Staple offers free anti-virus software on Black Friday 11/25/2011:
Norton Internet Security 2012 (1-PC) [Boxed CD]
McAfee Total Protection 2012 (3-User) [Boxed CD]
Don't miss this if you don't have anti-virus software yet.
Wednesday, November 23, 2011
Thursday, November 10, 2011
DNS malware: Is your computer infected?
FBI cracks down a false online ad scam running by seven eastern European hackers. The malicious software infected four million computers, including 500,000 in the United States. More details can be found at FBI's website and you can check your computer to see if it is affected here.
Monday, October 24, 2011
Best Anti-virus Software
According to PC Magazine, the top-fives are:
1. VIPRE
2. BitDefender
3. Kaspersky
4. AVG
5. avast
More from http://www.pcantivirusreviews.com/antivirus-comparison.html
1. VIPRE
2. BitDefender
3. Kaspersky
4. AVG
5. avast
More from http://www.pcantivirusreviews.com/antivirus-comparison.html
Tuesday, July 12, 2011
Is your computer part of TDL-4 botnet?
Botnet is the biggest threat on the internet these days. The term botnet refers to a collection of compromised computers that are controlled by a malicious hacker or hacker's group.
The TDL-4 is the newest and scariest on the internet, it is called the 'indestructible' botnet by some of the researchers because it safeguards itself from removal in a few ways:
1) it infects a computer's master boot record, allowing it to run before Windows starts up, enabling it to stay under the radar of its host's antivirus software,
2) it has its own antivirus built in, so it can remove other malware that might be picked up by real antivirus and alert the user that there's a problem, and
3) its communication with its peers is encrypted and well timed, such that it communicates when the user of the computer is surfing the 'net.
So what's the point of it? Money. Like most malware created today, its authors are organized and after dollars. All that spam in your mailbox? That's from a botnet selling pirated software and pharmaceuticals. Your personal data is worth money. The front and back of a credit card as a scanned document will sell for $20. Your PayPal account credentials will net someone 30% of the balance of the account.
The good news is TDL-4 is NOT indestrutible. The malware can be detected and removed by Kaspersky Lab's free TDSSKiller.
The TDL-4 is the newest and scariest on the internet, it is called the 'indestructible' botnet by some of the researchers because it safeguards itself from removal in a few ways:
1) it infects a computer's master boot record, allowing it to run before Windows starts up, enabling it to stay under the radar of its host's antivirus software,
2) it has its own antivirus built in, so it can remove other malware that might be picked up by real antivirus and alert the user that there's a problem, and
3) its communication with its peers is encrypted and well timed, such that it communicates when the user of the computer is surfing the 'net.
So what's the point of it? Money. Like most malware created today, its authors are organized and after dollars. All that spam in your mailbox? That's from a botnet selling pirated software and pharmaceuticals. Your personal data is worth money. The front and back of a credit card as a scanned document will sell for $20. Your PayPal account credentials will net someone 30% of the balance of the account.
The good news is TDL-4 is NOT indestrutible. The malware can be detected and removed by Kaspersky Lab's free TDSSKiller.
Tuesday, June 14, 2011
SecureID compromised
RSA Security will be replacing the 40 million SecurID tokens currently in use as a result of a reported attack on RSA last March. The company recently sent a letter to customers acknowledging that SecurID failed to protect defense contractor Lockheed Martin and several other clients as a result of the attack.
SecurID tokens are used in two-factor authentication systems. Two-factor authentication has been considered by many to be the gold standard for secure IT access. The idea is that you must have two things, something you have (such as a token) and something you know (such as a password).
SecurID is the token, which will present a number to the user that changes every 30 seconds. The algorithm that matches the number to the token may be part of what was stolen from RSA's data systems. The thieves now have one of the two factors figured out, so if you have a weak password as the second factor, the thieves will be able to penetrate your secure system.
More details can be found here.
SecurID tokens are used in two-factor authentication systems. Two-factor authentication has been considered by many to be the gold standard for secure IT access. The idea is that you must have two things, something you have (such as a token) and something you know (such as a password).
SecurID is the token, which will present a number to the user that changes every 30 seconds. The algorithm that matches the number to the token may be part of what was stolen from RSA's data systems. The thieves now have one of the two factors figured out, so if you have a weak password as the second factor, the thieves will be able to penetrate your secure system.
More details can be found here.
Monday, June 6, 2011
One time use anti-virus/anti-malware software
You can get a free PC safety scan by using the Microsoft Safety Scanner, a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware and other malicious software. It works with your existing anti-virus (AV) software.
The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again. This tool is not a replacement for using an AV software that provides on-going protection.
So why would you use this scanner? It is good for those times when you think you might have a virus or you don't trust that your usual AV software is catching all the threats out there. This tool allows you to run a one-time, on-demand scan, and works as a good "backup" security tool for your PC.
Learn more and download at http://www.microsoft.com/security/scanner/en-us/default.aspx
The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again. This tool is not a replacement for using an AV software that provides on-going protection.
So why would you use this scanner? It is good for those times when you think you might have a virus or you don't trust that your usual AV software is catching all the threats out there. This tool allows you to run a one-time, on-demand scan, and works as a good "backup" security tool for your PC.
Learn more and download at http://www.microsoft.com/security/scanner/en-us/default.aspx
Monday, May 23, 2011
How to clean up after your computer is hacked
1. Isolate your computer: Isolation prevents the hacker from continuing to wreak havoc by pulling files or personal information. Network access should be cut off by removing the cable or turning off the wifi.
2. Shut down and remove the hard drive: If you don't feel comfortable removing the drive, take the computer to a PC repair shop or your IT department. (An alternative to removing the drive would be to boot the machine off a Linux Live CD with virus detecting tools and the latest virus definitions on it.)
3. Scan the drive for infection and malware: Using a separate bootable drive, scan the drive using rootkit, virus and spyware detectors. They should be able to remove the malware from the file system.
4. Backup important files if you haven't already: You'll want to get all personal data off the drive. Copy photos, documents, media and other personal files to a DVD, CD or other clean hard drive.
5. Reinstall the hard drive: After verifying a successful backup of your files, you can put the drive back into the computer.
6. Completely wipe the old drive (repartition and reformat): You shouldn't trust that the malware has been cleaned off entirely. Some damage to the file system might still exist. The only way to be sure is to clean the drive with a hard drive wipe utility to blank the drive. This may take a few hours to complete. The wiping process will overwrite every sector of the hard drive.
7. Reload the OS and trusted media: Use your original OS disks that came with your computer, do not use ones from unknown origin. When attaching the computer back to the network, the first thing you want to do is accept the updates and patches. Don't install any software yet.
8. Reinstall virus protection software, and any other security software before loading any applications on the machine. Make sure your AV software is up to date and is accepting new virus definitions on a daily basis.
9. Scan the backup disks for viruses before copying the files back onto the computer. You can never be too careful, as your backup files might have become infected during a previous backup process.
10. Going forward, back up your files on a regular basis so that if this happens again, you won't spend as much time reloading your system.
More details can be found here.
2. Shut down and remove the hard drive: If you don't feel comfortable removing the drive, take the computer to a PC repair shop or your IT department. (An alternative to removing the drive would be to boot the machine off a Linux Live CD with virus detecting tools and the latest virus definitions on it.)
3. Scan the drive for infection and malware: Using a separate bootable drive, scan the drive using rootkit, virus and spyware detectors. They should be able to remove the malware from the file system.
4. Backup important files if you haven't already: You'll want to get all personal data off the drive. Copy photos, documents, media and other personal files to a DVD, CD or other clean hard drive.
5. Reinstall the hard drive: After verifying a successful backup of your files, you can put the drive back into the computer.
6. Completely wipe the old drive (repartition and reformat): You shouldn't trust that the malware has been cleaned off entirely. Some damage to the file system might still exist. The only way to be sure is to clean the drive with a hard drive wipe utility to blank the drive. This may take a few hours to complete. The wiping process will overwrite every sector of the hard drive.
7. Reload the OS and trusted media: Use your original OS disks that came with your computer, do not use ones from unknown origin. When attaching the computer back to the network, the first thing you want to do is accept the updates and patches. Don't install any software yet.
8. Reinstall virus protection software, and any other security software before loading any applications on the machine. Make sure your AV software is up to date and is accepting new virus definitions on a daily basis.
9. Scan the backup disks for viruses before copying the files back onto the computer. You can never be too careful, as your backup files might have become infected during a previous backup process.
10. Going forward, back up your files on a regular basis so that if this happens again, you won't spend as much time reloading your system.
More details can be found here.
Monday, May 2, 2011
Osama Bin Laden and Spam
The death of Osama Bin Laden is being used to spread computer viruses and other malware, hidden behind links that pretend to contain information or photos about the attack.
Users should be cautious of spam containing links to photos, videos and other information that sounds remarkably interesting on Bin Laden's death. Users also need to be cautious of Tweets and Facebook posts, as cybercriminals gear up to attract unsuspecting traffic to spread malware.
More details at http://www.securityweek.com/cybercriminals-using-osama-bin-ladens-death-spread-malware
Users should be cautious of spam containing links to photos, videos and other information that sounds remarkably interesting on Bin Laden's death. Users also need to be cautious of Tweets and Facebook posts, as cybercriminals gear up to attract unsuspecting traffic to spread malware.
More details at http://www.securityweek.com/cybercriminals-using-osama-bin-ladens-death-spread-malware
Tuesday, March 15, 2011
IE 6 count down
Microsoft is now actively discouraging people from using IE6 because of the performance and more importantly, the security concerns. It has released an official IE6 Countdown Site with graphics: http://www.theie6countdown.com, showing the percentage of market share IE6 holds in countries around the world. You can see China is the leading country with more than 1/3 of its users still using IE6. Please spread the word so people can upgrade.
Monday, February 14, 2011
Facebook Going HTTPS
After Mark Zuckerberg's fan page got hacked (see more details here), Facebook is a little bit more serious about web security issues. Facebook wrote on their blog that they are rolling out the option for users to access Facebook via a secure SSL (https) connection. According to the blog article, users need to go to their account settings and choose "secure browsing" from the account security section of the page.
The full story can be found at http://news.cnet.com/8301-13880_3-20030725-68.html.
The full story can be found at http://news.cnet.com/8301-13880_3-20030725-68.html.
Monday, January 24, 2011
What Not to Post to Facebook
According to an article by About.com on Internet Security, there are 5 things you should never post on Facebook:
1. Your or your family members' full birth date (if you must, you can put in the day and month but leave out the year). Identity thieves use this information as one of the 3 to 4 pieces of information they need to steal your identity.
2. Your relationship status, especially when you are single. Stalkers may use this information to go after you.
3. Your current location.The problem with this is that you are telling everyone that you're on vacation or not at your house.
4. The fact that you're home alone. Again, you wouldn't walk into a building and tell everyone there you are going to be all alone at your house.
5. Pictures of your kids tagged with their names. This kind of information could be used by predators to lure your child. They could use the child's name and the name of their relatives to build trust. Your real friends already know your children's names. Just leave any identifying information off.
Removing all this information if you've already divulged it on Facebook may be a daunting task. You may feel safe enough because you've set your privacy setting so that your information is only visible to your friends. However, you don't know if your friend had their account hacked or someone may be reading over their shoulder at the library. This may be the best solution for the sake of safety for you and your family.
1. Your or your family members' full birth date (if you must, you can put in the day and month but leave out the year). Identity thieves use this information as one of the 3 to 4 pieces of information they need to steal your identity.
2. Your relationship status, especially when you are single. Stalkers may use this information to go after you.
3. Your current location.The problem with this is that you are telling everyone that you're on vacation or not at your house.
4. The fact that you're home alone. Again, you wouldn't walk into a building and tell everyone there you are going to be all alone at your house.
5. Pictures of your kids tagged with their names. This kind of information could be used by predators to lure your child. They could use the child's name and the name of their relatives to build trust. Your real friends already know your children's names. Just leave any identifying information off.
Removing all this information if you've already divulged it on Facebook may be a daunting task. You may feel safe enough because you've set your privacy setting so that your information is only visible to your friends. However, you don't know if your friend had their account hacked or someone may be reading over their shoulder at the library. This may be the best solution for the sake of safety for you and your family.
Subscribe to:
Posts (Atom)
