Scareware Threat Spreading Across The Internet

Computer security researchers have discover a blackhat search engine optimization that is spreading scareware. The malware has infected over 200,000 computers already and spreading to vulnerable machines. The scareware tells you that your computer is infected with viruses, spyware, malware and trojans.  It then stats that you need to purchase antivirus software for computer security. If you receive a message stating that a computer infection has occurred don’t believe it. Close IE and run your anti-malware or anti-spyware programs to remove the infection. This is all just a scam to get money and credit card numbers.

Patch Tuesday Windows Update

Microsoft has releases several new patches for Windows Update.  The patches are designed to fix 15 vulnerabilities in Windows and Office products.  One of the patches involve a critical flaw found in the Windows Kernel.  The kernel controls everything in Windows from booting up to running applications. Several of the other patches involve security holes in Windows that could allow a hacker to take remote control of you computer. They also have added two viruses into the Malicious software removal update. If you are using Windows for your operating system you need to visit Windows Update and download all critical patches.  All Windows user should also run the Microsoft Software Removal Tool to verify that your computer is free of viruses.

Mac has also released several new patches for the Snow Leopard OS.  These patches are designed to fix over 40 vulnerabilities in the OS.  I know that most MAC users think they are safe from internet threats but I can assure you that your are not.  MAC has been gain more and more market share and as they gain market share so will the amount of viruses, spyware and rootkits designed specifically for the MAC.

Major Flaw Found in SSL Encryption for Online Shopping

The Internet Engineering Task Force has warned about a zero day flow in the SSL protocol that encrypts the communication between computers.  The SSL layer is what encrypts your private information such as credit card number, address and other private data about you.  The reason why this is such a major issue is that it is a zero day flaw.  A zero day flaw means that flaw is currently being exploited in the wild and that is why it is critical it gets fixed ASAP.  The risk to people who make purchases online is slim because to take advantage of this flaw you must have a highly advanced understand of how computers and programing.  Over the next couple of week you will start to see patches for Internet Explorer, Firefox and all servers that have internet connections.  When the patches are released all internet users will need to download them immediately to assure a high level of computer security.

Article on SSL Error

Internet Safety Center

Identity Theft 4 times more likely from Corporate Breaches

We have talked about Identity several times in our blog and on the site and how to protect yourself.  The one thing you can’t protect yourself from is corporate America having a security breach and your private information being exposed.  The study was interesting in that people didn’t really understand the direct relationship between a security breach and identity theft.  Everybody needs to understand that when a corporation has a security breach that means your private information (Social Security Number, address, credit card number) is at risk.  The question you have to ask is what information did they have and how can it hurt you?  This information is generally send outside the United States and sold on the black market.  Criminals then take this information and open credit cards in your name in other countries.  The internet has allowed criminals to conduct identity theft all over the word.  If you get a notice that your information has been compromised you need to take is seriously.  You should place a security watch on your credit report.

Article

Microsoft Reports Internet Worms Rising but New Vulnerabilities down.

Microsoft issues a report that overall internet worms have increased by over 98% over the previous quarter.  Internet worms have gone from the 5th greatest threat all the way up to number 2nd on the list.  Worms are getting into personal computer and telling them that their computer is infected or redirecting them to other sites trying to get them purchase items.  On the bright side overall computer vulnerabilities have decreased over the same time.  Microsoft found that overall computer security vulnerabilities have decreased by over 30% in the last 6 months.  We believe this will actually start to increase with the release of Windows 7.  Computer security holes and vulnerabilities will be found in Windows 7 and it is only a matter of time before hackers start to go after Windows 7.  The more we educate user about computer security the safer the internet becomes.

Microsoft Story

5 – Vulnerability that lead to Identity Theft

I found this interesting article about identity theft and what are the 5 major ways Identity Theft occurs.  The first one is that people don’t change-up their daily routine.  If people are watching you and your routine doesn’t change they have any easy way into your world.  The next two are ones we have talked about several times in social networking and computer scams.  Part of our guide to social networking is that you should never post sensitive data on you page and make sure your profile is set to private.  Computer and internet scam are running wild all over the internet.  Several computer security experts say that scareware and spyware has grown by over 600% in the last year.  The fourth way is through hackers (internal and external) stealing sensitive information of customers.  We hear stories all the time about credit card companies or financial companies losing customer data.  I wish I could say that is going to slow down in the future but I expect it to actually grow over the next several years.  I also expect that Identity Theft will grow by over 15% in the next and 20% the year after that.  The last method is through Healthcare moving to electronic records.  I agree that in the move to electronic records that we will see more identity or fraud from this activity.  I just wanted to share what the article said are the five vulnerabilities for identity theft and that we have to agree with all of them.  The biggest threats rights now come from the internet and internet scams.  The internet is full of spyware and scareware that is waiting to steal your identity or to harm your computer.

Article Link

Time Warner High Speed Internet Users at Risk

If you have a SMC8014 cable modem/Wi-Fi router from Time Warner Cable you may be leaving your computer network open to risk.  It was discovered last week that over 67,000 Time Warner customer were at risk of having their network hacked, web browser hijack or snoop sensitive data that use that particular modem/Wi-Fi rotuer.  The flaw hasn’t been released to the public but it does involve how your network gets encrypted .  Time Warner has released a press release that they have temporary patched the hole but Bloggers are reporting that the security issue hasn’t been fixed for everybody.  A final patch should be released later this week according to Time Warner.  We recommend that if you the SMC8014 cable modem/Wi-Fi router you should ask for a replacement with a new model.

Story

New Phishing Botnet spreading across the Internet

A new Zbot botnet is infecting computers all across the Internet stating that their computer is infected with the conficker worm and you need to a “system update” to remove it from your computer.  The messages are coming in the form of emails telling you need of a “system update”  and that you need to get the new “cleanup utility.”  When users click on the link they are then infected with the Zues Trojan.  The Zues Trojan is designed to steal financial information from your computer.  If you get an email stating that your computer is infected with conficker or that you need a “system upgrade” don’t click on the link.  You should delete the email immediately.   Remember that they key to internet safety and security is to understand the threats.

Article

Millions of computer compromised with Fake Security Software

Symantic stated this week that millions of computers are infected with fake security software.  Internet users get a pop-up on there computer telling them they are infected with worms, viruses and other malicious threats.  They tell you that you need to purchase antivirus or computer security software to remove the threats.  People are paying the $50-120 for the computer security software and actually get nothing in return, in fact some actually make your computer less secure.  When you pay the money the code is designed to remove the message and give you security software that isn’t very good or actually isn’t even security software.  It is estimated that these fake messages about computers being infected have been downloaded over 45 millions times and still rising.  This is just a reminder that if you get a message stating that you computer is infected with worms, trojans and other threats this is just a scam and don’t buy anything.  Verify your anti-spyware software is up to date and run a full system scan.  Remember that internet security starts with understanding the threats.

Symantic Article

Hotmail – Most Common Password Revealed

Last week when Hotmail user accounts were compromised a study was conducted on what was the most common password.  The password that was used the most was “123456.”  Some of you might remember that this is almost the same password as on the luggage in the movie Spaceballs.  If you are using Hotmail for email and your password is “123456″ please change your password.

Passwords should be minimum 6 characters in length.  Passwords should have a capital letter and special character.  The more complex your password is the harder your account is to hack.

Password Article