Microsoft Issues Fix It Patch for Internet Explorer Vulnerability

Microsoft has just released what it is calling "Fix It" software that was designed to protect Windows users from a critical hole in Internet Explorer that was being exploited by hackers. While this is all well and good, it isn't the big fix that everybody has been waiting for. Instead, this is merely a temporary fix until Microsoft releases a cumulative update for Internet Explorer.

According to Trustworthy Computer Director for Microsoft Yunsun Wee, the Fix It tool "is an easy, one-click solution that will help protect your computer right away. It will not affect your ability to browse the web, and it does not require a reboot of your computer. This will not only reinforce the issue that the Fix It addressed, but cover other issues as well, including four other critical remote code execution issues."

This isn't some minor hole, however. In fact, the vulnerability is so severe that the German government and security experts have been advising people to avoid using Internet Explorer altogether until the vulnerability is patched entirely, which won't happen until the larger update is released. That update, which has a severity rating of Critical, should come out any day now, meaning users won't have long to wait until they can get back to viewing the internet in peace.

This vulnerability, more specifically, was uncovered within the past week and could very well compromise the PCs of every single Internet Explorer user who visits a malicious site. The flaw itself is being actively exploited to deliver a back-door Trojan known as Poison Ivy. My recommendation is that you download the patch as soon as it is available so as to not risk any critical harm befalling your PC.

Source: CNET - Microsoft issues fix for IE hole; full update coming Friday

Read More

Blackhole Exploit Sucks in Twitter Users

According to the security firm Sophos, who seems to be on top of every single major spam attack that happens on the internet these days, a widespread spam attack that links to malware has weaseled its way onto Twitter. The tweets that are trying to lure unsuspecting users in include things like: "It's you on photo?" or "It's about you?" In addition to that, the tweets and URLs typically include a user's Twitter handle. Many of the links that Sophos has discovered include a .RU domain name.

According to Head of Sophos' U.S. Labs Richard Wang, "The attack itself is very simple, relying on people's natural curiosity about anything they think mentions them. Including the target's Twitter username in the link is an added hook to reel people in." Twitter added through a spokesman's email saying, "We're aware of the issue and we're working to resolve it."

The links in the tweets themselves lead to a Trojan that ultimately redirects users to Russian websites that contain the Blackhole exploit kit, according to Sophos. The Blackhole exploit kit first emerged back in 2010 and is widely used in spam attacks. The version of the kit that is floating around Twitter targets vulnerabilities in Adobe Reader and Shockwave Flash, Sophos discovered.

If you feel that you have been affected by the spamming attacks, or you just want to take precautions against it in general, then you can protect yourself by updating your anti-malware software, patching your operating system and making sure your browser and browser plugins are up-to-date. In addition to that, you could just be smart and not click on anything on Twitter that you don't recognize.

Source: Computer World - Twitter suffers malware spam outbreak

Find out what is going on in the Tech Army World.

What are the Top 10 Money Making Missions?
What other companies have joined and what do they do?
How do I join the Tech Army Organization ?

Read More

Internet Disappearing for Thousands of People in July

The FBI has warned hundreds of thousands of people that they could lose their internet connections in July. That is, of course, if they don't take steps to diagnose and disinfect their computers. The problem that these individuals are facing is related to malware known as DNSChanger, which was first discovered in 2007 and has since infected millions of computers around the world.

Basically, what this malware does is that whenever you type a web address into your browser, your computer contacts DNS servers to discover the numerical IP address of the site you are looking for and then takes you there. The DNSChanger malware messes with an infected computer's settings and directs it to a rogue server set up by an internet crime ring.

According to an Attorney General for the United States in an FBI press release, these criminals "were intentional cyberbandits who hijacked millions of computers at will and rerouted them to Internet Web sites and advertisements of their own choosing -- collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered."

However, the FBI busted up the crime ring last year and took control of the rogue servers. Considering so many infected computers relied on the servers to reach the internet, the agency decided not to shut them off and instead converted them to legitimate DNS servers. However, running these servers is costing the government money, which is why they are being turned off in July. If you are one of the unfortunate ones whose computer got infected, the internet will no longer exist for you.

The DNSChanger Working Group (DCWG) has created a website designed to help you diagnose your computer and see if you are infected and remove the DNSChanger if necessary. I'd recommend checking it out, especially before July 8, or you can say goodbye to Facebook, Google and whatever else you use the internet for.

Source: CNET - Web could vanish for hordes of people in July, FBI warns

Read More

Malware on the Rise

Malware is the thing to look out for these days. McAfee claims that they tracked more than six million different unique malware samples in the first quarter alone. Those numbers make the first quarter the most active quarter for malware issues ever.

In a statement, Vincent Weafer, the senior vice president of McAfee Labs, said, "It's been a busy start to 2011 for cybercriminals."

McAfee went on to say that February was the most active malware month. In February, 2011 there were 2.75 million samples alone. According to the company, in March, 2011 there were also more than 350,000 fake anti-virus software samples, which was the highest level in over a year; however, partially in part to the demise of the Rustock botnet, spam is at the lowest level since 2007.

"Even though this past quarter once again showed that spam has slowed, it doesn't mean that cybercriminals aren't actively pursuing alternate avenues," Weafer continued. "We're seeing a lot of emerging threats, such as Android malware and new botnets attempting to take over where Rustock left off, that will have a significant impact on the activity we see quarter after quarter."

The most popular OS for mobile malware is still Symbian, but McAfee reported that Android is gaining on Symbian and came in at number two. McAfee thinks that Android isn’t number one because Google allows for the side-loading of Android apps. This means that it does not have a main spot where it checks apps for any possible suspicious behavior.

Just this past week, Google had to remove more than two dozen apps from their Android Market due to malware issues. NetQuin, a mobile security firm, also identified more than 20 malware filled Android apps that went to the extent of auto-dialing phones to pile up high user fees.

When dealing with spam, McAfee tracked more than 1.5 trillion messages each and every day, but thankfully that number is less than half of what it was just a year ago.

Government agencies across the globe have been working hard to crack down on cybercrime. In September dozens of international cyber-gangsters who were responsible for the creation and spread of the Zeus botnet were arrested. Also, thanks to Microsoft, FireEye (an anti-malware company), the University of Washington and Pfizer (a pharmaceutical firm) Rustock was taken down in March.

In their statement McAfee warned that the creators of the Zeus bot are hard at work merging the Zeus code with the SpyEye botnet. This would affect banking and online transactions, so it could cause some major issues if it isn’t handled.

"There was a strong uptick in new botnet infections toward the end of Q1, most likely due to the reseeding process, where cybercriminals slow down activity in order to spend time rebuilding botnets," McAfee said. "The botnet takedowns have resulted in an increase in the price of sending spam on the underground marketplace, showing that the laws of supply and demand also apply to cybercrime."

So why are people even falling for these threats? Well, cyber-criminals are very sophisticated these days. They make their scams look legit, so it’s hard to tell that it’s a threat sometimes until it’s too late. It seems that the spam that is promoting an actual product seemed to lure in the most people. IGNORE the e-mails advertising iPads and HDTVs. McAfee also noted a rise in “banker” Trojans. They lure people in talking about things like UPS, FedEx, USPS and the IRS. Unfortunately, on top of that, scammers are also taking advantage of crisis events like the Japan earthquake and tsunamis.

It’s just important to pay attention to what you are opening up or downloading before you do it. If you’re careful and take the necessary precautions, you should most likely be able to avoid any issues.

Rack-Mount Server rentals are ideal if your company needs an extra storage unit for company information while you are testing various types of storage solutions.

Whether you need a short-term rental or a long-term lease, we have the right kind of server for your needs.

Read More

Fake MacDefender Malware Originating from Russian Payment Processor

For about a month there has been a fake MacDefender malware that has been circulating and plaguing Apple computer owners. No one seemed to know where it was coming from, but finally on Friday, May 27 a computer security researcher made the claim that the fake malware could be traced back to an online Russian payment processor called ChronoPay.

"Some of the recent scams that used bogus security alerts in a bid to frighten Mac users into purchasing worthless security software appear to have been the brainchild of ChronoPay, Russia's largest online payment processor and something of a pioneer in the rogue anti-virus business," wrote security researcher Brian Krebs on his KrebsonSecurity blog.

The fake MacDefender and the incredibly similar scareware called MacProtector and MacSecurity tended to attack from points like infected Google Image search results. Once your computer is infected, it is incredibly difficult for Mac users to remove the malware. The issue is that the malware doesn’t have a dock icon and it attaches itself to the launch menu of the computer.

Krebs was able to trace the newest strains of the scareware back to ChronoPay by simply examining the two different domains that the software directs all of its Mac users to go to for a paid software security solution. While investigating, he found out that both mac-defence.com and macbookprotection.com were associated with the e-mail address fc@mail-eye.com. According to leaked ChronoPay documents, this e-mail address is owned by Alexandra Volkova, the company’s financial controller.

According to Krebs, both of the Mac domains listed above have been suspended by Webpoint.com, which is a Czech registrar; however, Krebs said that the fc@mail-eye.com account was used recently to register appledefense.com and appleprodefense.com. Despite this, Mac users have not yet reported being directed to either of these sites via malware like MacDefender.

"ChronoPay has been an unabashed 'leader' in the scareware industry for quite some time," Krebs writes. Just in 2008, it was the core processor of a site called trafficconvertor.biz. This was an “anti-virus” program that was designed to release the first strain of the Conficker worm. It was an incredibly destructive virus that still works to infect millions of computers across the globe.

"In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove MacDefender malware and its known variants," Apple wrote. “The update will also help protect users by providing an explicit warning if they download this malware."

Apple also released a document with detailed instructions for Mac users on ways to eliminate MacDefender from their computers.

Find out what is going on in the Tech Army World.



What are the Top 10 Money Making Missions?

What other companies have joined and what do they do?

How do I join the
Tech Army Organization ?

Read More

Mumba Botnet Has Infected 55,000 Computers

Research from free anti-virus software-maker AVG was released earlier this week and the findings show that over 55,000 computers from all over the world have been infected by the Mumba botnet. The report, which was prepared by the AVG Web Security Research Team, can be found at Blogs.AVG.com.

According to the report, over 60GB of personal data, such as social networking information, banking information, credit card information, and emails, has been stolen from people's personal and business computers. At least 33% of the infected computers are located in the United States, followed by 17% in German, 7% in Spain, 6% in the United Kingdom, and 5% in both Mexico and Canada.

Mumba botnet is a virus that was created by a group of cybercriminals known as the Avalanche Group. The Group is known for creating a mass-production system for phishing sites and other malware. Mumba uses Zeus, one of the most current and common forms of malware.

In a press release, Yuval Ben-Itzhak, the Senior Vice President of AVG said, "The unique infrastructure of the Mumba botnet means that going after the servers hosting the stolen data is now much more difficult than before. As cybercriminals become increasingly sophisticated, it is paramount that consumers and corporations prevent their PCs from becoming the next victim in these dynamic cyber attacks by using anti-virus and LinkScanner tools such as those that AVG offers for free."

Related Story:

1. Malware and Virus Removal

---

Looking for Computer / PC Rental information? Visit the www.rentacomputer.com PC Rental page for your short term business PC needs. Or see this link for a complete line of Personal Computer Rentals.

Read More

McAfee's Predicted Security Threats for 2010

McAfee recently released a report that predicts potential online security threats for 2010. To summarize, the anti-virus and computer security company, which is based out of Santa Clara, California, sees an increase in threats from social networking sites, banking security, and bot nets. In addition, they see increases in attacks targeting users, businesses, and applications. However, the findings weren't all negative. McAfee says they expect an increase in law enforcement and its effectiveness in fighting cybercrime.

As social networking sites, such as Facebook and Twitter, become increasingly popular, they'll most likely become a breeding ground for cyber attacks. On top of the increased number, the attacks will be more sophisticated. Facebook users are particularly vulnerable due to the number of third party applications used. Games and other applications are popular and most people will trust an invitation from their friends without using caution. But that invitation could easily be malware or something else designed to harm your computer. There's really no way to protect yourself other than avoiding the third party apps such as quizzes and games.

URL shorteners such as bit.ly and tinyurl.com are also expected to become a target of cybercrime. These tie-in to social networking because most people use them to post links to their profiles. The websites shorten a normal URL into a smaller one that will fit in almost any space and is especially popular on Twitter, where you only have 140 characters to gets your message across. One major problem with these smaller URLs is that they can't be previewed, so clicking on one at random could lead you to somewhere you don't want to be. This makes it a very easy target for crooks.

Due to the popularity of Microsoft products, cyber criminals have been taking advantage of them for years. However, as programs such as Adobe Reader and Flash become more popular, McAfee expects they will become a bigger target, taking over the top "honor" from Microsoft. In 2009, Adobe Reader saw an increase of problems due to security holes, leading the company to take a more proactive approach to patching up problems.

Email attachments have always been a problem when it comes to spreading malware and that threat is expected to continue and even get bigger. The company expects an increase in specific targets when it comes to email, and those include journalists, corporations, and individual users who could easily be convinced to download an attachment that is hiding a Trojan or other bit of malware.

Other projected problems include banking Trojans. Normally used to get your financial information, McAfee expects them to become so advanced that they will start interrupting transactions and even withdrawing money from your accounts. 2009 already saw an increase in banking cybercrime, with many Trojans making their way past strong bank security. Botnets are also expected to be a threat. McAfee calls them a "leading infrastructure for cybercriminals" and says they are "used for actions from spamming to identity theft." While they are harder to track down due to their ability to move from computer to computer without a central base of operation, there has been some recent success in shutting them down.

Despite all the many threats, McAfee does project an increase in law enforcement's ability to track down cybercriminals. Even so, there are steps you should take to protect yourself. Purchasing security software and keeping it updated is very important and something everyone should do. Keeping your PC up-to-date with Microsoft patches that protect your operating system, office suite, and browser is also important. You should also be sure that you are aware of all the latest threats and realize what's at risk. Exercise caution when opening files or downloading applications.

---

Looking for Computer / PC Rental information? Visit the www.rentacomputer.com PC Rental page for your short term business PC needs. Or see this link for a complete line of Personal Computer Rentals.

Read More