In the last 24hrs, I have spoken with or assisted at least 3 people who have become infected due to opening a malicious email.
One of them was my wifey, Pamela, who received an email from the US Postal Service stating that her package had been refused and to open the attached file for details. Due to her old Microsoft Windows Vista system which without question should be updated, the payload from the trojan was dropped and she was without her computer for 3 hours while over 300,000 items were scanned again and again and her icons restored so she could use her desktop.
What is happening is a bit of social engineering. The emails appear to come from someone you trust, in this case the Post Office, and they appear to have important information, just too good to pass up. A busy worker may be momentarily fooled, and likely, at the very moment they click on the item, they think, “Ohhh I bet I shouldn’t have done that”, but it is too late.
- How can you keep from becoming a victim of this type of exploit?
- Avoid using unpatched Microsoft Windows systems! When updates are released, install them.
- Install all updates to important applications, such as Microsoft Office.
- Install all updates to Adobe Reader, Flash, Acrobat, and to JAVA.
- Keep current and trustworthy anti-virus such as Trend Micro Titanium 2012 on all your computers.
- Use caution when opening attachments. Ask yourself why the USPS would be sending you and email and why would the information be in an attachment before clicking on it.
Before I get responses such as “Macs do not have that problem”, yes, Apple Mac OS X does have that problem. We have dealt with almost as many Mac security issues this year as we have Windows 7. Regardless of the Operating System, a little common sense and preventative maintenance goes a long way!
Should you need help with a virus cleanup or virus removal for your personal computer or your business, we can help. We also partner with Trend Micro to offer Worry-Free, Trend Micro Titanium, and the entire outstanding line of Trend Micro anti-virus, anti-spyware, anti-spam and anti-everything software, just give us a call at 864.990.4748 or email info@homelandsecureit.com.
- Homeland Secure IT Alert
Homeland Secure IT Alert for Thursday, October 28, 2010
In the news today you will find that a new variant of the infamous Koobface is making the rounds via social media sites such as Facebook, Twitter and Myspace.
Unsuspecting users are enticed to click a video link in a direct message which links to a bogus YouTube page where they are presented with a thumbnail of the video, which when clicked runs a JAVA applet, and the user will then accept it, thinking they are going to see the greatest video ever. Instead, they get a blank screen more times than not, and have just given access to their computer to the bad guys.
According to various sites, the applet affects Linux and Mac in a different manner than the Windows based systems because it remains running longer, giving attackers a long time to exploit the machine for evil purposes. (So all that wonderful uptime you get from a *nix machine works against you as a Microsoft Windows machine gets rebooted more frequently).
It is suggested that you keep your operating systems updated, your JAVA updated, and keep current and quality anti-virus products on your computer such as Trend Micro. Even an anti-virus package like clamAV is advised over nothing at all. Mac and Linux users need to be very aware that the good old days of running “bareback” are over.
As always, avoid sketchy sites, don’t run JAVA apps unless you trust them. If you are on social media, use some common sense and don’t click on odd looking links, even if they come from your friends.
If you feel you may have been compromised, contact a computer service professional immediately. If you need assistance in Greenville or Upstate SC, we provide complete computer service, virus removal and cleanup and sales of Trend Micro and Symantec security and anti-virus software. 864.990.4748
Homeland Secure IT Alert
Homeland Secure IT Alert
Homeland Secure IT Alert for Friday, October 22, 2010
Apple has issued two advisories which outline Java security updates for OS X 10.5.x and OS X 10.6.x (Tiger and Leopard). These advisories warn of several vulnerabilities in the OS X Java components (a total of 10). There are updates out to address a few of the flaws, however, many still pose a serious risk according to WatchGuard’s security bulletin.
Not to be outdone, Mozilla released a Firefox update fixing close to 13 vulnerabilities in their browser and that is across all platforms, including Mac OS X, Microsoft Windows and Linux…
In both cases, these updates attempt to correct vulnerabilities which exist that could allow your computer to become exploited by visiting a malicious website, or following a link to a malicious website. The solution is to apply updates from Apple to your OS as well as update the Firefox browser. By “exploited”, it means, your computer could have malicious software loaded on it that would give the attacker anything from read access, to absolute, total control, as in a “rootkit” which may be difficult to detect. Some rootkits and keygrabbers have been running undetected on computers for months, even years.
It is always a good idea to avoid unknown sites, and not open random links sent to you by unknown/untrusted sources.
Another must-have is quality anti-virus / anti-malware such as Trend Micro. Their Titantium Security for Microsoft Windows machines and Total Online Protection for Apple Mac systems are affordable and will help you avoid a costly and inconvenient virus cleanup or removal, as well as prevent your valuable data from falling into the wrong hands. We can provide you with these fine products!
If you need assistance with any computer or network security issue, anti-virus, anti-spam, or even a virus removed from your system, please call us at 864.990.4748 or email info@homelandsecureit.com
—
More information about these updates are here:
Apple Java 10.5 Update 8: http://support.apple.com/kb/HT4418
Apple Java 10.6 Update 3: http://support.apple.com/kb/HT4417
Mozilla Security Advisory 2010-67: http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
Homeland Secure IT Alert
Today we had a young lady come into our office with a severely infected notebook. It had multiple rootkits, trojans, spyware, etc….
The computer did not have updates on it for the Microsoft Windows Operating System, Microsoft Office, or Adobe Reader / Flash / Air. Nor did it have the latest Java on it. Anti-Virus was handled by AVG (Free).
Vulnerabilities in the operating system and applications were the likely culprit that allowed the malware in, but either way, the computer was badly infected, and data possibly compromised.
Please, use Microsoft Update on your PCs and make sure your Adobe products and Java are up to date! That, combined with quality anti-virus like Trend Micro Internet Security, Trend Micro Worry-Free Business Security, etc, may protect you from a costly infection and provide much greater security for your personal and/or company data.
If you think for a moment that your computer may be compromised, be sure to contact your computer service professional! Don’t take a chance with your security.
Homeland Secure IT offers complete computer, server & network support, repair, security & sales in Greenville and the Upstate of SC. Please call 864-990-4748 or email info@homelandsecureit.com for more information or a free evaluation! Our typical virus cleanup / removal rates are very competitive with rapid turnaround!
