TechAdvisory.org » Security

Malware Prevention 101: Disable AutoRun

Editor — Fri, 03 Feb 2012 16:00:00 +0000

Malware is a serious threat to any system, especially those that belong to any sort of business. Financial and personal data as well as other important company information can be compromised by a single successful attack. One way to prevent malware from entering your system is through disabling the AutoRun feature for portable drives.

One of the most common entry points of malware and viruses into a system is through USB thumb drives. Besides the fact that these little drives, while versatile, get plugged in to numerous CPUs which increases the risk of them picking up some sort of infection, the AutoRun feature on most (if not all) portable drives enables certain malware to automatically install itself into the system the USB is currently plugged into.

The AutoRun function is not harmful by itself – it was originally designed for more convenient file management and use of portable drives. However, a number of malware and viruses have harnessed this function to enable easier entry into an otherwise secure system.

The most feasible solution, besides running frequent security checks against any portable drive that’s plugged into your system, is to disable AutoRun. This will cost you some convenience in the short run, but will gain you much more system security. There are several system utilities that can disable AutoRun for you, or you can do it through the Windows registry.

If you want to know more about disabling AutoRun and making your system more secure from various modes of infiltration or attack, please contact us so we can discuss possible custom solutions that best meet your needs.

Disabling AutoRun Helps Prevent Malware

Editor — Fri, 03 Feb 2012 16:00:00 +0000

The AutoRun feature in Windows for thumb and other portable storage devices is a double-edged sword. While making file management and access for portable storage much easier and faster, it also enables certain types of malware to access and install themselves onto your system.

Prevent Malware by Disabling AutoRun

Editor — Fri, 03 Feb 2012 16:00:00 +0000

USB thumb drives – along with other portable storage devices – are an easy way to share files between users. However, if you haven’t disabled the AutoRun feature, you also run the risk of letting certain viruses and malware penetrate your system much easier.

Balancing Freedom and Security

Editor — Mon, 19 Dec 2011 15:30:00 +0000

Security experts are predicting a rise in the use of personal gadgets to access company data – which means that you will have less control over what kind of data goes in and out of your IT system. The best way to rectify this is by having a concrete and comprehensive IT policy that secures your data – without compromising the freedom of your employees to use their mobile devices.

As technology continues to become more affordable and accessible to consumers, it’s an inevitable fact that employers will see more and more of their employees using their own personal devices such as laptops and mobile phones to access the company’s IT system.

This can be a dangerous thing. Since these devices aren’t company owned and regulated, you have limited access and control over how they are used. Employees could download all sorts of malware and viruses on their devices and pass the infection along to your IT system when they access it.

The solution: a comprehensive IT security policy. It’s important that you find a compromise between the freedom of the employee to use the device as desired and your need to keep your IT system safe from viruses and other threats to your data’s security. Steps such as having employees run mobile device management (MDM) software on their devices is one of many actions you can take to lessen the risk of security breaches. You may also want to implement applications and software that check and screen for malware, both for laptops and mobile devices. And don’t forget that while Android seems to have a bigger problem with malicious software, Apple isn’t exactly virus-free, either.

Employees have a right to use their personal devices as they see fit, but not at the expense of important company information stored in your IT system. Running a tight ship in terms of security is an effective way to protect your business interests and your sensitive company data. If you are interested in knowing more about developing a concrete and effective IT security policy for personal device use as well as general system access, please don’t hesitate to give us a call so we can sit down with you and discuss a custom security blueprint that’s just right for you.

Security Policy for Personal Devices: A Must

Editor — Mon, 19 Dec 2011 15:30:00 +0000

With mobile devices becoming more accessible, many are finding it more comfortable and more productive to use these devices not only for personal purposes, but also for work. This may seem to be a good thing initially, but it also means that you have less control over the way these devices access your IT system. The best thing to do is to have a good IT security policy in place to make sure that important company data is not compromised.

The Threat of Employee-Owned Devices

Editor — Mon, 19 Dec 2011 15:30:00 +0000

Employees using their own mobile devices for work may seem like a good idea at first – it’s less expense for you, the employer, and they can also make employees more productive. However, it also means that you are allowing potentially unsecure devices to access your company’s data. The solution? An effective IT security policy that balances personal freedom to use these devices and your need to secure important business information.

Security: For Businesses Big AND Small

Editor — Mon, 12 Dec 2011 15:00:00 +0000

A survey by StaySafeOnline.org shows some disturbing results – that a large number of small business, while largely dependent on their computer systems, do not see themselves as threatened by hackers and online thieves. This results in a significant percentage of them having poor or mediocre security.

StaySafeOnline.org, a website of the National Cyber Security Alliance, has recently released a study that chronicles the cyber security practices and attitudes of small businesses. Conducted in partnership with Visa, the study shows some interesting, if not disturbing, results.

It turns out that many small businesses (about 65% of the respondents) are highly dependent on their computer / IT / data systems, where they store important information, from sensitive company financial records to personal client information such as credit card info, addresses and phone numbers, and more. However, as many as 85% believe that they will not be targeted by hackers and online thieves, and less than half have data security systems in which they are confident. In general, small businesses have, at best, a mediocre security system.

Few realize, though, that it only takes one breach to compromise a company’s finances and relationships with clients. And if you have less than stellar security, stealing from you is easier. You might not have as many online assets as big businesses, but hackers can make a hefty profit by victimizing several easy marks as opposed to bigger and riskier efforts with more secure systems of larger firms.

Don’t take a risk with important data, and don’t compromise the relationships and reputation you’ve built with your clients over the years. Good security is always worth it. If you’re interested in knowing more about beefing up your security through company policies, software, and user education, please don’t hesitate to contact us. We’d be happy to sit down with you and discuss a security blueprint that’s cost effective and custom built to meet your specific needs.

Reference: National Small Business Study

Small Firms Need Security Too

Editor — Mon, 12 Dec 2011 15:00:00 +0000

Despite the real threat of hacking and online thievery, a lot of small businesses do not consider themselves affected by it, says a report by StaySafeOnline.org. While dependent on their computer systems for data storage, few realize that all it takes is one breach to destroy a cultivated relationship with clients and the company’s own financial status.

Reference: National Small Business Study

Security and Small Businesses

Editor — Mon, 12 Dec 2011 15:00:00 +0000

Fact: all it takes is one security breach to destroy a company. But few – especially small businesses – seem to realize it, according to a recent survey released by StaySafeOnline.org. Results show that few small businesses see themselves as a target of online thieves or hackers, resulting in many having only token security policies in place.

Reference: National Small Business Study

Small and Medium-Sized Businesses Make Big Targets for Cyber-Attacks

Editor — Mon, 06 Jun 2011 15:00:00 +0000

Security experts are discovering an emerging trend in cyber-crime these days as more and more SMBs become attractive targets for cyber-thieves because of their inadequate security measures. Reports have shown that cyber-criminals can siphon off as much as $70 million worth of accumulated resources.

There is a misconception among many SMBs that they are small targets for would-be cyber-attacks. “We’re too small a company to be of any worth” is the mindset of many. However, there is an ongoing trend in which smaller companies actually find themselves victims of the most elaborate and vicious cyber-attacks.

Why? Security experts are discovering that SMBs tend to have less or inferior security protocols in place to counter cyber-attacks. While this was of little consequence in the past, cyber criminals are now starting to take notice of the fact, and are exploiting it to their advantage. And it’s profitable too – an attack on one SMB might not amount to as much as a larger organization, but given the greater ease through which hackers can attack smaller businesses, they more than make up for the difference in the volume of companies they target. According to several news reports, these cyber-thieves can make off with as much as $70 million.

The more unfortunate fact is that smaller companies are less able to counteract the effects of losses from cyber-attacks. This is why you should stay one step ahead of cyber-thieves by updating your security systems. Short term or long term, it’s a practical solution to keep information and data safe, and your operations stable. Give us a call today – we can help.

Why Cyber-Attacks Commonly Attack SMBs

Editor — Mon, 06 Jun 2011 15:00:00 +0000

Many small and medium-sized businesses have the misconception that they are safe from cyber-attacks because of the lesser profits cyber-thieves can make from them. But recent studies show that hackers are now starting to exploit the less strict and intricate security protocols of SMBs.

Beware: Hackers Exploit Loopholes in Public Wi-Fi

Editor — Wed, 01 Jun 2011 15:00:00 +0000

Public Wi-Fi is all well and good, but its very nature makes it easy to exploit and allow hackers access into your system – unless you have the proper security protocols in place.

These days, Wi-Fi is everywhere. Airports, coffee shops, train and bus stations, malls – almost every public place you can think offers Wi-Fi connectivity. Being connected to the internet has evolved from luxury to necessity, and whether it’s for personal or business reasons people are online as much as possible.

This is all well and good, except when you consider that hackers have started to extend their playing field to public Wi-Fi networks. With the volume of sensitive information such as passwords and financial transactions, it’s inevitable that crooks and fraudsters move to public networks where there is more potential to illegally farm large chunks of information.

Two things are important about this emerging trend. First, it’s the very nature of public networks that makes them vulnerable to attack. Second, hacking has become much easier these days, with very simple hacking programs such as Firesheep easily downloadable from the web.

However, the solution is simple as well: have the proper security protocols on your smartphone or laptop. It’s unfortunate that many people neglect to recognize the importance of such policies, and only have minimal security (if any at all) to guard against attacks. But as long as you have the proper protocols in place, you can stay connected – even through public Wi-Fi – without fear of hacking or any sort of intrusion into your system.

If you want to know more about keeping your portable devices safe from attacks, please feel free to contact us. We’ll be glad to explain the issue in more detail and draw up a solution customized to fit your needs.

The Dangers of Public Wi-Fi

Editor — Wed, 01 Jun 2011 15:00:00 +0000

The convenience and practicality of using public Wi-Fi hotspots is undeniable, but it can also be a problem should hackers decide to exploit network loopholes and gain access to the people connected to it. It’s important to have the proper protection to keep your system safe.

Public Wi-Fi can Pose Security Threats to Your System

Editor — Wed, 01 Jun 2011 15:00:00 +0000

These days, be it for personal or business reasons, people must be online as much as possible. Unfortunately, hackers also realize this, and an emerging trend is to exploit public networks to gain access to the personal and sensitive information of the people connected to it. But as long as you have the proper protocols in place, you can connect without fear of hacking or intrusion into your system.

Lessons from the Epsilon Incident

Editor — Mon, 16 May 2011 15:00:00 +0000

One of the world’s leading email service providers, Epsilon, found itself the victim of a phishing attack that saw a significant amount of data lost to cyber-thieves. It’s important to learn from mistakes like these and make sure that both your own and you clients’ data is kept secure and safe from thieves.

There’s been a lot of buzz recently about Epsilon, one of the biggest email service providers in the world, as it suffers from the backlash of allowing itself to be a victim of phishing efforts – which has affected the business data of as many as 50 major companies who are clients of theirs.

Reports are also citing Epsilon’s failure to heed an alert from a business partner which advised the provider to be on its toes against potential attacks from cyber-criminals targeted towards email service providers. The damage estimates vary, with Epsilon citing only about 2% of their data being stolen, but the impact is undeniable. Cyber-criminals now have access to a sizable number of personal data stored through Epsilon – passwords, account numbers, and even the purchasing / buying habits of the customers of Epsilonงs clients. Many of Epsilon’s clients are now sending out messages to their own customers, warning them that their email addresses may have been compromised.

It’s a lesson to companies, big and small, to pay more attention to beefing up their security protocols, since all it takes is one breach to endanger all of your data. In addition to having the right security software, it also helps if you require your employees undergo proper user training to make sure that they won’t be easily baited by scams like phishing, and will be more aware of how to contribute to the safety of your business data. Failing to do so puts not only your company, but also your clients, at risk.

If you’d like to make sure your systems are safe, call us and we’ll evaluate your current security measures and suggest ways to make critical improvements.

Epsilon Sets the Bar for What NOT to Do in Online Security

Editor — Mon, 16 May 2011 15:00:00 +0000

Many IT service providers are learning valuable lessons from the Epsilon incident – which saw one of the world’s biggest email service providers become a victim of cyber-criminals, compromising a substantial amount of information entrusted to them by their clients.

If you’d like to make sure your systems are safe, call us and we’ll evaluate your current security measures and suggest ways to make critical improvements.

The Epsilon Incident and How It Affects You

Editor — Mon, 16 May 2011 15:00:00 +0000

A recent incident in which Epsilon – one of the largest email service providers in the world – fell victim to phishing has highlighted the need for companies, big and small, to pay more attention to their security protocols lest not only their business data be compromised, but also that of their clients.

If you’d like to make sure your systems are safe, call us and we’ll evaluate your current security measures and suggest ways to make critical improvements.

Don’t Forget To Secure Data When Employees Depart

Editor — Tue, 03 May 2011 03:00:00 +0000

It’s a fact: Most departing employees take confidential business information with them—and today, most of the information is electronic. Because electronic information can be easily transferred and saved in multiple locations without your control, it’s important to protect your data when an employee leaves.

Remember the days when employees kept important information in paper files? They are long gone. According to a study conducted by the University of California at Berkeley, almost all of today’s new information is stored electronically. And that could mean trouble for your company when an employee resigns—because electronic documents are both easy to copy, and portable. That makes them more prone to theft than paper documents.

Case in point: In August 2009, DuPont filed a lawsuit against a research scientist who allegedly stole more than 600 files by copying them to a portable hard drive. And that wasn’t an isolated incident; another DuPont research scientist was sentenced to an 18 month prison term for stealing proprietary information worth $400 million.

Think employee data theft doesn’t apply to your type of business? Think again. A 2009 study conducted by the Ponemon Institute found that data theft is rampant in the business world. According to the study, 59 percent of employees who quit or are fired take confidential business information with them. And when the employee works in IT, the access to confidential data is even greater. A 2008 study by Cyber-Ark Software found that almost 90 percent of IT employees would take sensitive company data with them if they were laid off.

The lesson: When employees leave, you must take steps to protect the electronic information they have access to. This may include customer information, financial records, trade secrets, intellectual property, and email lists, to name just a few items.

We recommend that when an employee leaves, you prevent his or her account access, set the account for immediate review, save any necessary files (which may involve consulting with other departments for verification of documents), then delete the account. In addition to protecting data, this will also optimize server space and open up more storage space for the company.

While some employees might argue that they need access to their personal files before departing, and you may grant such access (supervised, on a case-by-case basis), it is not required; any of the information that is located on a company computer is company property.

In a sensitive situation it’s always good to let us know ahead of time so we can help you prepare for a well-managed and secure transition.

HR Managers Must Think About Data Security, Too

Editor — Tue, 03 May 2011 03:00:00 +0000

Employees have access to a wide variety of electronic information, from the moderately important (such as email lists) to the critical (such as financial records and trade secrets). Upon their departure, HR managers should work with IT to ensure that employee account access is blocked.

In a sensitive situation it’s always good to let us know ahead of time so we can help you prepare for a well-managed and secure transition.

How to Protect Your Data When Employees Leave

Editor — Tue, 03 May 2011 03:00:00 +0000

The growth of technology in the business environment has been a boon, but it also gives departing employees many methods of taking data with them. In the past, they used CDs; today, they can copy files to a portable USB storage device, email them, or even use a smartphone. Here’s how you can protect yourself.

In a sensitive situation it’s always good to let us know ahead of time so we can help you prepare for a well-managed and secure transition.

Why You Should Encrypt Your Email

Editor — Fri, 29 Apr 2011 15:00:00 +0000

We often send out highly sensitive, if not confidential, information through our email accounts such as banking information, passwords, pictures, and more. But how many of us actually take time to make sure the emails we send out are secure? Here is a guide for keeping your email away from prying eyes.

Encrypting email is relatively easy with today’s software. Usually it involves the use of a public key and a private key. The public key is available to everyone, and if you want to send someone an email message you would use that person’s public key to encrypt that message. That person in turn would use his private key, to which only he has access, to decode that message.

Software such as the latest versions of Microsoft Outlook supports this feature, and even flags you if the recipient’s email software does not support encryption. Some systems take it a step further by allowing you to digitally sign your emails, so that other people can verify that it is you who actually sent the email and not someone else. This is especially important since hackers sometimes spoof or impersonate the identities of others to fool unsuspecting users.

If you are interested in finding out more about email encryption and security, contact us today to find out how we can help make sure your messages are safe and secure.

Email Encryption: Why It’s Important

Editor — Fri, 29 Apr 2011 15:00:00 +0000

When we create a letter in the analog world, we take the time to seal that letter in an envelope to keep it safe from prying eyes—especially if that letter contains sensitive information. If it’s highly confidential information we might even resort to obfuscation such as using coded text, or making sure that it is delivered via secure channels such as by special messenger.

If you are interested in finding out more about email encryption and security, contact us today to find out how we can help make sure your messages are safe and secure.

Sleep Soundly by Encrypting Your Emails

Editor — Fri, 29 Apr 2011 15:00:00 +0000

In the digital world, the same ideas apply to email. To keep your email safe and secure, there is a device called encryption which helps to obfuscate each email’s content to everyone except its recipients, and makes sure it is delivered safely and intact.

If you are interested in finding out more about email encryption and security, contact us today to find out how we can help make sure your messages are safe and secure.

Don’t be Lazy with Your Passwords

Editor — Fri, 05 Nov 2010 16:09:54 +0000

Passwords are more or less the equivalent of keys when it comes to cyberspace. However, passwords can be compromised through hacking, stealing, or even just guessing – which is why password security and integrity is very important.

In the same way that keys are used to open different doors, passwords are used to access many areas of cyberspace. However, those passwords are vulnerable to hacking, stealing, or random guessing – which makes password integrity and security a main concern.

However, for many people, this essential fact is overlooked. Many tend to use either easy-to-guess passwords, or use the same password for all their online accounts - from their online banking to their email – which is a hacker’s dream come true. Because when they steal a password, it’s standard operating procedure for them to test it against popular websites to see if it works there as well.

The most basic security measure you can use to guard against this is to have multiple passwords for your different online accounts – whether they are for personal or business use. And don’t just think of easy passwords, like your birthday or wedding anniversary – these are usually the first thing hackers try. The best passwords are alphanumeric – composed of both letters and numbers so that it’s harder to crack.

This might be a bit tedious, but it’s better than running the risk of compromising your security online. There are also several programs and applications you can use to help store your passwords, so you only need to remember a few of your most-used ones, and refer to your database for the others.

Remember, your passwords hold the keys to most, if not all, of your online presence, so keeping them secure is extremely important. If you’re looking for a security solution for your passwords, please give us a call so we can help you implement a password security system that works for you.

Protect Your Passwords Like You Protect Your Keys

Editor — Fri, 05 Nov 2010 16:09:29 +0000

One of the most important factors in keeping your online presence safe is the strength and security of your passwords. And with all sorts of phishing and password stealing scams out there, it’s essential to have multiple alphanumeric passwords, so that they’re harder to crack.

The More Complicated the Password, the Better

Editor — Fri, 05 Nov 2010 16:09:18 +0000

Your passwords hold the keys to most – if not all – of your online presence, so keeping them secure is paramount.

Clear Cloud Keeps the Coast Clear

Editor — Thu, 28 Oct 2010 07:35:17 +0000

Without us knowing, we may visit websites that aren’t exactly healthy for our systems - inviting malware, phishing, and all types of potentially unsavory viruses that can damage our systems. The solution is simple: Clear Cloud

It’s a simple, straightforward approach to getting better security for your computer: download software, install it, and have it check whether every single website you go to is safe or not.

That, in a nutshell, is what Clear Cloud does. This nifty little program is designed to help you filter out and block potentially harmful websites that many people unwittingly stumble into time and again. It’s the perfect solution for anti-phishing and helping keep your system free of malware - at least from stray clicking. While not a replacement for up-to-date anti-virus and other security software, it is an additional tool at your disposal.

And yes, Clear Cloud checks every single website you visit. How? Since Clear Cloud belongs to the DNS network, it has access to every website in the world. This enables Clear Cloud to check every website you access or try to access. If the website is clean, Clear Cloud allows you to access the website. On the other hand, if the website proves to be suspicious, then Clear Cloud blocks the website. And if you’re concerned that this may take a toll on your bandwidth, think again - Clear Cloud operates and finishes each task in literally the blink of an eye.

If you want to know how you can use Clear Cloud or other tools to keep your systems safe, please don’t hesitate to give us a call and we’ll be more than happy to discuss a custom security policy with you.

Security Made Easy With Clear Cloud

Editor — Thu, 28 Oct 2010 07:15:17 +0000

Clear Cloud is a safe, effective, and simple way to check your browsing habits and keep your computer clean.

It’s a simple, straightforward approach to getting better security for your computer: download software, install it, and have it check whether every single website you go to is safe or not.

That, in a nutshell, is what Clear Cloud does. This nifty little program is designed to help you filter out and block potentially harmful websites that many people unwittingly stumble into time and again. It’s the perfect solution for anti-phishing and helping keep your system free of malware – at least from stray clicking. While not a replacement for up-to-date anti-virus and other security software, it is an additional tool at your disposal.

And yes, Clear Cloud checks every single website you visit. How? Since Clear Cloud belongs to the DNS network, it has access to every website in the world. This enables Clear Cloud to check every website you access or try to access. If the website is clean, Clear Cloud allows you to access the website. On the other hand, if the website proves to be suspicious, then Clear Cloud blocks the website. And if you’re concerned that this may take a toll on your bandwidth, think again – Clear Cloud operates and finishes each task in literally the blink of an eye.

Keeping the Coast Clear with Clear Cloud

Editor — Thu, 28 Oct 2010 07:00:40 +0000

Want to know if a website is safe to visit? Clear Cloud offers a fast, efficient, effective, and simple way to check the veracity of each and every website you visit.

It’s a simple, straightforward approach to getting better security for your computer: download software, install it, and have it check whether every single website you go to is safe or not.

That, in a nutshell, is what Clear Cloud does. This nifty little program is designed to help you filter out and block potentially harmful websites that many people unwittingly stumble into time and again. It’s the perfect solution for anti-phishing and helping keep your system free of malware – at least from stray clicking. While not a replacement for up-to-date anti-virus and other security software, it is an additional tool at your disposal.

And yes, Clear Cloud checks every single website you visit. How? Since Clear Cloud belongs to the DNS network, it has access to every website in the world. This enables Clear Cloud to check every website you access or try to access. If the website is clean, Clear Cloud allows you to access the website. On the other hand, if the website proves to be suspicious, then Clear Cloud blocks the website. And if you’re concerned that this may take a toll on your bandwidth, think again – Clear Cloud operates and finishes each task in literally the blink of an eye.

Hackers Use JavaScript To Infiltrate Your System

Editor — Thu, 30 Sep 2010 08:17:00 +0000

JavaScript is a very popular programming language used in many websites, making your web experience more dynamic and interactive. However, hackers can exploit JavaScript and use it to infiltrate your system.

It makes the web experience very dynamic, enhancing the interactivity of many websites - you’ll see it everywhere, from Facebook to the most obscure sites on the web. Another reason it’s popular is that it’s compatible with all browsers, from Internet Explorer to Mozilla and even Mac’s Safari.

Unfortunately, this popularity and wide range of use also makes JavaScript a tool that hackers and other unscrupulous programmers can use to infiltrate and hack into a system. The attacks can be simple or complicated, ranging from simple spam to more elaborate scams. The degree simply depends on the purpose of the script’s designer. What’s more, a quick visit to an infected website can trigger an attack, if your browser is enabled to allow JavaScript to execute from that site.

The good news is that you can protect yourself from these kinds of attacks. Simply block JavaScript from executing from sites you aren’t familiar with - better safe than sorry.

For Internet Explorer, go to Tools > Internet Options > Security, and set your bar to High. You can also input a list of trusted sites.
For Firefox users, a free application called NoScript gives you control over which websites can execute JavaScript on your browser.
Google Chrome users can select a universal disabling of JavaScript from all sites, and then add a list of sites exempted from the ban.
Other browsers also have options to either disable JavaScript execution or prompt you for permission before the script is run from any website.

You should also be particularly wary of JavaScript attacks originating from malicious PDF files. Antivirus and security firm Symantec reports that almost half of all web-based attacks come from infected PDF files. You can disable JavaScript in Adobe Acrobat Reader by selecting Edit > Preferences > JavaScript, and then removing the check on “Enable Acrobat JavaScript”.

It might seem inconvenient to guard yourself from these sorts of attacks, but in the long run it pays to keep your system secure. If you want to know more about keeping your system clean and safe from attacks, give us a call and we’ll be happy to help you develop a customized plan that meets your particular needs.

Beware: JavaScript from Unfamiliar Sites May Be an Attack in Disguise

Editor — Thu, 30 Sep 2010 08:16:00 +0000

Everyone enjoys having a more interactive internet experience, and one of the ways websites achieve this is through the use of JavaScript. Unfortunately, hackers and scammers can also utilize the same script to make malicious attacks on your system.

JavaScript makes the web experience very dynamic, enhancing the interactivity of many websites - you’ll see it everywhere, from Facebook to the most obscure sites on the web. Another reason it’s popular is that it’s compatible with all browsers, from Internet Explorer to Mozilla and even Mac’s Safari.

The good news is that you can protect yourself from these kinds of attacks. Simply block JavaScript from executing from sites you aren’t familiar with - better safe than sorry.

For Internet Explorer, go to Tools > Internet Options > Security, and set your bar to High. You can also input a list of trusted sites.
For Firefox users, a free application called NoScript gives you control over which websites can execute JavaScript on your browser.
Google Chrome users can select a universal disabling of JavaScript from all sites, and then add a list of sites exempted from the ban.
Other browsers also have options to either disable JavaScript execution or prompt you for permission before the script is run from any website.

JavaScript from Unfamiliar Sites Can Be A Bridge for Malware

Editor — Thu, 30 Sep 2010 08:00:00 +0000

The popularity of JavaScript, a dynamic programming language in widespread use, makes it a tool that hackers and other unscrupulous programmers can use to hack into a system.

The good news is that you can protect yourself from these kinds of attacks. Simply block JavaScript from executing from sites you aren’t familiar with - better safe than sorry.

For Internet Explorer, go to Tools > Internet Options > Security, and set your bar to High. You can also input a list of trusted sites.
For Firefox users, a free application called NoScript gives you control over which websites can execute JavaScript on your browser.
Google Chrome users can select a universal disabling of JavaScript from all sites, and then add a list of sites exempted from the ban.
Other browsers also have options to either disable JavaScript execution or prompt you for permission before the script is run from any website.

New Security Threat: Tabnabbing

Editor — Thu, 23 Sep 2010 21:23:32 +0000

A new phishing technique has been discovered – tabnabbing “morphs” an unused tab in your browser into a lookalike website where you’re prompted to re-enter login information.

Dubbed as “tabnabbing”, the vulnerability was discovered by Aza Raskin, the creative lead for the Mozilla’s Firefox browser and co-founder of Songza, a music search engine and jukebox. Tabnabbing fools users into entering passwords and other sensitive information when an unselected tab in your browser appears to transform itself into a lookalike for a familiar website. You are then prompted you to re-enter a username and password, which in turn passes that information along to the hacker. Incidentally, Raskin’s blog post on the topic (http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/) demonstrates how the website can “change” into a lookalike.

Both Mozilla Firefox and Google are vulnerable to this type of attack, which is classified as “phishing” – a scam where users are tricked into entering login information into fraudulent websites masquerading as legitimate ones. Fortunately, there have been no instances – yet – in which tabnabbing has been used in phishing attacks, but Raskin says that he is “aware of other researchers and toolkits extending and expanding tabnabbing”. However, it’s very likely that phishers will be looking for ways to exploit tabnabbing soon, and are currently no fixes or patches released.

One way you can protect yourself from tabnabbing is to make sure that your browser has the proper anti-phishing features installed. It’s also important that your website is updated with the latest security features since many phishers like to exploit websites running old version web software, which they use to host phishing sites.

If you want to know more about keeping your system secure from the latest malware and security threats, please don’t hesitate to get in touch with us and we’ll be happy to sit down and discuss security options that fit your needs and requirements.

Tabnabbing Exploits Vulnerabilities in Tabbed Browsing to Steal Passwords and Sensitive Information

Editor — Thu, 23 Sep 2010 20:30:50 +0000

Tabnabbing, a new phishing technique, poses new security threats to people who use tabbed browsing by changing the appearance of a tab to resemble a familiar website and prompts you to re-enter sensitive login information.

Tabnabbing Poses a New and Significant Security Threat

Editor — Thu, 23 Sep 2010 18:50:55 +0000

A new threat to computer security has been discovered in which tab browsing vulnerabilities are exploited to fool users into divulging passwords and other sensitive information.

Racket Extorting Money from Website Owners Revealed

Editor — Tue, 21 Sep 2010 10:52:00 +0000

A money extortion scheme was revealed recently by security firm Symantec that warns website owners of a DDoS attack unless they pay up.

Security firm Symantec recently uncovered a scheme that purportedly attempts to extort money from website owners and operators in order to avoid the possibility of a DDoS attack. The capability of these extortionists to actually carry out the threat is still an open question, and it’s more likely that this may simply be an empty threat to try to get money.

The best action against these types of messages is employing screens to block such email from reaching your mailboxes. However, it’s best to seek the services of an expert to determine the extent of risk, and also to employ safeguards and response measures should an attack take place. If you find such messages in your mail, let us know and we can help.

Spam Offering Protection Against a DDoS Attack Making Rounds

Editor — Tue, 21 Sep 2010 07:30:00 +0000

A new spam message is circulating, warning website owners of an attack unless they pay up, according to security firm Symantec.

Protection Racket Against DDoS Attacks Revealed

Editor — Tue, 21 Sep 2010 07:00:00 +0000

Security firm Symantec has uncovered a scheme to extort website owners for money or face the possibility of a DDoS attack.

Before Moving Your Business to The Cloud…

Editor — Thu, 19 Aug 2010 07:08:44 +0000

Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits.

“Cloud computing,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model.

First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party?

Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues?

Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives.

Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.

Common Vulnerabilities in Many Common Applications Still Exploited by Hackers

Editor — Tue, 10 Aug 2010 19:48:00 +0000

The continued exploit of many vulnerable applications that have been fixed by vendors for over a year highlight the need to keep software updated with the latest versions and patches.

A new report released by security firm M86 Security reveals a trend toward more sophisticated forms of malware in taking advantage of vulnerabilities in common software applications and developing techniques to avoid detection.

In M86’s report, among the applications commonly exploited are Microsoft’s Internet Explorer and Adobe Reader. Another vector for malware that hackers have been using recently is Java and Adobe’s Flash—which are installed on many PCs, often as plug-ins to most browsers.

Although the vulnerabilities in these applications have been identified and patched for over a year, failure to keep up with the latest updates have made many systems still vulnerable to attack. Our customers taking advantage of our Managed Security need not worry, since we make sure our customers’ systems are patched as soon as updates become available. Find out more about our Security Offerings today.

Mozilla Firefox Releases Fixes for Several Major Security Holes

Editor — Thu, 05 Aug 2010 19:56:00 +0000

Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7

The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery.

A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers.

As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.

Windows XP Users Targeted by Zero-Day Exploit

Editor — Thu, 29 Jul 2010 12:44:35 +0000

Barely a month after a Google engineer disclosed a critical vulnerability in Windows XP, hackers have taken launched an attack on vulnerable machines.

On June 10, a Google engineer disclosed a security flaw in Windows XP’s Help Center, which can potentially allow hackers to search and retrieve sensitive information from vulnerable PCs, and even turn them into “zombies:”machines that follow the commands of a remote master to perhaps download more malware or send out spam.

Recently, reports have come out that the first real exploit has emerged, with Microsoft reporting that over 10,000 Windows XP systems have already been subjected to attack. The systems attacked are based not only in the US, but also in Russia, Portugal, Germany, and Brazil.

A patch from Microsoft was released on July 13, and workarounds also exist to contain the threat, such as disabling the HCP protocol. Customers of our Managed Security services running Windows XP are assured of immediate support once the patch is rolled out, but in the meantime can take advantage of our assistance to secure systems through other means.

If you’re on one of our Managed Services plans don’t worry – you’re protected. If you’re not sure contact us to find out how we can protect your systems and network from this and other dangerous attacks.

What You Need to Know About WiFi Security

Editor — Thu, 08 Jul 2010 08:41:14 +0000

The near ubiquity of WiFi hotspots nowadays has led to great advances in access and convenience for many. It’s also a great boon for “road warriors” who do most of their work from the field.

However, few people understand the risks of using wireless hotspots. When you go online in open networks that don’t use a password or encryption, potentially everything you send out from your computer can be seen by anyone with adequate technical knowledge. Therefore, whenever possible it’s best to connect in places where some encryption—either WEP or WPA—is employed. If that’s not available, using a VPN (Virtual Private Network) can help, which allows you to establish a secure channel of communication to your office network over the public Internet. How you use certain software is also something you should be aware of—some browsers, instant messengers, and email clients are more secure than others.

Wireless hotspots can be great when travelling on business or working on the road. Being proactive about security issues will go a long way in ensuring your safety and privacy, and we’re here to help. We can set up your machines for secure access by implementing a network VPN, consulting on software security, and much more. Contact us today to learn more.

Dangerous Vulnerability in Windows XP Help Center

Editor — Tue, 06 Jul 2010 07:38:31 +0000

A critical vulnerability in Windows XP has been revealed that involves the Windows and Help support center, a Web-based feature providing technical support information to end users. The vulnerability can potentially allow a remote hacker to take complete control of a victim’s machine. Systems running Windows XP and Windows Server 2003 using many major browsers, including Internet Explorer 8, are affected.

A few days after the advisory, security firm Sophos warned users of a website using the vulnerability to install malicious software on victims’ machines, and of possibly more exploits coming out soon. Users of Windows XP and Windows Server 2003 are advised to disable features within Help Center that allow administrators to remotely log onto their machines. For individual users, Microsoft has released a patch for the flaw.

Don’t know how to install the patch? Need help? Let us know! Of course our customers with Managed Services are automatically advised of these vulnerabilities, and patches are applied as soon as they are available. Contact us today to find our more.

Protect Yourself from Outbound Spam

Editor — Thu, 01 Jul 2010 07:03:25 +0000

A recent report, released by Osterman Research and sponsored by software vendor Commtouch, reports that the incidents of outbound spam is getting worse. The research firm interviewed 266 end users of internet service providers and 100 web hosting companies. Almost 40% of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone – and the number could be far greater considering those who may not be aware that they have been listed.

RBLs tag machines or networks of machines as being sources of SPAM, causing their emails to be filtered out by many mail servers. This can result in legitimate emails not reaching their intended destination, and can victims’ reputations. In addition, having an infected machine or network of machines can waste bandwidth and slow down outbound connections.

The cause of outbound spam varies, but can including everything from compromised email accounts to “zombie” machines – machines infected with malware sending out spam unbeknownst to the user.

There are multiple ways of protecting computers and networks against the risk of outbound spam, and our Managed Services clients benefit from our proactive protection and filtering. Contact us to find out more.

Practical Tips for Creating and Managing your Online Passwords

Editor — Mon, 31 May 2010 09:38:06 +0000

The average computer and Internet user manages over a dozen passwords for various websites. You probably have passwords for your computer, your company email, your personal online email accounts, your favorite social networking websites, your twitter feed, your online bank account, your favorite online store, and more. Using the same password for everything is not very secure, but keeping track of unique passwords for each can be a pain. Here are some quick tips to help you not only create secure passwords, but also easily manage them:

Do not use real words. Words such as “password”, “god”, “love” or some other common phrase can easily be guessed at by hackers. In addition, hackers use tools that automate guessing – randomly trying words from a dictionary one at a time until it gets it right.

No personal information, please. It’s tempting to use personal information since it’s easy to remember. However, passwords based on your name, your child’s name, your birthday, anniversary and the like can also easily be guessed at or researched online.

Not too short. Again, automated tools can make quick work of short passwords. The longer it is the harder it is for these tools to crack. A good rule of thumb is at least six characters, with eight to twelve being ideal.

Mix it up. Use numbers and special characters in your passwords. One technique is to substitute special characters for letters. For example, a becomes @, e becomes 3, i becomes !, l becomes 1, o becomes 0, s becomes $, and so on. Another tip is to also append or prefix with a special character so that your password looks something like this: “_!p@$$w0rd!_.”

Use a password management tool. There are several tools that can help you manage and safely store your passwords. Some require you to download software which stores your different passwords encrypted on your hard drive, and you only need to provide one ”master” password to access the rest. Others have you store that information online. Particularly handy, especially for managing online passwords, are those that plug into your browser and can autogenerate a password on the fly based on the website you are using.

Creating secure passwords is a must, but managing them can difficult. Using these tips can make the process not only easier but also more effective and safe.

Hackers Employing Sophisticated Techniques to Trick Users

Editor — Mon, 10 May 2010 08:46:07 +0000

Hackers are employing increasingly sophisticated techniques to scam users into downloading malicious software. For instance, today’s hackers and malware authors have begun using so-called “doorway pages” – web pages optimized to rank highly in results for common search engine queries.

These pages often feature trending or hot topics to show up favorably in search results, and may contain content that has been copied from other websites. Some even employ sophisticated technology techniques to customize the page based on each individual visitor’s location, browser, and operating system – and may include a referring page to entice users further into the scam.

Internet users should be aware of these techniques, and think twice before following search results links. Fortunately there are equally sophisticated tools and techniques designed to block malicious search results. Contact us to find out how you can combat this particularly devious threat.

Related articles:

Cyber-criminals pounce on McAfee crash story (v3.co.uk)
The Importance Of Using Proper SEO Techniques (ronmedlin.com)

How Proactive Updates and Patching Help you Stay on Top of the Game

Editor — Tue, 04 May 2010 04:48:31 +0000

Viruses and other forms of malware can wreak untold havoc in your computer systems, which causes productivity loss and problems that affect the service you deliver to your customers. This is why subscribing to a service that maintains and prevents the spread of viruses in your system and network can go a long way in ensuring that your IT-based operations continue smoothly and efficiently.

However, viruses account for only a fraction of the problems your computer system can suffer. With many businesses such as yours relying greatly on the capabilities of their IT systems, it stands to reason that all steps must be taken to ensure that it is properly maintained and functions as effectively as possible.

One very efficient way to do this that’s getting much attention these days is Managed Services. This is an affordable and cost-effective means of making sure that your IT continues to function at optimum levels at all times.

Here’s how it works: Companies routinely experience IT-related problems that they have difficulty solving. Managed Services provides 24 x 7 proactive monitoring of your systems and ensures all systems are up to date, preventing problems from happening in the first place.

Updating, patching, and constant maintenance to your system is important to protecting your system from a slew of potentially damaging problems. Improvements and upgrades help your system function better, which enhances your company’s capabilities and helps you achieve a higher level of productivity. Managed Services Providers help you stay on top of the game with little worries and predictable costs – especially in the long run.

Thinking about checking out Managed Services? We’re here for you. We respond to all our clients’ concerns and deliver service specific to their particular needs. We keep ourselves up to date with the latest fixes, patches, and upgrades so you always have the best and the latest means to help increase your productivity and help you deliver your services better. We know the best ways to prevent viruses and other preventive maintenance methods that maximize your IT systems capabilities.

We don’t just manage your IT – we make it better.

Are You Opening Your Spam Email Messages?

Editor — Tue, 13 Apr 2010 08:53:26 +0000

A survey conducted by the Messaging Anti-Abuse Working Group or MAAWG reveals that a almost half of computer users in North America and Western Europe not only open spam emails, but also click on the links and open attachments found within these messages intentionally. This not only invites more spam, but potentially exposes them to a large number of security risks as well.

Data from the survey revealed that:

Nearly half of those who have accessed spam (46%) have done so intentionally – to unsubscribe, out of curiosity, or out of interest in the products or services being offered.
Four in ten (43%) say that they have opened an email that they suspected was spam.
Among those who have opened a suspicious email, over half (57%) say they have done so because they weren’t sure it was spam and one third (33%) say they have done so by accident.
84% were aware of the concept of bots. Yet, most think that they are immune from these viruses, with only a third saying they consider it likely that they could get a bot on their computer.

Spammers have mechanisms which allow them to track whether their emails are accessed or not. Opening or even unsubscribing from spam messages further invites them to send even more spam. Furthermore, Spam messages these days are not only vehicles to solicit or sell goods and services of dubious source and value, but are increasingly being used as vectors to spread malicious software or malware. Clicking on a link, opening an attachment, or just viewing it can potentially open users’ computers to vulnerabilities in the operating system or installed applications. This in turn can turn compromised systems into “bots”, or unwitting accomplices in spreading more spam or malware.

It pays to be aware of this next time you receive suspicious email – and make sure that your employees understand the risks as well. Sometimes even your antivirus software isn’t enough to protect you – so please ask us about our Managed Security Services and how we can help you not only fight spam but prevent it from reaching your Inbox in the first place.

Related articles:

Survey: Millions of users open spam emails, click on links (zdnet.com)
Twitter spam drops to under 1 percent (networkworld.com)

‎Brazil-originated spam levels topping 13% says Panda Security (infosecurity.com)

Software on Energizer Battery Charger has Malware

Editor — Fri, 09 Apr 2010 08:08:07 +0000

Do you use the the Energizer DUO USB battery charger? If so, you’ll be interested to know that the United States Computer Emergency Response Team (US-CERT) has warned that software included in this charger contains a software “backdoor” or Trojan that allows hackers to remotely access vulnerable systems.

In its advisory, the US-CERT warned that the installer for the Energizer DUO software places files in your system that allow an attacker to potentially remotely control your system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with your logged-on privileges and starts every time you start your computer. Furthermore, the Trojan operates whether the charging device it works with is connected or not.

Energizer has acknowledged the issue in a statement released at its website. The company said it has discontinued sale of this product and has removed the site to download the software. In addition, Energizer is directing consumers to uninstall or otherwise remove the software from your computers.

This incident illustrates the fact that these days threats to your computer and/or network can come from anywhere–including something as seemingly innocuous as your USB battery charger. As always, we advise our clients to be constantly vigilant against such threats. If you don’t have the time or resources to do this yourself (and most don’t!), perhaps it’s time to consider our Managed Security services. Give us a call – we’ll be glad to help.

Related articles:

Energizer Announces Duo Charger and USB Charger Software Problem (marketwatch.com)
Sony Music CDs surreptitiously install DRM Trojan horses on PCs (zdnet.com)
Malware hitches a ride on digital devices (securityfocus.com)

Thinking about Security in the Cloud

Editor — Mon, 05 Apr 2010 09:03:27 +0000

As we begin to store more and more of our data on the Internet and in the “Cloud,” the threat of that data being accessed and used by someone or something outside of our knowledge or control becomes very real. Data such as credit card information, banking transactions, work history, private addresses and numbers, email and much more are now stored and searchable in everything from Facebook, Google, Twitter, and a host of other applications.

In a June report titled “Assessing the Security Risks of Cloud Computing“, analyst firm Gartner recommends that businesses work closely with their IT department or trusted IT services provider and consultant to understand the risks of storing data in the cloud.

Not stopping there, Microsoft has called for even greater government oversight. Recently, Microsoft General Counsel Brad Smith travelled to Washington to urge the US Congress to enact legislation that would protect information that’s stored in the cloud.

Microsoft is proposing legislation that would call for:

Reforming the Electronic Communications Privacy Act
Modernizing the Computer Fraud and Abuse Act
Helping consumers and businesses manage how their information is collected and shared
Addressing data access issues globally

The move coincides with Microsoft’s recent efforts to offer cloud-based services not only for its consumer and corporate customers, but the government as well.

Is your business ready for the cloud? What security and privacy policies do you have in place regarding your employees’ use of cloud-based services? Not sure? Contact us today to find out how we can help.

Related links:

Microsoft’s thoughts on cloud computing (microsoftontheissues.com)
Challenges of cloud computing (techsling.com)
Gartner: Seven cloud-computing security risks (infoworld.com)

Mariposa Botnet Masters Arrested

Editor — Mon, 15 Mar 2010 08:39:27 +0000

Spanish authorities report that they have arrested the masterminds behind a string of online criminal activities using the botnet dubbed Mariposa. Mariposa is the original name of a commercially distributed Do-it-Yourself malware kit, sold online for 800/1000 EUR for “wannabe” hackers. Along with the arrest, authorities seized sensitive data belonging to about 800,000 users in 190 countries, gathered from an estimated 12M+ infected host computers on the Internet.

What’s particularly interesting is that the cybercriminals arrested were not themselves the author of the malware, nor were they any more techincally adept than many ordinary users. They simply had access to malware widely available on the Internet, and were able to conduct a crime of such a wide scale and reach.

This illustrates that it’s become easier for many cybercriminals to conduct their nefarious deeds online, and highlights the need for more vigilance on the part of law-abiding netizens in keeping their network secure from hackers and malware.

Is your network safe? Contact us to find out.

Related articles:

How FBI, police busted massive botnet (go.theregister.com)
Botnet takedowns ‘don’t hurt crooks enough’ (go.theregister.com)
Vodafone distributes Mariposa Bot, Conficker and Lineage in HTC Magic (techie-buzz.com)

Beware of Vulnerabilities in Windows and Office

Editor — Fri, 26 Feb 2010 09:04:24 +0000

Microsoft recently released a number of security bulletins and patches addressing vulnerabilities in Windows and Office that are of high risk to users. It’s widely believed that many will be exploited by hackers within the next 30 days. One of them could potentially allow hackers or malware authors to easily compromise systems by tricking users to download malicious AVI-formatted files. Others require nothing more than just visiting a website. Another specifically targets Powerpoint Viewer 2003, and opening a malicious .ppt file could affect your system.

This latest round of patches and vulnerability updates is really nothing new – although the sheer number made public in one day is notable. This highlights the need for a comprehensive security policy, because vulnerabilities do exist in even the most mundane or old versions of software. Customers under our Managed Services plan can rest easy since we monitor and update their computers as soon as these patches and advisories are released. Find out more about what we do to make your systems safe and secure. Contact us today.

Related links:

Patch Tuesday: Microsoft plugs critical Windows worm holes (zdnet)
Researchers warn of likely attacks against Windows, PowerPoint (computerworld)
Microsoft delivers huge Windows security update (computerworld)

Beware the Kneber Botnet

Editor — Thu, 25 Feb 2010 03:43:15 +0000

A malicious piece of software making the rounds of news websites this week is believed to be behind the compromise of over 75,000 systems in over 2,500 international organizations – many of which are government agencies and large Fortune 500 companies.

Called the Knebner botnet after the name in the email used to register the initial domain used in the campaign to propagate the malware, the software infects computers and captures user login access to online financial services such as Paypal and online banks, social networking websites such as Facebook, and email. Infected computers can be centrally controlled from a master computer, which presumably harvests the data captured for nefarious means.

The Knebner botnet itself is not new. It’s based on the ZeuS botnet, and has gained prominence lately because it’s slipped under the radar of so many organizations. However, there are ways to prevent compromises from botnets – one of which is to have a proactive security system and policy in place. Our Managed Security customers have this assurance in place since we continuously protect their system from botnets and other malware. If you’re not sure that you’re protected, talk to us today.

Related articles:

Kneber botnet described as ‘massive’ and ‘worldwide’ (inquisitr.com)
Kneber attack resurrects notorious Zeus Trojan, say experts (guardian.co.uk)
Malicious Software Infects Corporate Computers (nytimes.com)

How to handle Suspicious E-mail

Editor — Mon, 22 Feb 2010 09:30:10 +0000

Phishing, pronounced “fishing,” is a type of online identity theft that uses e-mail and fraudulent Web sites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information. Follow these guidelines to help protect yourself from phishing scams sent through e-mail.

Hackers Target Email, Blogs, Social Networking Sites

Editor — Thu, 18 Feb 2010 04:51:55 +0000

In a report by security firm Websense, an alarming rise in the growth of malicious websites was identified in 2009 as compared to 2008 – almost 225 percent. The study also found an increased focus among hackers and spammers on targeting social media sites such as blogs and wikis. Social media or so-called Web 2.0 sites allow user-generated content, which can be a source of vulnerability. Researchers identified that up to 95 percent of user-generated comments to blogs, chat rooms, and message boards are spam or malicious – linking to data stealing sites or to downloads of malicious software. Email also continues to be a target for malicious activity with tens of thousands of Hotmail, Gmail and Yahoo! email accounts hacked and passwords stolen and posted online in 2009, which resulted in a marked increase in the number of spam emails.

For our clients on our Managed Service plans, we work hard to ensure your systems are protected from harmful or malicious activity coming from the Internet. If you’re not under our Managed Service plans perhaps now is a good time to talk – let’s make sure your systems are safe in 2010.

Related articles

Top search results riddled with malware (v3.co.uk)
Email phishing attack spreading say experts (telegraph.co.uk)
Fraudsters Go Phishing For Victims’ Friends (news.sky.com)

Mozilla Firefox Add-Ons Download Site was Harboring Malware

Editor — Tue, 16 Feb 2010 08:28:22 +0000

Mozilla, the organization behind the popular Firefox browser disclosed that two add-ons available for download on its website were vectors for Trojans that could compromise users’ computers. Add-ons allow users to extend and enhance the capabilities of Firefox beyond the default install. Normally they are scanned for malware before being uploaded onto Mozilla’s website, but apparently two of them managed to slip through Mozilla’s automated scans. The infected add-ons are Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer.

Mozilla has since updated their scanning process, but as part of our ongoing security watch we are vigilant in continuously protecting our customers under our Managed Services program from malware – you can rest easy.

When managing your systems on your own, it’s highly advisable to be vigilant with security and always use antivirus software – even when downloading and using software from legitimate sources. If you have downloaded these Firefox add-ons, uninstalling them does not remove the trojans that they carry, and you’ll need to use antivirus software to remove any malware on their system. Need more information or help? Call us and we will be glad to assist you.

Related links:

Mozilla Firefox hit by malware add-ons (zdnet)
Trojan Horse Mozilla Firefox Addons (the firefox extension guru’s blog)
Mozilla admits Firefox add-ons contained Trojan code (sophos)

Are you using an Insecure Password?

Editor — Wed, 03 Feb 2010 12:55:23 +0000

Security firm Imperva recently released a warning to users of popular social networking website RockYou indicating that their accounts and passwords may have been compromised. According to the firm, a hacker may have accessed an alarming 32 million accounts. But what is more interesting in the wake of this news is an analysis made of the accounts and passwords stolen. From the data provided to researchers, it seems that a great number of users still use insecure passwords, such as those with six or less characters (30% of users); those confined to alpha-numeric characters (60%); or passwords including names, slang words, dictionary words, or trivial passwords such as consecutive digits, adjacent keyboard keys (50%). The most popular password? 123456. Are you using an insecure password? Let us guide you through best practices for information security. Contact us today.

Chinese Hackers Exploit IE Vulnerability in a Concerted Attack – Make Sure your Browser is Protected

Editor — Sun, 31 Jan 2010 12:45:15 +0000

Early January, Google released a report detailing attacks on its infrastructure which it claimed to have originated from China. In the wake of its announcement, another report came out detailing what is purported to be an “organized espionage operation” originating from China. Known as “Operation Aurora”, the attack attempted to siphon information from 33 companies in the US, including Google. The attackers are believed to have exploited a vulnerability in Internet Explorer (IE). The vulnerability affect IE 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and IE 6, IE 7, and IE 8 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. In the wake of the attacks Microsoft released a patch to address the vulnerability. If you are unsure if this patch has been applied to your systems, contact us for help.

RealPlayer Users Beware

Editor — Thu, 28 Jan 2010 13:02:30 +0000

RealNetworks, developers of RealPlayer, a popular real-time streaming media player, recently released an advisory about vulnerabilities that when exploited could trigger remote code execution attacks. The firm reports at least 11 critical vulnerabilities that expose Windows, Mac, and Linux users to malicious hacker attacks. RealPlayer is a favorite target for malware and fraudware writers, and users are advised to download the latest software update. If you don’t use RealPlayer, you’re best advised to uninstall it immediately. Need help in making sure your applications are safe to use? Contact us today.

Phishing Alert for QuickBooks Customers

Derek Brown — Sat, 23 Jan 2010 23:51:56 +0000

IMPORTANT UPDATE FOR QuickBooks Customers: Intuit is receiving reports of individuals receiving fraudulent emails from QuickBooks or QuickBooks Online. The two separate emails ask customers to either download a plug in to assess their security or download a Digital Certificate. Customers should delete either of these emails. As we discover these fraudulent sites (cyber criminals often use the same email repeatedly, although they change web sites), we take them down.

More at the Intuit website

New Study Reveals Extent of Losses Due to Phishing Attacks

Editor — Sat, 02 Jan 2010 06:35:46 +0000

Trusteer, a security solutions vendor, recently released the results of their study which shows how successful phishing attacks are, how many users respond to phishing attacks, and how many users submit their login information to criminal websites. The results are alarming. Among them:

Each phishing attack involves a very small percentage of customers (0.000564%), but due to the large number of phishing attacks, the aggregated number is significant
45% of bank customers redirected to a phishing site divulge their personal credentials
0.47% of bank customers fall victim to phishing attacks each year, translating to $2.4M-$9.4M in annual fraud losses per one million clients
Each financial institution was targeted, on average, by 16 phishing websites per week, translating to 832 phishing attacks per year per bank brand

Despite efforts by browser developers and security vendors to protect users from phishing attacks, a small number apparently are still able to bypass anti-spam/phishing protection – and when they do, the results can be damaging.

Let us help you protect yourself from phishing attacks. To find out more contact us today.

Related articles:

Garlik’s UK Cybercrime Report 2009 Released (pindebit.blogspot.com)
Chat In the Middle Online Banking Threat (pindebit.blogspot.com)
PC Users Targeted As Online Fraud Soars (news.sky.com)
Less than 0.5% of online banking clients fall for phishing scams each year, report says (seattlepi.com)

Majority of firms struggle with security as new technologies are adopted

Editor — Wed, 25 Nov 2009 04:02:02 +0000

New research from the Ponemom Institute and Lumension, shows that a majority of firms are struggling to secure data as users quickly adopt new and emerging technologies such as mobile, cloud computing, and collaborative Web 2.0 technologies. The study, which surveyed IT security and IT operations practitioners, shows that many (44 percent) feel that their IT network is less secure than a year ago or that their IT security policies are insufficient in addressing the growing threats arising from the use of new technologies. Budgets are also a limiting factor, with many feeling that IT security budgets still aren’t what they need to be to fully support business objectives and security priorities. Other findings from the report:

56% said mobile devices are not secure, representing a risk to data security
49% said data security is not a strategic initiative for their company
48% said their companies have allocated insufficient resources to achieve effective data security and regulatory compliance
47% cited a lack of strong CEO support for information security efforts as a reason for ineffective data security programs
41% said there was a lack of proactive security risk management in their organization

Just as large companies worldwide struggle to keep up with security, many small businesses do so even more. If you need help understanding the security implications that new technologies bring to your organization, contact us so we can help.

Related articles:

Companies face IT attacks in uncertain economy: Ernst & Young (newswire.ca)
Keeping America’s information safe offers a secure career (techburgh.com)
Cloud Security and Privacy (oreilly.com)
Computer Security Challenged By Web 2.0 ‘Endpoint’ Growth (Investor’s Business Daily via Yahoo! News) (slumpedoverkeyboarddead.com)

Cyber-crime through the ACH system continues to spread

Editor — Wed, 18 Nov 2009 04:09:56 +0000

If you are using an automated clearing house (ACH) system to manage your funds, then you had better be extra careful.

The Federal Bureau of Investigation (FBI) has warned ACH users – particularly small businesses – to be on the lookout for ACH system fraud, which has already scammed as much as $100 million from unsuspecting victims.

The FBI is working with the National Cyber Forensics and Training Alliance (NCFTA) to determine a solution for the problem and to catch the criminals behind these multi-million dollar scams.

All it takes is a seemingly harmless email to an organization’s bookkeeper or accountant to give hackers access to all their accounts. In a technique called “phishing”, these criminals send electronic correspondence laced with attachments disguised as documents or genuine applications (like an update for Windows, for example), or links to supposedly legitimate websites. Once a recipient clicks on these links or installs the software, the hacker installs a keylogging program in their system, giving them access to passwords and other sensitive account information.

The siphoning off of funds happens fairly quickly. Some hackers set up ACH transfers to unaware third party groups that typically do payroll processing tasks for international companies, which in turn transfer the money overseas. Others create fake names on a payroll system which automatically siphons off money into preset accounts enrolled in a similar system.

According to the FBI, the usual victims are small businesses because of their tendency to work with smaller, less secure banks. It’s the FBI’s conclusion, indicated in a report by their Internet Crime Complaint Center (IC3), that smaller banks lack the proper security measures, which gives hackers the capacity to abuse the ACH system.

“In several cases banks did not have proper firewalls installed, nor anti-virus software on their servers or their desktop computers. The lack of defense-in-depth at the smaller institution/service provider level has created a threat to the ACH system,” the IC3 report reads.

More details about this story can be found here.

(http://www.computerworld.com/s/article/9140308/FBI_warns_of_100M_cyber_threat_to_small_business?taxonomyId=17&pageNumber=1)

Survey Shows Poor Security Awareness Among SMBs

Editor — Mon, 16 Nov 2009 04:03:28 +0000

The National Cyber Security Alliance (NCSA) and Symantec recently released the results of a survey they did as part of National Cyber Security Awareness Month to assess the awareness and preparedness of small businesses (51 or fewer employees) in countering cybersecurity threats.

Some notable findings:

Only 28% have formal Internet security policies in place
Only 25% provide even minimal Internet use/Internet security training to employees
Those companies that do train spend less than 5 training hours per year on average
86% do not have an employee focused on Internet security
More than 90% believe they are protected from malware and viruses

However:

Barely half of the businesses surveyed check their antivirus software weekly to insure they’re up to date
11% never check security tools to make sure they’re current

For many, it seems, online security is simply not a top priority, falling far behind other issues such as meeting payroll and managing cash. But this is dangerous thinking, since more and more companies’ operations have become highly dependent on their IT infrastructure and the Internet for communications and business transactions.

How about your business? Is it secure? Call us today and find out how we can help.

Related articles:

Fake security software ‘installed on millions of PCs’ (telegraph.co.uk)
Celebrating National Cyber Security Awareness Month 2009 (googleblog.blogspot.com)
Symantec lists “Dirtiest Web Sites” (canada.com)

Phishing scam targets Hotmail users

Editor — Wed, 28 Oct 2009 07:41:22 +0000

Hotmail, Microsoft’s free online email service, finds itself in hot water when 10,000 email accounts usernames and passwords were recently discovered posted in a code-sharing website.

BBC News has reported that these Hotmail account owners, mostly from Europe, were victimized by a phishing attack. Microsoft is currently investigating the incident, and hinted that there may be more users who have inadvertently compromised the privacy of their email accounts.

The total scale of the phishing attack has yet to be determined, since the 10,028 Hotmail usernames and passwords are only of users whose names begin with A or B. Microsoft has confirmed the accounts to be genuine.

Microsoft has also taken action to remove the passwords and usernames from the website. As of now, there is no news regarding what action the software giant will take against the instigators of the attack, nor what the impact will be to the owners of the compromised accounts. Microsoft has advised users to immediately change their passwords, and warned email account holders to be more careful in responding to emails.

Phishing is an online scam in which email accounts are sent fake emails disguised as legitimate correspondence from trusted websites. Once the recipient clicks on a link included in the email, his or her account is then compromised, allowing phishers to gain access to account information as well as other sensitive information, including bank passwords and credit card accounts.

The original BBC story can be found here.

SMBs Investing More in Security Solutions

Editor — Thu, 01 Oct 2009 07:55:30 +0000

A recently released a report entitled “Voice of IT: State of SMB IT”, detailing purchasing, technology usage, and IT staffing trends among small and medium businesses worldwide. The report surveyed over 1,100 IT professionals working in SMBs, 80 percent of whom were decision makers or influencers within their respective companies.

Not surprisingly, a substantial number (39 percent) of the companies surveyed cut their IT budgets in 2009, with an average cut of 22 percent from 2008 levels. Among the areas where companies are saving money is hardware, with the average planned lifespan for machines such as desktops, laptops, servers, and switches increasing by 26 percent.

Despite this, a significant number (31 percent) report that budgets remained flat, while as many as 30 percent reported an increase in budget in 2009 from the previous year. Among the areas where companies are investing money is in software, specifically security software. 46 percent of SMBs indicated that they plan to invest in antivirus and antispam software, while 38 percent plan to put their money in data backup and recovery software. A growing trend is virtualization, with 30 percent of participants planning to invest in virtualization solutions.

How does your company compare? Do you think your company is investing enough in IT security? Contact us now to see how we can help you invest your IT budget where it brings the most value.

Watch out for “dirty” websites

Editor — Tue, 22 Sep 2009 04:19:25 +0000

In a previous post, we pointed out how just browsing the web these days can possibly infect your PC with malware. To show how dangerous surfing can become, Symantec recently released their list of the “Dirtiest Websites of Summer” – the top 100 infected sites on the Internet based on number of threats detected by their software as of August 2009. The list identifies websites that could compromise security with risks including phishing, malicious downloads, browser exploits, and links to unsafe external sites.

Some interesting findings from the study:

The average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for most sites
40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site
48% of the Top 100 Dirtiest Web sites feature adult content
3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months
Viruses are the most common threat represented on the Dirtiest Websites list, followed by security risks and browser exploits

You can read more about this research at Symantec’s website. If you suspect your PCs are at risk, or if you want to ensure your website doesn’t get hijacked by cybercriminals, contact us. We can help.

Related articles:

Small US Firms the Target of Online Fraud

Editor — Fri, 18 Sep 2009 04:54:57 +0000

Organized criminals believed to be based in Eastern Europe are robbing small to midsized US businesses of millions of dollars via an elaborate scheme aided by malicious software. Recent reports reveal that over the past few months, several businesses have fallen victim to unauthorized fund transfers whereby hundreds of thousands of dollars from the businesses’ bank accounts have been transferred to accounts in Europe, and in some cases, to the accounts of willing or unwitting accomplices in the United States.

According to the reports the victims, usually the company CFO or owner, were sent malicious software as attachments to email, which when opened remained resident on the victims’ machines and stole the victims’ passwords to their online banking websites. The cybercriminals used this information to initiate transfers from their accounts of up to US $10,000 at a time to evade notice and detection from their bank’s anti-fraud or money laundering detection systems and protocols.

Your business might be at risk. Make sure you are protected from this type of fraud by securing your PC and network from malicious software. Do not open suspicious-looking attachments and make sure you have the necessary protection in place, such as firewalls, antivirus software, and other methods of protection. Need help? Contact us today.

Related articles:

Phishers Siphon Off Hundreds of Thousands of Dollars in Minutes

Editor — Tue, 01 Sep 2009 09:52:22 +0000

Another reason to keep your computer malware free: cyber-pirates raided several businesses as well as a school in recent attacks through the Automated Clearing House (ACH) Network.

The losses, which ranged from $150,000 to more than $400,000, were accomplished by the crooks in mere minutes. Luckily for these companies, the banks managed to reverse some of the transfers. If they hadn’t, the losses would have amounted to $700,000 up to a whopping $1.2 million.

The modus operandi of the hackers is simple. Making use of the ACH network, they send out “phishing” emails to account holders. When the recipient clicks on the link, malicious software – a Trojan horse or virus – automatically downloads itself to the recipient’s computer, allowing the hacker to infiltrate the system. Keylogging software (software that tracks keystrokes) is installed, which gives phishers access account numbers, names, and passwords. They then divert the company’s funds into their own accounts.

ACH fraudsters can also use the same method to not only siphon off money into their own pockets, but also to establish “ghost employees”, which they insert into the payroll and qualify to receive regular paychecks.

While banks are doing their best to strengthen the system, they can only do so much, and experts admit that the ACH network is a very old system compared to today’s standards. The volume of money that flows through the ACH is also so massive that it is difficult to keep track of specific amounts for specific accounts.

Despite its shortcomings, the ACH system still remains widely used, and the best defence is to guard your system well. For our clients, we have firewalls and anti-malware software in place, but you should also make sure your bookkeepers and staff are briefed on how to avoid being the victim of fake phishing emails.

If you have any questions or concerns please give us a call.

For more details about this story, visit http://www.computerworld.com/s/article/9136334/Cyber_attackers_empty_business_accounts_in_minutes?taxonomyId=17&pageNumber=1.

Fake Security Software Could be Compromising your Security

Editor — Fri, 28 Aug 2009 09:30:39 +0000

A new report by PandaLabs, Panda Security’s malware analysis and detection laboratory, examines the proliferation of so-called “rogueware” – malicious software that attempts to convince people that their computers are infected with malware in order to trick them into buying their “security software”.

Rogueware misleads users in that it tells them that it is protecting them from annoyances (such as online ads) or harm (such as from viruses or other malware) – even if it’s not. Often these programs themselves are not malicious beyond displaying false information. However, in some cases they can be the source of harm themselves, creating a backdoor for other Trojans or viruses to enter the system.

According to Panda’s research, as many as 35 million computers are newly infected with rogueware each month, many through social networking websites such as Facebook, MySpace, Twitter, Digg. Ads featuring free downloadable software are often featured, containing links or reminders to get the paid versions after first use—which earn the fraudsters as much as $34 million per month, Panda estimates.

To ensure you use only legitimate security software, make sure you only use systems from trusted software vendors that are vetted by your IT advisor. For advice and help, contact us today!

Related articles:

4 Keys to Avoiding Malware

Editor — Wed, 12 Aug 2009 03:41:47 +0000

From annoying to destructive, malware is a bane to any computer system and the person who uses it. The benevolent Wikipedia defines malware (short for malicious software) as: “software designed to infiltrate or damage a computer system without the owner’s informed consent.”

The good news though, is that there are simply ways to avoid getting infected by malware. Clearly having the right anti-virus and security installed and up to date is critical – that’s where we help. But it’s also important to know how you can make a difference.

Here are few simple tips to help you keep your system malware-free:

1. Never click indiscriminately
These days, there are ads and pop-ups, designed to induce a PC user to click on them. From sexy models to seemingly too-good-to-be-true offers and promotions, many web advertisers are counting on people’s curiosity and the impulse to click away. The thing is, many of these ads lead you to unsecure sites filled with malware.

2. Cancel Autorun.
When you plug in a portable hard disk or flash drive, you computer automatically opens a window with preset options to enable file viewing for that drive. Immediately opening a flash drive allows infections to access your system, so cancel the window and scan first before opening the drive or any file inside it.

3. Never open suspicious emails.
Unsolicited email is always best unopened and deleted immediately. If you don’t know who sent it, send it straight to the trash bin and delete it forever.

4. Only download if you must and only from trusted sites.
Installing peer to peer downloads may be a great source of free music, media and software. But it’s not only piracy and is probably prohibited by your company policy – it’s also a fertile breeding ground for files embedded with Trojans, worms, and other forms of malware. Download files only when necessary and only do so from legitimate and trusted sites.

You make the difference
Your behavior online plays a big factor in making your PC and your system malware free. Especially if you’re on a network, failing to exercise caution not only compromises your system, but everyone else who’s connected to the same network. A simple click on a wayward link or ad can cause your whole company to be bombarded by spam, so always be careful in what sites you go to and what files you open and download.

If you’d like us to come in and talk to your staff about this and other safe-computing habits just let us know.

Small Businesses Struggling with IT Security

Editor — Wed, 05 Aug 2009 03:14:13 +0000

New research suggests that small and midsized businesses are struggling to keep up with securing their IT applications and infrastructure.

The IT Effectiveness Index report, or ITEI, provides business owners and IT executives at small and midsized businesses with a free online benchmarking tool to help them compare the effectiveness of their IT systems with companies in the same industry and peer group. Executives who take the survey are given a grade from A through F, along with a brief description of what their grade means.

Nearly one in four SMBs received an “F” or failing grade in IT effectiveness, the study says. According to the report, this failure stems largely from a lack of security, a high level of downtime, and the absence of disaster recovery programs. The report revealed that about 37 percent of SMBs received a “C” grade, which indicates they are just barely getting by; only 30 percent have a fully implemented security program; and only 26 percent have fully implemented a disaster recovery/continuity plan.

Is your business struggling with security? Do you want to increase the effectiveness of your IT? Consider outsourcing it to us so you can focus on your business and leave the worrying to us.

Protect Your Systems from Organized Crime Networks

Derek Brown — Mon, 27 Jul 2009 04:52:12 +0000

While software companies have made significant progress in protecting customers from malicious online threats, these threats continue to evolve, and now a new player has entered the game: organized crime.

Malware, short for “malicious software,” is designed to infiltrate a computer system without the owner’s consent. It includes viruses, worms, trojan horses, spyware, and even adware.

The total amount of malware removed from computers worldwide grew more than 43 percent during the first half of 2008, according to a security intelligence report by Microsoft.

According to the report, based on the type of malware most frequently found, financial gain appears to be attackers’ top motivation.

And it may only get worse, because now organized crime networks are distributing malware. Don’t think American mafia; this type of organized crime is more typically loosely organized criminals from underdeveloped parts of the world. Australia’s Verizon investigative response team, which handles data breaches on behalf of that country’s major corporations, has reported that 91 percent of the breaches it found in 2008 could be traced to organized crime activity rather than insider or other threats.

These organized crime networks plot to infiltrate computers—primarily American ones, which have information from which they can profit—and steal data. They may also seek out intellectual property for its potential value. “If a single piece of intellectual property is compromised, and it happens to be the secret formula to your company’s product, then that’s a business-changing event,” said the Verizon report.

Although most of the malware Verizon found could not be detected by current antivirus products, around 87 per cent of breaches could have been avoided by using simple controls, according to Verizon, whose report stated that “on the whole, criminals are still not required to work very hard to breach corporate information systems.”

Here’s what you can do to help protect your systems:

Enable a firewall.
Install and maintain up-to-date anti-virus and anti-spyware programs that provide increased protection from malicious and potentially unwanted software. Almost 40 per cent of victims Verizon investigated in 2008 did not regularly update their security software.
Check for and apply software updates on an ongoing basis, including updates provided for third-party applications.
Open links and attachments in e-mail and instant messages with caution.

Need help implementing these safeguards? We’re here to assist!

Microsoft Releases Fixes and a Workaround for Several Vulnerabilities

Derek Brown — Mon, 27 Jul 2009 04:22:01 +0000

The web is indeed becoming a dangerous place. These days, your PC could become infected with malware or vulnerable to a hacker attack just by innocently browsing a website or opening an email. Last July 14th, Microsoft released six bulletins with fixes for at least nine known security vulnerabilities that put users at risk in a range of Microsoft products. Many of the vulnerabilities, if not patched, can allow “remote code execution” or allow a hacker or malicious software to take over your PC and run unauthorized commands.

ZDNet’s Ryan Naraine has posted a helpful summary of the released fixes:

MS09-029: This update covers two privately reported vulnerabilities in the Microsoft Windows component Embedded OpenType (EOT) Font Engine, which could allow remote code execution. Rated “critical” for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS09-028: This update fixes three separate vulnerabilities (one publicly disclosed and under attack!) in Microsoft DirectShow, which could allow remote code execution if a user opens a specially-crafted QuickTime media file.
MS09-032: This update resolves a privately reported vulnerability in Microsoft Video ActiveX Control. The vulnerability could allow remote code execution if a user uses Internet Explorer to view a specially-crafted Web page that uses the ActiveX control. This vulnerability is currently being exploited in the wild! Rated “critical” for all supported editions of Windows XP and “moderate” for all supported editions of Windows Server 2003.

Some of the vulnerabilities, notably one in Microsoft Office Web Components, do not yet have a patch. An attacker who successfully exploits this vulnerability could potentially gain the same user rights as a local user, allowing the attacker to modify or remove files on the PC remotely. This could potentially happen simply by using Internet Explorer to visit a website. A workaround exists by downloading a free utility from Microsoft called FixIt, which prevents the Microsoft Office Web Components from running in Internet Explorer.

Users, as always, are advised to immediately download the updates and utilities, or use Microsoft’s Windows Update service. If you need help installing the patches or workarounds, or if you feel your PCs are at risk, contact us immediately.

Related articles:

Hackers Launch Cyber-Offensive Against American and South Korean Sites

Derek Brown — Tue, 21 Jul 2009 08:22:12 +0000

Last July 4th and 5th, a massive denial-of-service attack was launched against several government and commercial websites in the United States and South Korea. According to security researchers, the attacks were the work of malware that infected PCs and routed traffic to government and commercial sites during the July 4 weekend in an attempt to take them down with the flood of simultaneous requests hitting them.

Among those affected were the U.S. Department of Treasury, the Secret Service, the Federal Trade Commission, and several others. The attacks, which hit South Korean sites a few days later on July the 7th, are widely believed to have been carried out by an updated version of the MyDoom worm which gained infamy when it first hit Windows machines last 2004. The motive for the attack is not yet known. In the meantime, users are advised to scan their machines and update their operating systems to protect against known vulnerabilities. Contact us to learn more about protecting your business from a similar attack.

Related articles:

Do Your PCs Host Dangerous Apps?

Derek Brown — Tue, 14 Jul 2009 05:29:24 +0000

New research from security firm Secunia reveals that the average PC user has over a dozen insecure applications on his or her computer. They found that the typical user installs over 80 applications on his or her desktop, and around 15% are vulnerable to attack due to failure to patch the applications in a timely manner. Vendors normally release updates or patches to fix known vulnerabilities in their applications. This is an acute problem for software which connects to the Internet, especially if it hosts sensitive or private data. Only 2% of users make it a point regularly update their applications. For businesses, the problem could be greater with the need to manage multiple PCs. Protect your network today by letting us implement software patch management tools to manage and automate this process for you.

Related articles:

New Swine Flu Outbreak: This Time the Virus may be in Your Computer

Derek Brown — Mon, 22 Jun 2009 09:55:59 +0000

As if the scare from the Swine Flu virus were not enough, some opportunistic and malicious hackers have started spreading a computer virus with emails of the same name. Otherwise also known as the Navia.a virus, it seems to have surfaced during the height of the Avian Flu scare. However, the computer virus may have started spreading again. Initial reports from Japan say that the country’s National Institute of Infectious Diseases (NIID) posted on its website that a suspicious Japanese-language email message purportedly coming from them has been circulating with an attached file called “information on swine flu”. The email, originating from senders in the “@yahoo.co.jp” domain, seemed to be sent to random Internet users, the institute said. Users, as always, are advised to avoid opening attachments from suspicious-looking emails to prevent infecting their PCs with malware.While we can’t protect you from the real swine flu virus, we can help you protect your PCs from its new malicious online cousin. Contact us today to find out how.

Survey Shows Insider Snooping on the Rise

Derek Brown — Mon, 22 Jun 2009 09:53:41 +0000

Cyber-Ark Software, a security solutions company, recently released a survey showing that as much as 35 percent of people within an organization (that’s one out of three) admit to accessing corporate information without authorization. Furthermore, an alarming 74 percent claim they could circumvent the controls currently in place to prevent that access. The study polled over 400 IT administrators at the Infosecurity Europe 2009 and RSA USA 2009 conferences. While certainly a cause for concern, this is not surprising. Because of their technical knowledge and access to sensitive corporate information, internal IT staff are capable of circumventing internal policies and controls. If this is a cause for concern within your organization, don’t delay in giving us a call. We can help you secure your information and computing assets today.

Are you Safeguarding your Data?

Derek Brown — Mon, 22 Jun 2009 07:37:42 +0000

With the continuous proliferation of data and its increasing importance to business, it has become critical to implement measures to safeguard it. One such measure is to make sure you have a data protection, backup, and recovery system in place. The threat of data loss from hardware failure, malware, or disaster is very real. A little proactive effort will go a long way in ensuring the integrity and continuous availability of your critical company data. Talk to your IT consultant to find out more.

Protect Yourself from Adware and Malware

Derek Brown — Sat, 13 Jun 2009 04:16:06 +0000

While the internet is a vast resource for all sorts of information, data, and other useful thingamajigs, there are aspects of it that aren’t so desirable. Viruses, for instance. They wreak havoc in your system, destroying files, crashing the operating system – generally making life much more difficult. But if you thought that viruses were the only nasty thing out there that you need protection from, think again.

Adware (advertising software) and malware (malicious software) are types of harmful software called “spyware” that are not usually covered by anti-virus scans. While viruses affect your system directly, spyware runs in the background and transmits information about you through the ’net, which can be used a number of ways ranging from annoying to downright illegal.

These dangers are often unnoticed by users since they don’t directly affect the computer’s operation the way viruses do. What’s more, many people confuse them with viruses, but they’re very different and should be handled differently. Lots of spyware can also slow down your computer, so it’s important to have anti-spyware programs installed on your computer to keep it free from these harmful invaders.

There are many free spyware scanners and removers on the internet – simply download and install one, and then run it on a regular basis. Scanning for adware, spyware, and malware takes approximately the same time as doing a virus scan. Also, remember to update your scanners so that you have current definitions and less chance of overlooking new threats. Finally, we recommend that you refrain from visiting and downloading from unfamiliar websites since they could serve as hosts for both spyware and viruses.

Are You in Danger When Searching the Internet?

Derek Brown — Mon, 08 Jun 2009 07:16:24 +0000

Research recently released by antivirus vendorsMcafee and Panda suggest that searching for certain key words onInternet search engines can prove dangerous.Hackers and malware authors have become adept at Search Engine Optimization and are using frequently searched key words to create sites that will rank favorably in search engines, but are a host for malware or phishing attacks.

According to the report, many popular search terms are targeted, such as: lyrics downloads, free downloads, swine flu, and rihanna. Users are urged to always protect themselves by using patched systems and updated protection tools such as antivirus software. We can help you make sure you’re protected when surfing the Internet – give us a call today.

Related articles:

Get Ready for a New Threat: Vishing

Derek Brown — Mon, 01 Jun 2009 07:19:44 +0000

Tech-savvy criminals have thought of with a new way of scamming us out of our money. In a twist to “phishing” (when spoofed websites are used to trick users into surrendering passwords or credit card numbers), “vishing” is when phone calls using spoofed caller ID numbers hide the identity of the caller and trick people into surrendering sensitive information. Usually, vishing attacks play a recorded message that tells users to call a toll-free number, where they are asked via an automated attendant to punch in a credit card number or other personal information. Attacks are on the rise since with Voice over IP phone technology, caller ID spoofing is very easy to do.Protect yourself by registering your number with the National Do Not Call registry at donotcall.gov. Some criminals and unscrupulous telemarketers may ignore the list, and if you continue to get calls, it’s a tip that the offer is bogus. Contact the authorities immediately if you do get scammed, and always play it safe and don’t surrender your information to unknown sources.

Social Media Poses Security Risks

Derek Brown — Mon, 01 Jun 2009 07:17:51 +0000

Security company Websense released a survey of of 1,300 IT professionals worldwide revealing that although social media or the use of “Web 2.0″ technologies such as blogs, wikis and social networks are already pervasive in business, a majority of IT managers seem ill equipped to manage its use, much less protect against security concerns associated with it. According to the survey, 70 of the top 100 most popular websites, many of which are social media sites, had hosted malicious content at some point. The study points to 150,000 spoofs of Facebook alone. In addition, 57 percent of data-stealing attacks are conducted over the Web. Because the nature of Web 2.0 sites allow for users to create and post their own content, it’s easy for cyber criminals to gather information and use it for threats, attack or fraud. Though 80 percent of the IT managers surveyed were confident in their company’s Web security, only nine percent said they have the necessary tools to protect against social media threats. If you feel your organization may be at risk, give us a call today – we can help.Related articles:

Facebook Users Targeted By Phishing Attack

Derek Brown — Mon, 25 May 2009 07:21:42 +0000

Last May 14th, reports indicated that hackers had launched a phising attack on Facebook‘s 200 million users, successfully stealing passwords from some. The hackers set up websites designed to look like the Facebook home page. Victims were directed to log back in to the site, but were routed to the fake site instead, unwittingly giving away their passwords. Facebook has deleted all references to the fake domains, which included www.151.im, www.121.im and www.123.im. This is the latest in a string of campaigns launched by hackers to steal personal information from users and to spread spam. Facebook’s large user base makes them an attractive target for many cybercriminials. Users are urged to seek help from authorities or trusted IT consultants if they believe their accounts were compromised, or to avoid similar scams.Related articles:

The Greatest Threat to Your Security May Be Your Employees

Derek Brown — Mon, 04 May 2009 09:55:38 +0000

While everyone is worried about security threats outside the company’s firewall such as hackers, viruses, and worms, research suggests that the greatest risk may come from none other than the company’s very own employees.

Not all of these risks are necessarily borne of malicious intent on the part of employees. Some risks may come from unwitting participation, temptation, or simply ignorance. Here are just some examples of security risks you should watch out for:

Data theft. With the ease with which employees can connect small devices and transport data outside the company’s four walls, the risk of your sensitive data falling into the wrong hands becomes very real. Set up clear guidelines and policies regarding the use of removable storage media. You can, on your own or with the help of your IT consultant or service provider, lock down your PCs to disallow connection to removable drives or portable media devices if appropriate.
Data loss. Accidents happen. Set up backup systems so that you can recover data quickly in case employees accidentally delete a file, are unable to secure a PC from viruses and worms, or are careless with the physical state and functioning of their assigned PCs.
Data leaks. With the proliferation of multiple channels of online communication such as e-mail and IM, the threat of employees leaking sensitive company data to outside parties is very real. Provide clear guidelines and policies for the proper use of these communication channels in the workplace, and if needed, set up methods to block access to these services. Ask your IT consultant for help.
Intellectual property violations. Illegal downloads or the illicit sharing of copyrighted material can also pose a significant threat to your organization. Legal action or the loss of your company’s hard-earned reputation can be debilitating and difficult to get over.
Online Phishing and E-mail Scams. In phishing or e-mail scams, deception is used to gain unauthorized access to confidential data. Make sure you or your IT consultant set up filters to block such e-mails, or use security software to block access to this type of website.
Lax/missing access controls. Be prudent and place access control policies on key information resources within your organization, such as e-mail or your accounting system. Provide each employee with access only to relevant information needed to complete his or her particular job.

It’s not easy to protect yourself from security breaches, especially when they come from within your organization. Get advice from an expert. Contact your IT Service provider today to find out more.

Workers ‘stealing company data’ (news.bbc.co.uk)
Gasp! Fired workers are taking confidential data (news.cnet.com)
A multilayered strategy helps neutralize internal security threats (techrepublic.com)

The Conficker Threat – Be Prepared

Derek Brown — Tue, 28 Apr 2009 09:58:23 +0000

The past couple of weeks, a new malicious and particularly virulent worm known as Downadup, also more popularly known as Conficker has started to infect millions of PCs. In fact by some estimates, it has infected over 10 million PCs worldwide. As with many threats proper prevention can greatly reduce or eliminate your problem.

This worm is particularly dangerous as it can infect your PC in many ways. You can be infected by simply visiting your favorite Web site, downloading a file or email from the Internet, loading a USB drive, or just by leaving your networked computer on, overnight while you’re asleep.

The worm takes advantage of known vulnerabilities in Windows to spread. Its removal can be difficult, as it blocks many known antivirus software and associated websites. In some cases it even disables antivirus software already installed or the Windows Update service.
After infection, it may choose to run rogue software on the machine, or use it as a host to infect other machines. Particularly troubling, security experts believe, is that on April 1st, a new variant of the worm will begin to randomly check various websites on the Internet to download new instructions. What those instructions are unknown at this point and could be anything as harmless as telling a joke, displaying an ad or as harmful as destroying files or even stealing usernames and passwords.

The worm itself is not new, it made its first appearance late November 2008, known under the names Conficker or Kido. It shouldn’t have spread if people had made sure to the latest Windows and other updates were applied to their PCs and have kept up to date with their security vendors’ latest antivirus releases. Also since it spreads via network shares, making sure to use strong passwords on shared network drives would have helped to contain it early as well.
If you aren’t sure if your PC and network are protected, make sure to contact your IT service provider for advice.

Here are some other articles you might want to check out for more information:

Related articles:

The Conficker worm’s evil genius. (slate.com)
Conficker Worm Draws a Counter-Attack – PC World (domainmacher.com)
FAQ: Conficker worm (cbc.ca)
Your Quick Guide to the Conficker Worm (shankrila.com)
Windows PC Worm Set to Activate on April 1st (littlegreenfootballs.com)

Security Resources, Articles, and Tips from the Government

Derek Brown — Mon, 27 Apr 2009 07:34:23 +0000

Looking for a website or online resource for Security Tips and Best Practices? Check out the Federal Trade Commission‘s (FTC) OnGuardOnline program, which the FTC began in partnership with cybersecurity experts, online marketers, consumer advocates, and federal officials in 2005. While there, check out the articles and free resources such as videos, games, and downloadable files to help you guard against Internet fraud, hacking, and other security threats.The site also offers the following seven vital security practices:

Protect your personal information. It’s valuable.
Know who you’re dealing with.
Use security software that updates automatically.
Keep your operating system and Web browser up-to-date and learn about their security features.
Keep your passwords safe, secure, and strong.
Back up important files.
Learn what to do in an “e–mergency.”

If you suspect Internet fraud, you can register a complaint using this form. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database used by law enforcement officials in the U.S. and overseas. Check out the site or contact your IT Consultant to help you implement the recommendations from the site.

What’s Next for Conflicker?

Derek Brown — Fri, 03 Apr 2009 07:50:59 +0000

April fool’s day came and went, but so far the much feared attack from Conflicker never materialized, leaving security researchers to ponder what’s next for the notorious Internet worm. Although it didn’t release any detectable malicious payload, the arrival of April 1 did trigger a change in its behavior, with experts finding a finding a changed domain generation algorithm that opens up unfettered communication to 500 of the 50,000 potential newly generated domains. The latest variant, Conficker C, now has the ability to contact its command and control centers for further instructions while circumventing interference from the security community, which up until now had been able to block communication with its parent domains. At this point users are still advised to patch their operating systems or to seek the assistance of their IT service providers to make sure all variants of the worm has been removed. Read more at Channel Web.

Protecting Against the Rampant Conficker Worm

Derek Brown — Thu, 02 Apr 2009 07:58:59 +0000

PC World posts a nice overview of the highly infectious Conflicker Worm. The Worm is dangerous as it uses several methods of attack. Once one computer in a network is infected, it often has ready access to other vulnerable computers in that network and can spread rapidly. The worm can download and install additional malware from attacker-controlled Web sites as well. Since that could mean anything from a password stealer to remote control software, a Conflicker-infected PC is essentially under the complete control of the attackers. Conficker and other worms are typically of most concern to small businesses that don’t regularly update the desktops and servers in their networks. If you’re not sure your network security is up to day get some help to find out.

Read more at PC World…

How Much is Conficker Really Affecting the Enterprise?

Derek Brown — Thu, 02 Apr 2009 07:52:55 +0000

Lately, we have been hearing about how quickly the Conficker Worm is spreading. News sources have pegged the number of infections in the neighborhood of 3.5 million computers. Given that Microsoft issued a patch for the flaw targeted by the Conficker worm and the use of strong passwords can prevent much of the spread, it seems odd that enterprises (large corporations) with network management would be hurt by the worm. But sometimes enterprise security isn’t all it’s cracked up to be. Regardless of your size – small or large you need to make sure you’re taking all available steps to protect your network security. If you’re not sure, get help.

Read More at eWeek

2009 Tech Security Forecast

Derek Brown — Mon, 09 Mar 2009 08:04:04 +0000

In 2009, IT experts predict more malware and other attacks on company networks coming from mobile devices, social networks, and faster Internet connections, among other trends.

IT experts predict a substantial uptick this year in the number of small businesses using smart phones — as well as flash drives, social networks, and faster Internet connections. While that might make employees more productive, it also increases the security risks a small business faces.

Read more at Inc Technology…

Virus Attack: What to Do on Zero Day

Derek Brown — Tue, 10 Feb 2009 08:46:33 +0000

Virus Attack: What to Do on Zero Day

Lemon Juice Email: Keeping Email Messages Secure

Derek Brown — Tue, 10 Feb 2009 08:16:06 +0000

As a kid I used to write messages with lemon juice and when the juice dried I had a secret message (or so I thought) that was viewable when held up to the light.

Of course these child hood secret messages only work in the mind of a child, but not the corporate shield of real business. For your communications between your employees, your partners or your clients you need to ensure that each email message that needs to be secure, is secure.

Read more at Small Biz IT…

Wi-Fi Security: Block Rogue Access Points

Derek Brown — Thu, 04 Dec 2008 09:22:00 +0000

Wireless networks have moved to the small business arena, helping offices spread Internet connectivity and mobility at a low cost, but bringing security concerns. Unauthorized access points can undercut your Wi-Fi security.

Read the story on Inc. Technology…

Help for Recovering Stolen Laptops

Derek Brown — Thu, 04 Dec 2008 09:20:01 +0000

A variety of software and services — from Lojack to GadgetTrak — are designed to help recover a lost or stolen notebook computer. These products have become more appealing to businesses of all sizes.

Read the story on Inc. Technology…

Don’t Leave Your Business Open to Cyber Attacks

Derek Brown — Fri, 21 Nov 2008 09:34:55 +0000

Simple Steps Businesses Can Take to Protect Themselves from Cyber Crime

“When the World Wide Web launched almost 20 years ago, it generated a lot of buzz about how it would revolutionize the way we do business, but many questioned whether these projections were
fact or just grand words.

Today, few can argue that the Internet has transformed business operations. For example, it has changed the way we share information, talk to employees, advertise jobs and sell services and merchandise to customers. It has opened the door to resources from all over the word. It has
become such an essential tool for business success that few can afford not to have a Web presence.

But the Internet has done more than change the way we work; it changed the way criminals commit crimes. Cyber criminals view the Internet as a tool they can use to launch daily cyber attacks such as computer viruses, worms, spam, phishing and identity theft, and the Web presence that businesses need to be successful is what makes them vulnerable to these attacks.”

Read the story on SmallBizTechnology.com