Fraud prevention
Crime follows crowds, and as people have moved online, criminals have too. To protect yourself, it's a good idea to create strong passwords and keep them secret, to know what identity theft looks like and how to prevent it, and what to look for in online financial transaction sites.
Passwords Create strong passwords
5 tips to keep your passwords secret
Password Checker
Phishing and e-mail scams How to reduce the risk of online fraud
Help prevent phishing scams and identity theft
How to recognize phishing e-mail messages and links
How to recognize spoofed Web sites
What to do if you've responded to a phishing scam
Phishing scams that use the Microsoft name or product names
Phishing scams that target activities, interests, or current events
Phishing scams that promise money
Protect your Windows Live ID
Spam Spam: Keep unwanted e-mail out of your inbox
How to handle suspicious e-mail
10 tips for safer instant messaging
Shopping Shop online more safely
6 rules for safer financial transactions online
Protect your privacy with online payment services
Bid in online auctions to avoid ID theft
Avoid online donation scams
Sell items online: 10 steps to stay safe
Buying and selling locally online
Friday, November 5, 2010
Wednesday, November 3, 2010
Microsoft Malware Protection Center (MMPC)
The Microsoft Malware Protection Center (MMPC) is the group at Microsoft that researches and responds to malware and potentially unwanted software. The MMPC provides the Microsoft Malware Protection Engine, the technology that underlies most Microsoft anti-malware security products and services. The Microsoft Malware Protection Engine relies on constantly updated definition files containing detection signatures for thousands of different malware and potentially unwanted software families. To develop these definition files and to respond quickly and effectively to new threats, the MMPC maintains research and response labs in the United States, Ireland, and Australia, with additional researchers in other locations.
The MMPC uses a number of different mechanisms to disseminate malware and security information to the public. The center maintains the Malware Protection Center website, a central source for malware and security information, definition updates, and malware sample submissions. The website includes an encyclopedia that provides detailed analyses of thousands of current threats, including technical information about the threat, how readers can tell if they are infected, and how to recover from the threat or avoid exposure to it altogether.
The MMPC uses a number of different mechanisms to disseminate malware and security information to the public. The center maintains the Malware Protection Center website, a central source for malware and security information, definition updates, and malware sample submissions. The website includes an encyclopedia that provides detailed analyses of thousands of current threats, including technical information about the threat, how readers can tell if they are infected, and how to recover from the threat or avoid exposure to it altogether.
Tuesday, November 2, 2010
Using Email Safely
Anytime you send or receive communications on the Internet or browse a Web site, there are opportunities for individuals to intercept your communications to obtain your email address. If you post to a Usenet newsgroup, list your email address on a Web site, or fill out insecure forms on the Web, your address can be collected by spammers, individuals who use email addresses for commercial advertising to try to gain profit for themselves and to get rich quick.
Listed below are the most important tasks that are covered in this section:
•Never open attachments unless they have been first scanned with an antivirus software program.
•Don’t reply to emails requesting personal information.
•Don’t buy anything from spam email.
•Do not reply or click on links in emails or pop-up messages asking for personal information. Always go directly to the company's Web site.
Dangerous Attachments
Electronic mail can be a major source of security concern. E-mail attachments are an important medium through which viruses, worms, and Trojan Horses spread from one computer to another. Every email attachment is a potential threat to your computer’s security. Choose your email client software carefully.
Regardless of its origin, be cautious and don't open any attachment unless you know the sender. Also, never run or open any attachment from your email program unless it has been scanned with an up-to-date antivirus program. If you're not certain that your antivirus program is working automatically, save the attachment to your hard drive and scan it manually before you open it.
Protecting Against Spam
Junk mail, known as spam, is becoming a very lucrative business for those who use the Internet for commercial advertising. Since email is reasonably inexpensive, senders can blast it out by the millions at a rate much faster and cheaper than using other means such as that delivered by the postal service. Spammers can use automated programs to find email addresses on the Internet very quickly. Unchecked, spam will not only overwhelm legitimate messages but may include viruses that can be dangerous to your computer. Always run antivirus software and keep it up to date.
There are several ways to prevent spam email from reaching you:
•Block junk email. Many email programs have built-in filters that can help you separate spam from your wanted email. You may also try to enlist the help of your Internet Service Provider (ISP). The current version of Microsoft Outlook offers more sophisticated filtering capabilities than earlier versions.
•Hide your address from spammers by setting up a separate email address dedicated solely to Web transactions. Also, watch out for checked boxes when buying things online, as this may indicate that you are giving the company permission to sell or give your email address to other parties.
•Review privacy policies when signing up for Web-based services. This policy should outline the terms and circumstances regarding whether the site will share your information.
•Avoid listing your email address in large Internet directories.
•Don’t set up email accounts to generate automatic responses while you are away from the workplace. This will only verify your email address to those spammers who send you spam while you are away.
•If you have an email address listed on a Web page, consider opening or using a free account. If the Web site is University- related, consider using a departmental account and put that address on the Web page.
Despite your best efforts, you will probably still be subject to a certain amount of spam. Some tips for dealing with spam are:
•Don’t reply to any emails asking for information. If the spam seems to be coming from a disreputable source, do not follow the unsubscribe directions. This only verifies your true email address.
•Don’t buy anything from a spam email.
•Treat an email from a charity asking for money as spam. If you believe in the charity, contact them directly.•If you can’t confirm that the sender is valid, delete the message immediately without opening any attachments.
•Don’t forward chain email messages, such as messages that state "Send this on to all of your friends."
Listed below are the most important tasks that are covered in this section:
•Never open attachments unless they have been first scanned with an antivirus software program.
•Don’t reply to emails requesting personal information.
•Don’t buy anything from spam email.
•Do not reply or click on links in emails or pop-up messages asking for personal information. Always go directly to the company's Web site.
Dangerous Attachments
Electronic mail can be a major source of security concern. E-mail attachments are an important medium through which viruses, worms, and Trojan Horses spread from one computer to another. Every email attachment is a potential threat to your computer’s security. Choose your email client software carefully.
Regardless of its origin, be cautious and don't open any attachment unless you know the sender. Also, never run or open any attachment from your email program unless it has been scanned with an up-to-date antivirus program. If you're not certain that your antivirus program is working automatically, save the attachment to your hard drive and scan it manually before you open it.
Protecting Against Spam
Junk mail, known as spam, is becoming a very lucrative business for those who use the Internet for commercial advertising. Since email is reasonably inexpensive, senders can blast it out by the millions at a rate much faster and cheaper than using other means such as that delivered by the postal service. Spammers can use automated programs to find email addresses on the Internet very quickly. Unchecked, spam will not only overwhelm legitimate messages but may include viruses that can be dangerous to your computer. Always run antivirus software and keep it up to date.
There are several ways to prevent spam email from reaching you:
•Block junk email. Many email programs have built-in filters that can help you separate spam from your wanted email. You may also try to enlist the help of your Internet Service Provider (ISP). The current version of Microsoft Outlook offers more sophisticated filtering capabilities than earlier versions.
•Hide your address from spammers by setting up a separate email address dedicated solely to Web transactions. Also, watch out for checked boxes when buying things online, as this may indicate that you are giving the company permission to sell or give your email address to other parties.
•Review privacy policies when signing up for Web-based services. This policy should outline the terms and circumstances regarding whether the site will share your information.
•Avoid listing your email address in large Internet directories.
•Don’t set up email accounts to generate automatic responses while you are away from the workplace. This will only verify your email address to those spammers who send you spam while you are away.
•If you have an email address listed on a Web page, consider opening or using a free account. If the Web site is University- related, consider using a departmental account and put that address on the Web page.
Despite your best efforts, you will probably still be subject to a certain amount of spam. Some tips for dealing with spam are:
•Don’t reply to any emails asking for information. If the spam seems to be coming from a disreputable source, do not follow the unsubscribe directions. This only verifies your true email address.
•Don’t buy anything from a spam email.
•Treat an email from a charity asking for money as spam. If you believe in the charity, contact them directly.•If you can’t confirm that the sender is valid, delete the message immediately without opening any attachments.
•Don’t forward chain email messages, such as messages that state "Send this on to all of your friends."
Using Email Safely
Anytime you send or receive communications on the Internet or browse a Web site, there are opportunities for individuals to intercept your communications to obtain your email address. If you post to a Usenet newsgroup, list your email address on a Web site, or fill out insecure forms on the Web, your address can be collected by spammers, individuals who use email addresses for commercial advertising to try to gain profit for themselves and to get rich quick.
Listed below are the most important tasks that are covered in this section:
•Never open attachments unless they have been first scanned with an antivirus software program.
•Don’t reply to emails requesting personal information.
•Don’t buy anything from spam email.
•Do not reply or click on links in emails or pop-up messages asking for personal information. Always go directly to the company's Web site.
Dangerous Attachments
Electronic mail can be a major source of security concern. E-mail attachments are an important medium through which viruses, worms, and Trojan Horses spread from one computer to another. Every email attachment is a potential threat to your computer’s security. Choose your email client software carefully.
Regardless of its origin, be cautious and don't open any attachment unless you know the sender. Also, never run or open any attachment from your email program unless it has been scanned with an up-to-date antivirus program. If you're not certain that your antivirus program is working automatically, save the attachment to your hard drive and scan it manually before you open it.
Protecting Against Spam
Junk mail, known as spam, is becoming a very lucrative business for those who use the Internet for commercial advertising. Since email is reasonably inexpensive, senders can blast it out by the millions at a rate much faster and cheaper than using other means such as that delivered by the postal service. Spammers can use automated programs to find email addresses on the Internet very quickly. Unchecked, spam will not only overwhelm legitimate messages but may include viruses that can be dangerous to your computer. Always run antivirus software and keep it up to date.
There are several ways to prevent spam email from reaching you:
•Block junk email. Many email programs have built-in filters that can help you separate spam from your wanted email. You may also try to enlist the help of your Internet Service Provider (ISP). The current version of Microsoft Outlook offers more sophisticated filtering capabilities than earlier versions.
•Hide your address from spammers by setting up a separate email address dedicated solely to Web transactions. Also, watch out for checked boxes when buying things online, as this may indicate that you are giving the company permission to sell or give your email address to other parties.
•Review privacy policies when signing up for Web-based services. This policy should outline the terms and circumstances regarding whether the site will share your information.
•Avoid listing your email address in large Internet directories.
•Don’t set up email accounts to generate automatic responses while you are away from the workplace. This will only verify your email address to those spammers who send you spam while you are away.
•If you have an email address listed on a Web page, consider opening or using a free account. If the Web site is University- related, consider using a departmental account and put that address on the Web page.
Despite your best efforts, you will probably still be subject to a certain amount of spam. Some tips for dealing with spam are:
•Don’t reply to any emails asking for information. If the spam seems to be coming from a disreputable source, do not follow the unsubscribe directions. This only verifies your true email address.
•Don’t buy anything from a spam email.
•Treat an email from a charity asking for money as spam. If you believe in the charity, contact them directly.•If you can’t confirm that the sender is valid, delete the message immediately without opening any attachments.
•Don’t forward chain email messages, such as messages that state "Send this on to all of your friends."
Listed below are the most important tasks that are covered in this section:
•Never open attachments unless they have been first scanned with an antivirus software program.
•Don’t reply to emails requesting personal information.
•Don’t buy anything from spam email.
•Do not reply or click on links in emails or pop-up messages asking for personal information. Always go directly to the company's Web site.
Dangerous Attachments
Electronic mail can be a major source of security concern. E-mail attachments are an important medium through which viruses, worms, and Trojan Horses spread from one computer to another. Every email attachment is a potential threat to your computer’s security. Choose your email client software carefully.
Regardless of its origin, be cautious and don't open any attachment unless you know the sender. Also, never run or open any attachment from your email program unless it has been scanned with an up-to-date antivirus program. If you're not certain that your antivirus program is working automatically, save the attachment to your hard drive and scan it manually before you open it.
Protecting Against Spam
Junk mail, known as spam, is becoming a very lucrative business for those who use the Internet for commercial advertising. Since email is reasonably inexpensive, senders can blast it out by the millions at a rate much faster and cheaper than using other means such as that delivered by the postal service. Spammers can use automated programs to find email addresses on the Internet very quickly. Unchecked, spam will not only overwhelm legitimate messages but may include viruses that can be dangerous to your computer. Always run antivirus software and keep it up to date.
There are several ways to prevent spam email from reaching you:
•Block junk email. Many email programs have built-in filters that can help you separate spam from your wanted email. You may also try to enlist the help of your Internet Service Provider (ISP). The current version of Microsoft Outlook offers more sophisticated filtering capabilities than earlier versions.
•Hide your address from spammers by setting up a separate email address dedicated solely to Web transactions. Also, watch out for checked boxes when buying things online, as this may indicate that you are giving the company permission to sell or give your email address to other parties.
•Review privacy policies when signing up for Web-based services. This policy should outline the terms and circumstances regarding whether the site will share your information.
•Avoid listing your email address in large Internet directories.
•Don’t set up email accounts to generate automatic responses while you are away from the workplace. This will only verify your email address to those spammers who send you spam while you are away.
•If you have an email address listed on a Web page, consider opening or using a free account. If the Web site is University- related, consider using a departmental account and put that address on the Web page.
Despite your best efforts, you will probably still be subject to a certain amount of spam. Some tips for dealing with spam are:
•Don’t reply to any emails asking for information. If the spam seems to be coming from a disreputable source, do not follow the unsubscribe directions. This only verifies your true email address.
•Don’t buy anything from a spam email.
•Treat an email from a charity asking for money as spam. If you believe in the charity, contact them directly.•If you can’t confirm that the sender is valid, delete the message immediately without opening any attachments.
•Don’t forward chain email messages, such as messages that state "Send this on to all of your friends."
Friday, October 29, 2010
Most Active Botnet Families in 2Q10
Microsoft anti-malware products and utilities include detection signatures for many individual bot families, and the number continues to grow as malware creators pursue efforts to evade detection and create more effective botnets.
Microsoft desktop anti-malware products removed bots from 6.5 million computers around the world in 2Q10. The following link show the top 25 Bot Families.
http://www.microsoft.com/security/sir/story/default.aspx#section_3_1
Microsoft desktop anti-malware products removed bots from 6.5 million computers around the world in 2Q10. The following link show the top 25 Bot Families.
http://www.microsoft.com/security/sir/story/default.aspx#section_3_1
Most Active Botnet Families in 2Q10
Microsoft anti-malware products and utilities include detection signatures for many individual bot families, and the number continues to grow as malware creators pursue efforts to evade detection and create more effective botnets.
Microsoft desktop anti-malware products removed bots from 6.5 million computers around the world in 2Q10. The following link shows the top 25 Bot Families.
http://www.microsoft.com/security/sir/story/default.aspx#section_3_1
Microsoft desktop anti-malware products removed bots from 6.5 million computers around the world in 2Q10. The following link shows the top 25 Bot Families.
http://www.microsoft.com/security/sir/story/default.aspx#section_3_1
Thursday, October 28, 2010
Dirty Tricks and Larceny!
[Editor's Note: (Wyman) This month we present an overview of why and how the Bad Guys do it, what it's called, and what you can do to protect your computer.]
Blackhats. Hackers who use their skills for explicitly criminal or other malicious ends, such as writing malware (malicious software) to steal credit card numbers and banking data or by phishing; a.k.a. the Bad Guys.
Phishing. The practice of sending out fake email messages that look as if they come from a trusted person or institution-usually a bank-in order to trick people into handing over confidential information. The emails often direct you to a website that looks like that of the real financial institution. But it is a fake and has been rigged to collect your personal information, such as passwords, credit card numbers and bank account numbers, and transmit them to the Bad Guys.
Man-in-the-middle. An attack in which a criminal hacker intercepts information sent between your computer and the website of your financial institution and then uses that information to impersonate you in cyberspace. The hacker is able to defeat even very sophisticated security measures and gain access to your account.
Botnet. Botnets consist of large numbers of hijacked computers that are under the remote control of a criminal or a criminal organization. The hijacked computers-a.k.a. "zombies" or "bots" (short for "robots") -are recruited using viruses spread by email or drive-by downloads. Worms are used to find and recruit additional computers. The biggest botnets consist of thousands and even millions of computers, most often unprotected home computers.
Virus. A malicious program that usually requires some action on the part of a user in order to infect a computer; for example, opening an infected attachment or clicking on a link in a rigged email may trigger a virus to infect your computer.
Drive-by Download. A kind of malware that installs itself automatically when you visit a booby-trapped website. Symptoms of a drive-by download
include: your homepage has been changed, unwanted toolbars have been added, and unfamiliar bookmarks appear in your browser.
Worm. Self-replicating malware that, for instance, hunts down unprotected computers and recruits them for criminal or other malicious purposes. Unlike a virus, worms do not require any action on your part in order to infect your computer.
Fake Anti-Virus. Fake anti-virus software purports to be a helpful program than can find and remove malware, but in fact it is malware--the very thing that it's supposed to eliminate. After taking over your computer, it pretends to do security scans, tells you it has found malware, and then asks you to pay to have the non-existent malware removed. Whether or not you pay, fake anti-virus is likely to install more malware.
Whitehats. Hackers who use their skills for positive ends, and often for thwarting blackhats. Many whitehats are security professionals who spend their time identifying and fixing vulnerabilities in software that blackhats seek to exploit for criminal or other malicious purposes.
Security suite. A set of software applications designed to protect your computer that consists of anti-virus, anti-malware and a personal firewall.
Anti-virus and anti-malware. Helpful software applications that scan your computer for certain patterns of infection. The patterns they scan for are the signatures, or definitions, of known forms of malware. Since Bad Guys are creating new forms of malware continuously, it is important that you keep your anti-virus and anti-malware definitions updated.
Personal firewall. Software that monitors incoming and outgoing traffic on your computer and checks for suspicious patterns indicating the presence of malware or other malicious activity. A personal firewall alerts you to these threats and attempts to block them. Like anti-virus and anti-malware software, personal firewalls require frequent updates to provide effective protection.
Updates. Security software relies on frequent updates in order to be able to counteract previously undetected forms of malware. Consequently, your computer may suffer a "window of vulnerability" between the time a new form of malware is identified and the time when your security software can block it or remove the infection. Set your security software to update automatically.
Patches. Operating systems, like Windows and OS X, and software applications, such as Internet Explorer and Firefox, may be found to contain security flaws or holes that make your computer vulnerable to attack. Their makers release patches to plug the holes. The fastest and surest way to get these installed quickly is to use auto-updating via the Internet. Some software applications require manual updating.
Black Tuesday a.k.a. Patch Tuesday. On the second Tuesday of each month Microsoft releases security patches for Windows, Internet Explorer, Office and its other software products. You can have these installed automatically using Microsoft Update.
Auto-updating. A software tool built into Windows ("Microsoft Update") and OS X ("Auto Update") and many other applications which can download and install important security updates and patches for software installed on your computer automatically.
Blackhats. Hackers who use their skills for explicitly criminal or other malicious ends, such as writing malware (malicious software) to steal credit card numbers and banking data or by phishing; a.k.a. the Bad Guys.
Phishing. The practice of sending out fake email messages that look as if they come from a trusted person or institution-usually a bank-in order to trick people into handing over confidential information. The emails often direct you to a website that looks like that of the real financial institution. But it is a fake and has been rigged to collect your personal information, such as passwords, credit card numbers and bank account numbers, and transmit them to the Bad Guys.
Man-in-the-middle. An attack in which a criminal hacker intercepts information sent between your computer and the website of your financial institution and then uses that information to impersonate you in cyberspace. The hacker is able to defeat even very sophisticated security measures and gain access to your account.
Botnet. Botnets consist of large numbers of hijacked computers that are under the remote control of a criminal or a criminal organization. The hijacked computers-a.k.a. "zombies" or "bots" (short for "robots") -are recruited using viruses spread by email or drive-by downloads. Worms are used to find and recruit additional computers. The biggest botnets consist of thousands and even millions of computers, most often unprotected home computers.
Virus. A malicious program that usually requires some action on the part of a user in order to infect a computer; for example, opening an infected attachment or clicking on a link in a rigged email may trigger a virus to infect your computer.
Drive-by Download. A kind of malware that installs itself automatically when you visit a booby-trapped website. Symptoms of a drive-by download
include: your homepage has been changed, unwanted toolbars have been added, and unfamiliar bookmarks appear in your browser.
Worm. Self-replicating malware that, for instance, hunts down unprotected computers and recruits them for criminal or other malicious purposes. Unlike a virus, worms do not require any action on your part in order to infect your computer.
Fake Anti-Virus. Fake anti-virus software purports to be a helpful program than can find and remove malware, but in fact it is malware--the very thing that it's supposed to eliminate. After taking over your computer, it pretends to do security scans, tells you it has found malware, and then asks you to pay to have the non-existent malware removed. Whether or not you pay, fake anti-virus is likely to install more malware.
Whitehats. Hackers who use their skills for positive ends, and often for thwarting blackhats. Many whitehats are security professionals who spend their time identifying and fixing vulnerabilities in software that blackhats seek to exploit for criminal or other malicious purposes.
Security suite. A set of software applications designed to protect your computer that consists of anti-virus, anti-malware and a personal firewall.
Anti-virus and anti-malware. Helpful software applications that scan your computer for certain patterns of infection. The patterns they scan for are the signatures, or definitions, of known forms of malware. Since Bad Guys are creating new forms of malware continuously, it is important that you keep your anti-virus and anti-malware definitions updated.
Personal firewall. Software that monitors incoming and outgoing traffic on your computer and checks for suspicious patterns indicating the presence of malware or other malicious activity. A personal firewall alerts you to these threats and attempts to block them. Like anti-virus and anti-malware software, personal firewalls require frequent updates to provide effective protection.
Updates. Security software relies on frequent updates in order to be able to counteract previously undetected forms of malware. Consequently, your computer may suffer a "window of vulnerability" between the time a new form of malware is identified and the time when your security software can block it or remove the infection. Set your security software to update automatically.
Patches. Operating systems, like Windows and OS X, and software applications, such as Internet Explorer and Firefox, may be found to contain security flaws or holes that make your computer vulnerable to attack. Their makers release patches to plug the holes. The fastest and surest way to get these installed quickly is to use auto-updating via the Internet. Some software applications require manual updating.
Black Tuesday a.k.a. Patch Tuesday. On the second Tuesday of each month Microsoft releases security patches for Windows, Internet Explorer, Office and its other software products. You can have these installed automatically using Microsoft Update.
Auto-updating. A software tool built into Windows ("Microsoft Update") and OS X ("Auto Update") and many other applications which can download and install important security updates and patches for software installed on your computer automatically.
Wednesday, October 27, 2010
Featured Intelligence – Battling Botnets
What is a Botnet?
Botnets Today
The botnet world is divided between bot families that are closely controlled by individual groups of attackers and bot families that are produced by malware kits. These kits are collections of tools, sold and shared within the malware underground, that enable aspiring bot-herders to assemble their own botnet by creating and spreading customized malware variants. Several malware kits are freely available for downloading and sharing; some have been published as open source code, which enables malware developers to create modified versions of the kits. Other kits are developed by individual groups and sold like legitimate commercial software products, sometimes even including support agreements. For example, variants in the Win32/Zbot family are built from a commercial malware kit called Zeus; Win32/Pushbot bots are built from a kit called Reptile.The existence of botnet malware kits is one of the reasons why it is difficult for security researchers to estimate the number and size of botnets currently in operation. Detections of malware samples from a family like Zbot, for example, do not necessarily represent a single large botnet controlled by one individual or group, but instead may indicate an unknown number of unrelated botnets controlled by different people, some of which might encompass just a handful of controlled computers.
Bot operators use several tactics to attack organizations, companies, and individuals in an effort to achieve their goals. Botnets typically exhibit a variety of behaviors based on the purpose of the attacks and the tools used to establish them. Being aware of and understanding the different attacking mechanisms can help IT and security professionals gain a deeper understanding of the nature of the botnet, the purpose behind it, and sometimes even the origin of the attack.
Bots, like other kinds of malware, can be spread in a number of different ways. Three common ways that computers are successfully compromised involve the following tactics:
•Exploiting weak or non-existent security policies.
•Exploiting security vulnerabilities.
•Using social engineering tactics to manipulate people into installing malware.
Some bots are designed to spread using these techniques directly, as worms; security researchers analyze the behavior of these self-replicating bots to learn more about how they spread. Other bots don’t spread themselves directly, and are delivered by other malware families as payloads.
Many attackers and types of malware attempt to exploit weak or non-existent security policies. The most common examples of such exploits are attackers taking advantage of weak passwords and/or unprotected file shares. A threat that gains control of a user’s account credentials could perform all of the actions the user is allowed to perform, which could include accessing or modifying resources as a local or domain administrator.
Other types of malware attempt to exploit security vulnerabilities to gain unauthorized access to computer systems. This type of attack is more successful on older operating systems than on newer systems that are designed with security as a core requirement. An analysis of infections reported by the Microsoft Malicious Software Removal Tool (MSRT) during the second quarter of 2010 (2Q10) reveals that infection rates for computers around the world are significantly lower on newer versions of the Windows operating system than on older versions.
Botnets Today
The botnet world is divided between bot families that are closely controlled by individual groups of attackers and bot families that are produced by malware kits. These kits are collections of tools, sold and shared within the malware underground, that enable aspiring bot-herders to assemble their own botnet by creating and spreading customized malware variants. Several malware kits are freely available for downloading and sharing; some have been published as open source code, which enables malware developers to create modified versions of the kits. Other kits are developed by individual groups and sold like legitimate commercial software products, sometimes even including support agreements. For example, variants in the Win32/Zbot family are built from a commercial malware kit called Zeus; Win32/Pushbot bots are built from a kit called Reptile.The existence of botnet malware kits is one of the reasons why it is difficult for security researchers to estimate the number and size of botnets currently in operation. Detections of malware samples from a family like Zbot, for example, do not necessarily represent a single large botnet controlled by one individual or group, but instead may indicate an unknown number of unrelated botnets controlled by different people, some of which might encompass just a handful of controlled computers.
Bot operators use several tactics to attack organizations, companies, and individuals in an effort to achieve their goals. Botnets typically exhibit a variety of behaviors based on the purpose of the attacks and the tools used to establish them. Being aware of and understanding the different attacking mechanisms can help IT and security professionals gain a deeper understanding of the nature of the botnet, the purpose behind it, and sometimes even the origin of the attack.
Bots, like other kinds of malware, can be spread in a number of different ways. Three common ways that computers are successfully compromised involve the following tactics:
•Exploiting weak or non-existent security policies.
•Exploiting security vulnerabilities.
•Using social engineering tactics to manipulate people into installing malware.
Some bots are designed to spread using these techniques directly, as worms; security researchers analyze the behavior of these self-replicating bots to learn more about how they spread. Other bots don’t spread themselves directly, and are delivered by other malware families as payloads.
Many attackers and types of malware attempt to exploit weak or non-existent security policies. The most common examples of such exploits are attackers taking advantage of weak passwords and/or unprotected file shares. A threat that gains control of a user’s account credentials could perform all of the actions the user is allowed to perform, which could include accessing or modifying resources as a local or domain administrator.
Other types of malware attempt to exploit security vulnerabilities to gain unauthorized access to computer systems. This type of attack is more successful on older operating systems than on newer systems that are designed with security as a core requirement. An analysis of infections reported by the Microsoft Malicious Software Removal Tool (MSRT) during the second quarter of 2010 (2Q10) reveals that infection rates for computers around the world are significantly lower on newer versions of the Windows operating system than on older versions.
Thursday, June 24, 2010
Tips for everyday Office tasks
We know that Microsoft Office is your go-to program for getting everyday home and work tasks accomplished. That’s why, when we heard about the excellent features and improvements packed into Office 2010, we couldn’t wait to update our articles. Our articles now include advice on how to use many of the new features of Office 2010, along with instruction on how to find your favorite, tried-and-true Office tools.
Don’t worry! Our Office 2007 tips are still included—the articles are now packed with even more helpful tips and advice.
7 ways to organize your email
6 ways to ensure your email gets read
9 tips to manage your files better
12 tips for creating better documents
12 tips for creating better presentations
6 ways to streamline your tasks in Outlook
5 ways to collaborate successfully on a virtual team
4 ways to take control of your email Inbox
Save time with quick computer shortcuts
Create incredible documents more easily using Office 2010
5 good computing habits
Vacation checklist
Back up your data
Don’t worry! Our Office 2007 tips are still included—the articles are now packed with even more helpful tips and advice.
7 ways to organize your email
6 ways to ensure your email gets read
9 tips to manage your files better
12 tips for creating better documents
12 tips for creating better presentations
6 ways to streamline your tasks in Outlook
5 ways to collaborate successfully on a virtual team
4 ways to take control of your email Inbox
Save time with quick computer shortcuts
Create incredible documents more easily using Office 2010
5 good computing habits
Vacation checklist
Back up your data
Tuesday, June 8, 2010
The Windows 7 Upgrade Advisor
The tool that I want to show you is the Windows 7 Upgrade Advisor. The Windows 7 Upgrade Advisor is a really lightweight compatibility testing tool. It is most appropriate for use in small organizations, although it can be used in larger organizations if you want to get a general idea of the types of issues that might be uncovered during more comprehensive testing.
You can download the Windows 7 Upgrade advisor here. After downloading the Windows 7 Upgrade Advisor, you must install it onto the PCs that you are considering upgrading. You can perform the compatibility tests by simply clicking the Start Check button.
You can download the Windows 7 Upgrade advisor here. After downloading the Windows 7 Upgrade Advisor, you must install it onto the PCs that you are considering upgrading. You can perform the compatibility tests by simply clicking the Start Check button.
Apology!
I want to Apologise to everyone who reads the blog for not having it up to date.
I will do better.
David
I will do better.
David
Monday, April 12, 2010
Microsoft Small Business Center!
The Microsoft Small Business Center offers Products & Demos, Security & Support, Articles & Research.
Http://microsoft.com/smallbusiness/hub.mspx
Checkout the Microsoft Business Productivity Online Suite.
Http://microsoft.com/smallbusiness/hub.mspx
Checkout the Microsoft Business Productivity Online Suite.
Tuesday, April 6, 2010
Microsoft Business Resource Center!
Because there is such an abundance of information on this site I am going to post the next link on Monday the 12th of April.
Again here isd the link for the resource center.
http://www.microsoft.com/business/mycenter/?qstr=CR_CC10033264&CR_ID=
Again here isd the link for the resource center.
http://www.microsoft.com/business/mycenter/?qstr=CR_CC10033264&CR_ID=
Monday, April 5, 2010
Microsoft Business Resource Center!
In todays business world just about every company large or small uses computers. This site is free to join and offers everything from Self Help Resources to Training and Events.
Here is the link.
http://www.microsoft.com/business/mycenter/?qstr=CR_CC=100332641&CR ID=
Here is the link.
http://www.microsoft.com/business/mycenter/?qstr=CR_CC=100332641&CR ID=
Monday, March 29, 2010
For your Information!
Starting on April 1st I am going to provide links to different Microsoft pages where you can get free training for Microsoft products and information about Microsofts newest version of Windows "Windows 7".
I hope these links and information will be useful to everyone.
David
I hope these links and information will be useful to everyone.
David
Subscribe to:
Posts (Atom)