Thursday, March-09-2006
We have "Legal Beagles" and "Legal Eagles" to which we can now add "Legal Bagles."
No not the kind that's rather tasty sliced and toasted (that's bagel) but a new variant of the Internet worm that just won't die. Or at least go away.
Round about last Friday (March 3, 2006) a new variant of the bagle worm was being captured by security labs and seen by potential victims that threatens legal action against the recipient.
Some of the common subject lines are:
Pay your debts before we come to you
Call to your lawer immidiately
Lawsuit against you
We wait your response
As usual the bad grammar
Sunday, March-05-2006
As reported by several European news sources in early February 2006 a gang of
Russian and Ukrainian hackers have been arrested for the alleged theft of over €1m
(1 million Euros - approximately 1.22 million USD) from French bank accounts.
The electronic thefts occurred by infecting the victims' computers with a key logging
program embedded in emails and malicious web sites. The key logging software
was particularly stealthy in that it remained essentially inactive until a victim
used their computer to contact their bank online. At that time it would record
login and password information and send that via the Internet to a site to be
retrieved by
Monday, February-27-2006
While not exactly available on the shelves of the local big-box wholesale store
aspiring computer criminals can now buy custom built trojan code online. Quoting
the article from the Panda website:
02/24/06.- PandaLabs uncovers a complex malware creation system designed to spy and steal personal data
After Panda ActiveScan detected a malicious code designed to spy on infected computers and capture data, a complex espionage system has been uncovered. This system sells made-to-measure Trojans to hackers for US $990.
The article continues and points out the specifics of the malicious program:
PandaLabs has detected a new Trojan called Trj/Briz.A, whose main
aim is to steal personal user
Tuesday, January-24-2006
Same Goals - Different Methods
With all the main stream news surrounding these recent additions to the language
of the Internet online users are increasingly familiar with the term phishing but
perhaps less so with it's close cousin pharming. Either way the essential thing to understand is all these scams, regardless of name, have a common theme.
They are attempts by electronic criminals to gain financially at your expense.
Electronic criminals in their phishing attempts have generally targeted large, well known institutions such as eBay, PayPal, Bank of America, and Washington Mutual. In response many such operations have implemented programs to combat the rising tide
Monday, January-09-2006
Jan 06, 2006 - Microsoft WMF (Windows Meta File) Vulnerability patch released by Microsoft. We strongly recommend all readers using any version of Microsoft windows take action to protect yourself.
If you have your machine(s) set to automatically do the critical updates you should be covered.
If you don't have the automatic updates feature enabled then:
If you have been maintaining your Windows updates on a regular basis the easiest solution is to go to the Windows Update web site and run the "Express" update option. The Windows Update web site link can be accessed either in the main menu using "Start"
Saturday, January-07-2006
In our IT consulting practice over the past 3-4 years we've encountered a lot of machines infected with spyware and other malicious software (often shortened to malware). In the course of fixing these situations we have fielded a thousand questions regarding the topic. We understand the confusion as to what's what, how do these annoying programs get there in the first place and what can be done to protect yourself.
Welcome to the PC Security Savvy Series: Thirteen Steps to Winning. Over the next thirteen articles we'll cover a specific topic along with tips and tricks to protect yourself in winning
Saturday, January-07-2006
Jan. 07, 2006 - Saturday 10:33PM : As an IT Consultant to the SMB (Small to Medium Business) sector and other organizations of similar size I'm acutely aware of the challenges these organizations face particularly in the area of IT Security. My clients range in size from the 1 person / two computer start up business to the 100+ year old companies of over 50 employees with a corresponding number of notebook and desktop computers, one to several servers and a range of other IT gadgets from routers to printers and PDAs. On the surface this would seem a
