Ask the Geek

The Register – John Leyden
Posted in Malware, 6th April 2010 13:37 GMT

The security perils of PDF files have been further highlighted by new research illustrating how a manipulated file might be used to infect other PDF files on a system.

Jeremy Conway, an application security researcher at NitroSecurity, said the attack scenario he has discovered shows PDFs are “wormable”. Computer viruses are capable, by definition, of overwriting other files to spread. Conway’s research is chiefly notable for illustrating how a benign PDF file might become infected using features supported by PDF specification, not a software vulnerability as such, and without the use of external binaries or JavaScript. [Read more]

I reported on Panda Cloud Antivirus back in June and July in my Security Corner posts, Panda’s Cloud Antivirus (Beta) is a Winner! and Panda’s CloudAntivirus Update.

I tested Panda Cloud Antivirus extensively on my systems while it was in beta and only recently switched to Microsoft Security Essentials (MSE) for evaluation. Today, I’ll switch back to Panda on my older, slower system to compare performance of each one. I have noticed a slight performance degradation with MSE that was all but non-existent with Panda. Now that Panda Cloud Antivirus is out of beta, I can make a fair comparison which I will report on later. Check out the full report in this Security Corner post.

“Although not so well know in some parts of the world, Bullguard Internet Security is a top level security suite from Denmark. With firewall technology licensed from Agnitum (Outpost) and anti-malware components from BitDefender you will appreciate the pedigree of this software. One of the product’s most interesting features is the way support is provided. Bullguard support staff can be contacted directly from the GUI and response times are reputed to be amongst the fastest in the industry.

“The vendors are generously offering a full 12 month licence for Bullguard Internet Security free for all Gizmo’s Freeware visitors for two days only commencing at 00.01 PST on Thursday 5th November and closing at 23.59 PST on Friday 6th November 2009. This offer comes with full support from Bullguard.”

Click here to get it: http://www.techsupportalert.com/content/get-top-rated-bullguard-internet-security-suite-free.htm

Cheers!

The Geek

Let me introduce a very special guest blogger, Mr. Paul Shirey. Paul is a young man (13 years old) who definitely has a handle on what this Internet thing is all about. In fact, given that people of his generation have this kind of savvy, I think there’s hope that the Internet will evolve from it’s current state of “Wild, Wild, Web” into something more akin to a world wide communications and information portal that is safe for everyone to use. It’s quite possible that you’ll be hearing more from this young man as a future mover and shaker.

You can contact Paul through his website at http://www.teenradiojourney.com or you can leave a comment here. Here’s his article.

——————————————–

In the digital age,? most of us, if not all, depend on the Internet to get us through the day: some jobs are even 100% online. Well,? sometimes the Internet isn’t all that great, and might be infected with malicious files. Luckily, there are ways you can defend yourself against the Internet terrorists of the digital age.

Online Accounts

The number of online accounts you have can really affect the chances of your accounts being hacked and your identity stolen. The more accounts you have, the more at risk you are. If someone steals your identity and commits a crime in your name, it is possible that you could be the one that ends up behind bars, and none of us want that to happen.

There is a simple way to keep your online accounts secure–don’t use the same password for every online account you have. Imagine this: One day your computer gets infected with malware called a keylogger. Keyloggers record everything you type on your computer. If the hacker behind the malware can find out one of your online passwords before you get the malware removed, that person would have access to all of your online accounts because you used the same password for every account.

Though using the same password for every account you create can be helpful for you (because you won’t have to remember what the password is for every account), it is a serious security threat. There are some very simple ways you can stop this bad habit.

1.? ? ? ? ? ? If you don’t have a lot of online accounts, use a series of passwords and rotate them between accounts. This way it would be harder for someone to hack into your accounts, and your account could even be temporarily suspended from too many log in attempts.

2.? ? ? ? ? ? Using a password keeper is an excellent way to create multiple passwords, and most of them have password generators built into them. Even though it might be a little bit annoying to have to copy and paste passwords all the time to log in, it could really be a life saver. You wouldn’t necessarily have to create a generated password for all of your accounts, just the ones you couldn’t afford to get hacked like your bank account or PayPal account. You can download a free password keeper by going here http://keepass.info/. This password keeper can even go onto a USB stick.

Spam

Spam is another way internet hackers gain control of people’s computers and lives. There are some very simple ways you can tell if an email message is spam.

·? ? ? ? ? ? ? ? Contains mostly links and is in plain text.

·? ? ? ? ? ? ? ? Comes from a free email service like Gmail or Yahoo

·? ? ? ? ? ? ? ? Your email client tells you that it is spam

Spam can be very hard to filter out; some spam may even make it through the spam filter. One example of spam that is very tempting is emails that say that you have one a large amount of money. If the email is in plain text and the email address is from a free email service like Gmail or Yahoo, its spam. Delete it and forget it.

If your email client tells you it is spam there is a very small chance that it might not be spam, if you are at a business building using business email, chances are that a lot of non spam emails go to spam due to high filtering settings. You do however need to be able to tell spam from non-spam.

Password Changes

Sites like eBay or PayPal that are heavily encrypted send you an email when your password is changed, even if you were the one that changed it they will still send you an email for security reasons. If you do get one of these emails and you didn’t change the passwoord, you need to contact them immediately.

Imagine that you are opening the door of your house to go inside after a long day at work, but you forget to disarm your security system. The alarm will go off and the alarm company will call you. You tell them that it was only a false alarm and give them your pin number for the alarm system, and they reset the alarms.

So,? going back to the site, the alarm going off when you enter your house is just like you changing your password on a highly encrypted site. The website will contact you just as the alarm company would, except with the website, you usually don’t need to tell them if you changed it or not.

Free Items

Have you ever seen those ads on websites telling you to click to win a free item of high value like a MacBook Air ™ or an expensive car? Well to tell you the truth the website that you clicked on that ad from is just trying to make money, because advertising is how most free websites run. However, that form you will out to get the free item is just collecting your personal information, and you could start receiving tons of spam in the snail mail.

Online Shopping

Another way hackers can attack computers is through online shopping. My rule is the site either has to be approved by internet security companies like McAfee, or use PayPal for orders. I usually will only shop at an online shop if they use PayPal because the only information the store will see when you pay with PayPal is your Name and/or email. That’s a lot better than giving them your credit card number.

The best thing you can do to defend yourself while shopping online is by making sure the shopping website you are buying from is secure. Though eBay and Amazon are very secure, if they were to get hacked it is likely that websites like these would shut down part of their system temporarily until they are sure that the problem is fixed.

Downloads

Downloads can be handy, but if you download multiple programs every day, you could be even more prone to getting a virus. You need to be extremely careful when downloading files from file sharing sites, unless you truly know the person that is hosting them, or were redirected by a software company that you trust.

Sum it up

The key to internet safety is this: if a website or email doesn’t look safe, either don’t go to it,? or do searches on it to see if it is safe. Don’t just look at one search result; look at multiple ones so you are sure that the website is secure. There is a neat little antivirus programs that can keep you safe on the internet, and will even warn you if you try to open an infected webpage or email, and then clean any infected files. You can download this antivirus program by going to http://www.avast.com/. If you already have an antivirus program you trust go ahead and download McAfee Site Advisor http://www.siteadvisor.com/.

Whether you like it or not, you need an antivirus program, it might make your PC a bit slow(er) but it is worth it, you never know when your computer could be threatened in an internet infection.

Paul Shirey

What’s a ROBAM? you ask. Check out this post: Protecting Your Business from Online Banking Fraud. SANS says, “The number one recommended mitigation [to online banking fraud caused by infostealer infections] is to use a read-only bootable alternative media (ROBAM) as an isolated environment for financial transactions.”

You can use a USB thumb drive instead of a CD if you do the following:

1. Download your alternative Linux OS choice (I prefer Ubuntu or Knoppix) in .iso format
2. Download UNetbootin from http://unetbootin.sourceforge.net/
3. Create a bootable USB thumb drive using UNetbootin
4. Set the properties of the drive to “read only”

This should have the same effect as using a Linux live CD.

I haven’t tried this, so comments welcome.

I’ve been using Panda Security’s free Cloud Antivirus for awhile and I must say I’m impressed. It’s there, but you’ll never know it unless you look (the little panda icon in the system tray). I rarely get malware of any kind, but Cloud AV has caught a couple of things that were probably drive-bys. It’s so transparent that I actually had to go check on it before I noticed that malware had been caught.

This is a perfect set-it-and-forget-it AV for the regular user. It’s free, self-updating and doesn’t require any decisions on the part of the user. But the great part about it is how it works. Watch the video. It’s really slick, blocking malware within 6 minutes when encountered by anyone who has it installed; it’s truly real time updating.

That’s my two cents. You be the judge and try it for yourself.

Cheers!
The Geek

My new eBook, “14 Golden Rules of Computer Security” is almost complete and will be ready for downloading shortly. Written with the non-technical person in mind, the book is packed with proven, practical advice on how to stay safe on the Wild, Wild Web including bonus articles about creating strong, easy-to-remember passwords and email security tips. I give you tons of links to free and low-cost tools as well as special discounts for software and services by some of the best computer security companies in the business. It’s a must-have for every computer owner.

Based upon my popular “How to Secure Your Computer” series of web articles and fully updated with late-breaking information on safe searching and social networks, “14 Golden Rules of Computer Security” will help you develop your own secure computing practices and save you from the hassle of dealing with unpleasant malware attacks.

The book will cost $9.95 for the general public, but all Ask the Geek subscribers will be sent a download link and password for a free copy, so be sure to sign up. (If you already closed the subscription panel, you can sign up by clicking here or on the Sign Up! link on the Pages sidebar.)

Sign up today and then watch your email for the release announcement and download instructions.

Two router options, both of which I’ve said are security risks (see This Router Configuration Option Can Be Dangerous), can now be exploited to turn routers into zombie botnet members. My latest post at Security Corner, Worm Targets Home Networking Equipment, gives details and references to more news items. You can read those if you want, but for now, here’s what you should immediately do:

1. Power cycle your router.
2. Disable WAN-facing telnet, SSH or web-based configuration interfaces.
3. Change the passwords to something unguessable (see this article).
4. Upgrade to the latest firmware.

If you’re not sure how to handle this, find a geek who can. While the hacker who wrote this worm appears to have disabled the botnet’s control center, others will follow and it could get ugly.

You should also read and apply the Safe Computing Tips available as a free PDF download. Just click on the link to the right.

As always, I’m looking out for you.

Cheers!

The Geek

I was checking my web site logs last night and was pleasantly surprised to find lots of traffic coming from download.com. One of their writers, Jessica Delacourt, included a link to my bootable thumb drive virus scanner in her article “Beat back that Trojan Horse.”

Ms. Delacourt presents several ways of dealing with the damage caused by a Trojan infection. The article is excellent and I highly recommend it.

And, Ms. Delacourt, thanks for link!

Cheers!
The Geek

Technorati tags: Trojan horse, security, download.com, Jessica Delacourt, virus scanner, thumb drive, Ken Harthun

It’s 2010, maybe sooner. A rogue nation has just declared war on your country. No one will be killed in this war, at least not directly. But people will die from starvation, disease, and in the general chaos caused by disruption in vital communications lines. The rogue nation’s primary weapon? Botnets capable of taking down huge segments of the Internet and telephone networks. [Read the full article at Ask the Geek, Too]

Technorati tags: warfare, cyber warfare, botnet, security, security maxims, ask the Geek, ken Harthun