 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
| Malware, Viruses, Trojans, and Other
Nastiness |
|||
| Today's internet is probably one of
the least safe places to be in regards to the health of your
computer and the safekeeping of your personal data. This page
will be continually updated with info on new threats as they
appear. If you have any questions please feel free to
contact us. One of the most common questions we get asked is "I have current, reputable anti virus software installed, why did my PC still get infected?" This article and this one explain why. There is software you can install and services you can use to try and help prevent the many infections floating around the web. Nothing is a 100% guarantee that you'll be safe, common sense plays a big role in your safety. |
|||
 |
|||
| We recommend the following products to help in your efforts to stay safe online | |||
 |
WOT
is a free Internet security addon for your browser. It will help
keep you safe from online scams, identity theft, spyware, spam,
viruses and unreliable shopping sites. WOT warns you before you
interact with a risky website. It's easy and it's free. WOT can be downloaded here |
||
|
|||
| What is
OpenDNS? OpenDNS is a free service that works for networks of all sizes, from home networks to K-12 schools, SMBs and large enterprises. It provides protection against known malware and phishing websites, along with parental control, giving you complete customization of the websites visited by any computer on your network, it can be set up here If you want to set it up on your network and need help, we can assist in setting it up via remote support, just call us to set up a remote session. |
|||
| The following articles should be required reading for ANYONE with a computer connected to the internet. | |||
| The Scrap Value of a Hacked PC | |||
| The Scrap Value of a Hacked PC, Revisited | |||
| One of the most common infections today is rogue or scareware applications, the following article is a must read, even with current anti virus software installed you're not immune to these infections. | |||
| The ultimate guide to scareware protection | |||
| The following links provide a continually updated source of info on the latest threats, along with some general information, please visit them for daily updates on the latest scams and threats. | |||
|
Threat Post, Kaspersky Labs Security News Service Sophos Security Blog Bill Mullins’ Weblog - Tech Thoughts |
|||
|
|
|||
| Current Security News | |||
| Name.com Breached, Users Asked to Reset Passwords | |||
| Domain registrar Name.com has informed its customers via email of a data breach and asked them to reset their passwords. The company, based in Denver, said it discovered a breach and customer account information such as encrypted credentials and credit card numbers may have been accessed along with customer email addresses. | |||
| Washington Court Data Breach Exposes 160K SSNs | |||
| Attackers using a vulnerability in Adobe’s ColdFusion app server were able to compromise servers belonging to the Washington State court system sometime in the last few months and walked off with data belonging to as many as a million residents of the state. The attackers had access to 160,000 Social Security numbers and the driver’s license numbers and names of a million people. | |||
| Washington Hospital Hit By $1.03 Million Cyberheist | |||
| Organized hackers in Ukraine and Russia stole more than $1 million from a public hospital in Washington state earlier this month. The costly cyberheist was carried out with the help of nearly 100 different accomplices in the United States who were hired through work-at-home job scams run by a crime gang that has been fleecing businesses for the past five years. | |||
| Scribd, "world's largest online library," admits to network intrusion, password breach | |||
| San Francisco-based document sharing site Scribd has admitted to a network intrusion. Scribd bills itself as The World's Largest Online Library, and with a suggested 50 million users or more, it's hardly surprising that the site has attracted the attention of cybercriminals. | |||
| Some iMessage Accounts Hit Hard by Mass Messaging, DoS Attacks | |||
| A handful of Apple developers have found their iMessage accounts the victim of what’s being loosely referred to as a series of denial-of-service attacks. Using rapid-fire AppleScript texts, attackers have been sending many messages at a time to about half a dozen iOS developers over the last week. | |||
| Telephony Denial-of-Service Attacks Prompt Federal Attention | |||
| The call-center equivalent of network-based denial-of-service attacks, known as telephony denial-of-service (TDoS), have targeted emergency services among other industries, enough to garner attention from the Department of Homeland Security, Federal Bureau of Investigation, Federal Communications Commission and others in an confidential alert memo, Krebs on Security reported. | |||
| Spring ushers in US tax scam season | |||
| In the US, it's spring, aka tax fraud season. To remind taxpayers to be on the lookout for scams ranging from identity theft to return-preparer fraud, the Internal Revenue Service (IRS) on Tuesday posted its Dirty Dozen list of tax scams for 2013. | |||
| Spicing up phishing attacks | |||
| Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting. | |||
| British Security Agency Found Sending Passwords in Plain Text | |||
| The Government Communications Headquarters (GCHQ), one of Britain’s top intelligence agencies, has admitted it sometimes emails passwords in plain text to those who apply for jobs on its site. | |||
| Missouri Court Rules Against $440,000 Cyberheist Victim | |||
| A Missouri court last week handed a legal defeat to a local escrow firm that sued its financial institution to recover $440,000 stolen in a 2009 cyberheist. The court ruled that the company assumed greater responsibility for the incident because it declined to use a basic security precaution recommended by the bank: requiring two employees to sign off on all transfers. | |||
| California duo charged with selling ready-to-hack Point-of-Sale systems to Subway branches | |||
| An alleged Point-of-Sale cybercrime duo from California were confronted with criminal charges late last week in Boston, Massachusetts. | |||
| Flaws in IRS Network Could Put Taxpayer Information in Jeopardy | |||
| The United States Government Accountability Office (GAO) believes that “serious weaknesses remain” in the ways that the Internal Revenue Service handles its internal network, problems that could directly implicate taxpayer data according to a report the regulatory group released on Friday. | |||
| Flaw Leaves EA Origin Platform Users Open to Attack | |||
| The latest vulnerability to be disclosed is in EA's Origin online game-delivery system, which researchers from ReVuln have shown can be exploited remotely to run malicious code on users' machines. | |||
| Reuters journalist who allegedly conspired with Anonymous hackers is suspended | |||
| A Reuters journalist has been indicted by a US federal grand jury for allegedly handing over the login credentials of his former employer, Los Angeles Times parent company Tribune Co., to people claiming allegiance to the hacker movement Anonymous. | |||
| Third-Party Applications to Blame for 87 Percent of Vulnerabilities Last Year | |||
| Third-party applications accounted for a whopping percentage of vulnerabilities last year, many more than security flaws found in Microsoft programs according to a report released this week by Danish vulnerability research firm Secunia. | |||
| Malware Discovery Forces National Vulnerability Database Offline | |||
| The website of the National Vulnerability Database (NVD) remains down today, six days after malware was reportedly found on its servers. | |||
| Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules | |||
| SophosLabs has been tracking an infection of Mal/Iframe-AL on Seagate's blog since late February. SophosLabs informed Seagate of the issue back in February, but at the time of writing the site remains infected. | |||
| Google to Pay $7M Settlement Over Street View Data Collection | |||
| Google has agreed to pay a $7 million settlement to several dozen U.S. states as part of an agreement of charges that the company was collecting private user data from WiFi hotspots while its Street View cars were driving around taking photos in various locations. | |||
| Top Credit Agencies Admit Celebrities' Data Stolen | |||
| The top credit bureaus have admitted someone accessed prominent Americans' private data by filling out bogus requests via a Web site used by millions of consumers to access free annual credit reports. | |||
| Bill Gates's social security number, address, credit report and more... published by hackers | |||
| Bill Gates is the latest celebrity to have had his personal information published on a website that has exposed the social security numbers, addresses and personal financial information of a number of people in the public eye. | |||
| Malware attack poses as security warning from Microsoft Digital Crimes Unit | |||
| Windows users - do you take your computer's security seriously? If so, you might decide to take prompt action when you receive an email seemingly from the Microsoft Digital Crimes Unit, but that would actually be a big mistake. | |||
| Oracle Issues Emergency Java Update, again | |||
| Oracle today pushed out the third update in less than a month to fix critical vulnerabilities in its Java software. This patch plugs a dangerous security hole in Java that attackers have been exploiting to break into systems. | |||
| Evernote hacked - almost 50 million passwords reset after security breach | |||
| Evernote, the online note-taking service, has posted an advisory informing its near 50 million users that it has suffered a serious security breach that saw hackers steal usernames, associated email addresses and encrypted passwords. | |||
| US ISPs launch pirate wrist-slapping campaign | |||
| Last week saw the US debut of the "six strikes" pirate wrist-slapping system, officially known as the Copyright Alert System (CAS). | |||
| Researchers claim to have found more zero-day vulnerabilities in Java | |||
| A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software. | |||
| Microsoft admits it was also hit by hackers, malware infects their Mac business unit | |||
| Late on Friday, Microsoft published a statement on its security blog revealing that it was joining the growing list of well-known companies who had suffered at the hands of hackers. Microsoft says that a "small number of computers", including some in the company's Mac business unit, were infected by malware. | |||
| NBC Website Hacked, Leading Visitors to Citadel Banking Malware | |||
| Another day, another media company hacked. This time it’s NBC which has fallen to victim hackers on the heels of compromises of the New York Times and Wall Street Journal websites. Various experts have confirmed that NBC’s website is compromised and leading visitors to the dangerous Citadel banking Trojan. The site is reportedly hosting an iframe that is redirecting visitors to sites hosting the RedKit Exploit Kit which is serving up the Citadel malware. | |||
| Zendesk Compromised, Twitter, Tumblr and Pinterest Users Affected | |||
| In the wake of high-profile compromises of companies such as Facebook, the New York Times, Apple and others, officials at Zendesk, an online customer support provider, said that the company also had been compromised and the attackers had made off with the email addresses of customers of Twitter, Tumblr and Pinterest, all of which use Zendesk's services. | |||
| Why do I get so much spam? | |||
| Why are there so many unwanted, tricky, manipulative, annoying, dangerous, and often illegal email messages going around? Because unscrupulous people can make a tidy profit mailing Spam. In 2010, Gmail spam expert Brad Taylor told Wired that “It costs $3,000 to rent a botnet and send out 100 million messages. It takes only 30 Viagra orders to pay for that.” | |||
| 15 Common Internet Scams and How to Avoid Them | |||
| The Internet is a powerful resource that connects you to the rest of the world and helps you access knowledge in the blink of any eye. It can also, however, put you in the precarious position of sussing out legitimate offers versus complete cons. These 15 Internet scams are quite popular, but you can avoid falling victim to them by learning to recognize their common red flags. | |||
| iOS Developer Site at Core of Facebook, Apple Watering Hole Attack | |||
| The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers’ forum called iPhoneDevSDK which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond the big three. | |||
| PayPal Credentials For Sale, Access Offered Via Proxy Server | |||
| An enterprising cybercriminal has opened an underground shop that peddles access to American PayPal accounts which are then accessible through an anonymous proxy service. | |||
| Infographic: Identity Fraud Hit 1 Victim Every 3 Seconds in 2012 | |||
| Nearly 13 million U.S. adults were victims of identity fraud in 2012, an increase of more than one million victims over the past year, according to a new report from Javelin Strategy & Research. | |||
| Apple patches the Java hole its own developers fell into - eventually | |||
| Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us. | |||
| Apple Breached by Facebook Hackers Using Java Exploit | |||
| Apple is the latest major American company to enter the security confessional and disclose it has been breached. The company told Reuters today it was attacked by the same crew that hit Facebook, which disclosed its breach last Friday, and that like the social media giant, no data had been stolen. | |||
| DDoS Attack on Bank Hid $900,000 Cyberheist | |||
| A Christmas Eve cyberattack against the Web site of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000. | |||
| Botnet master abuses Facebook for pocket money, researchers reveal | |||
| A Chinese hacker's main job may well be running a botnet of malware-clotted zombie PCs, but there's always time left in the day for selling fake Likes, apparently. | |||
| Point-of-Sale malware attacks – crooks expand their reach, no business too small | |||
| We've recently been tracking a set of incidents involving malware attacking Point-of-Sale (PoS) equipment. Your personally identifiable information (PII) flows into PoS devices, across PoS networks, and is processed by PoS servers, every time you pay for things without using cash. As a result, PoS equipment and the local-area networks to support it are found all over the world, in both developed and developing countries. | |||
| Facebook Says Employee Laptops Compromised in 'Sophisticated' Attack | |||
| Laptops belonging to several Facebook employees were compromised recently and infected with malware that the company said was installed through the use of a Java zero-day exploit that bypassed the software's sandbox. Facebook claims that no user data was affected by the attack and says that it has been working with law enforcement to investigate the attack, which also affected other unnamed companies. | |||
| Jawbone accounts compromised by hackers - personal info accessed, passwords disabled | |||
| Jawbone, makers of Bluetooth headsets, fitness bracelets, and neat Jambox portable speakers, has warned that hackers managed to break into its systems, and accessed the names, email addresses and encrypted passwords of users. | |||
| Malware injected into legitimate JavaScript code on legitimate websites | |||
| As recently mentioned in the Sophos Security Threat Report, 80% of the websites where we detect malicious content are innocent sites that have been hacked. | |||
| Exploit Sat on LA Times Website for 6 Weeks | |||
| The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks. | |||
| TV hackers announce dead are rising | |||
| The emergency broadcast system was "hacked" and viewers of the "Steve Wilkos Show" got an alert that "dead bodies are rising from their graves." | |||
| Flickr Bug Makes Private Photos Public | |||
| Flickr has reportedly sent out an email to users whose private photos may have been publicly accessible, or vice versa, because of a bug in the website. Privacy settings on the photos were changed for nearly a month. | |||
| Report: Malvertising Campaign Thrives on Dynamic DNS | |||
| A malvertising campaign that’s lasted almost half a year is staying alive thanks to infected web advertisements being circulated by otherwise clean ad networks. | |||
| Yahoo! Pushing Java Version Released in 2008 | |||
| At a time when Apple, Mozilla and other tech giants are taking steps to prevent users from browsing the Web with outdated versions of Java, Yahoo! is pushing many of its users in the other direction: The free tool that it offers users to help build Web sites installs a dangerously insecure version of Java that is more than four years old. | |||
| Security Firm Bit9 Hacked, Used to Spread Malware | |||
| Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known “safe” files from computer viruses and other malicious software. | |||
| Ex-President Bush doxed - family photos, personal email, bathtub portraiture leaked | |||
| A hacker using the alias "Guccifer" has claimed responsibility for hacking the Bushes, aka the political family that gave the US its 41st president (George H.W. Bush) and its 43rd president (George W. Bush). | |||
| Former Employee Charged With Accessing Thousands of Driver's Licenses | |||
| A former Minnesota state employee was charged Thursday with misdemeanors for allegedly accessing thousands of driver's licenses during a four-year period and storing 172 of them in an encrypted file. | |||
| Home | About Us | Security Alerts | News | Parts & Repairs | Services | Service Request | |
| Products | Remote Support | Testimonials | Directions | Employment | Contact Us | |
| Copyright© 2007 Tech-N-Go. All rights reserved. | Legal | Privacy Policy | Site Map |