12Oct 2012 by nathan

Followup and analysis on the Skype Work reported on 9 October

Uncategorized
Back on 9 October, I reported on a worm that was spreading (primarily) via Skype.  Today, I found a good write-up on the worm, how it spread and a very important component to it's success (user action required).  The story is available here and was carried by Packet Storm Security (lends a lot of credibility).  I'll spare you all of the details (available in the article) but some important things to take from it are: It was spreading via Skype initially but later was found to also be using the Instant Messenger networks.  Skype quickly acknowledged the problem and released a statement on their website. It was spreading via a link, requiring that users click on the link.  Even though the link a) was to a valid URL shortening service (Google) and was…
Read More
09Oct 2012 by nathan

New virus targeting Skype users

Uncategorized
There is a new worm making the rounds that is specifically targeting Skype users.  There are details in the linked article but the short story is that Skype users are receiving phishing emails asking  "is this your new profile pic?".  If you click on the link, the virus code is launched.  Skype has advised that they are looking into ways to mitigate the problem and have advised all users to upgrade to the latest version and make certain that their computers are up to date.  If you are a Skype user, beware.   Article
Read More
09Oct 2012 by nathan

Update to Adobe Flash Player patches vulnerability that can cause a system crash and / or allow an attacker access to a vulnerable system

Uncategorized
On 8 October, Adobe released an update to address a vulnerability in it's Adobe Flash Player that can enable an attacker to crash or compromise vulnerable systems.  The vulnerability affects Flash Player on Windows, Mac, Linux and Android.  All users are encouraged to update.  From the Adobe article: Adobe has released security updates for Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.238 and earlier for versions for Linux, Adobe Flash Player 11.1.115.17 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.16 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system http://www.adobe.com/support/security/bulletins/apsb12-22.html
Read More
07Oct 2012 by nathan

Why you shouldn’t use the ‘firewall’ that your ISP gives you? More than 4.5 million DSL modems attacked and breached, resulting in viruses and stolen information.

Uncategorized
Just this week (or was it last week?) I was asked again by a client why he needed to purchase a firewall when his ISP was going to give him one for free.  This can sometimes be a difficult thing to explain to someone trying to get the most bang for their IT buck and their ISP is telling them that they're getting a 'firewall' for free (while their IT guy is trying to sell them one) but the fact is, you need one.  There are several reasons (most are noted on the US CERT website) but the one that we're going to focus on here is the easy one, they aren't secure.  The device that you get from your ISP is a device that they can / will 'manage' for you.  They…
Read More
07Oct 2012 by nathan

October 2012 Patch Tuesday

Uncategorized
October will see seven bulletins from Microsoft, one addressing a vulnerability listed as critical in Microsoft Office and Windows Server, nothing (yet) from Adobe since APSA12-01 and Java will have it's 'regular' update, currently scheduled for 16 October (it's been eerily quiet from the Oracle camp lately).  There are a few other noteworthy items this month that I will covering in additional articles.   Microsoft Microsoft released 7 bulletins this moth including 1 critical and 7 listed as important.  The critical bulletin addresses a vulnerability in Microsoft Office and Windows Server.  The vulnerability in Office seems to be being downplayed a bit, noting that it 'only really affects Word 2003, Word 2007 and Word 2010'.  The downside though is that it can allow remote code execution and I really don't know that many folks…
Read More
05Oct 2012 by nathan

New virus, undetected by many antivirus products

Uncategorized
In the past 2 days, we have noted a number of 'questionable' files that weren't flagged as being a virus or malware but exhibited behavior that led us to believe that they were.  We submitted samples to ESET and received the response below this morning.  I suspect that the signatures will make it's way into most major antivirus products by days end but, until that time, you may be left unprotected.  We have been able to get these files through gateway security devices, email malware scanners and local antivirus scanners, even running explicit scans on the files.  They files have been delivered via email as Airline tickets (claiming that we purchased them) and UPS and USPS tracking information.  If you receive any such notifications, please confirm that the reported sender…
Read More
05Oct 2012 by nathan

Did someone that you know just lose their computer guy? Be a hero and recommend Cyber Tech Cafe :)

Uncategorized
In the past 3 days, we've had a number of folks tell us that they or someone that they know is 'losing their computer guy' and wanted to know what we did and if we may be able to take over.  I wanted to take a moment to confirm that we are accepting new clients and give some quick details about what we do / can do:   - Residential computer support - Customers can drop computers by our shop on Main Street in Cartersville for repair or we can come on site.  We can take care of anything from hardware repair and upgrades, software installation or just basic tune-ups (which are $35 and typical turn around is 2 to 3 day)   - Business computer and network support -…
Read More
04Oct 2012 by nathan

October is National Cyber Security Awareness Month

Uncategorized
October is National Cyber Security Awareness Month.   Ok, before you get the glazed over eyes, bear with me a minute here.  This is going to be another of those 'you should do your updates' posts, but my hope is that it's also a reminder of the seriousness of [a lack of] security on your personal computer.  One thing that we hear over and over is something like 'Oh, I don't do my banking online, so I'm not too worried about it'.  The truth is though, attackers rarely want the $12.00US that you've managed to amass in your checking account (or the $13.00US that you've been able to scrape togeher in savings), they want to use  your computer to rip other folks off, or to host child porn, or to…
Read More
27Sep 2012 by nathan

New vulnerability in Java could impact 1 billion computers

Uncategorized
According to this article, Security Explorations has identified a new vulnerability (they are calling it a zero day but, as I understand it, it's just a proof of concept at this point) in the latest version of Java.  There's ample detail in the linked story but I wanted to touch base on just two key points: What does this mean for me?  Basically, if you have Java installed on your computer, even the latest version, an attacker can create a program that, when you run it, will give the attacker the ability to control your computer with the same rights and permissions that you have.  If you are a limited user, the attacker will be able to operate as a limited user.  If you are an administrator on your computer (or…
Read More
26Sep 2012 by nathan

Forging new relationships

Uncategorized
Our focus on relationships is a key to our company's success Customer Relationships Vendor Relationships New Relationships Customer Relationships We understand and appreciate that there are a lot of options for technology support and work hard to be a resource for our clients, not just a computer or network support company. Approach any new opportunity as a long term engagement rather than short term project Vendor Relationships Extensive list of vendors from previous experience Long standing relationships with existing account managers Ability to 'pick' proven vendors from a wide range of choices based on field experience with the products and / or services and long standing relationships with account managers.  Ability to leverage these relationships to bring enterprise class products, services and pricing to small business and even residential clients. New Relationships…
Read More