Tuesday, July 28, 2009

Heading to Las Vegas and DefCon

In a couple of days I'll be off to DefCon 17 in Las Vegas, NV. If you aren't sure what DefCon is, it's a hacker conference. I attended my first DefCon in 2007. Got hooked, and I'll try and hit everyone in the future. This year appears to be chocked full of fabulous talks. Since it is Black Hat/DefCon time (both events held in Vegas), there will be a ton of news coming out this week. I'll try and have one more post before I head out.

Here is a reminder to all my friends who use the Windows operating system, today Microsoft will be releasing a patch which is out-of-band which means, it is not the normal second Tuesday Pat Tuesday patch. MS has patches released on the second Tuesday of every month. Only when a serious security issue arises, do they have these out-of-band pathces. So, make sure your Windows box gets it's updates tonight when you get home.

Take care and stay safe. Have a fabulous Tuesday.

Saturday, July 25, 2009

Microsoft to Issue Out-of-Band Patch

Next Tuesday, Microsoft has announced that they will be coming out with an out-of-band patch next week(072909). If you don't have updates downloaded automatically, you may want to start checking for update on Tuesday after you get home from work.

This will be only the third time that Microsoft has issued an out-of-band security patch in the past 25 months. This of course is due to the seriousness of the vulnerability that is currently being exploited by the bad guys out there in the Internet world. If you aren't familiar with Microsoft's schedule, they regularly schedule patches to be released on the second Tuesday of each month. This allows business to react, and prepare for their release.

Stay safe out there and have a fabulous weekend!!

Wednesday, July 22, 2009

Promise of Erin Andrews Video Leads to Malware

If you don't know who Erin Andrews is, she is a reporter for ESPN. She is very attractive and she has been captured in a video in the nude, and the video has been posted on the Internet. Erin and her lawyer have promised to sue whoever may be distributing the video so it isn't easy to find.

However, the cyber criminals know that men will be men and they have put up fake sites that purportedly host the infamous video of Erin Andrews. And it doesn't matter if you are surfing on a MAC or a Windows PC, you will be owned if you try and visit these sites. You won't get to see the video, and on top of that, you have malicious software downloaded to your PC so my advice to all men out there, don't go looking. This is like a broken record how the attack is done. You click, and a fake video player is needed to view the video Andrews naked.

So stay safe out there. Your behavior on the Internet has a lot to do with if you run into the nasty stuff the cyber criminals are offering. Play it smart. Don't go looking for the Erin Andrews video. If you do, you probably won't get what you are looking for. Happy Hump Day and take care.

Sunday, July 19, 2009

Firefox 3.5.1 Has Serious Vulnerability

Well, Friday, the Firefox browser came out with a patch for a vulnerability that was announced last Monday. OK, I thought cool. They patch fast. Well, I mean the next day, it was announced that the newly released version of the Firefox browser has a serious vulnerability.

The Internet Storm Center has a write up on this you can read. Click here to read that post in the ISC Diary.

Hope your weekend was fabulous. Monday is just around the corner. Be on the watch for a patch for the Firefox browser soon. I'll let you know. Stay safe.

Friday, July 17, 2009

Another Reason to use Firefox Browser

Last week and this week, Microsoft has had two pretty serious 0-day vulnerabilities that allowed an attacker to get the ability to run code on the target PC. Now with Patch Tuesday being this week, Microsoft was able to correct the DirectShow fix on Tuesday. However, the new one that I wrote about in the previous post is not. One wonders how long it will be before a patch is in place.

Now, proof there is another reason you really should be using the Firefox browser as your primary browser. Early this week, it was announced that Firefox had a serious 0-day. I have stated in the past, there really isn't a browser out there that doesn't have problems with security vulnerabilities. However, the key is, how quickly do they get patched. The window of opportunity for bad guys to take advantage of 0-day vulnerabilities in Firefox are just smaller. Today, if you are a Firefox user, make sure you get the update 3.5.1 that will correct the current problem.

If you don't use Firefox, try it. It is free and has some great addon's that you can use to protect yourself more. I personally use Noscript which I recommend you do too.

OK, have a fabulous Friday and stay safe out there.

Monday, July 13, 2009

Microsoft Announces ANOTHER 0-Day

OK, the last post was an article on a 0-day vulnerability in the DirectShow ActiveX control. I pointed you to a work-around until they will patch the problem. Sounds like they will be patching it tomorrow (Patch Tuesday). On the heels of that announcement, Microsoft says there is another 0-day in their Office products. It works the same. Bad guys will compromise sites that re-direct you to their malicious site. If they can get you there, your PC will be compromised. Really bad stuff.

The Internet Storm Center has a great write up here on this problem and also gives a link for you to "Fix It" which is similar to the work-around for last week. If you use Internet Explorer you will really want to visit the ISC link and click on the "Fix It" link. Another work-around, is to use an alternative browser like FireFox. I recommend it.

Stay safe, and have a fabulous week. Happy Patch Tuesday for all you Microsoft users!

Wednesday, July 8, 2009

Microsoft Warning Users of Unpatched Flaw

The folks from Redmond, Washington (MS) are warning folks that cyber criminals are targeting a previously unknown security vulnerability in Windows XP and Server 2003 to compromise PC's. Microsoft has instructions on how to protect yourself from this flaw.

Microsoft said that the vulnerability can be used to install malware on the victim PC if they can get you to browse to a hacked or booby trapped Web site that the criminal controls. The Internet Storm Center is warning folks to take action now due to a report that thousands of newly compromised Web sites have been seeded with the exploit code for this vulnerability. The ISC is also reporting that the exploit code has been posted to numerous Web sites in China. Symantec is reporting that one site that is now seeding this attack is the Russian Embassy in DC.

The flaw is in Internet Explorer versions 6 or 7. Seems that Internet Explorer 8 is not vulnerable to this attack.

Microsoft says that the problem lies in the DirectShow ActiveX Control. They are reportedly working on this to get a patch released soon. The normal Microsoft patch cycle is due to be released on the second Tuesday of July. Not really sure that they will be able to get a patch ready by this date so they are recommending to folks that they should consider disabling the feature because there doesn't seem to be any by-design uses for this ActiveX control in IE (Internet Explorer). Most folks out there use IE as their default browser so this is VERY important. To enable the Microsoft work around, click here, then click on the "Fix This Problem" icon.

Microsoft is also saying that "while Windows Vista and Windows Server 2008 customers are not affected by this vulnerability, we recommend that they also implement the workarounds as a defense-in-depth measure." To read more information on this topic, click here to view the Internet Storm Center post.

Stay safe out there and if you are on the vulnerable systems, take this action now. Have a fabulous rest of the week.

Friday, July 3, 2009

Beware of any Independence Day Links

The folks over at the Internet Storm Center have some great suggestions.
  • Celebrate
  • Watch Fireworks
  • Enjoy the cook out food (This is my suggestion)
What not to do?
  • Don't click on links in e-mails
  • Don't surf to sites with Fourth of July, Independence Day or Fireworks as keywords.
The security company Websense is reporting that the subjects listed above are being seen in the subject lines of spam e-mails. They contain links that are supposed to be videos, however all it leads you to is malware that attacks your PC.

Click here to visit the folks over at ISC. They do great work.

Small Organizations Lack Computer Security Training

It is becoming more apparent with stories like the Sisters of Charity Marian Clinic in Topeka, KS, and the Bullitt County, KY loss, that there is a huge hole where folks just don't know what to do or what not to do. Click here to read the Sisters of Charity story, and here to read the Bullitt County story. Combined, they have lost more than $500,000.

Smaller organizations don't have the funding to do much with Computer Security Awareness training and for sure they don't have the resources to watch for malicious activities on these networks. It is sad but true statement, and it is really taking a huge financial bite out of these organizations.

Computer security is not easy, but with some work, you can protect yourself from most of the malicious stuff out there on the Internet. Can you avoid it completely? Probably not. Especially if you use a PC with a Microsoft Windows operating system like XP, or Vista. I try and post helpful hints for those who don't have a lot of money to invest in computer security. Read through some of my past posts and watch for new content as I will continue to post new ideas to help you.

Stay safe this holiday weekend and have a FABULOUS celebration Saturday night.