October 2012 - Posts
Several folks shared photos of the ominous cloud looming behind the Statue of Liberty circulating on Facebook. Also, plenty of fabricated stories circulated distorting the facts and possibly alarming folks who have friends or relatives in the area. As other major events have proven, it is important to always get facts from the proper sources.
http://bostonglobe.com/opinion/editorials/2012/10/31/hurricane-sandy-shows-media-don-believe-everything-twitter/e2kAu24WWmvnaxa2IkppBK/story.html
QUOTE: Those who logged onto Twitter as Hurricane Sandy barreled toward the East Coast Monday night were among the first to read a handful of eye-popping news developments that eventually wound their way onto outlets like CNN and Reuters: that the floor of the New York Stock Exchange was under 3 feet of water; that the New York subways had been pre-emptively closed for a week; and that 19 employees of an electric company had been trapped in a building. These updates seemed to illustrate how a crowd of social media junkies can turn up news faster than a scattered few professional reporters. That would have been true — if the stories themselves had been.
In fact, many stories were fabricated, some by the same anonymous tweeter. At the same time, images purporting to show what was happening on the ground in New York spread across the Internet. One, showing an ominous cloud looming behind the Statue of Liberty, had been digitally altered; another, picturing the statue as it was about to be covered by waves, was a scene from the apocalyptic movie “The Day After Tomorrow.” In this case, as in many others, Twitter users called out such errors with mockery, circulating obviously fake images of Lady Liberty crouching behind her base.
Trend Labs shares an interesting PDF report on this topic:
http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-into-the-russian-underground/
QUOTE: Earlier today, we released the paper Russian Underground 101 which provides readers an overview of the Russian underground economy. The Russian underground is a key source for all sorts of illegal products and services used by criminals, which is ultimately aimed at users all over the world. By exploring underground resources, (visiting various underground forums) we were able to determine the products and services that are most commonly traded for, as well as the prices of these goods. This provides us with a good insight into the Russian underground ecosystem, information which can be used to provide enhanced protection for Trend Micro customers.
Key security feature announced is multiple user profiles
http://www.nbcnews.com/technology/gadgetbox/android-4-2-still-jelly-bean-sweeter-1B6743843
QUOTE: Google announced also Android 4.2 on Monday. It's still called Jelly Bean, just like the prior version, but it's made just a little bit sweeter by the addition of new features such as Photo Sphere, Gesture Typing, multi-user support and more. Sharing an Android tablet with a family member will be significantly less awkward thanks to multi-user support. Each user can have his or her own homescreen, background, widgets, apps and games. Toggling between users is supposedly as easy as switching between apps.
Windows Phone 8 SDK has been released as documented by Next Web:
http://thenextweb.com/microsoft/2012/10/30/the-windows-phone-8-sdk-is-now-live-for-all-heres-where-to-get-it/
QUOTE: Yesterday Microsoft promised to release the Windows Phone 8 SDK at its event in San Francisco. Today, during the opening keynote of its BUILD conference, the SDK went live. Microsoft is betting heavily on Windows Phone 8, moving the core of the operating system to a shared codebase with Windows 8. While this presents numerous advantages, it does cut loose all older Windows Phone handets, as their physical architecture cannot manage the new software.
Available from link below:
http://www.microsoft.com/en-us/download/details.aspx?id=35471
The state of South Carolina is working to resolve issues and hopefully sensitive information was not captured extensively during the compromised security incident.
http://securitywatch.pcmag.com/none/304400-south-carolina-data-breach-exposes-ssn
QUOTE: The latest data breach in South Carolina where over three million Social Security numbers were exposed is just another example of how organizations aren't protecting sensitive data with encryption. As many as 3.6 million Social Security numbers and 387,999 credit and debit card numbers may have been exposed during a series of cyber-attacks against systems belonging to the South Carolina Department of Revenue, state officials disclosed on Friday. Anyone who has ever filed a South Carolina tax return since 1998 may be affected.
Official response can be found here:
http://www.sctax.org/News+Releases/20121009_1026NR.htm
The ISC offers an update on outages and malware/scam attacks associated with Hurricane Sandy
https://isc.sans.edu/diary/Hurricane+Sandy+Update/14410
QUOTE: If you reside in the effected area, you are probably best off staying at home. Many roads are blocked by debris and in some cases by downed power lines. Here are some of the typical issues we see after an event like this:
- outages of communications networks as batteries and generator fuel supplies run out.
- malware using the disaster as a ruse to get people to install the malicious software ("watch this video of the flooding")
- various scams trying to take advantage of disaster victims.
A couple ways how the internet can help in a disaster like this:
- many power companies offer web pages to report and monitor outages.
- FEMA offers updates on it's "ready.gov" and "disasterassistance.gov" web sites.
- local governments offer mobile applications to keep residents informed.
AVAST received top rankings in malware removal and performance
http://blog.avast.com/2012/10/18/avast-only-free-antivirus-to-receive-advanced-award-for-performance-and-detection/
QUOTE: Avast! Free Antivirus won the top rating for malware removal from independent research organization AV-Comparatives last month, and this month is the only antivirus solution that also received the ADVANCED+ award for performance. The latest performance test measured the impact on system resources and speed of 19 antivirus products, and avast! Free Antivirus was the best scoring FREE product again.
AV-Comparatives performance testing is a series of real-world scenarios that includes downloading, extracting, copying, and encoding files, installing and launching applications, in addition to an automated testing suite. The ranking system is three-levels: “Standard,” “Advanced” and “Advanced+” awards. To receive the “Advanced+” award, avast! Free Antivirus was compared to mostly paid-for antivirus suites based on how much impact the product has on system resources, including protection against ‘real-world’ zero-day malware attacks, detection of a representative set of malware discovered in the last 2-3 months, false positive rates, and scanning speed. Avast was the highest scoring free product and out-shined a host of paid-for products and other free products.
As in past major news events, there is a high potential for Hurricane Sandy related internet scams and malware attacks. Please be careful with email, Facebook links, web searches and any charitable donations made during coming days.
http://blog.avast.com/tag/hurricane-sandy/
QUOTE: With Hurricane Sandy bearing down on the northeast United States, the potential is high for cybercrooks to release a wave of scams and malware related to the storm. If the past repeats itself, Facebook postings, tweets, emails, and websites claiming to have exclusive video or pleading for donations for disaster relief efforts will appear shortly after the storm hits. These messages often include malicious code that attempt to infect computers with viruses, spyware, or Trojan horses.
McAfee Labs shares an analysis of the top Android malware threat:
http://blogs.mcafee.com/mcafee-labs/fakeinstaller-leads-the-attack-on-android-phones
QUOTE: Android.FakeInstaller is a widespread mobile malware family. It has spoofed the Olympic Games Results App, Skype, Flash Player, Opera and many other top applications. This is not news in the mobile malware world, the FakeInstaller family is one of the most prevalent malware that we have analyzed. More than 60 percent of Android samples processed by McAfee are FakeInstallers. This threat has become more dangerous, adding server-side polymorphism, obfuscation, antireversing techniques and frequent recompilation, all to avoid detection by antivirus solutions. Android.FakeInstaller sends SMS messages to premium rate numbers, without the user’s consent, passing itself off as the installer for a legitimate application. There is a large number of variants for this malware, and it is distributed on hundreds of websites and fake markets. The spread of this malware increases every day
Firefox 17 beta offers a new API that interacts with Facebook directly and may help reduce infections associated with fake email alerts. The first social network implementation will be for Facebook.
https://blog.mozilla.org/privacy/2012/10/22/being-social-with-privacy-in-mind/
With our latest beta, we’ve started testing a new social API right inside Firefox. This API provides an open, Web-based infrastructure that allows users to connect Firefox with their favorite social networks, creating an experience that’s social, still feels like Firefox, and most importantly still respects our privacy principles. The first implementer of our new social API is Facebook, and we expect many more implementations in the coming months. One of the social API’s key requirements is that data is only sent to a social network when the user wants to send it. The new social features are completely opt-in and are disabled until you visit a social network site and decide to turn things on. Once enabled, Firefox loads several pages from your social network over secure connections.
Please be careful not to directly click on email messages that appear to be generated by social networking sites
http://nakedsecurity.sophos.com/2012/10/26/blackhole-malware-attack-spread-via-your-photos-email/
QUOTE: A malware attack has been spammed out widely via email to internet users, posing as a message about photos. In the attack, cybercriminals attempt to trick unsuspecting users into opening an attached file in their browser, redirecting them to a webpage hosted on a Russian website that takes advantage of the Blackhole exploit kit. The notorious Blackhole exploit kit then attempts to infect visiting computers through a wide number of vulnerabilities
NBC News also offers a getting started guide for Windows 8:
http://www.nbcnews.com/technology/gadgetbox/where-do-i-click-again-windows-8-guide-1C6715971
QUOTE: With the launch of Windows 8, buyers are about to discover a computing experience unlike anything they've seen before. Here's a guide to getting past some of the hurdles. The main thing to know is that Windows 8 is designed especially for touch-screen computers, to make desktops and laptops work more like tablets. It is Microsoft's way of addressing the popularity of tablets, namely the iPad. But Windows 8 will work with mouse and keyboard shortcuts, too. It'll take some getting used to, though. Here are some tips on how to navigate the new Windows:
Some good security recommendations are noted in attached article
http://securitywatch.pcmag.com/none/304358-eight-tips-for-windows-8
QUOTE: Planning on a Windows 8 purchase in the near future? While it may be the most secure version of Windows yet, a new operating system always introduces new security challenges. There are a slew of security features in Windows 8 that we like (picture passwords, built-in antivirus, Secure Boot, among others). However, the changes in the graphical user interface, the introduction of the new online app store, and new capabilities raises security concerns. The following are some tips from the folks at Sophos on how to stay safe on Windows 8.
This is a great resource for new users
http://www.computerworld.com/s/article/9232749/Windows_8_cheat_sheet
QUOTE: Computerworld - Ready or not, Windows 8 is here. One of the most controversial versions of the operating system ever released, its main interface feels designed more for touch-screen tablets than traditional computers. What's more, the Desktop has been hidden away and weakened with the removal of the Start button.
But I'm not here to talk about the controversy. I'm here to help you use Windows 8, because whichever version of Windows you're upgrading from, you'll find it a new experience. The horizontally oriented Start screen (once called the Metro interface) sports big tiles that practically beg you to touch them. And the Start screen and the Desktop feel as if they're dueling operating systems, because each works differently from the other in many ways.
All this might sound overwhelming, but as you'll see, it's not that tough to master Windows 8. In this cheat sheet I'll show you how to get the most out of the new Start screen and its apps, the Desktop, the new Charms bar, Internet Explorer 10 and plenty more. I've also provided quick reference charts listing useful touch-screen gestures and keyboard shortcuts.
PC Magazine shares recent results of NSS Labs test, where IE 10 did a superior job in blocking malicious download attacks
http://securitywatch.pcmag.com/none/304287-windows-8-s-internet-explorer-10-reigns-supreme-in-browser-safety-test
QUOTE: People sometimes ask me, "Why do I have to buy security software? Shouldn't the operating system keep nasty programs out?" In a perfect world that might happen, but not in our world. However, Windows 8 brings us just a bit closer to that Utopian ideal. In a test by NSS Labs, its Internet Explorer 10 browser detected and blocked over 99 percent of malicious downloads without any help from a third-party antivirus program.
NSS Labs researchers spent most of September putting Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari to the test under Windows 8. Every day they captured hundreds of real-world malicious URLs and inflicted them on each of the four browsers. To ensure freshness of each sample, they performed the browser tests immediately and verified that the URL was actually malicious afterward, discarding any that didn't meet the test criteria. They accumulated over 90,000 real-world URLs and used around 900 of those in testing.
Levels of Protection -- IE and Chrome block malicious downloads in two ways. First, they check the URL's reputation; if it's a known malware-hosting site they divert the user to a warning page. Second, they check the downloaded file itself and warn the user if it's malicious. For testing purposes, the researchers tracked these two types of protection separately. Safari and Firefox also rely on Google's Safe Browsing API to block known bad URLs, but only Chrome includes the additional detection for malicious downloads.
Lopsided Results -- Internet Explorer 10 protected the test systems against 99.1 percent of the malicious URLs thrown at it by the researchers. It blocked almost 90 percent of the URLs before the malware download even began. The Application Reputation component handled the rest by flagging the downloaded file as dangerous.
AV TEST has listed security products they have reviewed for Windows 8 as noted in link below
http://www.av-test.org/en/tests/home-user/windows-8/
http://securitywatch.pcmag.com/none/304280-windows-8-security-solutions-certified-by-av-test
QUOTE: The following security products are already compatible with Windows 8 (32 and 64 bit editions). This overview will be updated on a regular basis as soon as new information gets available. Last update: October 18th, 2012. Products on the list have been carefully tested by their developers, are fully supported by their vendors and reviewed by AV-TEST in the areas of Protection, Repair and Usability. Only final and released versions of the products are included. Beta versions or release candidates are not considered. However, not all products are supporting all new Windows 8 features (like the new user interface) yet.
Facebook has launched this new resource in its Family Safety site:
http://facecrooks.com/Internet-Safety-Privacy/Facebook-Launches-New-Anti-Bullying-Page-in-their-Family-Safety-Center.html
https://www.facebook.com/safety/bullying
QUOTE: Facebook launched a new page on Thursday in its Family Safety Center that’s dedicated to preventing cyber bullying and educating users about its risks. October is National Bullying Awareness Month,
The latest version has been installed based some good reviews of security. Below are a few of the early reviews on both security and features:
http://securitywatch.pcmag.com/none/304046-adobe-updates-sandbox-in-reader-acrobat-xi
http://news.techworld.com/security/3405972/adobe-reader-acrobat-xi-security-boosted-by-new-features/
http://www.adobe.com/products/reader/features.html
QUOTE: Adobe Reader and Adobe Acrobat XI now come with new security features and an improved sandbox that will make the products harder to attack and exploit, according to Adobe. The sandboxing feature known as the Protected Mode that was first introduced in Adobe Reader X proved successful at mitigating traditional PDF exploits. The technology works by isolating certain Adobe Reader operations in a strictly controlled environment and makes it very hard for attackers to write and execute malicious code on a system after exploiting a vulnerability in the product.
"Since we added sandbox protection to Adobe Reader and Acrobat, we have not seen any exploits in the wild that break out of the Adobe Reader and Acrobat X sandbox," said Priyank Choudhury, a security researcher within Adobe's Secure Software Engineering Team.
The new version of Adobe Reader also comes with a Protected View mode that further strengthens the sandbox by creating a separate window station - a separate securable clipboard and desktop - for the PDF viewing process. This function is designed to block so-called screen-scraping attacks in which one application reads data from the display output of a different program running on the same desktop.
The support for Address Space Layout Randomization (ASLR), a memory-based anti-exploitation technology, has also been improved in the new Adobe Reader and Acrobat versions.
Protective updates have been issued for Windows, Office, and SQL-Server ... These should always be promptly installed
https://isc.sans.edu/diary.html?storyid=14272
http://technet.microsoft.com/en-us/security/bulletin/ms12-oct
Compatibility Issues Affecting Signed Microsoft Binaries are addressed in the link below:
https://technet.microsoft.com/en-us/security/advisory/2749655
As noted below Facebook's New Help Center is improved and easier to use
http://digitallife.today.com/_news/2012/10/02/14183066-facebooks-new-help-center-easier-to-navigate-than-timeline
QUOTE: On Tuesday, the world's largest social network rolled out a new, slick and very streamlined version of the Help Center it first introduced in 2007, a revamp that serves both users and Facebook's recent settlement with the Federal Trade Commission regarding user privacy. What's more, this slick, streamlined update to the site's tech support section is so easy to navigate, you'll wonder why Facebook won't make your headache-inducing Timeline this intuitive.
"We are pleased to announce a new, more streamlined design for the Help Center, and the rollout of our Support Dashboard to the international Facebook community," Facebook's Chief Privacy Officer Erin Egan said in a statement. "Both of these tools aim to provide the people who use our service with access to the information they need from Facebook as quickly and as efficiently as possible. These resources demonstrate our commitment to transparency and our continued effort to ensure that the people who use Facebook can create the experience that is right for them." The new Help Center will come as a welcome change to Facebook users who've every found themselves lost among user-posted questions answered by other users with questionable degrees of veracity.
https://www.facebook.com/help/
More Posts
Next page »