Check out this video for the information on how to avoid the problem and how the crooks can take advantage of you:

Comments(2)

If you have not heard tomorrow the net could be hit by a major virus / worm that could compromise your security by taking over your machine and make you part of an evil BOTNET – The security experts over at EEYE have written this about the potential issues and given some nice ways to prevent and or detect if you are infected:

http://www.eeye.com/html/conficker/index.html

Conficker Worm Overview

Introduction

The Conficker worm is a very formidable threat to modern-day networks. The worm uses multiple methods to infect remote systems, and utilizes a very advanced P2P architecture in order to communicate with other infected systems. Furthermore, it has shown signs of an advanced update mechanism that would allow infected systems to rapidly received updates in order to evade detection or to be used in some malicious manner.

Below is a visualization of the propagation and communication mechanisms currently seen within Conficker infections.

As depicted above, Conficker is a very powerful threat utilizing a blend of exploits and functionality issues within the Microsoft Windows Operating System, while also utilizing human propagation means via thumb-drive sharing. The worm has been identified on millions of workstations, servers, and laptops throughout the world.

Suggested Actions

Administrators are strongly urged to utilize the Free Conficker / MS08-067 Detection Utility available for download here:

http://www.eeye.com/html/downloads/other/ConfickerScanner.html

This utility allows network administrators to rapidly assess their networks in order to find hosts that are infected by Conficker, or are missing the most critical patch necessary to blocking Conficker network propagation attacks.

Free Protection Utility

Users are also urged to use a powerful host-based protection suite with anti-virus, such as eEye’s Blink Personal or Professional. In addition to the detection of the Conficker worm, eEye Digital Security’s Blink Endpoint Protection Platform can effectively protect hosts, even if they are not patched, from the propagation of this worm. Using protocol based IPS analyzers, Blink can detect and stop the malicious traffic associated with MS08-067 and block the worm from self propagating. For installations that are already infected, Blink’s multi layer antivirus engine will remove the Conficker worm and provide protection until a permanent remediation is performed on the host. Free trials are available for Blink Professional here, and a free version of Blink is available for personal use here.

Maintain Microsoft Updates

Users and administrators are strongly urged to maintain all of the latest patches from Microsoft and all other software vendors with applications on endpoint systems. This can be easily maintained by using eEye’s Retina Network Security Scanner to identify all vulnerabilities on a network. Windows users can also enjoy the benefits of this vulnerability assessment by using eEye Digital Security’s Blink Endpoint Protection Platform to perform a vulnerability assessment of the host system on which it is installed.

References The HoneyNet Project:
http://www.honeynet.org/papers/conficker/
Felix Leder and Tillmann Werner Analysis:
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker
Microsoft Advisory – 967940
http://www.microsoft.com/technet/security/advisory/967940.mspx
Microsoft Malware Protection Center:
http://tinyurl.com/absz6f
Microsoft Security Bulletin MS08-067:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
SANS – Internet Storm Center:
http://isc.sans.org/diary.html?storyid=5860
Shadowserver Foundation:
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090212

Comments(0)

ATM – Robberies:

· Refrain from using an ATM at night. You’re much safer using an ATM during daylight hours when other people are around. Even on weekends.

· Don’t use an ATM alone. Never! If you have someone waiting with you, don’t leave them to wait in the car while you are gone. Have them go with you. A Crook is less likely to attack more than one person. Especially at those ATM’s that are out of sight from where you park.

· Don’t drive right up to the curb, park, and get out of the car. Look over the entire parking lot as you enter. Look to see if there’s occupied vehicles in the lot that may look suspicious. A car occupied

By 3 guys parked a short distance away isn’t right. Why didn’t they drive right up to the curb? Is there a 4^th guy waiting around the corner out of sight waiting for a victim? If it’s a night and there’s no one around, this would not be the ATM to use.

· Eliminate the above scenario completely by planning ahead. Don’t put yourself in a position of having to use an ATM machine “after hours”. I explained in the topic of drunk driving about keeping extra money in your wallet or purse for emergencies. My Dad taught me at an early age to always have a $50 or $100 dollar bill hidden underneath my driver’s license for emergencies. I practice that to this day. Do this and you won’t need to use the machine for that quick forty withdrawal. That late night deposit can wait until the next morning.

· Many banks offer telephonic banking enabling you to do account transfers over the phone. This is much safer than using an ATM for this purpose.

· Persons loitering around an ATM machine? Not a good sign. Maybe they’re waiting for a ride, Maybe they’re not!

· Don’t count your money at the ATM. Chances are someone is watching you do it. As my brother Mark says, there’s probably 2 or 3 of you counting YOUR money! Put it away and wait until you are safely in your car. Once in your car, continue to pay attention as to who is around you.

· DON’T leave your car running or have the keys in the ignition while you are preoccupied at the ATM.

Get into a routine of precaution and you won’t have to call us and explain how you gave your car away. Take your keys with you.

· When possible, take only your ATM card and papers that you need to carry out the transaction. (Example; your ATM card, deposit slip, and paycheck. If you take your wallet or purse with you, you take a chance on losing credit cards, money, and personal identification.)

· Take advantage of merchants and businesses that use ATM or debit machines for purchases at the sales counter or at the gas pumps. It is safer, just as convenient and there are usually more people around than at an isolated ATM machine. At many mini marts and grocery stores you can usually get money back.

· Speaking of grocery stores, many have installed ATM machines inside the store lobby in addition to having debit machines at the check out stand. A well lit environment, employee’s present, and usually many other customers around. MUCH SAFER than being alone outside the front of a bank!

Comments(0)

This is the start of multiple articles on the internet and identity theft. I will also be discussing ways to prevent and or solve and mitigate issues you might already have on your computers.

To start a bit about my background and why you might want to think about this advice as well rounded and tested before just believing that I know what I am talking about.

I have been heavily involved in IT for my company for many years now to include network administration and IT infrastructure on top of normal day to day duties. The funny part of all this is I had to learn how to be a tech guy pretty much overnight when we decided it was time to connect all of our employees.

So how do you become a tech IT wizard overnight, well you don’t and on top of that you cannot even expect to be able to grasp all the information you will need. Here is how I did it, I simply concentrated on what I knew how to do, supplemented that with items I knew I could learn quickly and then joined forces with an expert for the items I had no idea how to do. It makes much better business sense to sub out for services you might never really need to do again. Another incredible resource for internet security knowledge is: Security Now! located at www.GRC.com

(Read the article)

Comments(0)