22/2/10 Stay Smart Online Alert Service

The Stay Smart Online Alert Service is a free subscription based service that provides home users and small to medium enterprises with information on the latest computer network threats and vulnerabilities in simple, non-technical, easy to understand language.  It also provides solutions to help manage these risks.

The Stay Smart Online Alert Service is also available through the Stay Smart Online website: http://www.staysmartonline.gov.au/ 

To learn more about how to use and make the most of the Stay Smart Online Alert Service, consult the Stay Smart Online User Guide (File size: 319Kb) or read the Frequently Asked Questions.

11/2/10 Malicious media files could deliver exploits

Do NOT open any media files — regardless of whether you were expecting them — until you apply this critical Windows patch. The patch for this vulnerability is rated "Critical" for all client versions of Windows and for most server editions as well.

MS10-013 (977935, 977914, 975560) Opening AVI files may allow remote-code attack

Out of all Windows patches released this week by Microsoft, the one you should apply immediately to all the PCs you manage addresses a hole in Microsoft DirectShow.

MS10-013 (patch 977935) targets a vulnerability that allows maliciously-designed AVI and WAV files to take over your PC via remote-code execution. If your system has the vulnerable AVI filter and DirectX components, it may also be offered 977914 and 975560.

21/1/10 Internet Explorer Vulnerability

Microsoft is scheduled to release an update that fixes the Internet Explorer vulnerability behind the recent, highly publicized cyberattacks on Google and other major corporations. The sophisticated "Aurora" exploit is delivered through common file attachments or links — typically in e-mail or other messages that appear to come from trusted sources — but proven security measures and a little common sense can negate all such threats.

The first reports of the cyberattacks that prompted Google to threaten withdrawal from China were alarming indeed. So was Microsoft's first official response, in MS security bulletin 979352, which described the scope of the newly discovered IE vulnerability.

The flaw permits remote code execution by what Microsoft describes as a "specially crafted attack" that affects most versions of Internet Explorer.

Preventive measures 

In order to mitigate the threat, enabling Protected Mode in IE 7 is imperative. (Protected Mode is on by default in IE 8.) To enable IE Protected Mode in Vista and Win7, click Tools, Internet Options, Security and check the Enable Protected Mode option at the bottom of the window, as shown below (Protected Mode is not available in XP.)

Check the box labeled Enable Protected Mode on the Security tab of IE's Options dialog to guard against malware attacks.

Microsoft's security advisory suggests that you also can thwart these types of attacks through a number of additional, fairly drastic measures such as disabling JavaScript in IE, configuring IE to prompt before running Active Scripting and Active X controls, or even disabling these features completely.

However, wiithout those features on, you're forced to click through a barrage of pop-up prompts, which makes browsing one big annoyance.

Read the fullstory here: http://windowssecrets.com/

5/12/09 Who Gets Your Personal Information on Facebook?

Before you click to play that game, join a cause or accept that gift, you should read this article so you are fully aware of the information you will be passing on to companies who are under no obligation to respect your privacy.

Read the full story here: http://billpstudios.blogspot.com/

27/11/09 Symantec Online Store Hacked, Passwords And Serial Numbers Potentially Exposed

A self-proclaimed grey-hat hacker has located a critical SQL injection vulnerability in a website belonging to security giant Symantec. The flaw can be leveraged to extract a wealth of information from the database including customer and admin login credentials, product serial numbers, and possibly credit card information.

Read the full story here: http://cyberinsecure.com

19/11/09 Trojan claims to be Microsoft virus alert

Beware of e-mail "alerts" supposedly from Microsoft. The messages indicates that the Conficker worm is infecting users again and urged you to check your system for viruses by opening the .zip file attached to the e-mail.

The .zip file is not a virus scanner but aTrojan - Microsoft never sends files or alerts via e-mail. Even when the company sends you a hotfix for a specific problem you've asked about, you're directed to a Web page. At that location, you download the hotfix by entering a Microsoft-supplied password that's required to open the file.

It is recommend that you use Microsoft's free Security Essentials antispyware program, which you'll find on the product's page, never open or download an unexpected .zip file attached to an e-mail from any source.

13/10/09 Facebook is 'gold' for identity thieves

Social networking sites such as Facebook are "gold" for identity thieves, an international forum has been told. International experts on identity crime are in the Gold Coast for a symposium to discuss the latest innovations in combating the growing global problem of identity theft.

Identity theft costs Australia around $3 billion a year.

Detective Superintendent Brian Hay, from Queensland's Fraud and Corporate Crime Group, says fraud is the most under-reported crime type, largely because victims often feel so embarrassed.

Supt Hay said one of the richest fields for global identity harvesters are social networking sites like Facebook.

"Anyone who joins a social networking site can have a look at random almost, and pick up people's dates of birth, where they work and family details," he said.

"That's gold to people who want to steal identities."

He said computer hackers were writing programs to reap identity information on social networking sites.

"We know the crooks are harvesting identity data and building empires of massive identity warehousing stocks," he said.

"We know they're writing data-mining programs to extract information from various sources, pull it together and build profiles on people.

"Today it may be Facebook but what's tomorrow?

"We've got Twitter, it's live by the second. It's an issue we need to address."

Read the full story here: http://au.news.yahoo.com/

10/10/09 Hoax Email Warnings

How often do you receive a email from well meaning friends warning of some catastrophic virus about to be unleashed? In almost every case these are false reports about non-existent viruses, many claiming to do improbable things. Certainly there have been quite viruses that masquerade as e-cards and the like, but you can usually guarantee that by the time an email like this does the rounds, the damage has already been done.

Before forwarding on warning emails, check here to see whether it really is genuine:

http://www.hoax-slayer.com/virus-hoaxes.html

You may notice that most of these warning emails arrive with all the addresses of the other recipients clearly visible to everybody. The best favour you could do your friends, including the person who sent the email to you, is advise them how to use the BCC field when forwarding emails to multiple addresses. Emails like this are a gold mine for spammers who can harvest the entire collection of addresses for their databases. If you don't know how to use the BCC (or even what BCC means), you can find out here:

http://www.wikihow.com/Use-BCC-in-an-Email

29/9/09 Tweak to Improve Windows Performance

A surprising number of Windows problems are resolved by just cleaning up the Windows Temporary Internet Folder. Full details on how to do this are available at this link:

http://billpstudios.blogspot.com/

26/9/09 Facebook users warned of wall worm

There are reports of a worm spreading on Facebook, hijacking wall posts and threatening to compromise users' computer security. The worm is similar to one that infected accounts on microblogging site Twitter earlier this week, according to reports on the US-based social media blog Mashable.

Users can be vulnerable if they click a link in their news feed which appears to be from a friend. The text before the link reads: "lmao! i cant stop laughing at you in this pic, when did you do this?" Do not click the link. People who have already clicked it should "immediately change [their] password, delete all of the malware posts, and post a warning to not visit the link in question".

Facebook is a global social networking site that allows users to add friends, send them messages, and share content such as photos. The worm appears to capitalise on the common practice of uploading potentially embarrassing photos of one's "friends" to the platform.

17/9/09 Windows Updates essential to safe browsing

This month's security patches for Windows are a reminder that even the sites we trust can be sources of malware infections. Microsoft security bulletin MS09-047 (973812) patches a hole that allows infected, downloaded media files to gain complete control of your system.

More and more sites — even popular ones such as Facebook — have unknowingly hosted malicious banner ads, which is one way these media files can infect you. Microsoft's Security Research & Defense blog predicts that this vulnerability will likely be targeted by such exploits within the next 30 days.

Vista and Windows 7 have some protection against these attacks, but you should download and install MS09-047 immediately to stymie them completely, especially if you use XP.

If, for some reason, you can't install this patch, remember that even sites you think of as trustworthy might serve a malicious banner ad from a third-party ad host. The safest course of action is for you to apply this patch and use a browser other than IE, such as Firefox, Chrome, or Opera.

Read the full article here: http://windowssecrets.com

17/9/09 Prevent keyloggers from grabbing your passwords

Strong passwords are important, but even the best password won't keep you safe from keyloggers — hardware and software that's designed to secretly record your keystrokes. Fortunately, there's a way you can enter sensitive data so it's extremely difficult for snoops to extract your passwords from keylogger files. Even the strongest passwords can be recorded by keyloggers. These are software and hardware products designed to capture computer events and store them in a log file.

Read the full article here: http://windowssecrets.com/

24/8/09 Facebook - Be Careful What You Click On!

Facebook isn’t by its nature a danger. The problem is anytime something is popular it becomes target for the bad guys.  Malware authors and privacy thieves have found fertile ground on Facebook for new tricks and methods to infect computers. It’s not uncommon for friends to have their password compromised and suddenly they become an unwitting accomplish in spreading malware.

What most people don’t realize is that “Applications” aren’t part of Facebook. They’re created by 3rd party companies. When you agree to downloads an application, you share your info with a company which may have a completely different security and privacy terms as Facebook.

If you think only your friends will have access to your profile information think again. This week it was revealed in a simple video how easy it is to steal personal info.

Read the full article here: http://billpstudios.blogspot.com/2009/08/facebook-may-not-be-for-everyone.html

8/8/09 4 steps to protect your computer

Microsoft has many useful resources available on it's website, this is one of them.

http://www.microsoft.com/security/

From this link you can find out more about:

• Firewalls
• Operating system updates
• Antivirus software
• Antispyware technology

7/8/09 Creating Hacker-Proof Passwords

Your online accounts, computer files, and personal information are more secure when you use strong passwords to help protect them. A strong password should appear to be a random string of characters to an attacker. It should be 14 characters or longer, (eight characters or longer at a minimum). It should include a combination of uppercase and lowercase letters, numbers, and symbols.

For tips on how to create passwords and pass phrases that are easy for you to remember but difficult for others to guess. a strong password checklist, and more, read
Strong passwords: How to create and use them.

You can see whether your current passwords — you do use more than one of course? — are rated "strong" by using Microsoft's online Password Checker. I bet you'll be unpleasantly surprised by the results.

http://www.microsoft.com password checker

21/7/09 Clampi Trojan can steal online banking data from YOU

Hundreds of thousands of Windows computers are believed to be infected with a Trojan called "Clampi" that has been stealing banking and other log-in credentials from compromised PCs since 200. It infects computers in drive-by downloads when people visit Web sites hosting malicious code that exploits vulnerabilities in browser plug-ins Flash and ActiveX, said Joe Stewart, director of malware research for the Counter Threat Unit of SecureWorks. When the infected computer is used to access a targeted banking or other site, the log-in and other information is stolen.

The information stolen by Clampi is sent from the victim PC to a Web server controlled by the attackers using a randomly-generated session key with 2048-bit RSA encryption. This technology is used to obfuscate data being stolen, so that in theory, only the attackers who have the encryption key can intercept or read the stolen data. Clampi also makes it easy for attackers to log into the victim's bank account by tunneling back through that victim's PC, a tactic that could defeat some bank Web site security features that raise alarms when a customer logs in from an unusual Internet address. This feature is remarkably similar to a password stealing Trojan known as Zeus.

Most Trojans can't spread on their own, but Clampi can, and does: it uses a legitimate Windows program called "psexec" to try to spread to other systems on a network once it has gained a foothold on one PC.

How can you protect your data?

The sophistication and stealth of this malware strain has become so bad that it's time for Windows users to start thinking of doing their banking and other sensitive transactions on a dedicated system that is not used for everyday Web surfing.

This isn't such a radical idea, if you own a Mac or just have a spare computer lying around. If you want true peace of mind while conducting sensitive transactions online, grab a copy of a bootable, live Linux installation like Knoppix or Ubuntu Live, burn it to a CD-Rom, boot the spare system up into that operating system, and do your online banking from there.

21/7/09 Password Security

Any time you sign up and provide a password, that information may be easily available to the owners and employees of that site. If you use the same password for an online forum as you do with PayPal you’re in danger. If you use the same password for multiple social networks (Facebook, Twitter, etc) you leave yourself open to a different kind of identity theft. Some one can impersonate you and spread malware to your friends and family.

There’s also the danger of freely giving away your Email and password that plenty are falling for. A number of sites offer to get you new followers on Twitter. The only condition is they now own your account and can use it to broadcast advertisements. Unfortunately, too many people don’t read the conditions and are surprised when advertisements appear in front of their name. You might also notice they don’t say anything about not selling your Email address to the spam companies.

Read the full article here: http://billpstudios.blogspot.com/

25/5/09 The enemy in the net

We know there are criminals using the net, and also that hackers can infiltrate anyone's computer. At the government level it's not only a murky worry, but has become a battle for who will monitor it all and how we will fight cyberwars. And not everything you hear is true. Click this link to download or listen to this program onABC Radio National:

http://www.abc.net.au/rn/backgroundbriefing/stories/2009/2574574.htm

5/5/09 Beware Facebook Hacker Scam

Do you always know for sure where you’re entering your name and password?

This week many people on Facebook reported getting stung by yet another hacker trick to get someones name and password. Many received an Email with a message about something new on Facebook and received a link which appeared as it if was Facebook. Surprise, surprise it turned out to be a completely different website that just looked like the Facebook login page.

Simple tricks like this remain the most common distribution methods of deceptive programs and ID theft on the Internet. Once someone has your name and password, they have access to your valuable contact list. Your unsuspecting friends will start to recieve similar invitations and even downloadable files with every possible kind of malware. Many of your contacts will trust an attachment because they think it comes from somone they know.

While this is a typical phishing senario, there are many other ways to give away your name and password. Many social networking sites will want you to give them your Email and password so they can collect information on your contacts and provide you with a better experience. While I’m sure some of them are legitimate and trustworthy I say Don’t Do It.

Read more here: http://billpstudios.blogspot.com/2009/05/please-enter-your-name-and-password.html

Don't think it will only affect people on Facebook, there are plenty of examples of people being tricked, here's another: http://www.techbite.com/newsletter/17/password-disaster-my-paypal-account-was-hacked

There are some excellent suggestions there for choosing and storing passwords safely and you can use this Microsoft tool to check your password's strength: http://www.microsoft.com/protect/yourself/password/checker.mspx

and

http://www.microsoft.com/protect/yourself/password/create.mspx

28/3/09 Address Scraping Tools hide their true purpose

Web site operators who lure unsuspecting users into sharing their address lists can then send invitations to all the contacts in order to swipe even more private info.

You may have used an address-scraping tool already. Major social-networking sites such as Facebook, ShareThis, LinkedIn, and Plaxo offer a convenient way to build your initial "friends" list by importing your contacts from Outlook or other e-mail programs or by signing in to your webmail or social-networking service. The process is as easy as uploading a file or entering your user ID and password.

Uploading a contact file or entering your ID and password into these forms, however, can transfer your password and/or all of your friends' e-mail addresses to a company that may not have a strong privacy policy.

Read more here about how they lull you into being complacent so you will let down your guard:

http://windowssecrets.com/comp/090319#story1

19/1/09 Has your PC become a spammer's botnet zombie?

Most antivirus applications are ill-equipped to stop this kind of malware, but you can reduce the risk of having your PC become zombified. Although there are no perfect solutions, the following actions will help prevent your system from being compromised.

Click here for a four-step spambot-safety program.

13/1/09 Have you been Tricked into installing Antivirus 2009?

I am getting daily calls from people who have been the victims of this nasty little scam, sometimes they've left it too late before conacting me and the damage is too great for them to do anything about it themselves, for example yesterday the person's computer has started rebooting every time they started it up. If your computer hasen't reached that state, then the information at this site may help you get things cleaned before it does:

http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009

Warning: Iif you are not a confident computer user, do not try to undertake this without assistance from a competent person.

Go Back to the Top

18/10/08 All browsers are vulnerable to "clickjacking"

The latest Internet threat cloaks Web links so a wayward click can download malware to your PC without your knowledge. What's worse, all browsers and other Web software are susceptible to clickjacking, but you can take steps to reduce the risk.

Clickjacking allows an attacker to use one or more of several new attack scenarios to literally steal your mouse clicks. When you think you're clicking on a simple button - for example, to see the next page of an article - you may actually be giving the bad guys permission to do something entirely different, such as log on to your online checking account.

By taking advantage of any of a growing number of recently discovered vulnerabilities in Microsoft's Internet Explorer, Mozilla's Firefox, Apple's Safari, and all other Web browsers, criminals can hijack your system by intercepting clicks of what appear to be legitimate links.

The problem doesn't stop there, however. At least some of the flaws that make clickjacking possible also show up in such popular Web tools as Adobe's Flash player and Microsoft's Silverlight streaming-media plug-in. "If they can control where your clicks are going, they may be able to get a user to reconfigure the system so they disable security,"

Go to this link for the full story: http://windowssecrets.com/comp/081016/#story1

Go Back to the Top

7/9/08 Don't fall for bogus antivirus downloads

A new virus strain pretends to remove malware but actually does just the opposite: it infects your system. Fortunately, you can use a few simple steps to tell the difference between these rogue antivirus programs and legitimate security software.

Antivirus apps may be malware in disguise
A dangerous new virus is making the rounds in the guise of a legitimate antivirus program. Going by such names as "Antivirus XP 2008" and "XP Antivirus 2009" this malware succeeds by looking like a legitimate Windows program.

Rogue antivirus programs such as these are being promoted through spam messages that link to an automatic download of a virus installer. With such aggressive methods afoot to fool security-minded users, how do you know when an antivirus product is legitimate? Use the following guidelines to ensure that the security products you download are legitimate.

Read the full article here: http://windowssecrets.com/comp/080904/#story1

18/8/08 Where did all this spyware come from?

In most cases it's nobody's fault if a machine is infected with some kind of spyware/malware/virus. The number one method used for infecting computers is to just trick you, for example if you get an alert message from Microsoft that says they found three viruses on your computer and you must download ie_update.exe, what would you do? Recently, we've seen updates of Internet Explorer and news videos that claim to be from CNN and MSNBC. They're all meant to trick users into downloading badware.

A common trick is to send an online greeting card that includes an apology but comes laced with a keylogger so the abuser can spy on all future computer activity. The use of social engineering to try and take over your computer will continue to be number one method for infecting computers and will certainly improve and get more sophisticated.

Read more at this link:
http://billpstudios.blogspot.com/2008/08/where-did-my-spyware-come-from.html

8/8/08 Beware CNN Top Ten and Fake IE7

If you haven't already, you will be getting Email with the subject line "CNN.com Daily Top Ten". If you open the Email you'll see a list of news headlines. Some are real, some are fake. If however you want to see news videos, go directly to CNN.com and DO NOT view any videos that arrive in an Email.

If you select any of the video’s you’ll be asked to download what claims to be a new Flash update from Adobe. If you download and run get_flash_update.exe you’ll start to see some alerts from your favorite malware detector.

Another popular Email this week claims to be an update from Microsoft with the Subject: “Internet Explorer 7”. What you’ll get if you select this download is a rogue security program called Antivirus XP 2008. It can currently be removed by most anti-malware programs, but beware of programs that ask you to pay before cleaning.

Back to the Top

15/5/08 Eight simple rules for keeping XP rejuvenated

If you're one of the many people who plan to stick with XP as long as possible, you need to take a few relatively painless steps to keep that aging OS perky. Here are eight rules for extending XP's usefulness to 2010 and beyond.

http://windowssecrets.com/2008/05/15/03-Keep-XP-fresh-until-Windows-7-arrives

25/4/08 Flash ads bearing malware plague popular sites

A widespread Flash vulnerability can result in malicious code being downloaded to your computer, generating erroneous warnings of a malware infestation and offering a phony solution. These "malvertisements" may be present on thousands of sites, but there are measures you can take to reduce your exposure.

Read the full story and what you can do to protect yourself, at this link: http://windowssecrets.com/comp/080417/#story1

Common Internet Scams

You may receive an email from a bank/online service provider/ financial institution that asks you to click a link and visit a website in order to provide personal information. Such an email is more than likely the type of Internet scam known as "phishing".

A phishing scam is one in which victims are tricked into providing personal information such as account numbers and passwords to what they believe to be a legitimate company or organization. In order to carry out this trick, the scammers often create a "look-a-like" website that is designed to resemble the target company's official website. Typically, emails are used as "bait" in order to get the potential victim to visit the bogus website.

Be wary of any email that asks you to click on a link and provide sensitive personal information such as banking details. Information submitted on these bogus websites is harvested by the scammers and may then be used to steal funds from the user's accounts and/or steal the victim's identity.

Most legitimate companies would not request sensitive information from customers via email. DO NOT click on the links in these emails. DO NOT provide any information about yourself. If you have any doubts at all about the veracity of an email, contact the company directly.

Go Back to the Top

S-e-x on the Net - ABC Radio National - Background Briefing

The audio file is no longer available, but you can download and read the transcript.

"Whether adults like it or not, the Internet is where life's at for young people now - friendships, games, school stuff, comedy, adventure and sex. Teenagers are getting used to coming across pornography, and dirty old men. Sometimes they even turn the tables, and play indiscreet games. We don't know enough about the Internet generation - and government filters won't work on the new 3G phones."

... Also on the same site ....

Your money dot con - ABC Radio National - Background Briefing

"No one's telling how much of our money is being stolen through the Internet because no one wants us to lose confidence in the system. The banks are making so much money out of it, they prefer to wear the costs or push them down to the customer. In the meantime, everyone has a story and global criminals are stalking our accounts, our phones and our PCs."

Transcript still available for download.