Free Internet Content Filter

February 24, 2012 at 7:41 am

There are so many internet content filters out there that it is hard to decide which one to use.
Programs like:

  • Net Nanny
  • McAfee Safe Eyes
  • McAfee Family Protection
  • PureSight PC
  • CYBERsitter
  • CyberPatrol
  • etc….

These programs all have two (2) things in common. They are all software based, and they cost money.
Well, there is an alternative that is free.
It’s called OpenDNS.
 

You are probably wondering, what is DNS?

If you have a computer, and are on high speed internet (ADSL or Cable), then you’re most likely familiar with the term IP Address. Every computer, regardless of where it is in the world (as long as it has a connection to a network, beit the internet or a Local Area Network) has an IP Address. The role of an IP Address is to allow communication between that computer and other devices.

DNS provides the ability to assign an alias (if you will) to a certain IP address. For example, the IP Address for www.intel.com is 192.198.164.158. It would really be a pain if every site we wanted to visit required us to enter the IP Address of that site into the browser. This is where DNS comes in.

DNS stands for Domain Name System. It resolves the names we type into an internet browser (such as Internet Explorer or Firefox) into IP Addresses. So when we type http://www.intel.com in the address bar of firefox, the DNS Server resolves that domain name to the IP Addresss 192.198.164.158, and sends us there.

Getting back to OpenDNS. OpenDNS is an internet filter that resides on the internet before it gets to your computer.
 
With traditonal parental filters, the software resides on the clients machine(s) and filters the content locally. This takes up precious system resources that could be used for other applicatons.

With OpenDNS, the filtering is done in cyberspace before it gets to your network. This way, you don’t need to buy multiple licenses of parental software for all your computers. All that is required is one free account with OpenDNS, some changes made to the address of the DNS Server, and voila, you are protected.

For more information, please go to OpenDNS.



Identity Fraud hits 11.6 million

February 23, 2012 at 11:35 pm

2011 was a banner year for many, including cybercriminals. 2011 saw an Identity Fraud increase of 13% over 2010, bringing the victim count to 11.6 million for that year. Although the victim count climbed, the dollar amount remained steady. According the Javelin Strategy and Research, the dollar amount stolen remained steady, but the out-of-pocket expenses for remediation decreased by 44% (since 2004). This is likely due to improved prevention and detection tools being in place, and more efficient fraud detection algorithms being used.

The study found four (4) overall fraud trends.

  • Identity fraud incidents increased, whereas the amount stolen remained steady
  • Social Behaviors put consumers at risk
  • Smartphone users experiencing greater incidence of fraud
  • Data Breaches increasing and more damaging

 
 

Social Behaviors put consumers at risk

Javelin looked at the socail media and mobile phone behaviors and indentified a higher incidences of fraud with respect to LinkedIn, Google+, Twitter, and Facebook. Although it fair to say that there was no proof of direct causation between the increase of fraud and these sites in particular. It was also found that despite warnings that social networks are a great resource for fraudsters, consumers still share significant amount of personal information on these sites.
 
 

Smartphone users experiencing greater incidence of fraud

It was found that 7% of smartphone users were victims of identity fraud, which is 33% higher than the general public. Part of this increase may be attributable to consumer behaviors.

  • 32% of smartphone users do not update their operating system when updates are made available.
  • 62% do not use passwords on their home screen, therby allowing anyone to access their information if the phone is lost
  • 32% save login information on their screen

 
 

Data Breaches increasing and more damaging

One likely factor to the fraud increase was the 67% increase in the number of americans inpacted by the data breaches in 2010. Javelin research found that consumers were 9.5 times more likely to be a victim of fraud over those individuals who did not receive a “data breach” letter. Javelin also found that 15% of americans (about 36 million people) were notified of a data breach in 2011. Countering this rise is the successful effort to combat identity theft coupled with greater awareness of the issue.

According to James Van Dyke, president and founder of Javelin Strategy and Research, “Consumers must be vigilant and in control of their personal data as they adopt new mobile and social technologies in order to not make it easier for fraudsters to perpetrate crimes. Our survey found data breaches are increasingly putting consumers at risk. Consumers and organizations should always carefully and actively monitor accounts, but they should pay particular attention after an incident.”



New trojan utilizes stealth techniques

February 23, 2012 at 9:25 pm

Trojans have been around a while and for the most part, removal has been pretty straight forward. That is until now!
A new dropper Trojan was recently detected by BitDefender Researchers. It uses a new technique in order to hide from AntiVirus software.

Unlike other trojans that simply add themselves to the startup list, this particular infection utilizes the windows library file comres.dll (commonly used by browsers. communication and networking applications). The trojan copies, then renames the original file, alters the copied file and positions it in place of the original. Thereby, whenever the file is called by Windows, the trojan come to life.

This backdoor trojan dropper allows cybercriminals to add/delete users, change passwords, add/remove privileges, and run executables with elevated privileges.

Takeaway: Make sure that both Windows and your AntiVirus software are completed patched.



Symantec admits to hack

January 24, 2012 at 6:16 am

Symantec finally announced that the apparent source code leakage claimed to be perpetrated in the possible compromise of their networks by a 3rd party entity, was in fact due to a 2006 breach of their systems.



Chrome secures top spot

December 19, 2011 at 7:36 am

A new study recently released by Accuvant has raised the bar for Microsoft and Firefox. Google’s chrome has recently been awarded the top prize. Internet Explorer beat out firefox when it came to protecting systems which had already been partially compromised, but Chrome kicked them both to the curb.

 

The results were acheived by analyzed the security features of the 3 most popular browsers. However, they chose not to employ the usual metrics, but rather assumed that hackers had already gained access to the machine via an exploited vulnerability. In essence, they wanted to see what techniques the browsers employed to mimimize potential damage.

Even though all three (3) browsers used Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and Stack Cookies (GS), it was found that Firefox did not utilize any of the following:

  • Sandboxing (the separation of running programs)
  • Plug in Security
  • Just-in-Time Hardening (preventing javascript located on Websites from compiling code that can run on a target system). However, URL Blacklisting only works in a small percentage of cases.

“As with antivirus, the question is not whether the pattern-based detection will fail, but when and how,” pointed out the researchers. “As such, blacklisting services should be considered a part of the overall browser defense model, rather than the only perimeter an attacker must traverse.”

The conclusions shown above are the result of a study performed by the security company on behalf of Google. Many people might dismiss these findings based on that info alone, however Accuvant is a respected firm that is unlikely to sully its reputation by letting the results be affected by the fact that Google asked for the analysis.

You can view the 102-page report by going to issued by Accuvant.



Trojan exploits Windows zero-day vulnerability

November 3, 2011 at 8:56 pm

A new trojan has hit the market looking for victims. It is known as the Duqu trojan, and was identifed by the same hungarian firm that first discovered the original “zero-day” threat.

The installer is presented to the victim as a WORD Document, which exploits the Windows “zero-Day” vulnerability and installs the Duqu binaries.

Symantec has provided a visual flowchart of the infection process (below).

Symantec also warns that this installer might not be the only one used. Add to this that the vulnerability isn’t scheduled to be patched in the coming week, and things could get a little bit hairy.

According to Symantec, the shell code of the infectious program that was tested was designed to install the binaries during an eight day period in August 2011. However, it’s a possibility that other installers may be in circulation that have more current install periods.

“Once Duqu is able to get a foothold in an organization through the zero-day exploit, the attackers can command it to spread to other computers,” explains Symantec. On a couple of infected networks, it was found that the Duqu infection did not require an infected computer to have an internet connection in order to be able to communicate with the Command Server. The Duqu trojan instead utilized the existing internal network of the compromised organization to establish a bridge between the infected computers, and the Command Server. So as long as the infected computers were connected to a internet ready system via the internal network, they could communicate with the Command Server.

The thing you want to take away from this is, that unless you are 100% certain that your email is coming from a trusted source, do not open any attachments.



Notification contains more than the package

October 28, 2011 at 7:30 am

Well, here we go again. We have all seen the FALSE Purolator, UPS, and mail carrier email notifications claiming that there is a shipment awaiting pick up.

As it turns out, DHL is no exception.

Spammers have started sending out emails purportedly by DHL. By spoofing the sender info, the recipient is fooled into believing the email titled DHL Express Notification for shipment for 26 Oct 2011 is legitimate.

However, when the attachment is unzipped, it reveals an executable file, which is a Zbot Trojan variant.
DHL-Delivery-Notification-Message-102611.exe

This variant is relatively new to the MalWare arena, and as such is currently only detected by a handful of AntiVirus solutions.

Best advice. Keep an eye out for this nasty email, and delete it immediately!

Traditionally, these emails tend to change slightly as they get into circulation. Therefore, keep an eye on the date associated with the email body. It might change as the emails make their way around cyberspace.



Testimonial5

October 25, 2011 at 6:59 am

“TSG Computer Services has been invaluable in providing service to the systems we provide. Our broad network of devices is highly reliant on a team of local contractors which we have in place. TSG Computer Services has been, and continues to be one of our top contractors. They consistently demonstrate exceptional knowledge and expertise regardless of the job at hand. They assume full responsibility of the task locally from hire until completion, and their turn-around time continues to exceed expectations.”
- Tom Prucha, VP Operations, Intercam Systems Inc.



New RBC (Royal Bank) phishing e-mail

October 21, 2011 at 10:46 pm

This alert was just released. Researchers at AV Labs just identified one of the latest phishing attempts being sent to email recipients. It preys on clients of the Royal Bank of Canada (RBC) or RBC Royal Bank.

RBC phishing email

“This email from “RBC Online” masquerades as an alert notification message regarding a security update. Upon reading the message body, however, it asks the recipient to validate their account with the bank. Like most unsophisticated phishing attempts, this is a bit of an odd one, too, since validating an account has nothing to do with “security updates” or a “scheduled system maintenance”. Composition-wise, it doesn’t make sense, and it seems that the phishers behind this scam merely used terms and phrases that could get recipients to potentially click their link.”, says Jovi Umawing.

To make things more believable, after the submit button is pressed the victim is sent to a Thank You page in an effort to build the trust factor.

Tips:
Always question everything you get when it comes to email. If you are ever in doubt as to the emails origin, check the Company’s website. However, don’t use the link that was provided in the email, use google instead. Also, check the URL of the site you are directed to. This is best way to tell upfront if you are being fooled.



Another Mac Trojan?

October 20, 2011 at 10:43 pm

Well, long gone are the days of Mac being the untouchable operating system. In the past few months, there has been a rise in the number of Viruses directed at the Mac platform, and this one is no exception.

A variant of the Flashback Trojan for Mac OS X has developed the ability to disrupt XProtect’s auto-update functionality. XProtect is the operating system’s built-in anti-malware application.

The Trojan shuts down the XProtectUpdater daemon, and overwrites both the XProtect Updater and it’s binary path. This essentially prevents the application from receiving updates.

It looks like it’s time for Mac to start strengthening it’s sheild.



Certified computer repair services One call away

Find out how TSG Computer Services can help you minimize downtime, increase security and maximize profits. You can learn about our computer repairs and IT consulting services, our computer support specialists, or you can contact us now.

contact us
Facebook Twitter Linkedin RSS YouTube

 FREE NETWORK SECURITY TIPS

We respect your email privacy


CompTIA AVG