Flash Vulnerability

People that have Adobe’s Flash player version 9.0.115.0 or earlier, or 8.0.39.0 or earlier, need to update it now. A new exploit for these versions has been discovered and can allow someone to take control of your computer just from visiting a website that has malicious code.

The new version that you need is 9.0.124.0 and it fixed this new vulnerability.

AIR1.0 is also affected because it includes a Flash player built in. If you use AIR upgrade to version 1.0.1.

Adobe’s security bulletin says that this affects all platforms, so that would include all versions of Windows, Macs, and Linux.

iMunizator

iMunizator is an application for the Mac that claims to scan the computer and report problems.

iMunizator actually searches the computer for important files and tells the user that they are dangerous. It then offers to remove them.After removing them the computer is no longer usable.

In other words, iMunizator is a malicious program. Don’t ever run this program on a Mac.

It’s actually another version of MacSweeper, which we warned you about earlier this year.

Imunizator’s website

RealPlayer 11 Vulnerability

RealPlayer 11 has a vulnerability that can be exploited by viewing a video on the wrong web site. If you have version 11 then upgrade to version 11.0.2.

Malware Statistics

Symantec, a  large security company, have reported that there are now more malware writers than legitimate software writers.

They state that 65% of the 54,609 Windows applications released to the public in the past 6 months were malicious.

Another interesting statistic from this report is the percentage of browser plug-in vulnerabilities:

• 79% ActiveX
• 8% QuickTime
• 5% Java
• 5% Flash
• 2% Windows MediaPlayer

What this means is that by disabling ActiveX from your web browser (Internet Explorer) you can avoid 79% of web browser plug-in attacks. Here’s an article on how to disable ActiveX.

As for the other types of plug-ins, keep them patched and up to date to reduce the risk of infecting your computer.

Here is Symantec’s internet security report.

WordPress 2.5

Last night I upgraded this website to WordPress 2.5. Why? Because it’s important to always use the latest version of software.

The previous version (2.3.3) was doing well, it did everything I needed. But as with any piece of software vulnerabilities are eventually found and exploited. The good people at WordPress release new versions not only to add new features that I may or may not need, they fix vulnerabilities.

Recently a vulnerability was found in WordPress 2.3.3 (the previous version of WordPress). At last count there were 21,800 websites in the world using that version and are vulnerable to hacking. And on the 19th of March 2008 a vulnerability was found in WordPress 2.1.3.

The solution as always is to upgrade to the latest version as soon as it becomes available (you still need to test the upgrade and backup your files before doing any upgrade).

So version 2.5 is more secure. The new features it provides are nice but security should be the first priority. Imagine if this website were hacked and visitors’ PCs became infected just by browsing this site!

Notes:

• WordPress is the software that powers this website. I highly recommend it to anyone wanting to start a new website.
• I’ve been updating the sidebar on the right, apologies if it doesn’t look right.

KeePass

KeePass Password Safe is a Windows application that can store all your logins and passwords. It has a long list of useful features and can even generate random passwords for you.

Some features that make this a good tool:

• Passwords are encrypted, making them impossible to read without the master password
• You can use a new password for every site without forgetting which is which
• You can use complicated (strong) passwords more easily
• You can backup your password list to a file (e.g., onto a USB flash drive that you store safely)
• It’s open source. Everyone’s free to inspect the source code and convince themselves this program is safe and doesn’t do anything malicious with your passwords. This is very important.

Of course you need to have a computer you trust and use often for this program to be of any use to you. Use a good anti virus package and regularly backup the machine.

KeePass’s website is here.

Password Meter

Recently we mentioned Microsoft’s Password Checker. Today we’ve come across a much more sophisticated password testing program, Password Meter.

Password Meter measures a wide range of password metrics and gives them weighted values. It’s quite thorough.

Apart from strong passwords the following tips are useful:

• Ensure nobody watches you type in your password
• Keep your computer safe from key-logging programs. Use a good anti-spyware tool for this
• Change your password often (every 1-2 months)
• Don’t log into important sites on a public computer, such as at an internet cafe. Important sites include online banking sites, eBay, or any sites where money transactions can occur

Password Meter’s site is here.

Fake Anti Spyware

Brave Sentry is a fake anti spyware product that’s been going around a lot lately. It’s also known by these names:

• Brave Sentry
• Spy Sheriff
• Spyware Quake
• SpyFalcon

Once it gets onto your computer it tells you it found a large number of threats. For example, it could say “BraveSentry Scan found 138 threats“. This is false, following its instructions takes you to a site asking for money to remove the spyware.

Here’s a procedure on how to remove Brave Sentry, if you happen to become infected.

And to avoid infection follow these tips:

• Install a good (and well known) anti virus/anti spyware product.
• Avoid using Internet Explorer. Use one of the current alternative browsers such as:

• Firefox
• Opera
• Safari

Always use the latest web browser versions, download updates frequently.

Never ever download or run programs just because an email or a web site asked you to. This includes things like codecs to watch videos (unless you’re quite technical and know what you’re doing).

Avoid warez and porn sites (they’re often infected with malware)

FlashGet Malware

FlashGet is a popular free download manager. The latest version has a problem and someone exploited this problem causing anyone downloading this program to install a trojan on their computer.

Any version starting with the number 1.9 is susceptible to this problem. And if you downloaded it between the 29th of February 2008 and the 14th of March 2008 then it probably installed a trojan on your computer.

This is what FlashGet looks like:

Some useful advice:

• Use a different download manager
• Purchase a good antivirus package and scan your computer

Funny Postcard

If you receive an email taking you to a web site called “FunnyPostCard” delete it, it’s a trick to get you to download a malicious bit of code that takes over your computer.

The website also says www.funnypostcard.com , or FunnyPostCard.Com . The files it asks you to download is called e-card.exe and postcard.exe .

Windows Mobile PocketPC Trojan

There’s a new trojan going around for Windows Mobile PocketPC devices. Once installed on a device it sends some details to the person who wrote it, and it leaves a back door to allow the author to install programs on your device without your permission.

It’s being called WinCE/InfoJack by antivirus companies. It gets installed when you download a legitimate program from a “hacked” site. For example, it’s been detected in Google Maps (a hacked version of Google Maps, not the original one).

To safeguard against these type of malware only download applications from the vendor who created it. In the case of Google Maps, you should download it from Google’s own website and not a more generic download site.

You should also invest in antivirus software for these devices.

Adobe AIR 1.0

Adobe has been making news today for releasing version 1.0 of their AIR framework. AIR is a new way to develop and run programs, it’s a combination of a web page but runs without a web browser.

It has a long list of security features to make programs seem safe. And because of how internet applications work experts agree it won’t be long until this new technology is exploited.

One thing to be careful of is when AIR warns you about “self signed” applications. This means that no reputable company has verified the person who wrote the program. So if you download an AIR application and you get warned about it being self signed, the safe bet is to deny it.

If you’re tempted to play with AIR applications just be conscious of where you’re downloading programs from. They won’t remain safe for long.

Free Online Health Check from F-Secure

F-Secure is a security software company that has been making good products for a long time. They have published a new tool that scans your computer for vulnerabilities and provides a report on what programs you need to update.

The application runs inside Internet Explorer and requires Window XP or Vista. Try it out here, http://support.f-secure.com/enu/home/onlineservices/fshc.shtml

Note that this doesn’t replace anti-virus software. It only checks which programs on your computer are vulnerable to attacks and need to be updated.

Whole Disk Encryption

If you carry a notebook outside of your home or office then Whole Disk Encryption is a technology you should be interested in. It’s also called Full Disk Encryption. First let’s identify the problem.

Most people who carry notebook computers (laptops) keep sensitive files on the machine’s drive. Business documents, business databases, contact lists, emails, chat logs, password lists, etc. The most common situation is someone carrying confidential documents on the computer.

If the notebook is lost or stolen then whoever holds the notebook computer has access to the files. Login passwords aren’t enough to protect the documents, they’re easily recovered by anyone.

A more worrying trend is for international business travellers who carry confidential data on their notebooks. There have been many instances of airport customs staff not only inspecting the notebook for banned items but they’re now looking in the notebook’s hard drive and looking through any documents stored there. Their excuse is that they have to search for anything that’s a threat to national security. Irrespective of why they’re doing this the point is that someone else can gain access to your files at airports. Read this article for an example. And for examples of lost or stolen notebooks see here.

Most large companies are now telling their staff to wipe all documents off notebook computers before travelling. This is excellent advice.

Another solution is to use whole disk encryption. This is a software technology that encodes the entire drive so that it’s unreadable without a password. At present this technology is rarely used on notebooks.

Advantages:

• It’s not possible for someone to extract files from a lost or stolen notebook computer
• You don’t have to remember to turn it on or to prepare anything before you leave home or the office. It’s always enabled

Disadvantages:

• Not all encryption programs are free (read below for some good news on free software)
• It slows down the computer
• You have to enter another password before using the computer
• It doesn’t protect you from malware (trojans etc). You still need a good antivirus system
• You must have a backup of all your data at home or at the office. If something goes wrong with the computer then there’s no way to recover the data without a backup
• Security is only as good as your password. If you use your car number plate or some other easy to guess password then it’s not really secure. You need to use a good password.

So with more disadvantages than advantages you’re probably put off. It depends how valuable your files are. If you’re a lawyer carrying around all your client’s documents then your files are probably quite valuable, and you should be doing everything in your power to stop strangers getting at them.

How does it work?

The technical explanations are beyond the scope of this article. It’s enough to know that it encrypts all of the drive. Older encryption programs encrypt some files only and smart hackers can usually recover all or part of documents. Therefore the “whole disk” part of the encryption program is important. The disk is completely unreadable and unusable without the password.

What whole disk encryption programs are available?

Recently there has been some progress on this and there are now good free versions including ones for Mac notebooks, as well as commercial solutions.

Free Windows Solutions:

There are quite a few solutions, below are the more popular ones available today.

• BitLocker - it comes with Windows Vista Enterprise, Windows Vista Ultimate, and Windows Server 2008
• TrueCrypt - a popular open source solution (see notes below). Available for Windows, Mac and Linux.

Commercial Solutions:

Below are low cost commercial solutions. There are many expensive enterprise level solutions not listed here.

• PGP - This program has been around for a very long time and is trusted by many people and companies. On the 13th Feb 2008 a version was also made for Apple Macs.

Summary

If you take your computer outside of a secure environment (home, office, etc) and you have anything on there you wouldn’t like others to have then whole disk encryption is a must.

As for airport customs and other law enforcement agencies, a lot of countries have laws making it possible for them to demand your password. So while you can keep random strangers from reading your data it’s really up to you how you comply with legal requests to hand over data. At least you have a choice.

Notes:

Open Source: in security it’s often a good thing to make programs or algorithms open source. It enables the programming community or security community to review the code and find any possible bugs as quickly as possible. It’s also a form of full disclosure. With commercial solutions you have to trust a company that they didn’t include a backdoor for whatever reason. With open source solutions everything’s exposed for public review.

Skype Update

Skype has released up update that fixes some issues including (like the one reported earlier). The new version is 3.6.0.248, all Windows users should upgrade to it.

Skype’s announcement is here.

New Vulnerability in Adobe Reader

It’s not news that PDF files can contain viruses. As useful as PDF files are the flaw is with the reader program, called Adobe Reader (previously called Adobe Acrobat Reader).

It’s possible to embed code in PDF files and it’s been shown that this code can download malicious programs from the internet and install them on the computer. At the moment the latest malicious code comes from Netherlands, and as with all things on the internet it can move or spread quickly.

If you have one of the following programs then you’re at risk. According to Adobe’s notice it affects all platforms (Windows, Mac, etc).

• Adobe Reader 8.1.1 and earlier versions
• Adobe Acrobat Professional 8.1.1 and earlier versions
• Adobe Acrobat 3D 8.1.1 and earlier versions
• Adobe Acrobat Standard 8.1.1 and earlier versions

The vulnerability has been fixed in version 8.1.2 so update all your computers to avoid this one. Antivirus software can also protect you if you keep it up to date and use a well established product.

← Previous Page — Next Page →

• About

  Read the latest articles shown on the left, and use the options below to search for past articles. FraudO.com is committed to educating all users on the dangers of the internet and how to avoid them.

• Email Subscription

  Enter your email address:

  Delivered by FeedBurner

• Recently Written

  • False Microsoft Patch Emails
  • ClickJacking Exploit
  • Skype in China
  • Unsecured Wireless Routers
  • Password Recovery Questions
  • Large Hadron Collider Malware
  • Hijacked Baby Hoax
  • Google Chrome
  • iPhone Password Flaw
  • Space Station Gets A Virus

• Categories

  • Admin (7)
  • Antivirus (35)
  • Backups (5)
  • Fraud (45)
  • General (76)
  • hoax (4)
  • Identity Theft (25)
  • Malware (75)
  • News/Media (40)
  • Phishing (1)
  • Privacy (9)
  • Scams (56)
  • Security (89)
  • Software (58)
  • Statistics (14)
  • Uncategorized (2)

• Archived Articles

  Select Month October 2008  (3) September 2008  (5) August 2008  (11) July 2008  (17) June 2008  (8) May 2008  (17) April 2008  (23) March 2008  (22) February 2008  (20) January 2008  (31) December 2007  (17) November 2007  (21) October 2007  (11) September 2007  (5)

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

• Spam Blocked

  3,992 spam comments

  blocked by
  Akismet

• Ads

• Stats