1

“We’re from the government and we’re here to help!” – FBI in regards to removing Coreflood from infected computers

The FBI seized control of the Coreflood servers a couple weeks ago, drastically reducing the traffic that was being generated by the large botnet by stopping the update of the bot clients. This will allow anti-virus programs to begin to discover the presence on infected machines and hopefully remove it.

That’s awesome, but what’s next? The FBI is seeking to uninstall the malicious software, remotely, with the approval of the computer owners, or to optionally provide instructions for the removal to those affected.

Would you want the government accessing your computer in any way? I would love to hear your thoughts.

More information can be found here: http://www.ibtimes.com/articles/138659/20110427/coreflood-fbi-botnet-virus-microsoft.htm

If you feel your machine may be infected, please seek professional help immediately to insure your privacy remains intact and your system is not responsible for further spread of malicious software. You can call us at 864.990.4748 or email info@homelandsecureit.com – we provide computer and network security support in the Greenville and Upstate, SC area.

 

2

Password for life? Yeah, maybe…

I just read an interesting blog post over on http://www.baekdal.com/tips/password-security-usability which gives a good case for not using random letters, numbers, case and special characters… The writer claims the password of “this is fun” would take about 2500 years to hack.

Most business security policies require passwords that are a minimum of 8 characters, with upper and lower case, numbers and special characters, and on top of that, they require you to change your password every so many days.  Yes, very annoying, and people find not-so-creative ways to circumvent the password changes. For instance, if your password is “Fubar#70”, when prompted to do so, you may enter “Fubar#71” the next time, and just keep incrementing it.

But, if this person is right, and an 11 character, all lower case password would take hundreds of years to hack, then maybe businesses should rethink their security policies regarding passwords?

Three simple words like “pass the gravy” would be far more secure than your “Fubar#70”, in fact go to this URL and give it a try…  http://howsecureismypassword.net/

For the record, all my passwords are “p455w0rd” because I know nobody will ever guess that.

 

Spring Cleaning??? Pffffffthththt

Every year about this time, millions of people spend hours or even days cleaning up their computers. They weed through mail, files and other data, trying to determine what is to be kept and what should be deleted.

I suggest NOT cleaning. Sure, you can ORGANIZE, but why risk losing an important file?

External hard drives are inexpensive and easy to connect, as in plugging in! Then you can use the built-in archive functions in your Microsoft Outlook to move mail to a .pst file that can be saved to the USB drive.

I also advise using MULTIPLE means of archiving, whether it is a DVD disk and a USB drive, or two USB drives, just something that will be stored elsewhere. You could try one of the various cloud computing solutions as well, like DropBox…

With files stored on your system, say in the Documents folder, you can sort them by the date they were last modified and then move them to an external drive. Again, having data in more than one place is always desirable. You can never have too many backups in my humble opinion!

What do YOU do to archive your data, mail or do you? Do you just delete it?

 

Trend Micro has released WFBS 7.0 Patch 1 Build B1435 



If your business depends on Trend Micro Worry-Free Business Security, Advanced or Standard, then you should have received notification that WFBS 7.0 Patch 1 Build B1435 is now available.

The patches that have been released by Trend Micro allow for better integration into Microsoft Windows Small Business Server 2011 for one thing, but also fix important issues which have been reported.  Even if you are not experiencing the issues, such as slow saves of Microsoft Office documents, you should install the latest patch.

It is available from the Trend Micro download center, or you can call upon your favorite computer & network service and support experts to apply the patch to your server/s.

Should you wish to try Trend Micro WFBS for your business, or require assistance, we are a Trend Micro partner offering sales and support to Greenville and the Upstate of SC. Email info@homelandsecureit.com or call 864.990.4748 for more information

Homeland Secure IT will be taking Good Friday off!

What Friday isn’t good when you take it off?

Seriously though, in observation of Easter weekend, Homeland Secure IT will not open the office on Friday so everyone can spend time with family. We WILL be available via email and phone. Should the need arise, please do not hesitate to call us on Friday.

Have a very pleasant holiday weekend!

 

ShredDisk is offering FREE hard drive destruction at the Greenville Grow Expo!

Our friend Brent with ShredDisk is offering free hard drive shredding and computer recycling during the Grow Expo event on May 17th!

Please read his blog post at http://www.shreddisk.com/blog/?p=146

Hard drive destruction remains the only 100% effective way to insure your data is protected when decommissioning a hard disk drive and this is a great opportunity to get rid of one you might have laying around from a computer upgrade or replacement.

If nothing else, be sure to stop by and see how it works!

What doesn’t kill you… Doug Aamoth sticks tweezers in a wet surge protector.

Occasionally I find a product claim so outlandish that I scoff at it. When I saw the Wet Circuits surge protector claims a while back, I thought how I wouldn’t do what they were doing in the video. (If you have not seen their videos, they demonstrate them by sticking tweezers into them while they were wet, as in under water).

I even shared the link with a few people, and they too laughed at the thought. Some considered that there were ground fault breakers in place, but, the lights remained on, etc.

Welllll, one guy decided he would test it:

http://techland.time.com/2011/04/14/two-minute-video-wherein-i-stick-tweezers-into-a-wet-surge-protector/

Great little video…  And no, I’m still not going to test this power strip in that manner!

 

1

Bovinova…. That is all….

Today starts the epic culinary event of the season… Bovinova.

This thing is going to be a blast. But, unfortunately, I can’t tell you about it, until after the event.   There will be fire, meat, swords (not meat swords though), entertainment and a good time will be had by all.

The presenters have been working on this for months, and starting about now, and all through the night and into tomorrow, they will prep.

I’m just glad to be a part of it, but sorry I can’t tell you about it =)

A video link will be up in a bit at http://www.Bovinova.com   and you can follow the #bovinova hashtag for more info.

1

Did you know Homeland Secure IT is a Microsoft Authorized Education Reseller? #Greenville #Upstate

Microsoft Authorized Education ResellerIf you are needing Microsoft products for your school in the Greenville / Upstate SC area, Homeland Secure IT may  be able to save you money…

We are able to offer academic priced software through Microsoft Academic FPP, Open Agreement and School Subscription. The discounts can be substantial when compared to retail pricing!

To find out if your organization is qualified, or for Microsoft sales & support, please contact us at info@homelandsecureit.com or call 864.990.4748×201.

1

“Privacy Bill of Rights” perspective from the WatchGuard blog

The following blog post is from the WatchGuard Security Center, posted by Chris McKie….

 

The “Privacy Bill of Rights” – A WatchGuard Perspective

Chris McKie | April 12, 2011 at 12:50 pm | Tags: Compliance, Privacy Bill of Rights, Regulation, Security Law | Categories: Editorial Articles | URL: http://wp.me/pVP8E-8K

“Whenever industry fails to self-regulate, government will fill the void with legislation.” You can quote me on that.

Currently, the security industry fights a war on many fronts. On one end of the spectrum, we have industry regulations, such as PCI DSS, which helps mandate how credit card/payment card information is secured. On the other end, we have government regulations, such as CIPA (Children’s Internet Protection Act) or HIPAA (Health Insurance Portability and Accounting Act), which regulate data protection for schools, libraries and health care providers.

Now, we face one of the largest government acts of its kind, the “KerryDraft – Privacy Bill of Rights.” Although it is not law now, should it become law, businesses and consumers will see broad and sweeping changes to how consumer data is managed and protected.

Here are the key tenets of the Privacy Bill of Rights:

• Right to Security and Accountability
• Right to Notice and Individual Participation
• Right to Purpose Specification; Data Minimization; Constraints on Distribution; Data Integrity
• Voluntary Enforceable Codes of Conduct Safe Harbor Programs
• Co-Regulatory Safe Harbor Programs
• Application with other Federal Laws
• Development of Commerce Data Privacy Policy in the Department of Commerce

Obviously, this is a lot to digest for businesses and consumers. Here, I will break these points out in greater detail and provide in-depth analysis and commentary so that you can better understand the impact of this Act.

A year ago, Senators Kerry and McCain would have faced an uphill battle in pushing this legislation forward, but given the latest high-profile security fumbles (need I say Epsilon?), it follows that this Act may very well become the next big regulatory change for the industry. Stay tuned!

How do YOU feel about this? Go over to the WatchGuard blog and read this article and any follow-ups that may be made: http://watchguardsecuritycenter.com/2011/04/12/the-%E2%80%9Cprivacy-bill-of-rights%E2%80%9D-%E2%80%93-a-watchguard-perspective/#comment-333

I for one do not find this to be a step in the right direction.