Using Social Media? Get Your Guard Up!

You love to keep your family and friends informed of what’s going on in your life.  You are on Myspace, Twitter and Facebook.  How much do you know about those people wanting to be friends or follow you?  The  Internet Crime Complaint Center (IC3), which is a partnership between the FBI and the National White Collar Crime Center, released an Intelligence Note 0n Oct. 1.

Fraudsters continue to hijack accounts on social networking
sites and spread malicious software by using various techniques. One technique involves the use of spam to promote phishing sites, claiming there has been a violation of the terms of agreement or some other type of issue which needs to be resolved. Other spam entices users to download an application or view a video.  Some spam appears to be sent from users' "friends", giving the perception of being
legitimate. Once the user responds to the phishing site, downloads the application, or clicks on the video link, their computer, telephone or other digital device becomes infected.

Read more here.

With that Info,

Safer Surfing!

Appears it is script-kiddies at work

"The ongoing DDoS attacks that have been targeting a series of U.S. government sites as well as some commercial sites is likely not the work of any government organization and is being executed by an old piece of malware that is designed to ruin files on infected PCs rather than steal data, experts say."

So no cyber-terrorism but this still shows that more needs to be done at the governmental and private levels of security!

Read more at digital underground.

With that Info,

Safer Surfing!

Cyber Attack or Cyber Terrorism?

Several South Korean and US Government sites have been attacked since the 4th of July weekend.

"Although the National Intelligence Service did not identify whom they believed responsible, the South Korean news agency Yonhap reported that the spy agency had implicated North Korea or pro-North Korea groups."

Is this just an attack by "script-kiddies" or a serious cyberterrorism attack?  It's time for some action to secure our Governments networks and at the same time secure our own private PC's and networks!

Read more in The New York Times.

With that Info,

Safer Surfing!

Morning Rituals of a Geek

As I do every morning, today I got my coffee started and fired up my laptop.  My first stop is to check my mail - need to know if I was important over night!  By the time I've sorted out the spam that did not get filtered and the real mail that did get filtered the coffee pot is calling, so I stop for a cuppa.

First cup down and grab another before getting back to business at hand.  Need to check my tweets - 5 DM's and god knows how many other tweets.  More coffee. Facebook is next!  I play a game of Farkle to try and set a new high score then check up on what has happened in the Facebook world of mine.  Not much, so it's time for another cuppa. (Note to self - get bigger coffee pot!)

Now it's time to check on my forum work at SpywareHammer.  Although there are "How to ....." posts at the top of the forum most people just don't seem to read.  As I shake my head about some of the interesting things I've read it's time for another cuppa. (Coffee pot is empty - start another one)

Now I can check on and read things for fun and or informational virtue.  My Tweetdeck keeps interrupting with new tweets and FB updates so I better check that real quick(and get another cuppa).  Ok, so back to the forums and what do I read in a post there.

Facebook URLs can reveal your browsing history

Huh?  What's this?

Ever copied a Facebook link from your address bar and pasted it to someone? If you have, there’s a possibility you also sent that person a snippet of your Facebook browsing history. In this article, FBHive explains how and why this happens, and what can be done to prevent it.

So I have to leave for now to go and read more here.

With this info,

Safer Surfing!

P.S.  I will buy a bigger coffee pot later today!

Updates are Available!

Argie Gallego, an Anti-Spam Research Engineer at Trendlabs, writes in the Trendmicro blog about emails purporting to be "Critical Updates" for Outlook and Outlook Express.

Microsoft Corporation regularly issues updates to fix bugs and security vulnerabilities in its software products. These updates are meant to protect its users from different attacks that depend mainly on exploiting these documented bugs.

Close to the weekend, we identified spam claiming to be a Microsoft Outlook and Outlook Express critical update that “offers the highest levels of stability and security.”

Read more here.

With that Info,

Safer Surfing!

To secure or not to secure

A letter sent to Google’s CEO, Eric Schmidt asks that Google up it's security for online users.  Specifically it asks that industry standard transport encryption technology (HTTPS) for Google Mail, Docs, and Calendar be enabled by default.

Google supports HTTPS encryption for the entire Gmail, Docs or Calendar session. However, this is disabled by default, and the configuration option controlling this security mechanism is not easy to discover. Few users know the risks they face when  logging into Google’s Web applications from an unsecured network, and Google’s existing efforts are little help.

Raising the security for all users would definitely make things safer but is the "unknowledgeable" user going to understand why things are running a little slower?  It will take some good PR from Google to make security concerns, instead of speed, a priority for end-users.

With that Info,

Safer Surfing!

I heard, "Damn Microsoft virus!"

With my finals done, I was hanging out in the Student Union drinking a Starbucks and relaxing before driving home.  At the table next to mine were 3 students having a conversation about the Windows 7 RC.  I listened in as they were telling each other about their experiences after the download.

Student1, "Microsoft is sending out an infected download!"

Student2, "Sure are.  My PC had all kinds stuff popping up after I got it installed.

Student3, "I told you both to quit using bitTorrent to download stuff.  Don't you realize that you can get a clean version directly from Microsoft?

At least 1 of them was smart enough to do the right thing.  I later found out that all 3 were Computer Science majors and could have downloaded the RC from the schools MSDN page.

Be advised there are several infected torrents out there!  Don't use them.  If you want a clean version then go to the Microsoft site to get the original download.

With that Info,

Safer Surfing!

April 2009 Advanced Notification

Just a quick post for all Windows users that read this.

Hello, Bill here.

I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release, scheduled for Tuesday, April 14, 2009 around 10 a.m. Pacific Daylight Time. This should help you plan for your deployment process for next week and address these vulnerabilities to protect your computing environments.

 

With that Info,

Safer Surfing!

Dear Jon, An open letter to new US FTC Chairman

I don't know about you but my email box is still being flooded with spam.  Yes, there are some laws out there that try (notice I said try) to stem the flow but they just are not working.  It would be nice if the Governments, State, Federal and International, could get together and do something about it.  The grass roots fighters are being left to hang.  They collect information for all levels of law enforcement but it seems like it just isn't being reacted to.  Now it's time to go to the top and I agree with an online colleague of mine that penned the following open letter.

An open letter to new US FTC Chairman Jon Leibowitz

We very much support the efforts the FTC is taking to educate consumers about Internet fraud and identity theft, and we recommend that everyone view the excellent materials online at ftc.gov. However, those types of problems require a level of coordinated effort beyond what any one individual or business can accomplish. We urge the next head of the FTC to see the big picture. And one obvious part of the picture is spam.

Spam is like a flashing light alerting us to far more serious criminal activity beneath the surface. By minimizing the severity of spammers' offenses, you lose the ability to expose and investigate much deeper risks to the US, even impacting on national security.

Spam -- unsolicited commercial email -- is a nuisance. Because it is so inexpensive to advertise through email, spam volume has ballooned to comprise the vast majority of email messages. And the majority of the spam being mailed advertises products that are fraudulent or illegal, whose sponsors do not care about building a positive brand image. Most users have little idea how much spam would be arriving in their inboxes if their Internet service providers were not using strategies to block the worst of it

Please read the entire letter here and pass this along.

With that info,

Safer Surfing!

Are You Infected?

It is not uncommon for malware to have self protection measures in place to prevent removal. Such tricks as blocking access to security websites, killing beneficial security tool processes/services, and preventing Windows Updates from running are quite widespread today.  They are definitely signs of infection but they are not unique to Conficker.

Take a look at the following Eye Chart.

If you fall into category 2 or 3 (those in red) please read How to Create and Post a HijackThis log, so that the helpers at SpywareHammer can determine what type of infection you have and help you remove it.

With that info,

Safer Surfing!

Fix it quick - please

zdnet's blog is reporting a serious security flaw in Mozilla's Firefox. 

"Mozilla’s security response team is scrambling to ready a patch for what appears to be a serious security flaw affecting its flagship Firefox browser."

Read more at Exploit Code....

With that info,

Safer Surfing!

It IS time to take action.

It is time to take action!  I know many of you do not like MS and all the updates it has but they do make things more secure.  April 1st is set to be a bad day for the Internet users of the world.  If your machine is secure, like mine, then you should be safe

Please read up on this and make sure your machine is secure.

Security Garden

Bits from Bill

With that info,

Safer surfing!

What time is it?

Whoever thought this Daylight Savings Time idea was a good one must have been smoking those left-handed cigarettes.  Nobody remembers what to do - Spring forward, fall back or is it spring back and fall down?

Thanks to the Government we can always take a look to make sure that that Timex is still ticking - in the right direction!

Here's a big help.

With that info,

Good Morning, no wait, Good Evening, aw crap, how about

Safer Surfing!

Fake IRS phishing scams on the rise

Subject: please see the attachment
Sender (fake): Internal Revenue Service [nonereply@irs.gov]
Message: Please see the attachment make sure you fill all the columns and send fax to: +1-646-308-1145.

This type of phishing has been around for a while, but it’s the first time I’ve received a message like this - maybe I’ve just been lucky, because I know my address is all over spammer databases

This is so-called offline phishing; the bad guys don’t even go to the trouble of making a fake site, but just ask you to fax through all your details. Using a fax number gives an additional aura of credibility to the whole thing – most people have heard of phishing sites, but a lot of them won’t have heard of phishing by fax. And the combination of a government department and a fax number fits perfectly with the perception that public institutions are more than a bit behind the times.

Read more here

 

With that info,

Safer Surfing!

To all my readers.....

and a safe computing year also!

If you have PC problems this year please visit my choice of forums for free help.

with that info,

Safer Surfing!