Tuesday, March-31-2009
With the Conflicker worm having become the latest of the Internet scares being propagated by the main stream news media we thought it essential to cover this topic a bit. The Conflicker worm is programmed so that infected machines attempt to update themeselves periodically with the next known update being for April 1, 2009. That doesn't mean the world will end!
First thing to consider is that Conflicker, like most of the malware (malicious software) released to the Internet in the past 5-6 years, is *not* likely to do any real, irreversible damage to your computer systems. It's essential to understand
Saturday, May-03-2008
We've all heard of Internet related crime. It almost sounds like there's a bad-dude or two hiding under your mouse pad. Not quite but have you considered that they just might have a program or two on your computer doing their dirty work?
Eugene Kaspersky, founder and CEO of Kaspersky Lab, gives an insider's view to the Internet Cybercrime Ecosystem and the quick and dirty on the how's and why's.
Read this and you might come away with a whole new outlook on Internet security. Either way it's and interesting insight into the world of professional computer crime and it's effects
Tuesday, March-25-2008
Security vulnerabilities recently discovered in the Java software found on most Windows computers requires an update.
The update is easily done in a minute or two and given the severity of the security issues is highly advisable.
Video instructions here: Java Update Video and step-by-step instructions below.
Go to "Start" and select either "Control Panel" OR "Settings" -> "Control Panel" depending upon which start menu view you are using.
Once in the Control Panel screen look for an item marked "Java" with this icon and double-click it to open the Java console.
On the top row tabs will be a choice marked "Update". Click
Wednesday, June-07-2006
If you've been on the Internet more than a month or two, you've likely by now received an email similar to the one below. The emails almost always predict some dire consequences and horrible fate to those who fail to comply immediately. Be advised - the dire consequences and horrible fate only await those who do reply to such emails.
The email shown here is what is known as "a phish" or "phishing attack." While this one in particular is an attack on those having a PayPal account, phishing attacks have been conducted on virtually all well known financial institutions including
Monday, May-22-2006
Enterprise Security Threats Turning More Sinister, Says Burton Group
The enterprise security threat environment for 2006 and 2007 includes a marked increase in sinister security threats -- targeted, intentional criminal attacks originating from outside the enterprise, and collusion between criminals and inside contacts -- according to Daniel Blum, senior vice president and research director at Burton Group. Blum's research shows that with global deterrents from law enforcement being weak, criminals are organizing into an underground economy of specialists. Near-term results include increases in the volume and scale of criminal attacks on companies and consumers.
Saturday, March-11-2006
Warning regarding phishing scam from the PA Lottery web site.
PENNSYLVANIA LOTTERY WARNS PLAYERS TO BE WARY OF A SCAM USING LOTTERY LOGOS
MIDDLETOWN, Pa. - Recently, a number of consumers have received an e-mail titled "CONGRATULATION! CONGRATULATION!! CONGRATULATION!!!," which fraudulently uses Pennsylvania Lottery logos. These e-mails, as well as other similar e-mails touting a lottery prize, are a scam according to the Pennsylvania Lottery's Security Office.
The current fraud using the Pennsylvania Lottery name and logos is an attempt to access personal information, such as Social Security numbers or bank account information.
The Pennsylvania Lottery does not notify winners via e-mail or
Thursday, March-09-2006
We have "Legal Beagles" and "Legal Eagles" to which we can now add "Legal Bagles."
No not the kind that's rather tasty sliced and toasted (that's bagel) but a new variant of the Internet worm that just won't die. Or at least go away.
Round about last Friday (March 3, 2006) a new variant of the bagle worm was being captured by security labs and seen by potential victims that threatens legal action against the recipient.
Some of the common subject lines are:
Pay your debts before we come to you
Call to your lawer immidiately
Lawsuit against you
We wait your response
As usual the bad grammar
Sunday, March-05-2006
As reported by several European news sources in early February 2006 a gang of
Russian and Ukrainian hackers have been arrested for the alleged theft of over €1m
(1 million Euros - approximately 1.22 million USD) from French bank accounts.
The electronic thefts occurred by infecting the victims' computers with a key logging
program embedded in emails and malicious web sites. The key logging software
was particularly stealthy in that it remained essentially inactive until a victim
used their computer to contact their bank online. At that time it would record
login and password information and send that via the Internet to a site to be
retrieved by
Monday, February-27-2006
While not exactly available on the shelves of the local big-box wholesale store
aspiring computer criminals can now buy custom built trojan code online. Quoting
the article from the Panda website:
02/24/06.- PandaLabs uncovers a complex malware creation system designed to spy and steal personal data
After Panda ActiveScan detected a malicious code designed to spy on infected computers and capture data, a complex espionage system has been uncovered. This system sells made-to-measure Trojans to hackers for US $990.
The article continues and points out the specifics of the malicious program:
PandaLabs has detected a new Trojan called Trj/Briz.A, whose main
aim is to steal personal user
Tuesday, January-24-2006
Same Goals - Different Methods
With all the main stream news surrounding these recent additions to the language
of the Internet online users are increasingly familiar with the term phishing but
perhaps less so with it's close cousin pharming. Either way the essential thing to understand is all these scams, regardless of name, have a common theme.
They are attempts by electronic criminals to gain financially at your expense.
Electronic criminals in their phishing attempts have generally targeted large, well known institutions such as eBay, PayPal, Bank of America, and Washington Mutual. In response many such operations have implemented programs to combat the rising tide
« Previous Entries
