Unpatched critical Java vulnerability in latest patched version of Java?

Sun Microsystems JavaNo, this is not a repeat from the other day, or last month, or well, ever.

The Department of Homeland Security’s suggestion to disable Java in your browser, whether you are using a Mac, Linux box or Windows PC is still probably the best route for you to take, but I know you won’t.

Here’s the details….  As I warned our customers – the patched version of Java 7 is *still* vulnerable to exploitation.

To make it even more interesting, the exploit is available for the “bad guys” to purchase and use for a mere $5k.

You can read that story over here: $5000 will buy you access to another, new critical Java vulnerability

Again, to anyone reading this…  If you can get along without it, you might consider the advice to disable the Java plugin. If you need assistance with that, please let us know.  Optionally, if you feel your computer may have been exploited, seek professional technical support. We are happy to discuss the matter with you here in the Greenville SC area.  Give us a call at 864-990-4748.

Be safe out there…

 

2

Homeland Security advises disabling or uninstalling Java – With good reason…

Sun Microsystems Java

This week, the Department of Homeland Security suggested disabling or uninstalling Java based on a CERT publication where they announced Java 7 fails to restrict access to privileged code. That original posting has been updated as recently as today, January 12, 2013.

What does it all mean?

Well, in a nutshell, if you have the vulnerable version of Java on your Mac, Windows or Linux PC and happen upon a nasty bit of code designed to exploit the Java “zero day” vulnerability, your machine can be completely taken over.

Right now, the web forums are abuzz with tales of Apple Mac jackings, Linux anommolies and Windows x malware.  The numbers of postings have ramped up considerably over the last couple days, leading me to believe this is a valid concern.

We recommend that no matter which platform you are on, that use use extreme caution while browsing and consider disabling Java on your browsers as well.

Here’s what CERT has to say: (taken from the article linked above)

Solution

We are currently unaware of a practical solution to this problem. Please consider the following workarounds:
Disable Java in web browsers

Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. Please see the Java documentation for more details.
Note: Due to what appears to potentially be a bug in the Java installer, the Java Control Panel applet may be missing on some Windows systems. In such cases, the Java Control Panel applet may be launched by finding and executingjavacpl.exe manually. This file is likely to be found in C:\Program Files\Java\jre7\bin or C:\Program Files (x86)\Java\jre7\bin.
Also note that we have encountered situations where Java will crash if it has been disabled in the web browser as described above and then subsequently re-enabled. Reinstalling Java appears to correct this situation.
System administrators wishing to deploy Java 7 Update 10 or later with the “Enable Java content in the browser” feature disabled can invoke the Java installer with the WEB_JAVA=0 command-line option. More details are available in the Java documentation.

 

If for any reason you believe your machine may have already been exploited, contact an service professional immediately.

If we can assist you with this, please let us know. We provide computer service and repair in the Greenville, Spartanburg and Anderson Upstate area.

You can call us at 864-990-4748 M-F, 8:30 – 5:30.

2

Commodore Amiga, C64 computers make a return…. Sort of…

Commodore Amiga!

No, this isn’t a Mac mini….  It’s an Amiga….  And for only $2495, you can buy one.

And starting at $1295, you can get the C64X Supreme!

No, I didn’t leave out a decimal point.

Here’s the whole story: http://gizmodo.com/5895462/

 

 

Conspiracy theory – Anti-Virus companies are the ones releasing viruses

I bet at some point, you thought to yourself, “The same companies that provide anti-virus programs are also the people who write viruses.”

The logic behind that is, if Symantec releases viruses, then people need anti-virus software, right?

If I had a quarter for every time I had heard that, I would easily have enough for a steak dinner!

I don’t believe that to be true, any more than the companies that sell police radar guns, also sell radar detectors.  No wait, that was true, but I digress. As much as a conspiracy theorist as I am, I don’t believe that it is in the best interest of an anti-malware company to release malicious software. There’s enough people out there doing that for free already that the likes of a Trend Micro would not need to risk everything on that kind of activity.

However, with that being said, an interesting tidbit in the news is that John McAfee, the guy who McAfee anti-virus security is named after, has apparently admitted that he intentionally infected notebook computers which were provided to law enforcement and government officials. John McAfee has nothing to do with the current McAfee company, but these admissions sure have caused blogs and web forums world-wide to light up with “I told you so!” type comments.

Read the whole story over on nakedsecurity.

One thing is for sure – if anyone gives me a free notebook computer, I’m going to immediately wipe it and reload the operating system!

 

 

 

1

DNS Services Managed DNS Backup Business Services bill

We’ve heard from many of our clients that a company called DNS Services (www.DNSsvc.com) has been sending them letters that appear to be invoices. Some clients have attached copies of the bills that they have received even.

However, Pamela’s other business, McAbee’s Custom Carpets received their own the other day.

The “bill” looks like you own $65.00 for “DNS Failover for 5 A Records”, etc. At the bottom of the letter it has a section that reads, “Please detach and return this portion with your payment”.   It states that it is due “Upon Receipt” and lists an account number and Amount of $65.00.

It goes on to say, “Make checks payable to: DNS Services, Inc”.

However, it does state above the bottom section:

“This is a solicitation for the order of goods or services, or both, and not a bill, invoice, or statement of account due. You are under no obligation to make any payments on account of this offer unless you accept this offer”

If you receive one of these “bills”…  Promptly toss it in the trash.  It is about as useful as “Domain Registry” letters you get telling you to renew your domain (through them).

DNS Services bill invoice scam

Here’s what the bogus / scam letter looks like….  Simply ignore it.

Happy New Year from Homeland Secure IT!

And we’re back!!!!

We’re two days into the new year – what do you think of 2013 so far?

We’re hoping this will be a fantastic year for Homeland and for our friends, family and clients!

If there is anything we can do to assist with your computer or network needs, please do not hesitate to call upon us!

Goodbye 2012 – Hello 2013! Happy New Year from Homeland Secure IT!

Happy New Year 2013

 

Looking back over 2012, I am one to see the good, not so much the bad.  Call me an optimist.

Here’s a few of the wins that Homeland Secure IT and our family saw….

  • Homeland Secure IT celebrated our 3 year anniversary – yea us and thank YOU!
  • New partnerships with vendors were formed
  • New skills were acquired by myself and technicians
  • A couple large deployments were planned and executed successfully
  • A few great clients came on board
  • Pamela and I celebrated our 6th anniversary – We’re newlyweds still!
  • Megan was legally adopted as my daughter
  • Our son’s HS football team finished their season with a number of super wins
  • I formed a new band (Hot As A Pepper) and we’re having a blast
  • We attended and participated in a cool whole-cow roast thing (Bovinova part 2)
  • Our daughter started her second year at Converse College
  • Pamela’s mom had a pacemaker implanted and is rocovering nicely
  • We made new friends
  • We have some new toys
  • We had you in our lives!

I guess 2012 was full of win!   Thank you all for sharing it with us!

 

Here at Homeland, we are going to take off Monday, the 31st and the 1st. If you need us, you can call and leave a message or email and we will get with you quickly!

If you are looking for something to do on New Year’s Eve, come check out my band at The Lighthouse in Seneca from 9:30 to 12:30.   35 dollars a person for a great time!  Check out their facebook page for more information.

Happy New Year to you… May 2013 be filled with goodness!!!!

 

An attempt to unlock the computer by yourself will lead to the full formatting of the operating system…

Here’s a scary message to get on your computer: “An attempt to unlock the computer by yourself will lead to the full formatting of the operating system. All the files, videos, photos, documents on your computer will be deleted.”

If you are using a Microsoft Windows based computer, or even a Mac running Windows on it, and you become infected with the latest strain of Reveton / Trojan.Ransomlock.G, that is the message you might see.

Whatever you do – do not pay the “ransom” to unlock your PC, that is a scam as well.   This isn’t just extortion, this is an attempt to harvest personal credit information.

Protect yourself from infection by running current and reliable anti-virus, such as Trend Micro, and be sure to keep your computer up to date. Updates and patches are constantly being made available for your operating system, support software (Java, Adobe Flash, Adobe Reader, Microsoft Office), and these updates should not be ignored.

Should you find yourself infected, please call us at 864-990-4748 as we are specialists in virus removal here in the Greenville Anderson Spartanburg area.

 

‘Twas the night before Christmas – Old school computer version

I first read this story on a University of Arkansas computer system sometime before 1985 and promptly typed it up and put it on my BBS (Non-Prophet BBS) for people to read. I have sent it in email, and “snail mail” for the last 25 years or so…  I still get a kick out of it.   If anyone knows the author, please contact me so I can give credit and thank them. – John M. Hoyt

‘Twas The Night Before Christmas – Computer Version

‘Twas the night before Christmas, and all through the shop,
The computers were whirring; they never do stop.
The power was on and the temperature right,
In hopes that the input would feed back that night.

The system was ready, the program was coded,
And memory drums had been carefully loaded;
While adding a Christmasy glow to the scene,
The lights on the console, flashed red, white and green.

When out in the hall there arose such a clatter,
The programmer ran to see what was the matter.
Away to the hallway he flew like a flash,
Forgetting his key in his curious dash.
He stood in the hallway and looked all about,
When the door slammed behind him, and he was locked out.

Then, in the computer room what should appear,
But a miniature sleigh and eight tiny reindeer;
And a little old man, who with scarcely a pause,
Chuckled: “My name is Santa…the last name is Claus.”

The computer was startled, confused by the name,
Then it buzzed as it heard the old fellow exclaim:
“This is Dasher and Dancer and Prancer and Vixen,
And Comet and Cupid and Donner and Blitzen.”

With all these odd names, it was puzzled anew;
It hummed and it clanked, and a main circuit blew.
It searched in its memory core, trying to “think”;
Then the multi-line printer went out on the blink.

Unable to do its electronic job,
It said in a voice that was almost a sob:
“Your eyes – how they twinkle – your dimples so merry,
Your cheeks so like roses, your nose like a cherry,

Your smile – all these things, I’ve been programmed to know,
And at data-recall, I am more than so-so;
But your name and your address (computers can’t lie),
Are things that I just cannot identify.

You’ve a jolly old face and a little round belly,
That shakes when you laugh like a bowl full of jelly;
My scanners can see you, but still I insist,
Since you’re not in my program, you cannot exist!”

Old Santa just chuckled a merry “ho, ho”,
And sat down to type out a quick word or so.
The keyboard clack-clattered, its sound sharp and clean,
As Santa fed this “data” into the machine:

“Kids everywhere know me; I come every year;
The presents I bring add to everyone’s cheer;
But you won’t get anything – that’s plain to see;
Too bad your programmers forgot about me.”

Then he faced the machine and said with a shrug,
“Merry Christmas to All,” as he pulled out its plug,
“And to all, a good night!”

Merry Christmas everyone!

We’re still here….. Right?

I might be jumping the gun a bit, but I think we survived the end of the world, for now.

Here’s a video that explains why the world didn’t end….

 

I was using this as an excuse for not doing any Christmas shopping.  Seriously though, do you think some people figured the world was ending, so they ran their credit cards up to the limit, thinking they would not have to pay them off?  I’m thinking they did.