--US-CERT Warns of Blackberry Spyware
(October 27, 28 & 29, 2009)
The US-CERT has issued a warning about a free spyware program called PhoneSnoop that can be used to bug BlackBerry phones. If the program is installed, one call from a designated number can turn the phones into listening devices, capable of eavesdropping on everything that happens nearby. The person who created the program said it was done as a proof-of-concept to demonstrate the vulnerabilities inherent in being careless with the phones. Users could be tricked into downloading PhoneSnoop onto their phones, or it could be installed by someone else with access to the device. US-CERT recommends that BlackBerry users use passwords to prevent other people from accessing the phones and to allow downloads only from trusted sources.
http://www.h-online.com/security/news/item/BlackBerry-spyware-alert-843992.html
http://news.cnet.com/8301-27080_3-10384179-245.html
http://www.securecomputing.net.au/News/159209,us-cert-warns-of-malware-attack-against-blackberry.aspx
http://www.us-cert.gov/current/index.html#blackberry_phonesnoop_application_used_to
[Editor's Note (Schultz): Smart phones and other mobile devices are increasingly becoming the target of malware writers. Several excellent talks on this subject were presented at the recent Black Hat Conference.]
Friday, October 30, 2009
Wednesday, October 28, 2009
Computer "Tip of the Day" 10-28-09
Free Software & File Sharing!
WORTH THE HIDDEN COSTS?
--Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download a special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.
--But file-sharing can have a number of risks. If you don't check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents. In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.
--If you decide to use file-sharing software, set it up very carefully. Take the time to read the End User License Agreement (EULA) to be sure you understand the side effects of any free downloads.
WORTH THE HIDDEN COSTS?
--Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download a special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.
--But file-sharing can have a number of risks. If you don't check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents. In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.
--If you decide to use file-sharing software, set it up very carefully. Take the time to read the End User License Agreement (EULA) to be sure you understand the side effects of any free downloads.
Tuesday, October 27, 2009
Computer "Tip of the Day 10-27-09"
--Cyber Thieves Stole US $40 Million from Small and Mid-Sized Businesses (October 26, 2009) The FBI says that since 2004, cyber thieves believed to be based in Eastern Europe have stolen US $40 million from small and mid-sized US businesses. The thieves use spam to infect the companies' computers with malware that steals online banking credentials, then transfer funds in amounts below the US $10,000 threshold that triggers alerts. The FBI is acknowledging the trend in the hope that companies become aware of the threat and put security safeguards in place. For instance, companies can protect themselves from cyber thieves by conducting online banking transactions on dedicated, locked-down machines. Larger banks have adopted anti-fraud technology to detect anomalous transaction patterns. The companies hardest hit by the fraud, meaning those least likely to recover funds, often use small and regional banks that lack the fraud detection mechanisms of the larger institutions. In some cases, very small banks have prevented fraudulent transactions because they know their customers personally and are alert to behavior that seems out of the character.
http://voices.washingtonpost.com/securityfix/2009/10/fbi_cyber_gangs_stole_40mi.html
http://voices.washingtonpost.com/securityfix/2009/10/fbi_cyber_gangs_stole_40mi.html
Computer "Tip of the Day" 10-27-09
--Cyber Thieves Stole US $40 Million from Small and Mid-Sized Businesses (October 26, 2009) The FBI says that since 2004, cyber thieves believed to be based in Eastern Europe have stolen US $40 million from small and mid-sized US businesses. The thieves use spam to infect the companies' computers with malware that steals online banking credentials, then transfer funds in amounts below the US $10,000 threshold that triggers alerts. The FBI is acknowledging the trend in the hope that companies become aware of the threat and put security safeguards in place. For instance, companies can protect themselves from cyber thieves by conducting online banking transactions on dedicated, locked-down machines. Larger banks have adopted anti-fraud technology to detect anomalous transaction patterns. The companies hardest hit by the fraud, meaning those least likely to recover funds, often use small and regional banks that lack the fraud detection mechanisms of the larger institutions. In some cases, very small banks have prevented fraudulent transactions because they know their customers personally and are alert to behavior that seems out of the character.
http://voices.washingtonpost.com/securityfix/2009/10/fbi_cyber_gangs_stole_40mi.html
http://voices.washingtonpost.com/securityfix/2009/10/fbi_cyber_gangs_stole_40mi.html
Tuesday, October 20, 2009
Computer "Tip of the Day 10-20-09"
--Postini Delivery Problems Vex Users
(October 13, 14 & 15, 2009)
Users of email security and archiving service Postini were frustrated last week when the service began experiencing significant delivery problems. Users were particularly angered by Postini's lack of communication about the problem. Postini was acquired by Google in 2007. The service scans emails for malware. The problem seems to have been caused by a combination of a bad email filter update and "a power-related hardware failure."
http://www.informationweek.com/news/showArticle.jhtml?articleID=220600859
http://news.cnet.com/8301-30684_3-10374344-265.html
http://www.theregister.co.uk/2009/10/15/google_postini_snafu/
http://www.computerworld.com/s/article/9139316/Postini_trouble_stymies_U.S._e_mail_users?taxonomyId=1
--Scareware Locks Apps on Infected PCs
(October 15 & 19, 2009)
A new variant of scareware has been detected that not only inundates users with exhortations to purchase phony antivirus software called "Total Security 2009," but that also locks users out of nearly all applications until they purchase the disreputable product. Once their PCs are infected with the malware, the only program users can open is Internet Explorer, so they can navigate to the site and make a purchase.
http://blogs.usatoday.com/technologylive/2009/10/new-twist-on-scareware-locks-up-your-pc.html
http://www.pcworld.com/article/173765/a_rogue_demands_a_ransom.html
(October 13, 14 & 15, 2009)
Users of email security and archiving service Postini were frustrated last week when the service began experiencing significant delivery problems. Users were particularly angered by Postini's lack of communication about the problem. Postini was acquired by Google in 2007. The service scans emails for malware. The problem seems to have been caused by a combination of a bad email filter update and "a power-related hardware failure."
http://www.informationweek.com/news/showArticle.jhtml?articleID=220600859
http://news.cnet.com/8301-30684_3-10374344-265.html
http://www.theregister.co.uk/2009/10/15/google_postini_snafu/
http://www.computerworld.com/s/article/9139316/Postini_trouble_stymies_U.S._e_mail_users?taxonomyId=1
--Scareware Locks Apps on Infected PCs
(October 15 & 19, 2009)
A new variant of scareware has been detected that not only inundates users with exhortations to purchase phony antivirus software called "Total Security 2009," but that also locks users out of nearly all applications until they purchase the disreputable product. Once their PCs are infected with the malware, the only program users can open is Internet Explorer, so they can navigate to the site and make a purchase.
http://blogs.usatoday.com/technologylive/2009/10/new-twist-on-scareware-locks-up-your-pc.html
http://www.pcworld.com/article/173765/a_rogue_demands_a_ransom.html
Thursday, October 15, 2009
Computer "Tip of the DAy 10-15-09"
DATA SECURITY
--Maine Supreme Court to Decide Hannaford Liability (October 9 & 12, 2009) The Maine Supreme Court will decide whether or not retailers that fail to protect consumers' payment card data will be required to compensate those people for the time they spend correcting any problems that arise from a data security breach. Consumers are already covered for unauthorized charges under banks' zero-liability protection policies.
In this case, the court must decide if "time and effort alone, spent in a reasonable effort to avert reasonably foreseeable harm, constitute a cognizable injury under Maine common law." The case involves the breach at Hannaford Bros. in which millions of payment card numbers were compromised.
http://consumerist.com/5379157/maines-supreme-court-to-decide-if-consumers-should-be-compensated-for-hannaford-security-breach
http://www.wired.com/threatlevel/2009/10/hannaford/
--Maine Supreme Court to Decide Hannaford Liability (October 9 & 12, 2009) The Maine Supreme Court will decide whether or not retailers that fail to protect consumers' payment card data will be required to compensate those people for the time they spend correcting any problems that arise from a data security breach. Consumers are already covered for unauthorized charges under banks' zero-liability protection policies.
In this case, the court must decide if "time and effort alone, spent in a reasonable effort to avert reasonably foreseeable harm, constitute a cognizable injury under Maine common law." The case involves the breach at Hannaford Bros. in which millions of payment card numbers were compromised.
http://consumerist.com/5379157/maines-supreme-court-to-decide-if-consumers-should-be-compensated-for-hannaford-security-breach
http://www.wired.com/threatlevel/2009/10/hannaford/
Wednesday, October 7, 2009
Computer Tip of the Day "10-07-09"
You and Your Browser!
- - What exactly is a browser anyway?
Let's start with what it's not. A browser is not Google, not a search engine, not AOL, and not broadband. A browser is software that you use to see and hear what's available on the World Wide Web. (You can use a browser for other things, too, but let's stay with their more common uses for now.) Browsers take you to websites and webpages where you can read and send email, see images and movies, and listen to music. You can also download and upload files using your browser. Your browser allows you to navigate to information resources that are organized as URL's (Uniform Resource Locators) or web addresses. The major web browsers are Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Google Chrome, and Opera.
- - Why do I need a browser to connect to the Internet? Why can't my computer just do it?
You need a browser to connect to the Internet because browsing is only one of many things that a computer can do. A browser is software that directs your computer to the Internet, interprets your requests, and translates them into the language used by all of the computers on World Wide Web. Your computer is simply hardware -- a machine that will follow instructions. Software supplies the instructions.
- - OK, so just HOW does my browser connect to the Internet?
Strictly speaking, it's your computer and its operating system that connect to the Internet, either by a wired or a wireless connection, such as Ethernet, Cable Internet or DSL (Digital Subscriber Line), or by Wi-Fi or wireless broadband. Your browser communicates with the operating system, and the operating system communicates with the Internet.
- - Why is there such a choice of browsers? What's the difference?
A browser, like all software, is a product, produced and marketed by people who want you to use it. Objective: To gain market share. It is estimated that 1.7 billion people are using the Internet worldwide in 2009. If you make a better browser, the world will beat a path to your website and download it, and your customer base could number in the hundreds of millions quickly. Anatomically speaking, all web browsers are about the same. They differ from one another in their "look and feel"-when, where, and how you click to make something happen. It's largely a matter of taste. All of the major browsers can use plug-in's and add-on's, like Flash Player for movies and Acrobat Reader for opening PDF files.
- - My computer came with a browser on it. Why would I want another one?
Microsoft includes Internet Explorer with Windows for the same reason that Apple includes Safari in OS X--so you will use it and they can command a greater share of the market. Web browsing is what most people do on a computer most of the time, and competition among browser makers is stiff. Back in 1990's the Mozilla Foundation produced the earliest browser, called "Mosaic," and later "Netscape." Today, Firefox is considered by some to be faster and more secure than Internet Explorer and Safari, while Google's Chrome and the Opera browser are attempts to provide a new look and feel for the browsing experience.
- - What exactly do people mean when they talk about web-based malware?
Malware is a catch-all term for thousands of varieties of computer viruses and worms. While viruses and worms are not new-we have all heard about computers getting infected by email and email attachments-websites emerged in 2009 as the primary vehicle for spreading of malware.
Browsers create a two-way communications channel between your computer and a website. If the site is infected or "dirty," malware may enter your computer without warning in a matter of seconds. That's web-based malware.
- - Why isn't my anti-virus or anti-spyware program enough to protect my computer from web-based malware?
There are two reasons. Anti-virus and anti-spyware work pretty much like vaccines. Just as no single vaccine can protect you against every strain of flu, no security program can protect your computer against every kind of malware. And just as new strains of flu emerge season after season, so too new kinds of computer viruses-as well as variants of old ones--crop up on a daily basis. Even if you have effective security software, the Bad Guys are always cooking up ways to beat it, like tricking you into downloading malware voluntarily by browsing to a dirty website or clicking on a rigged link that promises you something you want and delivers something else you don't want.
- - What DOES protect my computer from malware and other threats on the Web?
You are your first line of defense-you need to be aware of threats posed by browsing. But don't make the mistake of thinking that you can tell which websites are clean and dirty by how they look, who appears to own or run them, how often you have visited them without incident, or based on a recommendation from a friend or co-worker. What was a safe website or webpage yesterday may have been hacked overnight and now contain malware. Remember: You browse at your own risk. Your second line of defense is good-quality security software-including anti-virus, anti-spyware, and a two-way software firewall-and a hardware firewall.
Third, use key scrambling or anti-keylogging software that encrypts your keystrokes and helps prevent Bad Guys from getting a hold of sensitive information you enter on your computer. Fourth, keep your software updated and patched. (See Updates and Patches below.) If you suspect that your computer may be infected, call the support line of the manufacturer of your security software or of your computer, your ISP (Internet Service Provider) or contact your local computer support personnel or a computer consultant.
- - What should I look for when I am shopping for the right protection against malware?
Read reviews that compare the effectiveness, reliability, and ease-of-use of security software products. Get recommendations by calling the support line of the manufacturer of your computer or your Internet Service Provider, or by talking with your local computer support personnel or a computer consultant knowledgeable about security.
Many good-quality security software suites cost less than $100, so this is not a big budget item. Concentrate on quality, not on a $10 or $20 price difference. When considering freeware, keep in mind that if you have a problem, support may be hard to come by or simply non-existent.
- - What exactly is a browser anyway?
Let's start with what it's not. A browser is not Google, not a search engine, not AOL, and not broadband. A browser is software that you use to see and hear what's available on the World Wide Web. (You can use a browser for other things, too, but let's stay with their more common uses for now.) Browsers take you to websites and webpages where you can read and send email, see images and movies, and listen to music. You can also download and upload files using your browser. Your browser allows you to navigate to information resources that are organized as URL's (Uniform Resource Locators) or web addresses. The major web browsers are Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Google Chrome, and Opera.
- - Why do I need a browser to connect to the Internet? Why can't my computer just do it?
You need a browser to connect to the Internet because browsing is only one of many things that a computer can do. A browser is software that directs your computer to the Internet, interprets your requests, and translates them into the language used by all of the computers on World Wide Web. Your computer is simply hardware -- a machine that will follow instructions. Software supplies the instructions.
- - OK, so just HOW does my browser connect to the Internet?
Strictly speaking, it's your computer and its operating system that connect to the Internet, either by a wired or a wireless connection, such as Ethernet, Cable Internet or DSL (Digital Subscriber Line), or by Wi-Fi or wireless broadband. Your browser communicates with the operating system, and the operating system communicates with the Internet.
- - Why is there such a choice of browsers? What's the difference?
A browser, like all software, is a product, produced and marketed by people who want you to use it. Objective: To gain market share. It is estimated that 1.7 billion people are using the Internet worldwide in 2009. If you make a better browser, the world will beat a path to your website and download it, and your customer base could number in the hundreds of millions quickly. Anatomically speaking, all web browsers are about the same. They differ from one another in their "look and feel"-when, where, and how you click to make something happen. It's largely a matter of taste. All of the major browsers can use plug-in's and add-on's, like Flash Player for movies and Acrobat Reader for opening PDF files.
- - My computer came with a browser on it. Why would I want another one?
Microsoft includes Internet Explorer with Windows for the same reason that Apple includes Safari in OS X--so you will use it and they can command a greater share of the market. Web browsing is what most people do on a computer most of the time, and competition among browser makers is stiff. Back in 1990's the Mozilla Foundation produced the earliest browser, called "Mosaic," and later "Netscape." Today, Firefox is considered by some to be faster and more secure than Internet Explorer and Safari, while Google's Chrome and the Opera browser are attempts to provide a new look and feel for the browsing experience.
- - What exactly do people mean when they talk about web-based malware?
Malware is a catch-all term for thousands of varieties of computer viruses and worms. While viruses and worms are not new-we have all heard about computers getting infected by email and email attachments-websites emerged in 2009 as the primary vehicle for spreading of malware.
Browsers create a two-way communications channel between your computer and a website. If the site is infected or "dirty," malware may enter your computer without warning in a matter of seconds. That's web-based malware.
- - Why isn't my anti-virus or anti-spyware program enough to protect my computer from web-based malware?
There are two reasons. Anti-virus and anti-spyware work pretty much like vaccines. Just as no single vaccine can protect you against every strain of flu, no security program can protect your computer against every kind of malware. And just as new strains of flu emerge season after season, so too new kinds of computer viruses-as well as variants of old ones--crop up on a daily basis. Even if you have effective security software, the Bad Guys are always cooking up ways to beat it, like tricking you into downloading malware voluntarily by browsing to a dirty website or clicking on a rigged link that promises you something you want and delivers something else you don't want.
- - What DOES protect my computer from malware and other threats on the Web?
You are your first line of defense-you need to be aware of threats posed by browsing. But don't make the mistake of thinking that you can tell which websites are clean and dirty by how they look, who appears to own or run them, how often you have visited them without incident, or based on a recommendation from a friend or co-worker. What was a safe website or webpage yesterday may have been hacked overnight and now contain malware. Remember: You browse at your own risk. Your second line of defense is good-quality security software-including anti-virus, anti-spyware, and a two-way software firewall-and a hardware firewall.
Third, use key scrambling or anti-keylogging software that encrypts your keystrokes and helps prevent Bad Guys from getting a hold of sensitive information you enter on your computer. Fourth, keep your software updated and patched. (See Updates and Patches below.) If you suspect that your computer may be infected, call the support line of the manufacturer of your security software or of your computer, your ISP (Internet Service Provider) or contact your local computer support personnel or a computer consultant.
- - What should I look for when I am shopping for the right protection against malware?
Read reviews that compare the effectiveness, reliability, and ease-of-use of security software products. Get recommendations by calling the support line of the manufacturer of your computer or your Internet Service Provider, or by talking with your local computer support personnel or a computer consultant knowledgeable about security.
Many good-quality security software suites cost less than $100, so this is not a big budget item. Concentrate on quality, not on a $10 or $20 price difference. When considering freeware, keep in mind that if you have a problem, support may be hard to come by or simply non-existent.
Tuesday, October 6, 2009
Computer Tip of the Day "10-06-09"
"Dirty Websites" Pose Biggest Security Risk
The 100 most dangerous sites on the web are propagating an average of 18,000 different pieces of malware, according to leading security software maker Symantec. While 48 of the top 100 worst are adult-themed sites, others featured diverse topics, ranging from deer hunting and catering, to figure skating, electronics, and legal services. "We used to tell people if you stick with the ‘safe neighborhood’ you will be safe, and what we see from this list is that even if you stick to the safe neighborhood, it doesn't mean you are safe," said Symantec’s Dan Schrader. "Your own judgment doesn't tell you anything about the security practices of that site." Ken Pappas of Top Layer Security adds that "The list of most-offensive websites is changing and new websites are constantly being infected. This is not something like building a ten most-wanted for criminals at large. "Whether it's ten viruses or ten thousand doesn't matter; the point is, many people are going to what they believe is a legitimate and trusted website. They have no idea or warnings it will potentially put malware in the computer."
More information: http://www.scmagazineus.com/dirtiest-websites-host-average-18000-threats/article/146919/
http://safeweb.norton.com/dirtysites
The 100 most dangerous sites on the web are propagating an average of 18,000 different pieces of malware, according to leading security software maker Symantec. While 48 of the top 100 worst are adult-themed sites, others featured diverse topics, ranging from deer hunting and catering, to figure skating, electronics, and legal services. "We used to tell people if you stick with the ‘safe neighborhood’ you will be safe, and what we see from this list is that even if you stick to the safe neighborhood, it doesn't mean you are safe," said Symantec’s Dan Schrader. "Your own judgment doesn't tell you anything about the security practices of that site." Ken Pappas of Top Layer Security adds that "The list of most-offensive websites is changing and new websites are constantly being infected. This is not something like building a ten most-wanted for criminals at large. "Whether it's ten viruses or ten thousand doesn't matter; the point is, many people are going to what they believe is a legitimate and trusted website. They have no idea or warnings it will potentially put malware in the computer."
More information: http://www.scmagazineus.com/dirtiest-websites-host-average-18000-threats/article/146919/
http://safeweb.norton.com/dirtysites
Friday, October 2, 2009
Computer "Tip of the Day 10-02-09"
Security concerns about popup windows and other hacker tricks.
When connected to and using the Internet, do not respond to popup windows requesting that you to click "ok" for anything.
If a window pops up on your screen informing you that you have a virus or spyware and suggesting that you download an antivirus or antispyware program to take care of it, close the popup window by selecting the X in the upper right corner of the popup window. Do not respond to popup windows informing you that you have to have a new codec, driver, or special program for something in the web page you are visiting. Close the popup window by selecting the X in the upper right corner of the popup window.
Most of these popup windows are actually trying to trick you into clicking on "OK" to download and install spyware or other malicious code onto your computer.
Hackers are known to scatter infected USB drives with provocative labels in public places where their target business’s employees hang out, knowing that curious individuals will pick them up and take them back to their office system to "see what’s on them." What is on them is generally malicious code which installs a spy program or remote control program on the computer. Teach your employees to not bring USB drives into the office and plug them into your business computers (or take them home and plug into their home systems). It is a good idea to disable the "AutoRun" feature for the USB ports on your business computers to help prevent such malicious programs from installing on your systems.
When connected to and using the Internet, do not respond to popup windows requesting that you to click "ok" for anything.
If a window pops up on your screen informing you that you have a virus or spyware and suggesting that you download an antivirus or antispyware program to take care of it, close the popup window by selecting the X in the upper right corner of the popup window. Do not respond to popup windows informing you that you have to have a new codec, driver, or special program for something in the web page you are visiting. Close the popup window by selecting the X in the upper right corner of the popup window.
Most of these popup windows are actually trying to trick you into clicking on "OK" to download and install spyware or other malicious code onto your computer.
Hackers are known to scatter infected USB drives with provocative labels in public places where their target business’s employees hang out, knowing that curious individuals will pick them up and take them back to their office system to "see what’s on them." What is on them is generally malicious code which installs a spy program or remote control program on the computer. Teach your employees to not bring USB drives into the office and plug them into your business computers (or take them home and plug into their home systems). It is a good idea to disable the "AutoRun" feature for the USB ports on your business computers to help prevent such malicious programs from installing on your systems.
Thursday, October 1, 2009
Computer "Tip of the Day 10-01-09"
Security concerns about web links in email, instant messages, social media, or other means.
For business or personal email, do not click on links in email messages. Recently, scams are in the form of embedded links in emails. Once a recipient clicks on the link, malicious software (for example, key stroke logging software) is installed on the user’s computer.
Don’t do it unless you know what the web link connects to and you trust the person who sent the email to you. It is a good idea to call the individual prior to clicking on a link and ask if they sent the email and what the link is for. Always hold the mouse pointer over the link and look at the bottom of the browser window to ensure that the actual link (displayed there) matches the link description in the message. (the mouse pointer changes from an arrow to a tiny hand when placed over an active link)
For business or personal email, do not click on links in email messages. Recently, scams are in the form of embedded links in emails. Once a recipient clicks on the link, malicious software (for example, key stroke logging software) is installed on the user’s computer.
Don’t do it unless you know what the web link connects to and you trust the person who sent the email to you. It is a good idea to call the individual prior to clicking on a link and ask if they sent the email and what the link is for. Always hold the mouse pointer over the link and look at the bottom of the browser window to ensure that the actual link (displayed there) matches the link description in the message. (the mouse pointer changes from an arrow to a tiny hand when placed over an active link)
Subscribe to:
Posts (Atom)