Critical Security Fix it Released for Windows

If you run Windows Xp, Vista or Windows 7 you need to immediately install a patch. Go to http://support.microsoft.com/kb/2639658 and download and right-click install the Enable Fix it link. If the fix does not install correctly you should re-visit the link and click on the Disable Fix it link.

This threat is serious so don"t fail to install the patch - This “Duqu” Trojan is really nasty.

Canuck Cybersecurity Site

The Canadian Federal Government has launched a website to educate the general public in the dangers posed by online cyberevil-doers. I urge everyone to have a look - no matter how Internet savvy you think you are. Visit http://www.getcybersafe.ca

You're all a bunch of thieving crooks.

A report from the Business Software Alliance (BSA) appears to show that most people have illegal or pirated software on their PC's. A Google news search gives you a good overview.

Tsk-tsk-tsk - you people should be ashamed.

Be aware that you will eventually be plagued with a piece of software containing a virus, spyware, malware, trojan or some other evil bit.

Try using open source software or look into searching for well written applications whose cost is rarely above $50.00 and generally provide years of free updates. Sweet.

What's on Your PC?

Do you know what software is on your PC? A woman in Vancouver now knows. A software application meant to allow a PC to be tracked via its IP address was also taking pics via its built-in webcam. This at the same time she was ingaging in, ahem, risque conduct with a 'special friend' if-you-get-my-drift. The Mothercorps has the story here.

Different Passwords for Each Site

LulzSec hacker collective has likely compromised various sites (Facebook, PayPal, Xbox Live, Twitter, etc.) where they harvested user login info.

Folks still using identical credentials for multiple sites may find all of them compromised.

Internet Explorer 9 Filters ActiveX

Microsoft's Internet Explorer 9 (IE9) allow for filtering of ActiveX controls. This should allow for much greater security from devious scripts. All you Windows XP users are out of luck as IE9 will not run on this Operating System (OS). Use Firefox, Opera or Chrome browsers for maximum security under Windows XP. If you run Windows 7 or (gasp) Windows Vista you can and should use IE9.

Unusual Usernames Best?

It seems unusual usernames used on multiple sites hurt rather than help you stay less tracked on the Internet than you are now. The report from MIT (here) seems to indicate that by mining data scammers can more easily assign names to the data which helps them build a profile of you. The worse consequence of this would be for folks who use the same password for multiple sites. Think about it. To quote the article:

"What's important is that people pick different passwords for different Internet sites, and that knowledge of their password for one site does not provide any useful clues toward deducing their passwords on other sites."

So, jkuhytg56, who uses the same password of 1234 on 32 sites, is in deep, deep trouble.

IE Exploit for Xmas!

Microsoft's Internet Explorer is the target of a new zero day attack.
Best Practice? If you're using IE, stop.
If you must use IE then perhaps Sandbox it with Sandboxie.
Why not try Firefox (with the awesome No-Script Add-on) or Opera instead?
Safer, Better and hip . . . like the kids say.

Firefox BlackSheep: Anti-Networking Sniffing Tool

Not too long ago a Firefox extension called Firesheep designed to (according to the writeup at Lifehacker.com) ". . . sniff out weak security and/or hijack web site credentials on open Wi-Fi networks." was released. While useful for legitimate tasks it also gave crackers a tool that could allow them obvious access to PC's at your local coffee shop.

Now BlackSheep, an anti-Firesheep tool has been released. It is designed to alert you whenever Firesheep is active on your local network.

If you frequent establishments where you use Wi-Fi you might consider using this Firefox extension. The download page is here: http://www.zscaler.com/blacksheep.html

You should also look into grabbing the HTTPS Everywhere Firefox extension which encrypts your entire session not just the login portion.

Critical Microsoft Fixit

Bill has announced that an unpatched critical security hole in Windows XP operating systems is a genuine threat. A temporary patch using Microsoft Fix it is available here - after the .msi file downloads double-click it and the install is self-explanatory. Users who apply this patch will not need to uninstall it before applying the official patch when it becomes available towards the middle of July.

Restart Later?

Using Windows XP means having to restart the OS on a regular basis for many reasons. Many times you may be in the midst of something and choose to restart later. Rebooting your PC is also forced upon you at times and again it always seems to happen when you are knee-deep into something that causing you to reboot later - much later.

When you install software applications under Windows XP the installer (such as InstallShield) will frequently suggest you close all other programs before continuing the install. Oh, sure. As if.

Best practice sez: Restart, reboot and close all other programs before continuing the install and your XP box will be better behaved. There is much less chance of software or hardware conflicts if you plan ahead to avoid doing anything later.

Restart, reboot and close when asked.

Internet Explorer F1 Key Flaw

If you use any of the last several versions of Internet Explorer you are advised to not press the F1 key if prompted by any web site. A flaw has been discovered that could open up your Windows machine (except Vista, way to go Bill!) to evil-doers. The Microsoft Security Advisory (981169) is here: http://www.microsoft.com/technet/security/advisory/981169.mspx

The quote from Microsoft below:

Successful exploitation of this vulnerability requires that users assist the exploit by pressing the F1 key on their keyboard. Our analysis shows that if users do not press the F1 key on their keyboard, the vulnerability cannot be exploited.

Consequently, malicious Web sites may attempt to persuade users into pressing the F1 key. Such a Web site could invoke an endless loop of dialog boxes that tell the user to press the F1 key to end the loop, or offer information such as pricing information or help to be revealed through the F1 key.

Users are advised to avoid pressing F1 presented by Web pages or other Internet content. If a dialog box appears repeatedly in an attempt to convince the user to press F1, users may log off the system or use Task Manager to terminate the Internet Explorer process.

Adobe Flash Security Upgrade

Adobe has released an out-of-sequence update of its Flash Player that fixes two critical security holes in its Web browser plugin.

The latest version is now version 10.0.45.2. Visit here to check your version.

Also, remember that you will have to install the upgrade seperately for each browser you use so if you're like me well, Internet Explorer, Firefox, Opera and Chrome all need patching!

If you can read this . . .

. . . then your Windows machine hasn't had a BSoD lately I'll guess. It appears one of the updates from Bill has caused mischief

If you have not updated recently you may wish to do a custom update after deselecting KB977165. If you have downloaded the updates but not installed them, again, you may wish to do a custom update after deselecting KB977165. If you have installed it and everything is fine but you are still wary and want it gone then simply go to the Control Panel - Add or Remove Programs (ensure Show updates is checked) - click the Remove button for KB977165.

Best practice is to download but not install for a couple of days. If there is a problem let the rest of the Interpipe sort it out, eh?

Krebs on Security has a (probable) fix here.

Government warnings about IE

When goverments warn about the dangers of using Internet Explorer you can be sure it's time to seek out a alternative application - a safer surfer.

There is, in no particular order, Firefox, Opera and Chrome as well as other browsers.

Do yourself and others a favour by not using Internet Explorer. It's a security hole.

Why, it's like the Adobe Reader of browsers ;)

Go here for links to two of the afore mentioned browsers or you can search for other browser options.

Firefox Update

Y'all better check yer Firefox to see that you are running version 3.5.5 - if you aren't then run a manual upgrade (Help - Check for Upgrades). You might also set Firefox to automagically download and install upgrades:

Facebook Hacking

A new applications on Facebook, "City Fire Department," has been compromised by hackers. The application had been modified to deliver an iframe which can bring content from one Web site to another. This iframe tries to exploit vulnerabilities to download a fake antivirus program called Antivirus Pro 2010.

A few of the other hacked or bogus applications are:

• MyGirlySpace
• Ferrarifone
• Mashpro
• Mynameis
• Pass-it-on
• Fillinthe
• Aquariumlif

Ok, here is the deal - When you find a wonderful new application on Facebook do a quick search on Google or bing to determine if anyone has had any problem with it. You can also wait, yes wait, for a day or two until enough newbies have started using it to provoke any disasters - if all is well after this then you might . . . might try it. Just make sure your Facebook preferences are locked down for maximum security. Or just don't use any of these silly applications until Facebook gets a grip and uses some mechanism to confirm these applications aren't a giant security hole!

Firefox Plugs Microsoft Security Hole

If you use Firefox (and you should, imho) you have probably already seen a pop-up alert informing you that it is blocking Microsoft`s .NET Framework Assistant and Windows Presentation Foundation add-ons that were stealthily installed by Microsoft earlier this year.

This hole was supposed to have been fixed earlier by having users edit the Windows registry - but this idea stunk because editing the registry is potentially dangerous. Microsoft later released a simple point and click removal tool - except this left behind the Windows Presentation Foundation plug-in which is what was just killed by Mozilla.

So, the confusion up to now has been addressed by both Mozilla and Microsoft to remove both nasty bits. Whew!

Twitter Awareness

The recent cross-scripting attack on the newest buzzword universe called Twitter is merely another bump on the rocky road through Interpipe 2.0

These XSS attacks are the bane of Web 2.0 and will cause disasters for individuals who refuse to become aware of their online surroundings. Compound this with users who remain clueless about what is running on their PC's and you have a large impediment in the push through to Web 3.0 applications.

Now add smartphones and netbooks to the mix ;(

For a fine write up on the Twitter XSS attack see: http://twittercism.com/protect-yourself-on-twitter/

Be sure to check out the fine tip from Twittercism about XSS busting using Firefox browser with the Add-on NoScript with screencaps from Better Safe Than Sorry here.

Facebook Privacy

Check out the handy list of 10 Privacy Settings Every Facebook User Should Know by Nick O'Neill on February 2nd, 2009 at: http://www.allfacebook.com/2009/02/facebook-privacy/

Patches Make Pefect

On February 10, 2009 Microsoft released four critical patches that could allow evil-doers to take control of an unpatched computer remotely. The updates affect Internet Explorer 7, Windows XP Professional Edition, Windows Vista, Exchange 2000 Server, Exchange Server 2003 and 2007, SQL Server 2000 and 2005 and Office Visio 2002, 2003 and 2007.

The best part of his was the Security Bulletin (MS09-002) that accompanied the patches that stated, "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,"

Since probably 90% of folks running any flavour or Windows run as an Administrator most people are at risk here.

If you use Windows try to ensure you do nor run in Adminstrative mode. This is bad. Very bad.

So, ensure your Automatic Updates are turned on and patch early and patch often.

Phishing Targets Tweeter

The popular mobile service Tweeter has been hit with phishing messages. Nothing new about this. It is a good time to remind folks about the devious nature of these evil doers. Any method will be used to induce the unwary or stupid to visit sites that will attempt to upload all kinds of malware, spyware, trojans, etc. to your PC, smartphone or other device. The vector for this specific attack is the very popular 'TinyURL' online application that turns large, unwieldy URLs such as “http://www.somewhere.orf/really/long/directory/” into something such as “http://tinyurl.com/4d4a2” which can be remembered long enough to key into a browser. The problem is that the TinyURL could lead one to evil sites. Very bad. TinyURL's solution, which folks either don't know about or don't use or understand is to use the Preview TinyURL. In our previous example one should append the TinyURL with preview: “http://preview.tinyurl.com/4d4a2”. This will allow for the best practice of safely viewing a rendering of the intended target before actually visiting it.

WPA Cracked

If you use WiFi to connect to your Internet provider via a wireless router be aware that recently a crack has been found that could allow eavedroppers to detect your passphrase. The simple solution (for now) is to use WPA2 rather than the now vulnerable WPA. If by some chance you missed the memo about the much older WEP protocol you should have stopped using that years ago! If your router does not use WPA2 then ensure it is using AES encryption and not TKIP. Also be damned sure your passphrase is long (12+ characters minimum) and contains a mixture of lower case, upper case, numerals and characters. So, password IS NOT up to scratch. k*uh7%vg4Sk9jNVfdxq)( is just about right ;-)

Critical Patches Released for Adobe Applications

Adobe has released patches that fix at least eight security holes in both its Acrobat and Adobe Reader programs. These flaws could be used by evil doers to take control of vulnerable systems. Versions 8.1.2 and earlier are affected. Adobe has rated these updates as “critical” indicating that the flaws could allow attackers to comptomise an unpatched system without the users knowledge. The Windows update may be found here.

Opera 9.62 released

The latest version of the safest browser around has been released. You are advised to download and install to patch two security holes that could be used for, among other things, cross-scripting attacks. It is available here: http://www.opera.com/download/

Critical Microsoft patch available

Microsoft has issued an out-of-band update. This is unusual as Microsoft rarely releases patches ahead of the usual once monthly Patch Tuesday. In this case the severity of the security hole has prompted them to wisely hurry the process along. This update is for XP and Vista although for Vista users it is not deemed critical. What the heck, do it anyway. If you have Windows Update all organized (as you should) you should be safe. If you are unsure if you already have the patch installed then go to Add/Remove Programs in the Control Panel, make sure the check box for show updates is checked:

and, when the list is finally displayed look for:

If it's not installed go back to the Control Panel and click on Security Center. Make sure all the settings for Windows Updates, your firewall and whatever anti-virus you use are all functioning as they should.

Adobe Flash Upgrade

Adobe has released version 10 of its flash player. This release addresses the so-called Clickjacking attacks where a user could be tricked into clicking a link that would send them to a rogue website. The new version 10 for Windows may be downloaded here.

Opera Upgraded to 9.60

Time time to visit http://www.opera.com and download the latest and greatest version 9.60 of the most secure browser.

Firefox Update Available

Get it while it's hot. This update fixes one bug: ‘’where users were unable to retrieve saved passwords or save new passwords‘’.

Yikes.

Click on ‘’Check for Updates‘’ from the Help menu to update and don't forget to restart Firefox for the update to take effect.

 

Facebook .zip attachment is Bad

People have been getting these fake Facebook 'Add Friends' emails.

The evil-doers attached .zip file contains, wait for it you plugs, a Trojan Horse. C'mon, steady, don't fall for that old trick.

Unless you are expecting an attachment don't accept it. Anti-virus blah blah updated frequently blah blah backup daily blah blah idiot, don't be an ;)