DMANd Security » Virus

Best Weekend Reading

Joe Lofshult — Fri, 03 Apr 2009 19:17:06 +0000

Be Careful What You Make Public On Facebook

All it takes is a simple Google search, and phishers and marketers can glean a treasure trove of private information based on relationships among Facebook “friends,” according to new research.

Cyber-crime rising, report warns

Complaints of internet fraud received by a US watchdog last year rose by 33% from 2007, its latest report shows. The IC3 warned that figures would probably rise through 2009 as the global economic downturn deepens.

Scammers have been using the media hype about the Conficker worm to scare people into downloading and paying for worthless software that actually does nothing (or worse). Conficker Hype Used by Rogue Gangs

Speaking of the Conficker worm, F-Secure did a nice post to answer questions now that the April 1st Conficker magical date has passed. Post April 1st Conficker Q&A

Conficker’s April Fools Fizzled, But Threat Remains

One problem with over-hyped threats that fail to live up to expectations (as they invariably do) is that they tend to desensitize the average user to more insidious, stealthier threats, Baldwin said.

Finally, here’s a good post on the threat of Targeted Attacks

Weekend Reading A Realistic ~12 Step Program for Securing Your Small Business...

Related posts brought to you by Yet Another Related Posts Plugin.

Conficker: An Overhyped Dud?

Joe Lofshult — Wed, 01 Apr 2009 21:13:45 +0000

We’re well over half way through April 1st in the US and there have been very few reports of Conficker activity. It seems that the hype around the worm was like (and thankfully more short lived) than the hype back in 1999 about the devastation that would occur on January 1, 2000.

F-Secure has been doing a tremendous job of following the Conficker worm and had several updates on their blog today if you’re interested.

And if you’re looking for a little humor about the Conficker worm on this April Fool’s Day, have a look at Brian Krebs’ column at Security Fix.

A nuclear missile installation near Elmendorf Air force Base outside of Anchorage, Alaska briefly went on a full-scale military alert after technicians manning the bunker suspected that several of their control systems were infected with Conficker. According to wire reports, the remote facility temporarily moved to Defense Condition (Defcon) 3 in the pre-dawn hours, but quickly backed down from that posture. An airman at the installation who asked not to be identified blamed the mishap on “way too much caffeine” consumed by occupants inside the secluded underground control room.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Top 10 Ways To Get Your Computer Infected

Joe Lofshult — Fri, 06 Feb 2009 12:57:35 +0000

Today I’ve created a Top Ten list (in David Letterman style) for the best ways to ensure your computer gets infected with some type of malicious software.

10) Click on every link you get in email messages and instant messages, whether you know who the messages are from or not.

9) Download lots of free applications over file sharing networks like BitTorrent and LimeWire. Oh boy, someone just uploaded a new version of Quickbooks or a cool new screen saver. And nobody would every put an infected piece of code on those networks, right, so why should you worry.

8) Don’t use anti-spyware software. Just because the Identifty Theft Research Center calls identity theft America’s fastest growing crime and predicts a boom year for identity thieves in 2009, there’s no reason to worry, right. Nobody would ever want to steal your credit card numbers, bank accounts, or passwords. Even though there are great free options like AdAware and Spybot, why bother.

7) Use Internet Explorer as your default browser, rather than a more secure browser like Firefox. Microsoft’s browser is just so convenient, and after all, Microsoft’s browser never has security holes, right.

6) Don’t use the Firefox NoScript add-on. The NoScript add on (for Firefox and Flock) blocks many of the malicious Javascript and Flash programs on the Internet, but you’re not worried about those, are you.

5) Don’t use a firewall. Turn off Windows firewall and any firewall you have in your home router. And don’t use any free firewalls like Comodo. They’re just too much trouble and keep you from using the file sharing networks you want to.

4) Don’t use anti-virus software on your computer. The number of malicious programs on the Internet tripled between 2007 and 2008 to a record 1.5 million, but you’re not going to run into any of those, are you. And even though there are plenty of great anti-virus programs out there like F-Secure, Trend Micro, Kaspersky Labs, Symantec, and the free AVG, they’re just too much bother.

3) Don’t update your anti-virus software. The version you bought in 2004 and stopped updating should be good enough, right. Just because the number of new malicious programs has gone from 250,000 total in 1997-2006 to 500,000 in 2007 to 1.5 million in 2008, that’s no reason to upgrade.

2) Never upgrade your software applications. Sure, Quicktime, Acrobat Reader, and about every other software application has security issues identified on a regular basis, but you’re sure the version you have is just fine.

And…

1) Don’t apply patches to your computer. It’s just too much trouble to download those latest Microsoft patches, so why bother.

This list, of course, is done in jest, as a way to remind everyone of the importance of following basic Internet safety to keep your computer from becoming just another zombie (or bot) under some hacker’s control.

I hope you’ve enjoyed reading it and have found the humor in it. However, I also hope it has also provided you with some ideas for ways to increase the security of your computer so you can better enjoy your online experience.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Fast Spreading Windows Worm on the Move

Joe Lofshult — Sat, 17 Jan 2009 13:12:38 +0000

According to F-Secure, there is a Windows worm/virus spreading very rapidly among computers right now. Although the worm does not appear to do any damage initially, it carries with it the ability to download new instructions in the future. It could potentially start stealing sensitive data from your computer or doing other damage.

F-Secure estimates the Downadup worm, as it is known, has infected over 8.9 million computers around the world, an increase of 6.5 million hosts in just 4 days.

To protect your computers, make sure you have downloaded the latest patches from Microsoft. If you are having problems with the auto update from Microsoft, you can download the patches here:

Also, make sure your Anti-Virus software is up-to-date. If you do not have anti-virus, either check with your Internet provider to see if they offer one for free (Cox Cable provides software free to their home users), or check out one of these:

F-Secure (F-Secure also offers a free online anti-virus scanner)
Kaspersky Labs (They offer a free 15 day trial)

And do not share share USB media with other computers if you are unsure of their security.

The Downadup worm spreads via the Internet, local networks, and removable media (for example, USB drives). Once a machine is infected, it will start scanning for other vulnerable machines and spread itself to them.

If you find a system on your network is infected, you’ll need to make sure all systems on your network are disinfected or the worm will continue to spread. F-Secure is offering a free tool to remove the Downadup worm from your system. Symantec also has manual instructions for removing the worm.

For additional information on the Downadup worm, see the bulletin here.

Weekend Reading Malware authors are opportunists, always looking for the latest...

Related posts brought to you by Yet Another Related Posts Plugin.