Posts Tagged ‘security’

Conflicker is Alive

The makers of Conflicker or no longer April-foolin’ around. The virus spread around for months using a Microsoft vulnerability in Windows that was patched in October, but was idle until April 1. On that April 1 date, the virus started retrieving instructions from the makers, turning any machine infected into member of a giant botnet. It has been estimated that over 12 million PCs have been infected so far. At first, the virus did nothing. Now, it’s been reported that the virus is active and downloading payloads.

A lot of speculation went into what the makers’ intent for the virus was. It appears that we know their intent – for now. The virus is spreading fake pay-for software tricking users into buying fake antivirus software and other assorted fake to make money.

Tags: , , ,
Filed under News : Comments (0) : Apr 12th, 2009

Another Important Password Management Reminder Courtesy of 8,000 Comcast Customers

Today news reached the media that Comcast had a list of over 8,000 usernames and passwords in a publicly accessible directory on a web server. The file apparently had been accessible for months and had been viewed 345 times and downloaded 27 times before someone notified Comcast. The list was discovered by a professor in Pennsylvania named Kevin Andreyo after reading an article on using search engines to dig up secrets about people. Andreyo decided to search for his email address, discovered the list and turned it in to Comcast and the FBI. Comcast has released a statement saying that the number was more like 4,000 accounts that had been compromised due to the list having lots of duplicate entries.

Regardless of the number or severity of the exposure, the fact is that lots of people had their username/password combinations stolen. A very large amount of people use the same password for all of their accounts as well as never, ever change their passwords. That means that this problem most likely exposed a large number of peoples’ bank accounts, email accounts, or other online accounts. As we become more and more dependent on online services, password management becomes very important.

While you can’t prevent your passwords being exposed in this way, there are some tips you can do to prevent your online accounts from being broken into:

Don’t use the same password for multiple services

This can be unmanageable for some without the use of a piece of password management software, which is a religious debate that I’m not going to get into here. Even having a set of 3 or 4 passwords that you use can help to minimize exposure should an event like the Comcast issue take place.

Use a complex password

Now, this won’t help you in this case when the password is listed in plain text, but if your password is not easily guessable, it won’t be subject to simple dictionary attacks.

Don’t use a guessable password

Often, in IT security, attacks come from within an organization. Someone who knows you very well is most likely to want to be breaking into your account than someone who doesn’t and they are a much more likely candidate to guess your password. Be sure not to use a simple word or phrase that a lot of people close to you would be able to guess.

Change your passwords frequently

In the case of the exposure today, changing one’s password is a quick and simple fix to ensure that an attacker won’t break in. It’s also important to keep changing your passwords if your passwords are particularly vulnerable to brute-force attacks. A lot of web services and SSH servers are not setup properly to stop a brute force attack. Also, a compromised system can have passwords contained on it cracked over time without the owner having any idea.

While these steps certainly don’t guarantee one’s security, they are a great step to protecting your identity and personal information online. While none of these are any sort of rocket science, often they are left undone even by those who work in the security field.

Tags:
Filed under How-Tos / Tips : Comments (1) : Mar 16th, 2009

Trojan Hits Macs Through Pirated Software

Appleinsider reports that tens of thousands of Mac users have been infected with a trojan horse when installing pirated software. A hacked copy of Apple iWork ’09 and Adobe CS4 have been floating around through bit torrents and P2P softwares that installs some extra software that checks in with a server which then allows the attacker to run commands on the user’s computer. So far the trojan is only being reported as being sent through those two applications, though it would be easy to place the trojan into any pirated application circling the web.

The differences between the official version and infected, pirated version of iWork is the inclusion of a package called iWorkServices.pkg in the pirated version which then runs at startup as (I’m assuming) the root user (since the user had to put in a password for sudo to install). The CS4 trojan uses malicious code in the cracking utility used to disable the licensing features of CS4 which also installs itself as a startup item with a root backdoor.

Tags: ,
Filed under News : Comments (0) : Jan 27th, 2009

Why Patching Is Important..

The Telegraph reports that security researchers are saying over 8.9 million computers have been infected by a virus in the past two weeks which uses a vulnerability that had been patched by Microsoft months ago. Users have not patched their machines and it is allowing the virus to spread at a rapid rate. The virus spreads through a vulnerability in the Windows server service so it can spread across a LAN and will also use portable storage such as USB flash drives to travel from LAN to LAN. It has been called Conficker, Kido and Downadup and is said to be very difficult to get rid of. If you haven’t updated Windows since the end of October, please take the time to do so now. If you’re not infected already and haven’t patched, consider this your warning. Take the time right now to run your updated (no matter what OS you happen to run). Next to backup, this is one of the biggest things users look back upon and wonder why they didn’t take time before it became a problem.

Tags: , ,
Filed under News : Comments (1) : Jan 20th, 2009

Patch for IE to be Released Out-Of-Cycle

A very serious flaw in Microsoft’s Internet Explorer has been found with a patch to be released soon. The BBC reports that the flaw is so severe that Trend Micro’s Rick Ferguson is urging consumers to find an alternative browser at least until the flaw has been fixed. The vulnerability allows an attacker to take control of a user’s computer and steal the user’s passwords. Microsoft has stated that the flaw has only been seen exploited in version 7, but the underlying flaw exists in all versions of the browser. In a Security Bulletin notice sent yesterday by Microsoft, they mention that the update affects versions as far back as 5.01 on Windows 2000 all the way up to version 8 beta. According to the BBC article mentioned earlier, no other browsers are affected. Alternatives to the browser include Firefox, Chrome, Opera, or Safari. I haven’t seen a promised release date for the patch, but the Security Bulletin update from yesterday says that Microsoft intends to update its Security Bulletin today for numerous versions of Internet Explorer.

Tags:
Filed under News : Comments (0) : Dec 17th, 2008

« Older Entries
Newer Entries »