Wednesday, December 31, 2008

Fake AV - Stubborn to Rid from Your PC

I've worked on a few of these fake AV's on friend's PC's. These run bogus scans and tells you that you have bunches of malware that is infecting your machine. It prevents you from going to websites to get cleaning software. Prevents your legitimate AV from updating. Turns your Automatic Updates off. Gives you the fake Microsoft Windows Security Shield and tells you that you need to activate whatever the current name of AV that is installed on your PC. Some give you fake BSOD (Blue Screen of Death). Popups take over your PC. Your browser is hijacked.

It goes by many different names. Total Protect 2009, eXPress Antivirus 2009, iSafe 2009 (Sounds like an Apple application), Antivirus 360, Perfect Defender 2009, and on and on and on. This is just some of the more recent fake AV's that have been plaguing PC's lately.

It's tough to remove this type of malware because it defends itself very well. The best thing is to not get the nasty stuff. The most common delivery method is social engineering. Tricking you into installing the malware yourself. Be wary of messages sent to you from friends on social networking sites like MySpace, FaceBook, etc. A very effective way of propagating itself is once it is installed on a PC, any user of these social networking sites sends messages to all the friends on you list trying to trick your friends into installing this malware.

Stay safe. My Kansas University Jayhawks rocked the Insight Bowl earlier tonight 42 to 21 against Minnesota. Hope you had a safe and happy New Year!

Tuesday, December 30, 2008

More and More Fake AV!

Just recently, Microsoft built in to its malware removal tool a lot of the fake AV's that have been infecting so many PC's. And now of course we find even more fake AV's seemingly going strong. Click here to read a posting from the Internet Storm Center. Seems that the way they are infecting PC's is through a very effective way of social engineering.

Play it smart, don't just randomly click on things, and patch your software applications like, Adobe, all your Microsoft applications, etc. I've written previous posts that talks about the Secunia Tool that helps you keep up to date.

Stay safe, and have a Happy New Year! Rock Chalk Jayhawk. Insight Bowl on December 31.

Thursday, December 25, 2008

Same Old Story - Malicous eCards

Well, just a warning to all this holiday season that the bad guys are still using the malicious eCards sent via e-mail. Be warned, don't open them!! You can click here to read the story from the Internet Storm Center.

Hopefully all of you have been good boys and girls and Santa has rewarded you well this Christmas. Take care and have a safe holiday season.

Wednesday, December 24, 2008

Antivirus 2009 Really Sucks

I have commented a few times about all the fake AV going around the Internet. It appears that it morphs and adds "enhancements" that defends itself well. Turning off Microsoft Automatic Updates, not allowing you to browse to sites that will help you clean your PC, etc.

Well I ran across another blog today written by Gary Warner. He has a nice detailed post going into the details of how the bad guys are taking advantage of Google searches to raise their ratings that when people click on these links, it infects your PC with fake AV.

Click here to learn more on how the bad guys take advantage of things we use everyday, Google, and use it to propagate their nasty malware. Hey Nancy, this may be how it got installed on your PC!

Stay safe, have a Merry Christmas and a happy and safe New Year!

Sunday, December 21, 2008

Computer Security: Who is Responsible?

Hey everyone. Hope all is well with you this weekend before Christmas. Thinking of topics to write on, I decided to give my opinion on responsibility when someone does not secure their PC and are hacked. Let's say that you are on your home PC and someone in your house either clicks on some link or attachment that causes the PC to be hacked (compromised), and now you have your banking credentials stolen by some individual. This individual now is allowed to make transfers from your account. Who's fault is it?

My opinion is that individual responsibility includes securing your PC at home. So when I hear a story about someone having this happen, I believe the individual really should have taken steps to secure their PC. Hey, everyone knows there are risks but who takes more responsibility? You or your bank? Well I say it is you. Owning a PC and connecting to the Internet you should know how to secure your PC for your own safety.

Computer security is so much more than just installing anti-virus and firewall. You need to know there are not so nice websites that can lead to your PC being hacked. You also need to be aware that random clicking on unsolicited links or attachments in e-mails will also get you in trouble.

Then you have organizations like the Geek Squad who really do no teaching but they are VERY willing to take your money when you mess your machine up with a bunch of crapware. You know, all that malicious software that causes your PC to run slowly and possibly be used in a botnet which really spells bad news.

So what do you do? You learn of sites that will teach you. There are a plethora of blogs and websites that talk about securing your PC. Mine and tons of others that are written by some of the brightest security people around (and I'm not including myself in that group). Take some steps to start to learn of all the threats. When I help people with their PC problems, I take that opportunity to teach them of things they should be doing to be more protected.

That is enough ranting for now. Get all that shopping done and actual save yourself some stress this Holiday season.

Thursday, December 18, 2008

Examing A Spam E-mail

Some days you get e-mails that are obviously spam e-mails. Just the little things you look at and can tell right away that it is not real. Above you can see a copy of the e-mail. Right away you know that the fake UPS e-mails are still going around. Now someone in SPAMMERVILLE should tell them UPS stands for United Parcel Service. Not United Postal Service. LOL

Have a great Thursday tomorrow!

Tuesday, December 16, 2008

Microsoft Has Early Gift for Christmas to All MS Users

Microsoft has announced that they will be issuing an out of band patch December 17, 2008 that will patch the security vulnerability in all versions of Internet Explorer. So be watching for that patch to come down and get Internet Explorer patched. If you want to read additional details, click here for Microsoft's announcement.

Have a great Out of Band Patch Wednesday!

All Versions of Microsoft Internet Explorer Vulnerable

Microsoft came out late last week and stated that there was a vulnerability in their Internet Explorer 7 browser. Over the weekend, the list continued to expand and now pretty much all versions of MSIE are vulnerable to an upatched problem (0 Day). If you've been waiting for a good time to try an alternative browser, why not try Firefox. Click here to download the latest version of Firefox and while you are at it, install the add-on called NoScript.

Have a fabulous Tuesday!

Saturday, December 13, 2008

Defend Against the Zero Day Internet Explorer Vulnerability

OK, if you haven't heard, Microsoft's Internet Explorer which is probably the most widely used browser in the world has a problem. There currently is a vulnerability that is being exploited by the bad guys and it affects most versions of IE. So Microsoft has some suggestions on how to mitigate the problem, but a common step to defend yourself is to use another browser. I suggest that you try Firefox and this would be a great time to do so.

After downloading the browser, then you can install a great tool that works with the Firefox browser called NoScript. Just Google it and you will find it. Install that tool and play with the settings. Trust me, it will take some getting used to but after you have your web sites you visit regularly setup, then it is a piece of cake. I've written previous posts about Firefox and NoScript so look back at those if you like.

If you really want to get wild and crazy, install Ubuntu on your PC at home and test drive it. The current version is 8.10. It installs great and after you get done, you will have a dual boot option of your normal Windows operating system, but you will also have a more secure OS in Ubuntu. Live on the wild side and test drive it today. Can't think of a better time to do so.

Have a great weekend and I will try to do the same.

Wednesday, December 10, 2008

Fake AV Still Going Strong!

I assist people I know in cleaning their PC's. I've seen some really bad ones in my time. There is one constant this year. Fake AV. It continues to morph and change and continues its strong success. If you really want to get your geek on and read more about it, there is a guy, Dancho Danchev who has a blog and he has written extensively on the Fake AV attacks that have been going on for quite some time this year and it doesn't seem that it has lost much steam as of yet.

Patch, be careful when opening attachments, and don't just randomly click on links or attachments in unsolicited e-mails. Read the story I posted about Secunia's PSI tool to assist you in keeping your PC patched so the bad guys don't have such an easy time at your expense. Take care!

Microsoft Patch Tuesday an Early Present

Hey if you didn't already know, Microsoft has given you a rather large update this December. Click here to read the Internet Storm Center's review of all the patches. A lot of red showing up meaning the patches are critical. They include OS, IE, Office, and so on. Patch, patch, patch!!

Keep Updated with Secunia's PSI

So, do you want something that is almost the equivalent of the Easy Button to keep your PC's at home or your small business patched? Here is the answer. Click here to download Secunia's Personal Software Inspector tool. It does an audit of your PC to see what software you have installed and checks to see if there are any security updates that you don't have installed. If it finds any, it gives you this easy to use window with the link to update your software applications.

In a time where you really need to stay on top of things, this little application really does a nice job. So there is no excuse now. Keep up with all those Adobe, Java, Skype, AOL Instant Messenger, and more when you are need of a patch.

It is late Wednesday the day after Patch Tuesday and Microsoft had a large present for you this December so remember if you don't have your PC set to download those updates for you, go check and get your PC patched.

Have a great Thursday and Rock Chalk Jayhawk! Go KU!!

Sunday, December 7, 2008

FaceBook Being Used to Spread Malware

So you are signed up on and you get an e-mail stating that they can't believe what you did in this video. If the user clicks to view the video, a message pops up stating that they need to download some additional software to view the video. Once this has been clicked, malicious software (malware) is downloaded and run and your PC becomes the newest member of some bad guy's botnet.

This is a type of social engineering that makes you click on something and is sort of a trojan (something malicious posing as some useful application). Patching your machine is probably your best defense that you can do for yourself. One tool you can use that checks a wide variety of software on your PC is one from Secunia. Click here to scan your PC to see if you have any vulnerabilities that need patching.

Take care and have a fabulous Monday. I know I will.