 95% of the new clients I meet believe they have the latest antivirus because they are renewing their antivirus subscription. This is not true. They are simply receiving antivirus database updates, not program updates [A good example of this is when I find someone running Adobe Reader 8, and when updates arrive they are for version 8, even though the current version is 10]. Some antivirus applications may do program updates automatically, however I rarely see this. If you want an Antivirus / Antimalware that works really well right out of the box then buy Symantec’s Norton Internet Security 2012. This was recently rated Number 1 by PC Magazine, PC World, Cnet, and many other technical websites. It will not slow your computer down like some of their competitors.

Buy an external hard drive for backups, or subscribe to Carbonite "Online Backup". Out of the many PC's which were formatted last week with no data recovery, one customer was okay with that because all of their data was on Carbonite and it was a simple matter for the customer to restore the files back to the PC. Without a backup it would have been a disaster. If you stop and think of all the digital photos you have on your PC, most of which have no negatives to recover from - it's a no brainer.

Should you become infected, shutdown your PC immediately - do not leave it on, call us, and keep the PC "off" until we arrive.

I know what it's like to lose your data, and considering this new viral strain I wanted to keep you informed and secure. I hope these tips help, and of course, surf the Web safely -

Regards,

Brian