Sunday, December 27, 2009
I have downloaded a program on your PC called Secunia Personal Software Inspector. It was downloaded from http://secunia.com/vulnerability_scanning/personal/ and it will help keep software on your PC up to date. This is important because vendors are always making security updates that will close vulnerabilities that hackers can use to take control of your PC. Many vendors have started to put an automated process similar to the Microsoft Automatic Updates in place because most people will never update their software on their own.
PSI will run when Windows starts up and initially will do a scan. Below is a screen shot of the PSI dashboard after scanning my PC. You will see in red the programs that are not current and in need of patching. In the “Solution” column, you can click on the blue icons and it will allow you to get the patch you need to be secure. Click all these icons to update your insecure software. After patching, PSI will rescan your system.
This is the screen showing your programs in need of patching. The Red bar in the graph shows you you need to take some action. Your goal is to have a Green bar that shows you are fully patched.
As you can see in the System Tray, if you hover your mouse over the PSI icon (the 3 red squiggly lines) it will tell you the status. Here it shows that you've just installed a more current version of a program.
Here is an example after you've clicked on the “Solution” icon, and it gives you a dialog box that allows you to get the patch you need and you can then install it.
After completing your patching, your scan should then show you that you have no insecure applications. This is your goal. It is just as easy as that. If you have any questions, just get a hold of me and I will try and help.
Tuesday, July 28, 2009
Here is a reminder to all my friends who use the Windows operating system, today Microsoft will be releasing a patch which is out-of-band which means, it is not the normal second Tuesday Pat Tuesday patch. MS has patches released on the second Tuesday of every month. Only when a serious security issue arises, do they have these out-of-band pathces. So, make sure your Windows box gets it's updates tonight when you get home.
Take care and stay safe. Have a fabulous Tuesday.
Saturday, July 25, 2009
This will be only the third time that Microsoft has issued an out-of-band security patch in the past 25 months. This of course is due to the seriousness of the vulnerability that is currently being exploited by the bad guys out there in the Internet world. If you aren't familiar with Microsoft's schedule, they regularly schedule patches to be released on the second Tuesday of each month. This allows business to react, and prepare for their release.
Stay safe out there and have a fabulous weekend!!
Wednesday, July 22, 2009
However, the cyber criminals know that men will be men and they have put up fake sites that purportedly host the infamous video of Erin Andrews. And it doesn't matter if you are surfing on a MAC or a Windows PC, you will be owned if you try and visit these sites. You won't get to see the video, and on top of that, you have malicious software downloaded to your PC so my advice to all men out there, don't go looking. This is like a broken record how the attack is done. You click, and a fake video player is needed to view the video Andrews naked.
So stay safe out there. Your behavior on the Internet has a lot to do with if you run into the nasty stuff the cyber criminals are offering. Play it smart. Don't go looking for the Erin Andrews video. If you do, you probably won't get what you are looking for. Happy Hump Day and take care.
Sunday, July 19, 2009
The Internet Storm Center has a write up on this you can read. Click here to read that post in the ISC Diary.
Hope your weekend was fabulous. Monday is just around the corner. Be on the watch for a patch for the Firefox browser soon. I'll let you know. Stay safe.
Friday, July 17, 2009
Now, proof there is another reason you really should be using the Firefox browser as your primary browser. Early this week, it was announced that Firefox had a serious 0-day. I have stated in the past, there really isn't a browser out there that doesn't have problems with security vulnerabilities. However, the key is, how quickly do they get patched. The window of opportunity for bad guys to take advantage of 0-day vulnerabilities in Firefox are just smaller. Today, if you are a Firefox user, make sure you get the update 3.5.1 that will correct the current problem.
If you don't use Firefox, try it. It is free and has some great addon's that you can use to protect yourself more. I personally use Noscript which I recommend you do too.
OK, have a fabulous Friday and stay safe out there.
Monday, July 13, 2009
The Internet Storm Center has a great write up here on this problem and also gives a link for you to "Fix It" which is similar to the work-around for last week. If you use Internet Explorer you will really want to visit the ISC link and click on the "Fix It" link. Another work-around, is to use an alternative browser like FireFox. I recommend it.
Stay safe, and have a fabulous week. Happy Patch Tuesday for all you Microsoft users!
Wednesday, July 8, 2009
Microsoft said that the vulnerability can be used to install malware on the victim PC if they can get you to browse to a hacked or booby trapped Web site that the criminal controls. The Internet Storm Center is warning folks to take action now due to a report that thousands of newly compromised Web sites have been seeded with the exploit code for this vulnerability. The ISC is also reporting that the exploit code has been posted to numerous Web sites in China. Symantec is reporting that one site that is now seeding this attack is the Russian Embassy in DC.
The flaw is in Internet Explorer versions 6 or 7. Seems that Internet Explorer 8 is not vulnerable to this attack.
Microsoft says that the problem lies in the DirectShow ActiveX Control. They are reportedly working on this to get a patch released soon. The normal Microsoft patch cycle is due to be released on the second Tuesday of July. Not really sure that they will be able to get a patch ready by this date so they are recommending to folks that they should consider disabling the feature because there doesn't seem to be any by-design uses for this ActiveX control in IE (Internet Explorer). Most folks out there use IE as their default browser so this is VERY important. To enable the Microsoft work around, click here, then click on the "Fix This Problem" icon.
Microsoft is also saying that "while Windows Vista and Windows Server 2008 customers are not affected by this vulnerability, we recommend that they also implement the workarounds as a defense-in-depth measure." To read more information on this topic, click here to view the Internet Storm Center post.
Stay safe out there and if you are on the vulnerable systems, take this action now. Have a fabulous rest of the week.
Friday, July 3, 2009
- Watch Fireworks
- Enjoy the cook out food (This is my suggestion)
- Don't click on links in e-mails
- Don't surf to sites with Fourth of July, Independence Day or Fireworks as keywords.
Click here to visit the folks over at ISC. They do great work.
Smaller organizations don't have the funding to do much with Computer Security Awareness training and for sure they don't have the resources to watch for malicious activities on these networks. It is sad but true statement, and it is really taking a huge financial bite out of these organizations.
Computer security is not easy, but with some work, you can protect yourself from most of the malicious stuff out there on the Internet. Can you avoid it completely? Probably not. Especially if you use a PC with a Microsoft Windows operating system like XP, or Vista. I try and post helpful hints for those who don't have a lot of money to invest in computer security. Read through some of my past posts and watch for new content as I will continue to post new ideas to help you.
Stay safe this holiday weekend and have a FABULOUS celebration Saturday night.
Saturday, June 27, 2009
Along with these spamming e-mail campaigns, you will also need to be VERY careful when going to web sites on the topic of these deaths. Malicious web sites have popped up and the bad guys are using black hat search engine optimazation (SEO) to raise their malicious site's Google ranking so that their sites will come up in the top 10 web sites when you do a Google search. Only go to trusted sites if you are wanting to read more information on these current events.
Stay safe and have a FABULOUS weekend.
Saturday, June 20, 2009
First, here is the screen on Twitter showing who follows me. I see that this Ana Torres is following me. See the screen shot below.
So I clicked on the link on Ana's name. Here is what I saw.
Here you see that Ana states that if I want to see her pictures, I can click on the tinyurl listed above. So the curious guy that I am, I decided to check to see where that tinyurl led me to before actually going there. (Notice it says I must register first please, to see her pictures).
I did a preview of the tinyurl and found what the true url behind that tinyurl. I took that address and ran it through Trustedsource.org and found that the true web site behind the tinyurl is actually a porn site.
So be careful out there. Don't just click randomly on these url's trusting someone you do not know. In the next few days, Twitter will catch up with this follower of mine and they will be removed. So be aware that hot girls will not follow you if you are a computer security professional. LOL. Or any other type of Twitterer you are.
Have a great Sunday and stay safe.
The inaugural topic will be "What would a criminal hacker want with my PC?". Click here to read a post I made back in 2008. A common question I get asked is why do people write these malicious programs that infect the majority of the population. The answer is easy. It is all financial. Just think of that famous line from the movie "Jerry McGuire". SHOW ME THE MONEY!!!!
So if you are local to the Topeka Kansas area and would be interested in some great information, stay tuned. I'll be publishing more details in the coming weeks. I'll get it on the calendar and we'll see how this works.
Hope all are having a great weekend. Stay safe.
Thursday, June 18, 2009
So have you been one who has been presented with a window that tells you that your PC is full of malware including worms, trojans, and keyloggers, OH MY!
This happens sometimes when you web searches using Google and Yahoo. Other instances, you may browse to a web site and BAM! you get that same message about malware infestations on your PC.
This appears to be a message window but it is actually an Internet Explorer window. You should not click on any button or the X to close this window. In this specific case, the criminal attacker disabled the user from going to the Start Bar and right clicking on the IE window to close it. However, you can just bring up the Task Manager and under the Applications tab, close the Internet Explorer application from there. Any other clicking on this window will get your PC infected.
Stay safe out there and the weekend is almost upon us. Have a fabulous weekend!!
Have you signed up on a social networking site? If you have, you've joined literally millions of others who are on FaceBook, MySpace, LinkedIn, and Twitter just to name a few. If you've signed up for any of these networks, you have probably wondered if there are security risks involved in participating in them. There risks associated with them and they are all related in one way or another.
First, the one common thread in all social networking sites is that you can associate (network) with friends and family, or work associates and share information with them. There is an inherent trust built in that if I allow you to be in my network, I trust you that it is really you and if you post anything, I'm assuming that it is you. Criminal hackers take advantage of this trust that is built in and if they can steal your login credentials to your account, they can pose as you and send all the friends in your network a message with a link that leads to a malicious web site. If successful, your friend's PC will have malicious code installed on their PC and this allows the criminal hacker to continue to take advantage of others as this process is repeated over and over with each friend who clicks on the malicious link.
Another risk of these social networking sites is what you actually post on these sites. One of the things you can do is share pictures with family and friends. You need to think twice before publishing certain pictures. One rule of thumb you should remember before you post anything on any web site is not to post anything that you don't want everyone to see. Even if you have posted a picture as "private", there have been instances in the past where the actual site you post pictures to has vulnerability in their systems which allowed "private" pictures to be stolen.
When you sign up for these sites, you can fill out a profile of personal information that you should limit what is available. For instance, you can add your birthday and you may choose to only put the month and day and drop the year of your birthday. Your birth date is one personally identifiable piece of information used in many things and you may want to exclude sharing the year of your birth. It is also a good idea not to post your phone number or your full address.
This one is specific to Twitter. First, what is Twitter? Twitter is a micro blogging system that allows you to share your status with anyone who follows you. These are called "tweets". These tweets are limited to 140 characters. Some folks who use Twitter like to share links to web sites that give you more information on a topic. Since links to web sites can be long, they use services that take a long web address, and shorten it. There are services like Tiny URL that do this. Criminal attackers have hacked high profile accounts that include CNN, the Obama campaign, and celebrities such as Brittney Spears. With control of these accounts, they can then abuse the trust issue mentioned earlier in this article and send out malicious links.
What can you do to protect yourself? Here are a few things.
- Keep your home PC patched which includes Microsoft updates as well as Adobe, QuickTime, and iTunes, just to mention a few.
- Think twice before posting any picture. A good rule of thumb is not to post anything that you wouldn't want everyone to see.
- Limit what information you share in the profile section of social networking sites.
- Trust no one. If a friend sends you a link, treat it like you have been trained with phishing e-mails. Don't click on unsolicited links.
Saturday, June 13, 2009
I'm sure that computer security awareness was not a part of the clinic's budget. They probably didn't have much of a budget at all for that matter for computer security. This could have happened a couple of different ways. It could have been an e-mail that came in that had either malicious links or attachments that someone from the clinic clicked on. This would be my guess as to how this happened. Or, it could have been just casual browsing on a legitimate website that had been hacked and malicious code injected that redirected them to a site which attacked the computer.
This computer was probably not patched. Probably Adobe Reader was an older version, or Microsoft patches that were not up to date. It doesn't matter what the vulnerable application was, it happened and it sucks that an organization that does what the Sisters of Charity Marian Clinic does, has to suffer such a loss.
Hopefully they can find out who was behind this, but the chances are, the responsible parties are located in a country that we have no way of getting to them. Possibly and eastern European country like Romania, or possibly Russia, or China will be where they were located. Hopefully the clinic will take computer security much more serious now. Knowing Topeka, there aren't a whole lot of options for the clinic to get the education they need so they will probably turn to the Geek Squad (I really hope not).
I guess the lesson learned is if you are doing financial transactions on a PC, you really need to make sure that patches are up to date, the machine is scanned often, and don't rely on just anti-virus alone. There are other options for you that will help protect these assets so things like this won't happen again also.
Stay safe out there, and have a great rest of the weekend.
Tuesday, June 9, 2009
Have a great week!
Saturday, June 6, 2009
- Don't share passwords with anyone!
- Don't use the same password for multiple accounts.
- Don't rely on FaceBook to respond too quickly. Hacked accounts are common.
OK, well have a super fabulous Saturday night and to the rest of the weekend also. Stay safe out there.
Wednesday, June 3, 2009
Well, father Carl contacted rivals.com and confirmed that both Xavier and CJ were enrolled at KU and will be attending KU in the Fall. Of course some took this to be gospel and so the Henry's are probably not big Twitter fans.
This should be a lesson about social networking sites like Twitter, FaceBook, etc, that you really don't know who is behind those accounts. Take my advice, trust no one.
Be careful out there and stay safe.
Saturday, May 30, 2009
Apple has been asked and they are pulling that "Apple attitude" and it is coming out strong. So Mac users beware! You are vulnerable to this simple drive-by exploit. And so a researcher who has gotten fed up with the lack of cooperation from Apple, decided to post proof of concept code to Milw0rm last week. If they already haven't started, they are sure to show up soon. So what can Mac users do? Disable Java at this point until Apple decides to take security serious. Apple sucks for not fixing this problem like all the other vendors have.
Stay safe and have a happy Sunday.
It seems that TwitterCut appeared to be the real Twitter login page. A phishing site for sure.
If a person were tricked into entering their login credentials, Twittercut continued to send the same message you got to all of your contacts. At this point, it appears that no malware is being installed on victim's PCs.
For sure, Twittercut has the login credentials to many Twitter accounts. Twittercut has been listed on services that blacklist malicious sites but was still active just a couple of days ago.
This attack takes advantage of the trust that is built on networks like Twitter, as well as FaceBook, MySpace, LinkedIn, and other social networks. Always beware of messages that are unsolicited. My motto is "trust no one".
Stay safe and have a fabulous rest of the weekend.
Monday, May 25, 2009
Now lets ask ourselves some questions. When you are setting up an account online, there are ways that you can recover your password if you forget it by setting up certain security questions. These security questions just happen to be your first pet's name, mother's maiden name, and the street you grew up on. So you have to ask the question, was this application written to harvest information that could possibly be used to break in to people's accounts? I can't be sure, but this shows us that you need to be very careful of information that you put out there on the Internet.
I would suggest that when you set up an online account, and they ask security questions, it is OK to lie. You would also definitely want to write these answers down so you would remember them. Now I know some accounts that are tied to financial accounts have started using other security questions that do not include the peices of information that apps like "what is your porn star name". If not, LIE!!! Just a little more information that will keep yourself more secure with online accounts that have this password recovery system in place.
Hope everyone is having a great Memorial Day holiday. Stay safe.
Friday, May 8, 2009
How can this happen? Let's just say you happen to go to a website....say usatoday.com. And lets say you just happen to be unlucky and an ad that flashes up on the usatoday.com site happens to be one that the criminal bad guy has taken advantage of and planted a redirect that takes you to a site that runs the latest and greatest attacks on your computer. Could be a malformed PDF, Word, or Excel document. Next thing you know, your PC is being watched by the bad guy.
After a PC is has been infected with malicious software (Malware), some of the things bad guys try and steal are e-mail accounts, social network accounts, etc. Along with these of course, they also are looking for banking credentials, credit card credentials too. Now what? The bad guy has to keep spreading his malicious software around and take over more and more computers. This is how they continue to exist. Computers get cleaned from time to time so they are always looking to take advantage of people and tricking them to go places they really shouldn't go and take control of new computers.
With someone else's Facebook signon credentials, they can now send a message to all of your contacts with a link to a malicious website. Your friends trust you, so your friends click and BAM! They are now under the control of the bad guy and this scenario just continues to roll along. So, my advice to you is this when it comes to links sent from friends. DON'T CLICK ON THEM!!
Hang in there. Have fun, but be safe. Have a great weekend!
Tuesday, May 5, 2009
After some checking, I found that the site was considered malicious and was hosted in China. I responded back to my friend and said that the computer security person in me wondered if he really had sent this. No response. Another few days and I get another e-mail from him with the same link. At this point, I contact him and he says no he didn't send me or any of the other contacts he had in his address book that were included on this e-mail.
Lesson, my friend had his e-mail account hijacked. The attacker who had control was trying to take advantage of the trust between my friend and his contacts in his address book. I sent a response to all the others who received the e-mail warning them of the malicious link. I never heard back from anyone but I had done my part.
Be careful when you receive an e-mail from a friend with a link, and this is also true of the other social networks like FaceBook, MySpace, and LinkedIn. My motto in computer security is to trust no one. Don't just randomly click on links just because one of your friends sends you a link. Hijacked accounts will send out messagse with malicious links and take advantage of the trust that is built up on these types of networks.
Be careful out there and stay safe. Happy Tuesday!
Sunday, April 19, 2009
It is very important that patches happen, and the Conficker Worm should be your example. Microsoft came out late in October of 2008 with a patch (MS08-067). Many folks didn't update with this patch. Actually, millions of PC's didn't have the patch. So this allowed the criminal element behind Conficker to spread itself so fast and so successful.
So this is your reminder that patching is extremely important. Make sure your PC is set to download your Microsoft updates automatically. You can either select to install them automatically or notify you when updates are needing to be applied.
Another weekend is drawing to an end so lets get ready for the new week. Stay safe and be careful out there.
Sunday, April 12, 2009
Why all the hype? Probably the main responsibility for spreading the hype was all the security vendors such as AV vendors, and other companies dealing in computer security. Nothing really happened April 1. Now on Thursday of this past week, the Conficker Worm started to push payloads to the infected hosts out there on the Internet. Things that were seen included keyloggers, rootkit functionality, and rogue anti-virus or fake AV which has been common in the past 6 to 9 months.
If you patched your Windows OS when they came out with updates in October of 2008, and use strong passwords, and disable autorun, you are probably just fine. You must always be on the lookout for new attack vectors. The bad guys are out there and they want to gain financially at your expense. Learn to protect yourself. I have many posts in the past that should help you in taking the steps to stay safe.
Stay safe, hope your weekend was fabulous and bring on the new week!
Tuesday, March 31, 2009
What people should worry about is what happens after April 1. The criminals behind Conficker don't want the Internet to meltdown. This is how they make their money. And where are these attackers from? Most likely China, Russia, or some other Eastern European country.
Microsoft issued an out of band patch back on 10/23/08 that closed this vulnerability. Do you patch? If not, I preach it. Look up prior posts that I've written about on ways to make you more up to date with security patches. I recommend that you go to Secunia and download their client that helps you keep up to date on Microsoft, Adobe, and many other vendor software.
So when you wake up tomorrow, I'm sure that the Internet will still be there. You will be able to check your FaceBook, Twitter, etc. Not much will change. Just realize that the Internet is full of malware. They really know how to evade security software by morphing so that security vendors can't get a good signature of the virus. The Internet is already full of malware today. It will be full of it tomorrow. Learn to be more secure. Realize that it is a risk to be on the Internet. Learn to accept the risk and have fun.
Stay safe and have a fabulous April Fool's Day.
Sunday, March 22, 2009
They take all your documents in the "My Documents" folder (default doc folder for Windows) and encrypts the files. And for a fee, say $50 they will let you have your documents back. Pretty nasty trick I'd say.
Some of the things we've talked about in the past to combat these is to keep your applications such as your Windows updates current as well as RealPlayer, WinZip, WinAmp, QuickTime, Adobe Reader and Flash, as well as iTunes. Keeping these up to date will not allow the criminal attacker the ability to run code remotely on your PC. Check back on some of my previous posts that help you keep you PC humming along.
Posting this on Sunday and my KU Jayhawks rolled into the Sweet 16 in this year's March Madness tourney. Good luck next weekend guys and lets keep it rolling! ROCK CHALK JAYHAWK!!!
Monday, March 16, 2009
The folks over at Websense have the details posted on their site that you need to check out. Just click here to read that story. Trust no one. Be careful what you click on. It may not be what it appears to be.
Wednesday, March 11, 2009
1) Probably the number one reason a Windows PC starts running slower is because some type of malware (malicious software) has been installed. More than likely you the user does not know this has happened. This is probably the top reason why Windows PC's start to run slower.
2) Another reason Windows PC's start to run slower is because when you purchased the PC, the amount of memory that was installed was not enough and as you purchase more applications to run, it just starts running slower due to lack of memory. You may want to visit www.crucial.com and see about purchasing more memory.
3) Many programs when you install them, have a service that starts up at boot up time. Many times they are not needed and you may want to review those applications that start up at boot time. Adobe, RealPlayer, and others can be eliminated from the start up. You can click this link I wrote on CCleaner. It has a handy tool that shows you what applications start up and gives you an easy way of deleting them.
4) As time goes by, you've installed and uninstalled many applications and sometimes the Windows Registry can get sort of frapped up. Once again, my previous reference to CCleaner, it has a tool that cleans up your registry. Click here for that posting.
5) Another reason that Windows PC's perform sluggish is due to a too intrusive of an Anti-Virus application. OK, I believe that Symantec's AV product is too labor intensive for home users. I personally use AVG's AV. Not as labor intense.
These are just a few reasons that slow Windows PC's. There are others but I consider these as the top ones that you can conentrate on. Stay safe and have a great rest of the week.
Monday, March 2, 2009
Spammers are always trying to figure out ways to get people to click on there tricks. I actually have 3 identical e-mails from someone purporting to be the president and he has money for me.
Hope your week has started off good and I hear the warm weather is coming! Stay safe.
Sunday, March 1, 2009
With data breaches like Heartland Payment Systems will add to those numbers in 2009 so protect yourself as much as you possibly can.
Kansas University Jayhawks put it the big hurt on the Missouri Tigers today. ROCK CHALK JAYHAWK!!!
Stay safe and have a great week this week!
Saturday, February 28, 2009
Really the best defense against these types of attacks is YOU. You have to decide if you are going to click on either a link that takes you to a document either through e-mail or a web site. Trust no one is my best advice.
Now turning to Facebook. This past week there have been a couple of apps that folks fall for. Both attacks are types of social engineering that try to get you to enter your login credentials. Folks, if you are already logged on to Facebook or whatever other site you are on and you click something that prompts you to login, DON'T DO IT!! Something is wrong with that scenario.
OK, hope you all are having a fabulous weekend and snow sucks. Stay safe and Rock Chalk Jayhawk!!
Friday, February 20, 2009
Brian Krebs from SecurityFix blog has a write up that you can read more details. Brian does a fabulous job keeping folks informed of computer security issues. Click here to read his post about the Adobe vulnerability. Adobe has a write up on their site too and you can click here to read that post.
As always you should never click on attachments or links in unsolicited e-mails. Stay safe and have a fabulous weekend.
Saturday, February 14, 2009
Great game today by the Kansas University Jayhawks. They beat those nasty KSU Wildcats. Stay safe and have a fabulous rest of the weekend.
Friday, February 13, 2009
Hope all is well with everyone and all of you remember those you love on Valentine's Day. Rock Chalk Jayhawk. Hope we kick some Wildcat tail.
Thursday, February 12, 2009
I wrote about the Heartland Payment Systems breach that was announced on January 20, 2009. Financial institutions all across North America have been contacting their customers in the past few weeks informing them that their credit card or debit card has been compromised due to this large breach. I personally know many folks affected where I live in the great Mid-west. They’ve got their letters telling them a new card is on its way.
I believe this breach will surpass the breach that TJMaxx had. Their final total was around 94 million cards that were compromised. This one, I believe, will surpass the 100 million total. There is a site that has been reporting what banks have contacted them stating that they have been affected by this breach. It is far from complete. Click here to see an update from the site bankinfosecurity.com.
Hope you have all had a great week. Friday is just around the corner. Have a fabulous weekend. And of course, Rock Chalk Jayhawk…Let’s kick the Wildcats behind Saturday!!
Sunday, February 8, 2009
It combines a system cleaner that cleans your PC of unused temporary files from your PC. On top of that, it also has a great registry cleaner too. The reason you want to run this is that it allows you to keep your Windows system running faster and it also frees up hard drive space. It also has a nice section that helps you clean up all those tasks that happen when your system starts up. Seems like every application that you install with the default setup will always start up at boot time. You don't need to do this and this can slow your PC when your system tray is full of all these started applications.
Hope you all had a great weekend and of course ROCK CHALK JAYHAWK!!
Friday, February 6, 2009
Click here for Best Buy's announcement on their website.
Sunday, February 1, 2009
Hope your team wins tonight in the Super Bowl and hope your weekend has been great.
Have a happy Super Bowl Day today. I'm cheering for the Cards. Always hanging with the underdogs. Stay safe.
Thursday, January 29, 2009
In my line of work I come across websites that have been hacked and code is injected leading to a website loaded with malware ready to take advantage of people who don't patch their PC's. Today was the website executivehomemaker.com. Hidden inside this legitimate site is a redirect to hxxp://iwdown.com/inc/e.js. A site hosted in China.
This is just another in a long line of sites with vulnerabilities that allow the bad guys to take advantage of the casual surfers. They don't patch, they probably click on links in spam e-mails and on and on. My last search on the iwdown site shows 135,000 sites with these injections. Click here an see the search results.
Stay safe and have a fabulous weekend and ROCK CHALK JAYHAWK!
Saturday, January 24, 2009
The Asprox botnet has come back to life with malicious injections into legitimate websites. Click here to see the Google search on the malicious injection. The site hosting the malicious code is h!!p://www.wmpd.ru. Now let me warn you, DO NOT CLICK ON THESE LINKS!!! These websites in this search have a vulnerability that allows attackers to inject this code. They need to close the vulnerability or they will continue to have possible attacks on their websites.
It is a good idea to avoid these sites. If your PC is not patched with all the software you have installed, then your PC can fall victim to the attackers and your PC can then be in control of the attacker and their botnet.
Hope everyone is having a safe weekend and I hope it is warmer where you are than here in the state of Kansas.
Read on Internet Storm Center's website that Monster.com and USAJobs.gov had their databases compromised. Click here to read the details from ISC. Information from these databases was stolen. USAJobs.gov's database is administered by Monster. Click here for USAJobs.gov post detailing the information they know. Click here for Monster.com's post detailing the information they know.So what are the dangers? Thing targeted spear phishing attacks to follow on the heels of this compromise. Those on Monster and USAJobs will now be in the cross hairs of malicious attackers. From the press releases, login credentials were also taken so if you are one of those who likes to use the same password for many things, as Joel Esler states in the ISC Diary posting, might be a good time to go change that password on yourbankhere.com. We've talked about not using the same password for everything, especially financial accounts.
Friday, January 23, 2009
announcement was made by Heartland Payment Systems that they uncovered
malicious software in their processing system. They ONLY process about 100
million transactions each month so surely this isn't that big of a deal.
It is early on in the investigation, but this data breach may even
de-throne TJX and their 94 million cards compromised back in 2006-2007.
This company serves more than 250,000 businesses ranging from restaurants,
retailers, convenience stores including pay-at-the-pump, to payroll
According to the New York Times, the malicious code was introduced into the Heartland Payment System's infrastructure as early asMay 2008. And Heartland didn't actually take the matter seriously until late Fall of 2008. They were contacted by VISA and MasterCard twice before they took this seriously. Then they chose inauguration day to make its announcement. Precious!
I would suggest to everyone to monitor closely your credit card statements and bank accounts if you like to use your debit card. Report any fraudulent charges immediately to your card issuer. Just a couple of weeks ago, there was a report of small charges, as little as .25 cents run through many credit card accounts. Some theorize someone is trying to find out if illegally obtained credit card numbers will work before making larger charges.
From Heartland's own special website www.2008breach.com, they are saying that this may be the result of widespread global cyber fraud operation and that the US Secret Service and the US Department of Justice are involved in the investigation.
UPDATE: I do know that banks are currently contacting customers who may have had a credit or debit card compromised in this data breach.
Monday, January 19, 2009
But when you click on the link it does not take you to the site. It pops up a message that looks like this. It's kind of a scary message that says hey you have some bad stuff on your machine.
Now if you get this message, I would advise you not click on the OK or the Cancel buttons. Wouldn't even click on the X. Interesting thing is the bad guy has disabled the ability to go down to the START bar in Windows and right click the Windows Internet Explorer to close it. So here is my advice to close that Explorer window. Bring up the Task List (Cntl + Alt + Dlt) and then kill it from there.
Stay safe out there and Rock Chalk Jayhawk!!!!!
Sunday, January 18, 2009
Might want to check out the patches that are installed on your PC. Make sure that you have MS08-067 installed. Run your Microsoft update to see if you are up to date.
Hope you all are having a great weekend. Stay safe.
Thursday, January 8, 2009
So, Bill O'Reilly, Brittney Spears, Barrack Obama, just to name a few, all had their Twitter account passwords reset and then they were under control of the bad guy. To make a long story short, the Twitter account that was hacked had a password that was a word from a dictionary. It happened to be 'happiness'. Any word that can be found in the dictionary is considered a weak password. So here is my lesson on creating passwords.
Steps in creating a strong password are as follows.
1) Make a passphrase that is more than 10 characters.
2) Use a combination of upper and lower case letters as well as numbers and special characters.
3) Don't use the same password for multiple accounts, especially financial accounts.
So you want examples? What about your favorite vacation spot? So you love to travel to Rocky Mountain National Park. So you could create a password that incorporates special characters, numbers, and upper and lower case letters. How is this for a password. iL0v3therock1es. There is a 15 character password that isn't too hard to remember. You can use all kinds of things like this to create you a strong password.
Don't be a twit. Use strong passwords. Have a great Friday tomorrow and I'm planning on a fabulous weekend!
Monday, January 5, 2009
Have a great week!
Saturday, January 3, 2009
Click here to read a short update from the guys and gals at the Internet Storm Center. They do a fabulous job and are a great resource to keep up with what is going on in computer security.
Rock Chalk Jayhawk! Go KU! The guys from Kansas University put it to the Volunteers of Tennesse today in Allen Field House.
Thursday, January 1, 2009
Hey folks! Read my blog and maybe you can keep yourself better protected than you are right now. Here is a picture of the screen I get. Actually pretty funny because it is animated but it ticks me off that I am blocked. Wishing people would be more responsible. Well I'm out for now. Hopefully you all had a fabulous New Year and I've got to go to work tomorrow.