November 2011 - Posts
On a percentage basis 99.94% of individuals among one billion users are true owners of the account. However, this is still a very large number of compromised accounts.
Facebook - 600,000 compromised logins on daily basis
QUOTE: In a recent infographic from Facebook regarding security, the social networking company let the world know it faces approximately 600,000 security threats per day in the form of "compromised" logins. That's a mere 0.06 percent of the 1 billion logins the site sees per day, although it's still a sizable number. "A compromised login' means the person logging in knows the username and password for an account, but we suspect they may not be the actual account holder"
The new Duqu threat was modeled after and perhaps represents the next version of Stuxnet (i.e., one of the most sophisticated malware attacks ever crafted). A recent discovery documents how Duqu exploits the Windows kernel from a malicious Word document. Microsoft is working on a patch to address this vulnerability and all suspicious Word documents should be avoided.
Duqu exploits zero-day flaw in Windows kernel
QUOTE: The Duqu trojan infects systems by exploiting a previously unknown Windows kernel vulnerability that is remotely executable, security vendor Symantec said today. Symantec said in a blog post that CrySys, the Hungarian research firm that discovered the Duqu Trojan earlier this month, has identified a dropper file that was used to infect systems with the malware.
The installer file is a malicious Microsoft Word document designed to exploit a zero-day code execution vulnerability in the Windows kernel. "When the file is opened, malicious code executes and installs the main Duqu binaries" on the compromised system, Symantec said. Once Duqu is able to get a foothold in an organization through the zero-day exploit, the attackers can command it to spread to other computers. In one organization, evidence was found that showed the attackers commanding Duqu to spread across SMB shares.
Kaspersky Labs - More on Duqu
The Avira Security blog shares basic tips on how to strengthen account setting controls in Facebook to improve safety
Facebook - How to harden your account settings
QUOTE: In order to configure the access to your Facebook account setting controls, you must go to Home >>> Account Settings >>> Security Tab
You can select in this window a couple of options. Read below what each of them means.
* Secure Browsing - if activated, no matter where you are, as soon as you login in your account you will use Facebook over an encrypted connection. It is highly recommended to always activate this option.
* Login Notifications - can notify you when your account is accessed from a computer or mobile device that you haven’t used before. There are two notification methods available : Email and Text message. It is highly recommended to use at least Email.
* Login Approvals – requires to enter a security code each time an unrecognized computer or device tries to access your account. Recommended to be activated. This requires to have a mobile phone to be set up in the account.
* App Passwords - if the Login Approvals is activated, some Apps might not be able to function because they are not ready to work with codes. Instead, you could generate a password for these Apps which is different than your Facebook password. This allows a more granular control over your security. Highly recommended if you use third party Apps.
* Recognized Devices – Facebook will store a cookie on your device as soon as you login. If that cookie is no longer found, Facebook will consider the device you are using a new one and will ask for authentication. If you use many computers, enabling this option is highly recommended.
* Active Sessions – this options allows you to remotely control the sessions which are using your account. This means nothing else than removing from the server side the cookie which was created on login. If you think that your account was misused, the first thing to do is to end all active sessions and change your password.
Microsoft is warning users to avoid responding to this threat which is actively circulating in spammed email. Account/password information is usually never shared by email.
Beware of “confirm your account” scams
QUOTE: Last week a member of our team shared a phishing scam that she’d received in her personal email account. The bogus email claims to come from Microsoft and asks the recipient to respond to the email with their user name and password to avoid permanent cancellation of their account. This is a scam. Microsoft never asks for user names and passwords in an email.
Microsoft has released the new MSCI rating concept for measuring user safety
Microsoft Computing Safety Index (MSCI)
MSCI - Users can assess their own MSCI safety
QUOTE: Microsoft encourages you to take an abbreviated version of the MCSI survey to help safeguard your digital lifestyle. We will release updates to the Index annually, in conjunction with National Cyber Security Awareness Month in the United States. The MCSI tallies points for basic and advanced computer security behaviors such as:
* Using a newer operating system
* Updating antivirus and antispyware software regularly
* Using automatic updates
* Keeping a firewall turned on
* Connecting to secure wireless networks
* Limiting information-sharing
* Creating strong passwords
Online safety resources
* Download the Five-Country Executive Summary (PDF)
* Download the U.S. Executive Summary (PDF)
* Download the MCSI Results Presentation (PPT)
* Download the MCSI One Pager (PDF)
Online safety resources
* Download materials from our new Digital Citizenship in Action Toolkit
* How to check if your firewall is turned on: Windows 7 | Windows Vista
* How to check if you're receiving automatic updates
* Download Microsoft Security Essentials free antivirus protection
More Posts « Previous page