Essential Computer Security

Social networking presents a paradox when it comes to security. The very premise of ’social’ networking is to share news and information with friends, family, and like-minded individuals, but sharing too much information or being too trusting of those within your social sphere of influence can result in getting your system compromised or your identity stolen.

Facebook and Twitter have both been targeted recently by different attacks. The Facebook attack is more of an old-school style phishing attack. It is designed to look like it came from Facebook and it actually succeeds better than most phishing scam emails I have received.

The attacker is probably capitalizing on the recent modifications to the Facebook homepage to catch users off guard and convince them that changing login information is just another change being made. Both the ‘Update’ button and the link that says ‘Click here’ lead to some malicious destination and not to Facebook.

The Twitter phishing attack is a little more insidious because it attempts to leverage the social aspect of social networking to breach your trust. The Twitter phishing URL arrives via DM, or Direct Message. Unlike normal Twitter tweets that are public domain and can be searched and viewed by all, DM’s are private and can only be sent to you from a user that you follow. The very fact that you are following the person on Twitter implies at least some level of trust between you and that party.

The actual DM is relatively short, saying something to the effect of “ur on here http://twitter-videos…” with the URL being shortened or obfuscated in some way to hide the true URL. If you click on the URL you arrive at a page that looks identical to a Twitter login page. If you enter your credentials on this page you are giving them to the attacker who can then use your account to DM others who follow you and continue the web of phishing.

If you follow me on Twitter you may have received such a DM from me. I fell victim to this attack. Before you slap my wrists for the security oversight, I figured out the course of events and it serves as an additional warning for you.

See- I don’t really use Twitter. I use the service, and I use my Twitter account, but I don’t use the site. Ever. I use Tweetdeck. So, when I got the DM–from someone I trust–I clicked on the URL. When I saw the Twitter login page I didn’t think twice about entering my credentials because I knew I wasn’t logged in to Twitter. Had I been logged in to the Twitter site when I received the DM it would have seemed odd that it was asking me to log in *again*, but because of the way I interact with Twitter it didn’t concern me in the least.

Bottom line: I know its social networking and you’re using it to share with others and be social. Just remember that attackers are actively looking for ways to exploit the implicit trust you place in your social networking connections so always be skeptical and use some common sense.

Tags: Blog by Tony Bradley
6 Comments »

ioSafe started a fan page on Facebook to provide a forum for users to share ans discuss experiences with the ioSafe drives, and for ioSafe to be able to share news and updates related to the devices. To provide incentive for users to join the community on the Facebook page, ioSafe is running a contest to give away a 1Tb ioSafe drive.

The original target was 5,000 fans. ioSafe has discovered that driving membership to the Facebook page is easier said than done even if you’re giving away a 1Tb drive. So, the goal has been modified to 1,000 followers. Once the ioSafe Facebook page reaches 1,000 followers, ioSafe will select one lucky fan to win a 1Tb ioSafe drive- a drive that the ioSafe Facebook page says is “Like an aircraft black box for your data.”

There are currently about 500 followers. Go to the ioSafe fan page on Facebook and join to become a fan for a chance to win an 1 Tb ioSafe drive.

ioSafe posted the following rules for the contest on the Facebook page:

RULES: 1. The judge’s decision is final. No bellyaching or petulant whining is permitted! 2. The contest is open to real humans only. Dogs, cats, fish and discarnate entities on the astral plane are excluded. 3. Should you not tell us your address within 14 days of us sending the notification that you’ve won, we’ll give the ioSafe to somebody else. If you think this is unfair, see clause #1.

Tags: Blog by Tony Bradley
10 Comments »

Microsoft released 13 Security Bulletins today fixing 34 different flaws- a new record. Eight of the Security Bulletins (and subsequently 21 of the actual flaws) are rated as Critical by Microsoft. A couple of them have already been targeted as ‘zero-day exploits’ in the wild.

Check out the links in the October 2009 Microsoft Security Bulletins Summary to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. Microsoft will discuss the issues addressed in the Security Bulletins and field questions from users during a webcast which can also be viewed after the fact. You can also visit Windows Update to automatically determine what patches or updates your system needs.

Not to be outdone, Adobe also unleashed a barrage of security updates today as well. Adobe addressed 29 flaws in Adobe Acrobat and Acrobat Reader. Make sure you get your Adobe Reader patched so your system won’t be vulnerable to the inevitable attacks coming soon to a PC near you.

Tags: Blog by Tony Bradley
1 Comment »

To view a summary of the October 2009 bulletins, visit Microsoft Security Bulletin Summary for October, 2009. Click the links below to view the individual Microsoft Security Bulletins and to download any patches that might be required for your system. Microsoft will discuss the issues addressed in the Security Bulletins and field questions from users during a webcast which can also be viewed after the fact. You can also visit Windows Update to automatically determine what patches or updates your system needs.

Tags: 2009 by Tony Bradley
1 Comment »

This Tuesday is Patch Tuesday- the regularly scheduled day when Microsoft releases Security Bulletins for the month. According to the Advance Notification from Microsoft, this month is a doozy too! There are 13 total Security Bulletins planned for Tuesday: 8 Critical and 5 Important.

That is not the only computer security event coming up this Tuesday though. In ‘honor’ of Patch Tuesday, Check Point is offering ZoneAlarm Pro 2010 for free. The offer runs for 24 hours, beginning at 6am (the time zone isn’t specified- I am going to guess they mean Eastern time?) on Tuesday, October 13. During that timeframe you can visit www.zonealarm.com/only24hours to download a fully-licensed copy of ZoneAlarm Pro 2010 for free.

ZoneAlarm Pro 2010 is a firewall product that combines the popular ZoneAlarm firewall with an OSFirewall that monitors the operating system for changes and suspicious behavior. Check Point designed ZoneAlarm Pro 2010 to complement existing security controls and software to provide even better protection against malware and unauthorized access.

According to Check Point, ZoneAlarm Pro 2010 features include:

• Advanced Download Protection technology that automatically checks and analyzes the programs a user wishes to download to determine if they are safe or malicious. 
• Anti-phishing, both signature and heuristic based, to block more fraudulent sites. 
• Free Identity Protection Services with daily credit report monitoring and Victim Recovery Services that help consumers recover quickly from identity theft.

I have been provided with a free copy of the software for review, but I have not yet installed it. When I do, I will post my review including my experiences with and thoughts about the software. If you download and install it, feel free to comment here and let us know what you think.

ZoneAlarm has an established reputation for providing superior personal firewall protection so its certainly seems worth at least downloading it to try it out. You’ve got nothing to lose– you can’t beat the price.

Tags: Blog by Tony Bradley
3 Comments »

“Identity Theft Soars in 2009”

“Cyber Crime at Record Highs”

“Online Scammers Work Overtime in the Downturn”

These are the types of headlines that we see time and time again in the security news, reminders of the extent to which sophisticated online scammers are taking a toll on the safety and security of computer users around the world.

But, there is another side of the spectrum that many users may not be completely aware; law enforcement agencies around the world are working diligently to track the online scams and schemes plaguing the Internet, in order to find those responsible and bring them to justice.

Unfortunately, the Internet has made it easier for criminals to scam victims, as they work across borders, separated from those they are stealing from by countries or even continents. While investigators of cyber crimes do have additional challenges in tracking down criminals and bringing about positive change, progress is being made, both by regular law enforcement and by organizations – like the Computer Crime & Intellectual Property Section of the U.S. Department of Justice and the Department of Defense’s Cyber Crime Center – that work with other government agencies, the private sector, academic institutions and foreign governments to prevent, investigate and prosecute cyber crimes.

One of the most well-known law enforcement agencies in a full-fledged battle to track cyber criminals and bring them to justice is the U.S. Federal Bureau of Investigation (FBI). According to its website, the FBI’s cyber mission is “first and foremost, to stop those behind the most serious computer intrusions and the spread of malicious code.”

The FBI has several cyber operations, including a Cyber Division at FBI headquarters, specially trained cyber squads at 56 field offices across the United States, Cyber Action Teams that travel the world to assist in computer intrusion cases, 93 Computer Crimes Task Forces around the country, and growing partnerships with other federal agencies.

The FBI also established the Internet Crime Complaint Center (IC3), a joint effort with the National White Collar Crime Center, to serve as a clearinghouse to triage cyber complaints – then sending leads to federal or international law enforcement for further investigation. In any given month, the IC3 has an intake of roughly 20,000 complaints that are waded through to uncover patterns and go after the scammers.

“Bots. Worms. Viruses. Spyware. Hacking….Every day, criminals are invading countless homes and offices…not by breaking down windows and doors, but by breaking into laptops, personal computers, and wireless devices via hacks and bits of malicious code. The collective impact is staggering. Billions of dollars are lost every year repairing systems hit by such attacks. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services…” according to the FBI’s website.

While investigators are experiencing an onslaught of cyber crime, justice does get served, and some of the “bad guys” of online crime are held responsible for their actions. One such accomplishment cited by the FBI was the guilty plea of John Schiefer, a California man who was prosecuted in 2008, in the first case of its kind in the nation, on federal charges related to his use of botnets. And, there have been other similar successes, shown in the compilation of news in the FBI’s Cyber Crime Headline Archives.

A major break came in late 2008, when the FBI, together with its global partners, wrapped up a two-year undercover cybercrime investigation of “Dark Market,” a message forum for online criminals where stolen information, as well as tools to facilitate online fraud, were bought and sold. The operation resulted in nearly 60 arrests worldwide, the prevention of $70 million in potential losses, and the FBI said, the confirmation that “while there might be honor among thieves, in the end, they are still just thieves.”

“It showed that we can get you no matter where you live. We were able to make internal relationships and work cases jointly with law enforcement in other countries. In the future there will be other joint cases in Europe and around the world. You don’t necessarily have to be in the U.S. for us to bring you to justice,” said FBI Special Agent J. Keith Mularski, whose undercover work was central to the sting operation, in an interview with CNET News.[1]

While there are undoubtedly positive steps being taken, cyber crime continues to be pervasive, as well as lucrative for online criminals. Working across borders to track the web of crime rings and finding global solutions to combat scams remains challenging for those trying to bring the perpetrators to justice.

“The bottom line is to make sure there are consequences for criminal cyber actions and similar consequences everywhere,” said Christopher Painter, Deputy Assistant Director of the FBI’s Cyber Division, at the International Conference on Cyber Security. The event was sponsored by the FBI in January 2009 to find global solutions to emerging threats, and brought in cyber experts and law enforcement officials from over 35 countries.[2]

“The bad guys need to know there is no free ride,” Painter said.

Contributed by Erin Earley at Lavasoft

[2] http://www.fbi.gov/page2/jan09/fordham_011409.html

Tags: Blog by Tony Bradley
6 Comments »