December 2012 Patch Tuesday and News

Uncategorized
Microsoft The December Microsoft updates include 5 listed as Critical and 2 listed as Important.  Three of the 5 Critical updates address problems in MS Windows, 2 affecting Windows Server products (primarily, Exchange) and one of those two affects Windows Server and Office.  All 5 of the critical vulnerabilities can allow remote code execution and one of of the Important vulnerabilities can allow remote code execution.  The remaining Important update can allow security feature bypass.  Multiple reboots are required for these updates.  Additional details are available from Microsoft here. Adobe As of this post, I am not aware of any new Adobe vulnerabilities for December (the last that I'm aware of were mid / late November).  Additional details are available from Adobe here. Java Ok, Java.  If you don't need it, remove it.  If…
Read More

Cyber Tech Cafe is now recommending ESET / NOD32 for both Commercial AND Residential users (over Microsoft Security Essentials for both)

Uncategorized
The virus market is in a constant state of flux as the folks writing the viruses improve their products and the companies combating the viruses react to the improvements.  This dynamic state has made recommending a single antivirus product challenging at times and, along the way, we've changed our recommendations to meet the current challenges.  In the past, we have recommended AVG (for those keeping score, that was pre Ewido AVG), we've recommended ClamAv (we still recommend ClamAV for Linux, btw) and more recently have been quite fond of Microsoft Security Essentials as our 'first tier' products and have recommended ESET / NOD32 as our second tier product.  Recently though, we have seen growing trend in computers protected by Microsoft Security Essentials and often fully patched and updated becoming infected…
Read More

Bring on the holidays, but be aware of the risks and how to avoid them!

Uncategorized
We're less than 1 week away from Black Friday, said to be the busiest shopping day of the year for brick-and-mortar shops and right at a week away from Black Monday, the cyber equivalent of Black Friday for online shopping.  These are exciting times for many folks but, for cyber criminals (I don't like to use the term hacker in a derogatory context, hackers aren't bad, cyber criminals are), it's quite literally hunting season.  We're already seeing news about new crimeware toolkits and phishing scams that the bad guys have at the ready (and already deployed) and we're going to try very hard to get the word out everywhere that we can to keep our customers aware and hopefully safe. To get things started, I got an article today about…
Read More

November 2012 Patch Tuesday

Uncategorized
We are still seeing a large number of computers that are compromised due to outdated versions of Java (some still running Java 6) and Adobe products (Flash Player and Reader).  Your computer should be your next-to-last line of defense (the user at the console is the last line of defense) and needs to be properly secured against known threats.  The best way to do this is to make sure that you've got the latest software updates, especially the Microsoft, Adobe and Java updates.  Below is a brief list of the updates for November with links to their home sites with more information. Microsoft On the Microsoft side, the November Patch Tuesday will include 6 bulletins, 4 listed as critical, one listed as important and 1 listed as moderate. All of the…
Read More

APOLOGY – Our news server went crazy, lots of emails sent

Uncategorized
Everyone,      Just wanted to touch base to let everyone know what was going on.  We get our news via feeds from a number of 'geek news' type websites.  When we see news that we need to pass along to you, we try to post it as quick as we can to get the information out there.  We were experimenting with a tool that would post the news directly to our news site but things got a little sideways.  We were able to pull the plug pretty quick but, before we did, there were several emails that had already made it out.  We have addressed the issue (and won't do that again) but I wanted to reach out and apologize for the deluge of SPAM.
Read More

Potentially massive hole in Adobe Acrobat that pierces the (previously solid) sandbox.

Uncategorized
Details are sparse at this point but the linked article has a video demonstrating the vulnerability being exploited.  According to the article, this vulnerability a) affects even fully up-to-date installations of Adobe Acrobat b) with Protected Mode on and c) with Javascript disabled.  Additional details are sure to come but, for now, be extremely cautious with PDF files. http://arstechnica.com/security/2012/11/zero-day-attack-reportedly-pierces-key-adobe-reader-defense
Read More

Microsoft and Adobe update / patch cycles in sync? Maybe.

Uncategorized
According to this article at ZDNet, it looks like Microsoft and Adobe may be in the process of syncing up their patch release cycles (in reality, this looks more like Microsoft is going to continue business as usual and Adobe is going to begin releasing regular updates in concert with the Microsoft monthly updates).  This would be significant because many Microsoft users are already 'conditioned' to look for updates on the second Tuesday of each month (Patch Tuesday).  Adobe is, by most counts, the number 2 target for viruses and malicious software and it's high rate of compromise can be directly attributed to users just not installing updates (how many of you still have Adobe Reader 10, or Adobe Reader 9 or earlier?).   We see a considerable spike in…
Read More

Kaspersky names java top attack target

Uncategorized
Two questions that I suspect that we'll be fielding on this are a) why is that important and b) why should you care.  I'll try to quickly address both here but don't hesitate to let me know if I've missed anything. Why is that important?  Simply put, you've probably got Java installed and, unless you've updated it in the past 5 minutes (ok, that's an exaggeration, but you get the point), you're likely vulnerable to at least one of the many attacks out there.   Why should I care?  Again, simply put, Java is one of the biggest (currently ranked by Kaspersky as THE biggest) vulnerability being exploited by cyber criminals to install malware.   Now, the question that you likely didn't ask is what you need to do about it.…
Read More

What do viruses do on my computer, anyway? Why is it so important for me to install updates? Why are these two things related?

Uncategorized
This is a follow-up to my earlier article 'How do people make money off of Viruses' and is from an Internet Storm Center diary entry describing very simply what viruses do.  Basically, the author has noticed some questionable traffic on his network that the antivirus completely missed and, after some investigating, found that the virus on the computer was transmitting data to a server in the Ukraine every time the computer visited a website (think bank, gmail, etc.).  Further investigation confirmed that the virus was installed after the user visited a newspaper website that happened to have a poisoned ad displayed on it (starting to sound familiar?).  It's a very quick read and good insight into why it is so incredibly important to keep your computer up-to-date.   Article - http://isc.sans.edu/diary.html?storyid=14428
Read More