The computer and software security thread

Technology, computers, internet, websites, mobiles, cameras, audio and video.
SPONSORS: Hua Hin Web Design
Post Reply
User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

The computer and software security thread

Post by buksida » Fri Dec 16, 2011 9:21 am

Thought I'd start off a new thread on general computer and software security since the number of threats is increasing at an alarming rate. We can use it to post updates on latest viral/malware threats and to ask for assistance with these types of problems.

Hotmail hacked
To kick it off I'll start with the Hotmail virus that has been going around, several accounts have been hacked and are automatically sending emails to everyone in the address book with a link stating "Click here to read this message" - I've had 5-6 of them from people with Hotmail accounts. DO NOT click the link even if it is from someone you know, it will infect your machine with the same malware and manipulate your Hotmail account to spread itself. Bottom line with this one is to avoid using Hotmail completely if you want safe and secure email.

Mobile malware
Android has also been under attack recently from malware originating in Russia called 'RuFraud' which disguises itself as a genuine app. Once installed it will start sending premium rate SMS messages costing you baht. Be careful what you download from the app stores and try to avoid using third party app stores, Google has started to remove these fraudulent apps but more will be on the way - mobile malware has doubled in the last 6 months.

As always stay vigilant with email attachments and general web downloads - only open what you know is 100% safe, it is not worth the risk.
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

User avatar
splitlid
Guru
Guru
Posts: 994
Joined: Fri Jun 09, 2006 9:01 am

Re: The computer and software security thread

Post by splitlid » Fri Dec 16, 2011 9:31 am

the hotmail one i have had and recieved from many people.
apart from sending annoying emails to your friends and foes, what does it actually do to your comp.
"All the otters don't understand me"
"We might make you bother"

User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

Re: The computer and software security thread

Post by buksida » Fri Dec 16, 2011 10:49 am

Probably installs hidden malware that will sit in the background and use your machine and bandwidth to do nasty things to other networks. They're commonly called botnets and they use malware spread through insecure email platforms and attachments to control vast numbers of computers.
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

User avatar
hhfarang
Hero
Hero
Posts: 10828
Joined: Fri Mar 12, 2004 1:27 am
Location: North Carolina

Re: The computer and software security thread

Post by hhfarang » Fri Dec 16, 2011 10:53 am

I got a similar email in two yahoo accounts from my sister in law who uses a mail account in a system called ymail. I recognized it as a fake and deleted it without opening the attachment. She sent out an apology email as people started complaining to her. Evidently the attachment contained very explicit sexual content (probably among other nasties). She is a born again Christian southern Baptist. Imagine how embarrassing this was to her... :laugh:
My brain is like an Internet browser; 12 tabs are open and 5 of them are not responding, there's a GIF playing in an endless loop,... and where is that annoying music coming from?

deepee
Professional
Professional
Posts: 457
Joined: Tue Aug 29, 2006 9:06 pm
Location: here and there

Re: The computer and software security thread

Post by deepee » Fri Dec 16, 2011 11:18 am

Thanks for this Buksida. There's a couple of emails on the office computer with the " click " message, won't be opening those I think. Have a feeling that this is going to be a popular thread.
The means may be likened to a seed ,the end to a tree;
And there is just the same inviolable connection between the means and the end
as there is between the seed and the tree.
............. Mohandas Karamchand GANDHI

User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

Re: The computer and software security thread

Post by buksida » Wed Dec 28, 2011 12:34 pm

This Hotmail virus is spreading like wildfire, I had 4 more this morning - thankfully Thunderbird automatically kills them.

DO NOT click the link even if it is from someone you know.

If you do and your Hotmail account is compromised make sure you change all of your passwords immediately.

I've said it before and I'll say it again - avoid Hotmail for anything secure such as business or banking.
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

User avatar
margaretcarnes
Rock Star
Rock Star
Posts: 4200
Joined: Wed Jan 02, 2008 8:28 am
Location: The Rhubarb Triangle

Re: The computer and software security thread

Post by margaretcarnes » Wed Dec 28, 2011 1:07 pm

As Buksi knows I've just encountered this problem as well. Unfortunately at the moment it is proving impossible to access programmes in order to change passwords as advised - or even to download the Windows free malware. Can't even clear enough disk space to do stuff.
So the question is - can this virus infect other PC systems?
A sprout is for life - not just for Christmas.

User avatar
margaretcarnes
Rock Star
Rock Star
Posts: 4200
Joined: Wed Jan 02, 2008 8:28 am
Location: The Rhubarb Triangle

Re: The computer and software security thread

Post by margaretcarnes » Fri Dec 30, 2011 9:17 am

A PS to last post - my apologies for posting similar on Digital Surgery as well - so to avoid further confusion and to update. Windows has now automatically blocked my account (although I had already changed the password as advised - but couldn't sign out) and I've submitted info to verify it is my account. Now have to wait up to 24 hours for re-activation.
This process is supposed to clear the problem, according to Windows.
Buksi - you have explained spybot and cross infections to other systems. Do you know if the Windows action I'm going through now will avoid this? Or will it just solve my own Hotmail issues.

I mentioned on the Surgery thread that there is a temp folder on the C drive which won't delete - and wonder if that could be a folder installed by the virus....
A sprout is for life - not just for Christmas.

User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

Re: The computer and software security thread

Post by buksida » Fri Dec 30, 2011 12:29 pm

margaretcarnes wrote: Do you know if the Windows action I'm going through now will avoid this? Or will it just solve my own Hotmail issues.
The MS action will clean your Hotmail account, if you've been clicking dodgy links your computer may well have malware on it so follow the instructions in this post to clean it: viewtopic.php?f=15&t=3099&start=1072

I would also advise (again) to change email providers and stop using Hotmail.
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

Re: The computer and software security thread

Post by buksida » Thu Feb 16, 2012 8:31 am

Microsoft rolled out its Patch Tuesday fix this week which plugged 21 vulnerabilities in its software. Six were classified as critical, 14 as important and one as moderate, the patches addressed security flaws in Windows, Office, Internet Explorer and Silverlight.

IE was again at the top of the patch list, four of the bug fixes targeted holes that could allow "drive by" attacks which means a user only needs to visit a malicious website to become compromised, no downloading or opening of files is required. There were also serious fixes applied to Windows Media Player as it can become infected if a user clicks on a spurious media link offering video or music similar to the one that has plagued thousands of Hotmail accounts recently.

Advice: Don't use IE or WMP!

Adobe has also been patching this week as more flaws have been discovered in its Shockwave Player for PC and Mac.

Additionally Mozilla mended Firefox by updating it to version 10.0.1 to patch several memory related security flaws in the most recent version of the browser which was released on January 31.

Earlier this month Apple released a slew of security updates to fix 52 issues with Mac OS X Lion and Snow Leopard and then had to re-patch a few days later after reports of the first update causing system crashes.

Security experts claim that third party software is driving the growth in vulnerabilities; last year 78% of them were found in third party programs compared to 12% in operating systems and 10% in Microsoft applications.

Apple data harvesting
Its not just Google that are at it, according to researchers Apple and third party apps have been stealing personal data from iPhones and iPads using a piece of software called Path. More details: http://arstechnica.com/apple/news/2012/ ... curity.ars
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

User avatar
buksida
Moderator
Moderator
Posts: 15566
Joined: Tue Dec 31, 2002 12:25 pm
Location: south of sanity
Contact:

Re: The computer and software security thread

Post by buksida » Mon Feb 20, 2012 10:50 am

A lot of people, especially Hotmail users, seem to have problems with email security. This article offers advice and explains a few things in a generally non-techie way:
http://www.bangkokpost.com/tech/gadget/ ... il-hacking
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Get out there: On The Road Asia

bapak
Ace
Ace
Posts: 1105
Joined: Wed Jun 18, 2003 1:51 pm
Location: Hua Hin and Sydney

WordPress Security Breach

Post by bapak » Thu Jun 07, 2012 10:45 am

For WordPress users, there has been a breach of security on some users' sites.. Here is a FREE comprehensive WordPress Security Checklist.

http://www.wpsecuritychecklist.com/?utm ... dium=email

Petrus
Amateur
Amateur
Posts: 42
Joined: Mon Nov 21, 2011 11:35 am

Re: The computer and software security thread

Post by Petrus » Fri Jun 08, 2012 7:31 am

Hi, could you please recommend a protection solution for my I.MAC running MAC OS-X.

I have been using SOPHOS free antivirus without any problems so far, but I think it doesn't include anti-malware.

My I.MAC seems a bit slower lately and acting funny at times so I thought I would step up protection.

Thanks for your advice!

Cheers,
Petrus

User avatar
PeteC
Moderator
Moderator
Posts: 20359
Joined: Tue Mar 23, 2004 7:58 am
Location: All Blacks training camp

Re: The computer and software security thread

Post by PeteC » Fri Jun 08, 2012 7:56 am

Try MacKeeper, but it's not free. Pete :cheers:

http://mackeeper.zeobit.com/
Governments are instituted among Men, deriving their just powers from the consent of the governed. Source

Petrus
Amateur
Amateur
Posts: 42
Joined: Mon Nov 21, 2011 11:35 am

Re: The computer and software security thread

Post by Petrus » Fri Jun 08, 2012 12:43 pm

Yes I thought about MacKeeper about a year ago when their ads started popping all over the net. They must have a big marketing budget as I can still see them on top of almost every web page I open, including HHAD.
However when I searched for users feedback all I found was very very negative... even on their own web site all the comments were from customers asking refunds and their sales people saying they will eventually fix all the glitches...
So I passed and am still looking for another solution.
Sophos is free, it hasnt caught anything over the last year I ve been using it, so not sure if because i am such safe user or because it s just not doing anything at all... who knows... guess i should worry less :cheers:

Post Reply

Who is online

Users browsing this forum: No registered users and 12 guests