Precautions with Bluetooth Connections

Written by Saran on July 13, 2010

Among the features that most mobile phones have today is that of features that include the Bluetooth and Infrared connectivity as a means of wireless connections. While such advancements has made it easier for people to transfer files such as images and sounds from one phone to another, it also becomes a loophole to allow viruses to infect the operating system of mobile phones today.

Cabir Bluetooth Precaution

Worms such as Cabir, have become the onslaught of rampant mobile phone intrusions, something that uses the Bluetooth connectivity as a means of infecting mobile phones of today. Once they get through, malfunctions and error messages are sure to ensue, making it a need for the software systems of mobile phones of today to be either formatted or disinfected with available anti-virus and worm removers such as Panda Software.

Inconvenient as it may seem, it is advisable for mobile phone owners to refrain from activating their Bluetooth connections to avoid such infections and untoward intrusions at any time.

Tags: , , , ,

Categories: IT Security Basics, Malware, Operating Systems, Real-World Issues, Spyware, Tips, Wireless Security

Comments Off

April 13: Security Patch Day

Written by Saran on April 11, 2010

Mark your calendars, IT security enthusiasts. April 13, 2010, Tuesday, is the day when Microsoft is releasing patches for Microsoft Windows and Microsoft Office. It is a big day, and it actually has been dubbed as Microsoft’s Patch Tuesday. More than Microsoft, however, Adobe is also planning to release patches of its own. The patches are for Adobe Acrobat and Adobe Reader. All in all, there will be 27 issues to be addressed by the patches.

Do we have any details about the patches? People can wait for a couple more days, of course, but for those of you who are hungry for information – as I am sure you are – you’re lucky enough to have someone like Amol Sarwate. He’s the manager of the Vulnerability Research Lab of Qualys. He says:

“There are 11 security bulletins that affect a range of Windows operating system components as well as Microsoft Office and Microsoft Exchange. This is a fairly large update and will keep system administrators busy on Patch Tuesday. Out of the 11 security bulletins, five are rated Critical and affect components in Windows 2000, XP, Vista, 2003, 2008 and Windows 7. If left un-patched, an attacker could execute code or programs on the victim’s machine and therefore all are categorized as remote code execution.”

Both companies are releasing the patches through their automatic update features. If you’re the safe kind, your auto updates are probably enabled. If you have experienced extreme slowdown because of these updates before and you’ve disabled them, then better turn them on before Patch Tuesday. You wouldn’t want to miss this.

Tags: , ,

Categories: News, Operating Systems

Leave a Comment

Windows 7 Hit By Zero-Day Exploit

Written by Saran on November 13, 2009

windows_7_previewWindows 7 fans were rejoicing when Microsoft released a patch on Tuesday because their system was not affected in any way by the six security issues. The rejoicing was short-lived, however, as news has been released that there IS a bug that can crash a Windows 7 system. The bug has been named Zero-Day Exploit and was discovered by Laurent Gaffie.

PC World provides further details:

The issue is in the SMB (Server Message Block) protocol that forms the backbone of Windows file sharing. When triggered, the flaw results in an infinite loop which renders the computer useless.

Tyler Reguly, Lead Security Research Engineer with nCircle, explains “Exploitation of this vulnerability occurs when a user attempts to browse to Windows Share hosted on the malicious server. On Windows 7, the DoS (denial of service) will occur as soon as you type ‘\\\’ in the search box. ” The vulnerability actually impacts both Windows 7 and Windows Server 2008 R2.

While the threat is very much real, experts say that the chances of the bug being exploited are quite low:

There are currently a couple different proof-of-concept exploits circulating, but there are no reported attacks in the wild at this point. Because the flaw only enables an attacker to crash the system, and doesn’t provide any unauthorized remote access that could lead to compromising information or performing other malicious activities, the odds of the exploit being actively used by attackers is fairly slim.

So what are Windows 7 users supposed to do now? Currently, Microsoft has not yet released a patch to deal with the threat. I suppose the only sensible thing to do is to be more careful with regard to visiting web sites, especially if you are unsure of its legitimacy.

Photo courtesy of Megaleecher

Tags: , , ,

Categories: Operating Systems

Leave a Comment

Scan Storage Devices before Enabling

Written by Saran on October 27, 2009

Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.

Scanning Protocol

For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.

Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.

[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]

Tags: , , , , ,

Categories: Backups, IT Security Basics, Malware, Network Security, Operating Systems, Programming, Real-World Issues, Security Policies, Spyware, Storage, Tips, Wireless Security

Comments Off

46 Security Flaws Fixed By iPhone 3.0

Written by Saran on June 23, 2009

iphone-appsYup, 46! That is one heck of a lot of security flaws, don’t you think? Considering that the iPhone is being used by a lot of people to go online, it seems quite irresponsible of Apple to release a product that has so many flaws. Still, that has not stopped people from buying the iPhone. Indeed, the major reason people do not get one is the price and not the existence of security flaws. In any case, the recent iPhone 3.0 update has fixed those flaws.

Of the 46, six of the security flaws involve CoreGraphics. Without the update, if a user views a maliciously coded image, the application he is using may terminate suddenly. Alternatively, it can lead to arbitrary code execution. What that can lead to, who knows? Another flaw involves opening and viewing PDF files. Apple provides the same result: either application termination or arbitrary code execution.

There is also a flaw with regard to the mail client. Without the update, remote images in HTML messages are automatically fetched and loaded. There is no option to turn off this feature. With the update, this potential security flaw has been fixed.

Meanwhile, Safari can now be totally wiped clean – history of visited web pages and searches together – by accessing the option in the Setting menu. Previously, only the history of web sites was removed, and the searches remained. Now, iPhone users can rest easy knowing that they’ve left no traces behind.

Of course, there are other features to the updates, many of them not solely related to security.

Categories: E-mail, News, Operating Systems, Privacy & Anonymity, Web browsers

Leave a Comment

Mac OS X Has Java Security Flaw

Written by Saran on May 20, 2009

mac_os_xOne reason that some people prefer to use Macs over PCs is the fact that the former is considered to be far more superior to the latter when it comes to security. However, that does not mean that Macs are not totally immune to security issues. As a matter of fact, security experts recently warned Mac OS X users of a security flaw that involves Java.

CNET tells us all about it:

Macintosh security consulting firm SecureMac.com on Tuesday issued a critical warning for what it says is an unpatched Java security vulnerability in Apple’s Mac OS X.

According to the man credited with discovering it, Landon Fuller, the Java flaw even affects the latest version of Mac OS X, 10.5.7, released just a week ago. Fuller has gone so far as to release a proof of concept for the security hole.

The vulnerability could be used to perform what SecureMac refers to as “drive-by-downloads,” or the ability to infect a computer by simply visiting a Web page. Fuller explains that the flaw allows malicious code to run commands with the permissions of the current user.

While the fact that a security flaw is certainly acceptable, the fact that it has remain unpatched to date is hard to understand. It is even more perplexing as the flaw had been discovered before the latest update to the OS was released. Is Apple not aware of the flaw (I seriously doubt it) or are they not seeing it as a serious threat?

Categories: News, Operating Systems

Leave a Comment

What’s Up With Conficker?

Written by Saran on April 5, 2009

microsoft_logoIf you remember, everyone was up in arms about April 1. This was supposed to be the day that the third version of the Conficker worm was to be released. It’s been several days since April Fools and it seems that nothing big happened. (Knock on wood.)

So what’s up with the Conficker worm? Is it’s reign over? Can we sit back and relax now? According to PC World, no one really knows. They just published a story on it yesterday and here is what they have to say:

But nobody knows for sure what Conficker can accomplish. However, at the time of this writing no Conficker-related catastrophes have surfaced and some think the threat never will. So as attention shifts away from Conficker, it’s important to know where we stand against the world’s most famous piece of malware.

While nothing has happened in the last week, we should not forget that the other 2 versions of the worm is still out there. And if your computer is not protected, you are still a sitting duck.

One thing that I recently learned, you can still access the security patch for the worm even if your operating system is not the real deal (READ: pirated). Data shows that the highest densities of Conficker infections are in areas which have pirated software. And while no one condoning the use of illegal software, “pirates” can still download the security patch directly from Microsoft. So while we don’t know what’s going on with Conficker, we should still be careful.

Categories: Malware, News, Operating Systems

Leave a Comment

The Price for Downloading Cracked Software

Written by Saran on November 20, 2008

Whether you are downloading a trialware or files from Bittorrent, the chances of cracking or using the full version has severely dwindled in the past months. For one, other than possibly downloading infected software with Trojans and malware, unlocking these supposed protection software has taken a bad hit by the advanced efforts of private software companies to crack down on piracy.

Take for example Kaspersky Internet Security 2009 which has cracked the whip on licenses by blocking them once you start updating the software. While you can install and crack them, they are rendered useless in the end since once you hit that update option, your key is automatically blocked. Worst, malware and Trojans start coming in (a scenario which I don’t understand if it was made on purpose by the vendor in sending malware) infecting the systems folder where Windows is installed.

Before you know it, dozens of files in the form of dll’s start showing and mind you, they are dangerous. So if that was the case, it makes you think if you were better off not using an anti-virus software at all.

But such is the price to pay for trying to pull a fast one. Everyone loves free things and free software is surely to be an eye-catcher. But if the return is tons of viruses and malicious programs that can wreck your computer, you better think twice before downloading them again.

Tags: , , , , ,

Categories: Operating Systems, Spyware

1 Comment

Would you Download an Anti-Virus Freeware for Purchase?

Written by Saran on November 11, 2008

Getting hold of an anti-virus software these days is not as hard as before. Normally, you had to the nearest computer shop and ask around which best anti-virus software can keep your protected and then install it once you buy it outright. Through the years, software companies have allowed anyone to download their software, try it and then eventually be given the option to buy it. Some are even lucky enough when geniuses develop certain key generators to which they can crack the trialware into the full version. But all that seems checked now.

To date, there are still an abundant number of sites like forums that house such cracks and codes. Some of them work but not as plenty as before. Software companies have religiously sought to skim them one by one, blacklisting said codes to which makes freeloaders scratch their heads and continue to get a working key just to avoid a couple of dollars. Sadly, that is not as rampant as before.

If you think about it, this may only be the tip of the iceberg. Software companies may soon follow the cue of Microsoft in blacking out their screens if they are using pirated versions. If Microsoft can do it, then why not companies like McAfee or Norton? They are not small time companies and for sure, they have the funds to make it work like Bill Gates did.

Cheaters cannot complain and so do pirated users. So if that happens, it will all be due to the nature of being a cheapskate that did these people in.

Tags: , , ,

Categories: IT Security Basics, Operating Systems, Spyware, Tips

Leave a Comment

Viruses Preying on Removable Storage Devices

Written by Saran on October 29, 2008

The growth in the use of removable storage devices has been evident in the past years and while they mainly just carry files made up of audio, video or simple documents and worksheets, they are vulnerable to virus attacks. How do they get them? Well for one, you never know if the original location of the file you were working on was virus free. This is assuming that you are transporting the file from one PC to another.

Also, you can never be too sure that once you plug on the usual USB drive from one computer to another, viruses may sneak past you. They may be equipped with anti-virus software but somehow you have to be amazed at how they breach the computer guards and make their way on USB drives.

So what is a person to do? Well for one, stick to the old practice of scanning a removable storage device first before you open any file on it. It may take a long time to finish, especially if the device is large in terms of capacity but nothing beats waiting than making sure you are protected.

Further, people fascinated with these miniature storage devices could care less if their files are infected. Sometimes it is not the file but the operating system that these storage devices contain. But make sure about it that while they have operating systems of their own, they do not have virus protection. Just be cautious, since that is the best you can do for now.

Source

Tags: , ,

Categories: Malware, Operating Systems, Spyware, Storage

Leave a Comment