Busy Signal Service Targets Cyberheist Victims

Merry day after Christmas. Hope you all had, or are having, a wonderful time with family and friends.
The following article is very interesting and just goes to show you what lengths the cyber crimminals are going to in order to steal your stuff.

To summarize the article up in just a few sentences, Cyber criminals are using a service to flood your cell phone and or land line with so many incoming junk calls that the number is unable to receive legitimate calls.  The service is marketed as a diversionary tactic to assist e-thieves in robbing commercial customers of banks that routinely call customers to verify large financial transfers. So while you are getting flooded with calls your accounts are being drained.

I hope you find this article as interesting as I did. Have a happy rest of the year and I'll be talking to you soon.

http://krebsonsecurity.com/2011/12/busy-signal-service-targets-cyberheist-victims/

Read More

Becareful when you reach for the Clouds.

Hello and welcome to another addition of the Kesar Tech Blog.
Today I would like to talk to you about Cloud storage.
I have tried it and don't really care for it.
Here are some concerns I have with it:

Security of stored data and data in transit may be a concern when storing sensitive data at a cloud storage provider. I other words, is it a secure network.

Your ability to access your data is lower than local storage depending on how much you are  willing to spend for WAN (Wide Area Network) bandwidth

Reliability and availability depends on wide area network availability and on the level of precautions taken by the service provider.

Users with specific records-keeping requirements, such as public agencies that must retain electronic records according to statute, may encounter complications with using cloud computing and storage.

My opinion, is that Cloud storage may be good for business, but I would not recommend it for personal use. If you are looking for personal storage ideas, please refer to my February 17, 2010 post:
http://kesartech.blogspot.com/2010/02/data-back-up.html
I do refer to online storage in this post which is now Cloud storage, but this was purely to give example of all the different types of storage options available.
Below you will find an article that better explains the benefits and downfalls of cloud storage

Have a safe and blessed Christmas season.

http://www.cio.com/article/696527/Moving_to_the_Cloud_in_2012_Look_Out_for_These_Pitfalls

Read More

Beware of Christmas scams

Scammers absolutely love the holiday season. There are likely to be more online scam victims during those busy shopping and travelling December days than at any other time during the year. As such, we compiled a list of Christmas scams you should beware of.


Facebook contest and coupon scams
There are more than 800 million active Facebook users interconnected in a worldwide social network that is at the heart of their online lives and digital identities. And that’s exactly why Facebook has been and can still easily be used by identity thieves to obtain your personal or financial information. So always be careful on Facebook.

Beware of Facebook scams which could take the form of fake contests, irresistible offers or coupons requiring you to hand out your personal information on untrustworthy websites.

And always use common sense.

Scareware, rogueware and fake antiviruses
Scareware, rogueware and fake antiviruses are definitely not new scam tactics, but they should still be treated very seriously. Be careful of web pages or antiviruses you’ve never heard of that are warning you of infections found on your computer. And be extra suspicious if you’re asked to pay to have those infections removed.

Infected screensavers, ringtones and e-cards
People love to download screensavers, ringtones and to send out e-cards during the holidays. But before jumping head first into the Christmas spirit, make sure you have an updated antivirus software that will protect you from infected screensavers, ringtones, e-cards and all of your other holiday downloads.

Christmas phishing scams
The busy shopping and travelling December days are breeding grounds for phishing scams. Be very careful of fake UPS package delivery emails, fake hotel wrong transaction emails or phony banking emails. If strange emails are asking you to enter your personal information (username, password, date of birth, etc.) on illegitimate sites, then run far, far away. Learn how to spot phishing scams.

Discounted hot item scams

Every holiday season there is one hot item that’s really hard to get. If you’re trying to find it online and found a deal that’s too good to be true, then it’s likely to be too good to be true. Very often, hot items on scam sites are advertised with huge discounts, but are never actually delivered. So stay on trustworthy websites that have very good reputations and standings with consumer watch groups.

Read More

Facebook worm poses as two blonde women

Yet another attack on Facebook.

If you're a Facebook user be on your guard against the latest worm reportedly spreading on the system.
First identified by Danish security researchers at CSIS, the worm appears to have been spread via malicious links on the social networking site.
The danger, of course, is that one of your Facebook friends may have had their account compromised (maybe they were sloppy with their password security, or gave access to a rogue application) and you might be tempted into clicking on a link seemingly posted by them.
Although the links pretend to point to an image, the truth is that a malicious screensaver is lurking behind an icon of two blonde women:

When the code is run it attempts to download futher malware hosted on a compromised Israeli website.
At the time of writing, the malware is not present on the Israeli website (all that remains is a message seemingly from the hackers), but it is very possible that they are using additional websites to spread their malware attack.

Sophos products detect the malware as the Troj/Dloadr-DKK Trojan horse. If your PC becomes infected it is possible that you also have other malware on your computer, some of which may attempt to steal your banking information or compromise your PC in other ways.
Make sure that you keep informed about the latest malware attacks, scams and other threats on Facebook. Join the Sophos page on Facebook, where over 150,000 people regularly share information on threats and discuss the latest security news.

Here is a link to the full story:
http://nakedsecurity.sophos.com/2011/11/29/facebook-worm-two-blonde-women/

Read More

The 10 best smartphones of the season

For those of you looking for the latest and greatest smartphones this Christmas, here is a link to the 10 best.

 http://www.msnbc.msn.com/id/45421401/ns/technology_and_science-tech_and_gadgets/

Read More

Facebook scam threatens to delete your account.

Here is a link to the latest attack on Facebook and your security.

http://technolog.msnbc.msn.com/_news/2011/11/23/8980543-facebook-scam-threatens-to-delete-your-account

It appears that the perpetrators of this phishing scheme threaten to delete users' Facebook accounts unless they hand over various account details within 24 hours.

Hope you find this article useful and as always: Safe computing.

Read More

How do you get infected with malware?

The answer to the above question is: Social engineering!

Several people have asked me this very question, so to you guys, here is your answer.
For the rest of you, here is some information to keep you safe from malware.

"As the malware landscape evolves, it's helpful to understand how malware gets onto your machine. Knowing the bad guys' strategies gives you the edge while on-line and puts you in a stronger position to defend your data and PC against compromising threats.

We all know that we should install anti-malware software, keep it up to date and run regular scans, apply Windows and application security patches when they become available, use a firewall... well, I won't bore you - you know what to do. But what kind of attacks can we expect and where are they coming from?

It's good to have defences in place to keep your PC secure in the event of an attempted malware infection but having advance warning of the enemy's tactics can help you avoid getting into tricky situations in the first place.

The most common way malware gets onto your system is via the biggest security risk on any computer system - between the chair and the keyboard. According to Microsoft's recently published Security Intelligence Report, almost 45% of infections stem from the malware writer using various social engineering tactics to persuade the user to take some kind of action that results in the user running a malicious file, thereby infecting their own machine.

This means that the malware writer doesn't have to spend time thinking of complex and ingenious ways to infiltrate your machine – they just have to present you with a credible reason to install and run their program.

Compare this idea to a street crime: imagine if someone said they were conducting a survey called “Are Modern Wallets Too Heavy?” and asked to check how much your wallet weighs. Instead of seeing it for the risk that it is, you give them your wallet, PIN number and for good measure, your mobile phone, then punch yourself in the face and hail a taxi for them to make a getaway.

That's a pretty extreme illustration but the point is that you would recognise this as a potential threat and walk away. Most people are unlikely to intentionally install malware on their machine, but if the malware employs a social engineering technique to make it appear credible, you could find yourself in trouble.

A common technique is to prey upon user's fear. People can be easily persuaded if you frighten them. The media frequently reports on cyber-crime and as we mentioned before, we're all aware of the need for an anti-malware program. Bad guys have taken full advantage of this and unleashed hundreds of legitimate looking security applications, that scan your machine then present you with a lot of scary, non-existent infections then try to trick you into buying the software to remove the infection. The best way to avoid this is to use a reputable anti-malware application like Malwarebytes.

Another common tactic is to lure the user into installing an application that will allow them to watch a video, but predictably that application turns out to be malware. Big surprise, no? To a lot of people, it is.

If you are in doubt about an application you have downloaded, you can scan it with Malwarebytes but a cool trick is to upload the file to Virus Total which will give you information about which anti-malware companies detect the file. If you see a lot of hits, it's more than likely malware and you should delete it.

For more information, check the United States Computer Emergency Readiness Team (US-CERT) guide for avoiding social engineering attacks."

Information from Lavasoft News.

Read More

Smartphone embedded in fake arm.

Check out the attached link. At first I thought this was some kind of joke until I read the article.
I know some people that can't live without their smartphones, but this is a little crazy.
I understand why he did it, but now if someone steals his phone, they get his arm too.

http://www.telegraph.co.uk/technology/news/8848476/Man-gets-smartphone-dock-built-into-prosthetic-arm.html

Read More

Microsoft Defeats Autorun Malware

Good Day and welcome to another exciting installment of the Kesar Tech blog.
Hopefully this post can live up to the intro it just received.
Well, here we go:
It seems that toward the end of 2010, the rate of infection due to malware spread via Autorun was skyrocketing. So instead of burying their heads in the sand and  letting someone else fix it, Microsoft released an update in February that disabled most Autorun functions on Windows PCs. Seven months later, the results are in - Current reports show a significant drop in reported cases. - malware authors looking to slip your PC a virus via an infected flash drive had better look some where else.

For those of you wondering what Autorun is and how is it different from Autoplay, read the following link:
http://www.online-tech-tips.com/computer-tips/autorun-vs-autoplay/

I could try to explain it to you, but I think the previous link does a much better job.
Thank you for your time and support. See you next time.

Read More

Flash Player Update Fixes Critical Flaws.

Hello again.
In my continued searching to stay up to date on the latest in all things pc, I came across the following article.
This article talks about Adobe releasing a patch to fix flaws in the flash player.


http://krebsonsecurity.com/2011/09/flash-player-update-fixes-critical-flaws/

Read More

Juice Jacking.

Good Morning, Afternoon, Evening or whenever you are reading this. I was checking some of my sources and came across this article about "juice jacking" smartphones. I thought it was pretty interesting and I thought I would pass it along to all you smartphone users.
Hope it's helpful.

http://krebsonsecurity.com/2011/08/beware-of-juice-jacking/

Remember, check out my new website at : www.kesartech.webs.com.
Any suggestions you have to improve it are appreciated.

Read More

New Website.

Hello again.
I am writing to let you know that I am in the process of developing a new website, so stop on by and give me your feedback.
It's not quite done yet, but maybe your input can help me finish it off.
Here is the new address: www.kesartech.webs.com
Let me know what you think.
As always, keep your questions and suggestions coming.

Read More

Facebook kills 'Places' check-in feature.

Hello and welcome back to the Kesar Tech blog.
In what I feel is a great security move by Facebook, they have canceled their Places check-in feature.
For more information on this move, read the following article.

http://technolog.msnbc.msn.com/_news/2011/08/25/7472945-facebook-kills-places-check-in-feature?GT1=43001.

Read More

Weak Password Management: A Dream Come True for Cyber-Thieves

Hello again. The following is an article sent to me by a friend. I felt everyone could benefit from this info, so here it is:

With so many criminals eager to break into your online accounts to steal your money and your identity, it's critical to create and use strong and long-length passwords to keep them all out.


But the average person probably has scores of passwords to remember and manage – and unfortunately most respond to this challenge by adopting very simple, easy-to-break passwords.


Today's Executive Bulletin is especially important if you have an elderly parent who uses the Internet. Many individuals who are less net-savvy tend to use easy-to-break passwords for all of their online activities, involving bank accounts, retirement accounts, and other critical items.


Password Management Must Become a Personal Goal


Let's face it – without adopting an effective personal password management system, there are just too many user names and passwords to memorize. After Sony's security breach early this year, security professionals were able to analyze the exposed passwords and discovered 92% of passwords were re-used across more than one Sony platform. (Implying most do not create unique passwords to protect their various accounts. Sound familiar?)


This is disturbing, because once a thief breaches one account, all other accounts can fall like dominoes. Creating and using long and secure passwords is vital to your privacy and security.


Below are savvy strategies that can help take the burden out of creating and memorizing passwords. These approaches can make the whole process of "password management" much more convenient, fast, and more secure than what you may be doing now. Before diving into them, let's review how to create secure passwords in the first place because in order to get the most out of either of these strategies, you will need to create... strong and secure passwords for them.


Best Practices for Creating Secure Passwords

• Make your password much longer! Hint: aim for at 15+ characters in length. Pad it!

• Include each of the four character types in the password: symbols, uppercase letters, numbers, and lowercase letters; in that order of preference. In other words, most people use only lowercase letters and do not use symbols – go against the herd.

• Turn easy-to-remember phrases into passwords, then add in and flip around the four characters... then, pad it and make it longer.

• Do NOT use easy to guess passwords or passwords that can be found in any dictionary (including foreign language dictionaries). It's worth mentioning, don't use any personal information as a password either – birth date, child's name, address, etc.

• Do NOT use the same password, or similar passwords, for all your accounts (bank, broker, online credit card portal, Facebook, Amazon, or hotmail)! If one account gets compromised you don't want to create a domino effect.

• Do NOT use your top-secret, extra-secure passwords (banking or insurance, for instance), with less secure accounts like webmail or free membership sites.

Two Convenient, Fast, and Secure Password Management Tips


1. Truecrypt.org and Wuala.com:Truecrypt is a free, open-source solution you can download and use to encrypt any and all local files on your computer. Here's what you do:

• First, you create a password file. It could be a simple document with a list that contains the account name, user name, and password. For instance, Facebook: username, password; Gmail: username, password; and so on.

• When you need to login to an account, open your encrypted password list and retrieve the appropriate login and password credentials.

• You can keep a back up of your password list on your jump drive or upload the encrypted list to a cloud storage account such as Wuala.com.

• Wuala adds a bit more convenience because it allows you to automatically sync your stored data onto different devices. And it lets you access your password file from virtually any Internet connection in the world.

• In addition, Wuala enables you to encrypt, back up, and store any file (not just your password list) to the cloud and access it via the Internet.

2. LastPass.com was founded specifically to address secure password management concerns. Their free option is extremely robust. All the steps mentioned above – using Truecrypt to encrypt your password list and storing it on local hardware (such as a USB jump drive) or in the cloud – are rolled into one seamless package with LastPass, with a few extras included. Here are some highlights:


One Click Login – Once you load your accounts, usernames, and passwords into LastPass, all you need to do in the future is click one button and LastPass automatically logs you into the account you want (banking, webmail, Twitter, etc.). No need to type!


Generate Secure Passwords – You can ask the program to generate secure passwords for you. You don't have to spend any time "inventing" new passwords. Just choose the parameters you want the program to use to generate new password ideas such as: lower case letters, upper case letters, numbers, and special characters. Then accept or decline the passwords the program generates.


Screen Keyboard – Protect yourself from malicious keylogging software. Keylogging software records the keys you type onto your keyboard. This is especially a concern if you access LastPass from a computer that doesn't belong to you (perhaps at an Internet cafe). Instead of typing your password on the keyboard, click on the "screen keyboard" link and a "graphical" keyboard image appears on the computer screen. Then, use the mouse to select each key you need to input your login and password information into LastPass. Any existing keylogging software is rendered useless.


One-Time Passwords – These are auto-generated, throw-away passwords that give you temporary access to your LastPass account. LastPass makes this feature available to help secure your master password while you're on the road or if you want to share your account information with a trusted person, but only once. Once a One-Time Password is used, it expires and can't be used again.


Password Sharing – This enables you to securely share certain passwords with others and maintain the ability to cancel the privilege at any time. This is a feature you'd use when collaborating on a project and you want other members to have access to the same account. Perhaps to the back end of a website or online film and photo-editing service.


Multi-factor Authentication – This is a paid feature that greatly enhances security. It allows you to set up LastPass to grant access after "two-steps" are satisfied. For example, enter the correct LastPass credentials AND an additional set of credentials. Perhaps input a second graphical-based password or connecting a "physical key," such as a USB jump drive or Yubikey, into the computer to allow access to your LastPass account. If one step is missing, access is denied.


Other features worth noting: Phishing Protection – Helps protect you from phishing attacks. These attacks work like scams. The crooks send a fake email, perhaps one appearing as though it's from the victim's bank. The email asks the victim to enter their login information onto a fake web page designed to look like the bank's website. If the victim is duped and complies, the crooks have all the needed banking account information.


Identify Weak Passwords – LastPass can analyze your passwords for weaknesses and offers suggestions to strengthen them.


Identities – This enables you to organize your passwords by segregating your personal accounts and passwords from your work-related passwords and accounts.


There are other password management services on the market. However, one more important security feature not available with many other services is the decryption keys stay with you. This means even LastPass employees cannot and do not have the ability to access your encrypted data through their corporate servers.


Please note: you still have to create strong and secure passwords for each of your accounts to maintain enhanced security. But the good news is with a secure password management system, you no longer need to memorize all of them. Just simply memorize the one master password for the password management program and better protect your privacy and security the easy way!


Along with the ones mentioned in this article, I use a program called Keepass: http://keepass.info/. It also is free and pretty easy to use.

Read More

Your smartphone: a new frontier for hackers

I'M BACK!! I'm sure some of you missed me and others probably didn't even realize I hadn't posted anything in a while. LOL.
I found the following story and thought I would pass it on to those of you with smartphones. It seems that it is getting to the point where using your cell phone isn't even safe anymore.

http://www.msnbc.msn.com/id/44050631/ns/technology_and_science-security/

Read More

Two Simple Methods to Keep Your Online Searches More Private and Confidential

A friend of mine received the following e-mail and sent it to me to share, so here it is:


"In many ways, defending your privacy in our modern society is illegal at worst and impractical at best. However, my philosophy holds that if you are less visible than 99% of everyone else, you still have your privacy.

Today's Executive Bulletin provides key insights on how to enhance your online privacy. As such, this memo is a little more technically oriented than most. However, even if you are not an Internet surfer, you probably have friends, acquaintances, and family members who would benefit from the contents of this email.

Generally speaking, I do not lose too much sleep over the FBI. However, when this agency is granted new powers, ALL OTHER AGENCIES OF THE FEDERAL GOVERNMENT PRETTY MUCH GAIN THE SAME CAPABILITY. Especially the Treasury Department and its IRS minions.

So it matters that back in 2008, then-Attorney General Michael Mukasey relaxed the FBI's investigative guidelines allowing agents to pry into your life with NO evidence you are doing, or have done, anything wrong. This year, it gains more potentially abusive power because agents are allowed to snoop and search through your private life WITHOUT making any record that the search ever took place and without any factual basis of wrongdoing.

They can do this to "find something on you" simply to coerce you to inform on someone else, like a golf buddy or loved one. Click here for more information on this topic, as well as 7 Privacy "Best Practices", all of which have been disclosed in a recent issue of my Executive Bulletin.

When you perform an online search through a search engine like Google, Bing, or Yahoo, the words and phrases you type into the search engine, and then, the destination-websites you visit because of that search, can be scrutinized in a similar way as analyzing your reading material. For instance, "ladies shoes," "overseas retirement destinations," "foreign bullion vaults," or "hunting equipment."

Two Simple Methods to Keep Your Online Searches More Private and Confidential

1) 'Encrypted' Google search: The non-default, but more secure way to use Google

What's good:

It's simple to start. Once you're on the Google website, add an "S" in the browser url just after, "http." In other words, change "http" into "https": https://www.google.com/. This encrypts the connection from your computer to Google's servers, by using a Secure Sockets Layer (SSL) connection. (By convention, urls that require an SSL connection, or have it as an option, start with https instead of http.)

If you're on a public Wi-Fi, and someone is electronically eavesdropping ("sniffing"), that person or software program will only capture the encrypted message, not the search terms you're typing into Google.

The encrypted connection should keep your searches confidential even from your ISP. When you click to the third-party destination website, from the search engine results page, the destination website doesn't know that you came from Google – or what search term you used to reach the site.

What to beware of:

Google is keeping track of your Internet Protocol (IP) address. Try typing "Pizza" into either the regular Google search engine or the secure encrypted version. A local map of pizza joints in your area is likely to pop up. That's only possible because Google tracks your IP address.

In spite of denials from corporate mouthpieces, Google computers may be logging your activity and keeping a record of it in a way that can be sourced back to you.

When you click to the destination website from the search engine results page, the destination website will then be able to "see" your IP address (although they may not know what terms you typed to get there, or that you came through Google).

Once on a third-party destination website, it may be able to load tracking cookies onto your browser or scan the cookies already on your computer and see the other websites you've visited.

When you click to the third-party destination website from the search engine results page, you leave the protection of the encrypted connection. Snoopers and your ISP can now see what website you're on.

2) Ixquick.com: The privacy-centered search engine

What's good:

They are a search engine that advocates your privacy.

They don't record your IP address. Run the same "Pizza" test, and you'll see that no local pizza joints appear in the search results.

They don't use unique session cookies, which can be used to identify you and track you.

They don't log or record your activity on their search engine.

They have an encrypted option, just like Google. Add an "s" in the browser url just after, "http": https://www.ixquick.com/.

The encrypted option keeps your search confidential from electronic eavesdroppers and your ISP. They have a proxy option for additional privacy, explained below.

What to beware of:

All the same concerns mentioned in the encrypted Google search above related to clicking away from the safety of the Ixquick search engine and landing on a third-party website.

However, as a remedy, Ixquick has the option to view a third-party, destination website with the additional security of a web-based proxy.

All you need to do is click on the underlined word - "Proxy" - next to the search result. According to Ixquick:

Ixquick goes to the website you select, retrieves the page, and displays it for you.

You are invisible to the website. They see only Ixquick's IP address, not yours.

Since you never make direct contact with the website, they can't see or store cookies on your browser.

You can click on linked pages from the website and the Ixquick proxy will display those for you too.

While using the proxy, you are protected at all times by Ixquick's outstanding privacy policy. (No IP address recorded, no identifying cookies used, no search or browsing activity stored.)

For security reasons, you cannot use the proxy to fill out forms with text input.

The proxy removes the "javascript" code of visited sites, so some features may not work.

The proxy will not load frames that reside on a different external domain than the referrer.

Lastly, if the third-party website has links that lead out to other websites, Ixquick's proxy protection can't follow you. As an example, say you perform a search for:

"American work trucks;"

"Ford" comes up as third-party website option;

You click on the proxy option to view "Ford;"

You are now on the website behind the Ixquick proxy protection feature;

You can click around Ford's website under the proxy protection.

But, if you want to click on an ad for more information on "car insurance" – and that link directs you to the "Farmer's Insurance" website – Ixquick's proxy protection can't "follow" you to that new website. You'll have to go directly there without Ixquick's proxy protection or run a new search for "car insurance" or "FarmersInsurance.com."

[Note: Ixquick has a relationship with Google called Startpage.com. Apparently, it's for those who wish to use Ixquick privacy features while receiving only Google's search results. The original Ixquick.com search engine works just fine and serves search results from multiple search engines. So you typically receive a broader base of search results.]

Using these two options enable you to keep your thoughts and online search behavior confidential from overzealous government busybodies or other snoops who may wish to draw conclusions about you. Someone in your family can benefit from this information. Please pass it along."

Read More

Microsoft gets green light from feds to buy Skype.

Microsoft is trying to get a bigger piece of the pie. Microsoft is expanding it's market by purchasing an established company -Skype. Read the following articles to findout more.

http://www.networkworld.com/news/2011/062011-microsoft-skype-deal-gets-us.html

http://www.bloomberg.com/news/2011-06-19/skype-fires-executives-avoiding-payouts-after-microsoft-buyout-closes.html

http://moconews.net/article/419-ftc-approves-skype-acquisition-by-microsoft-now-for-the-hard-part/

Read More

Malware, Spam Pose Greater Security Threat in 2011

The latest reports out show that 2011 may show that Malware & Spam will be and are on the rise.  Read the following article to findout more.

http://www.eweek.com/c/a/Midmarket/Malware-Spam-Pose-Greater-Security-Threat-in-2011-882611/?kc=rss

Read More

Google hones search for mobile and speed

Hello and welcome to another installment of the Kesar Tech blog. Today, it is directed more toward the mobile phone users. The following articles are about Googles efferts to increase speed for it's mobile searches. Hope the these articles are helpful and informative. Until next time, safe computing.

http://www.reuters.com/article/2011/06/14/us-google-idUSTRE75D5C920110614

http://www.computerworlduk.com/news/applications/3286066/google-promotes-instant-pages-to-accelerate-search/

Read More

Citigroup Inc gets hacked.

   It seems yet another big business got hacked and had customer info stolen. Thousands of Citi customers at risk after hacker attack.

http://www.msnbc.msn.com/id/43335996/ns/business-personal_finance/

Read More

Smartphones get Malware.

The following article is for my Anroid smartphone using readers. Seems there is an app that downloads Malware to your phone called "Droid Dream." Read the following article to find out more.

http://smartphone.biz-news.com/news/en_US/2011/06/08/0001/new-mobile-malware-droid-dream-affected-around-120-000-android-users-badly

Read More

Free is the new thing.

Yes, it's me again. Three times in one day, I know what you are thinking, "He must be bored!"  I am, but beside that, it's too hot to do anything outside. Here is the latest article I read and thought I would pass along.

http://www.pcworld.com/businesscenter/article/229610/free_antivirus_programs_rise_in_popularity_new_survey_shows.html

Hope you enjoy.

Read More

5 Tips to Keep You and Your Family Computer Safe This Summer.

Summer is here and kids of all ages have a little free time on their hands and will inevitably be logging more hours on the computer, probably online.  While most young web surfers think they know more than their parents because they have grown up in an online world, they are also one of the most targeted groups by identity thieves and cyber criminals — among the least protected against intruders, and often lacking basic online privacy and safety knowledge.


How can you make sure that your kids have fun and stay safe when they go online? Keep reading for a look  at the  top 5 essential tips to help keep your family secure as they spend time on the Web this summer.



1.Set limits to establish good Internet behavior and habits.
Establish clear family rules, make sure everyone understands them, and post them by the PC so they are quickly on hand. Essential areas to cover include:

◦The maximum amount of time spent online per day.

◦Whether or not social networking sites can be used, and how to use them.

◦Who can or cannot be communicated with online.

◦What sites and content are appropriate or inappropriate to browse or play on.

◦The ability to download and install programs or files. (It's a good rule of thumb to always have kids check with an adult before they install anything on the family PC.) I recommend setting up a separate user account for the kids with a limited user account. This way, they can not download or install anything without your permission. Of course that means you have to password protect your account if you haven't already done it.


2.Understand what information is confidential.
 Have a clear understanding of what information is okay to give out, and what is not — and explain it to your kids.

It's especially important to emphasize the necessity of keeping the following details private:

◦Passwords (don't even share them with friends)

◦Banking, credit card, or payment details

◦Personal facts that should not be shared with strangers, such as address, full date of birth.



3.Create awareness about real-world threats that cross over into their online world, like online predators and cyber bullying.
The Internet is an effortless way for kids to meet old friends and make new ones, just as it is for adults. But, online intruders are known to take advantage of the Web's openness and anonymity to prey on young people. At the same time, statistics show that children may be more likely to experience online harassment from their peers, known as cyber bullying, than to be targeted by a stranger. Go over what these threats are, and what to do if kids encounter a potentially threatening situation.


4.Be prepared for stealthy security threats.
Make certain that you have security measures in place on your computer before disaster strikes. Don't assume that child-friendly sites are free from aggressive ads and malicious content. These sites may have advertisements popping-up regularly or attempt to download programs without your child asking for them. Even mainstream sites are subject to stealthy attack techniques like SQL injections and drive-by-downloads.

At a minimum, you should:

◦Install security software (anti-spyware, anti-virus, and a firewall) and keep it up-to-date. Make sure family member are aware of what security software you have, and warn them to be aware of messages and prompts from rogue security software and scareware, designed to trick them into purchasing fake products or giving away personal information.

◦Patch your operating system and other applications as soon as updates become available.

◦In Windows, operate under a limited user account, not the all-powerful administrator account.



5.Plug-in to your kids' online lives — and let them know you're watching. 
 According to the Norton Online Family report, a study released in mid-June 2010 that surveyed kids and adults in 14 countries around the world about their online experiences, 20 percent of kids say that their parents have “no idea” of what they do online. It's important to provide your kids with the online supervision they need to make good choices and stay secure. Need help on how to do that? The StaySafeOnline.org website is an excellent resource to learn more on how to guide your children as they use the Internet.

Read More

Protecting Your Privacy.

As the following article shows, it doesn't matter how safe you are about your personal info, if bad guys what it they will get it. You just have to limit what you give them.

"We share more and more personal details about ourselves online, but you may still be surprised when you find actually how much information really is available about you. Gaining rapidly in popularity are information-gathering websites, such as Spokeo and Intelius that pull information from government databases and hundreds of social-networking sites. For a small amount, you can run a complete background check on someone and get access to income, occupation, address, number of people in your household, spouse's name, credit status, education, and religion. It even offers a satellite photo of your house, complete with an estimated value, and personal photos gathered from various social networks.


All of this data comes from public records, so technically, they are not doing anything illegal, but it is still a strong wake-up call to consider your digital footprint.

So what can you do to protect your privacy? With Spokeo, you can remove the listing. To do so, visit: http://www.spokeo.com/privacy

However, as they point out on their website, “Spokeo aggregates publicly available information from third party sources. Therefore, removing a listing from our directory will not remove your information from its original source and therefore your information might still appear on other directory sites.”


Combined with the information that is available from public records, more and more people are using location-based services like Foresquare and Facebook Places, to let people know where they are. These services let users check in to different locations, via smartphones, and to share their location with their social network friends. It also gives users the option to "tag" friends who are with them at that same location. This may seem like a fun feature, but it also raises a multitude of security and privacy issues as there is a lot of opportunity for misuse. It could, for example, be a burglar’s, or a stalkers, dream. Want to know where someone is? Check Facebook. Want to know when someone is away from home? Check Facebook.

Always think twice and be extra cautious of what information you share and with whom. And remember, if you wouldn’t give the information to a stranger, you probably shouldn’t be posting it online."

Read More

I need your help with a Facebook problem.

I need your help. A question has been sent to me that I can not find an answer to. I am not as knowledgeable about Facebook as some of you, so I am asking for your help with the following question:


" I was wondering if you could help me. I have several FB posts that I want to print out and my computer won't do it. It keeps telling me the printer is offline when it isn't, and it won't print any FB feeds. It prints fine from my documents. Do you know why it won't let me print from FB? "


My response was that I have only been able to print the whole profile page, but not individual posts.
I did this by right clicking on the profile page and then click on "Print" from the pop-up menu.

Does anyone know how to do what this person is asking?
Thanks for your help.

Read More

Two subject line viruses to be aware of .

I just received an email from a friend, those of you that really know me may find it hard to believe I have friends, but I do. LOL.  There is some truth to this email, but I think a little more research would have probably been advised. Here is the email and at the end of it I attached my comments and the links to find info on the mentioned viruses:

"Just verified this with Snopes and it is REAL. Also went to "Truth or Fiction," its on their site also.
PLEASE INFORM EVERYONE you know !

1.) Emails with pictures of Osama Bin-Laden hanged are being sent and the moment that you open these emails your computer will crash and you will not be able to fix it!
If you get an e-mail along the lines of 'Osama Bin Laden Captured' or 'Osama Hanged', don't open the Attachment!!!!

This e-mail is being distributed through countries around the globe, but mainly in the US and Israel .
Be considerate & send this warning to whomever you know.

2.) You should be alert during the next few days:
Do not open any message with an attached file called 'Invitation' regardless of who sent it.
It is a virus that opens an Olympic Torch which 'burns' the whole hard disk C of your computer!!!!

This virus will be received from someone who has your e-mail address in his/her contact list, that is why you should send this E-mail to all your contacts.

It is better to receive this message 25 times than to receive the virus and open it.
If you receive an e-mail called 'invitation', even though sent by a friend. Do not open it!!!
This is the worst virus announced by CNN, it has been classified by Microsoft as the most destructive virus ever.
This virus was discovered by McAfee May 1, and there is no repair yet for this kind of virus..
This virus simply destroys the Zero Sector of the Hard Disk, where other vital information is kept."

According to Snopes.com, the emails about 'Osama Bin Laden are going around and there is a POTENTIAL to get a virus. It also says that these emails have been going around since July 2004.
http://www.snopes.com/computer/virus/osama.asp

As far as the second warning about the torch, Snopes says it is a Hoax. It started around the time of the 2006 Winter Olympics.
http://www.snopes.com/computer/virus/invitation.asp

Here is a link to the Truth or Fiction story which backs up the Snopes one.
http://www.truthorfiction.com/rumors/o/osama.htm

Both of these resources, Snopes.com & Truth or Fiction.com, are great tools, but you need to read the WHOLE story before you panic.

Hope this helps.

Read More

10 Simple Ways to Spring Clean Your PC

It's springtime, I think — the time of year to tackle the grime that's built up in our homes over the winter months. Unlike me, you may know all the tricks when it comes to scrubbing, polishing, and organizing your house. I do know what to do when it comes to your PC?  Clean-up your computer with these ten time-tested cleaning tricks, both for the inside and outside of your PC.


On the Outside

Tackle cleaning the outside of your PC by taking a look at these four main areas, below. (Remember, to be safe, turn off and unplug your computer before cleaning).

1. Your desktop - First and foremost, dust your desktop and workplace area. It's important to do this on a regular basis to keep grime from clogging the air vents behind your PC.

2. Your monitor - Use a soft cloth and monitor cleaning spray to remove buildup.
See link #1.

3. Your keyboard - Gently turn your keyboard upside down and let loose any dust, crumbs and grime that may have fallen between keys. Use a cotton swab or compressed air for additional cleanup between the keys.

4. Your mouse - Clean the top and bottom of your mouse with a soft cloth, and the inner components with a cotton swab. (Some PC pros recommend slightly dampening your cloth with rubbing alcohol for added cleanliness. If you go this route, be sure not to over-saturate and to thoroughly dry before replacing the mouse cover or components.)



On the Inside

Now that the outside of your PC has been cleaned-up, we'll continue to the inside to put a shine on the inner workings of your computer.

5. Update with the latest patches. Check the status of your operating system, security software, and all other applications that you use to ensure that you're up-to-date.

6. Get rid of spyware, malware and viruses. Spyware and malware are among the most common culprits of a slow running PC. Not only can malware put your privacy and security at risk, it can also sap your computer's processing power. Need this kind of protection? Try Malwarebytes to clean-up your PC.
Link #2

7. Out with old documents. After you're finished using files that contain sensitive information — such as tax preparation documents — permanently remove them from your PC with a digital file shredder, like Eraser.
This will clean your computer from old deleted files and folders that are stored on your drives and will ensure that your private information won't fall into the wrong hands. Link #3.

8. Tune the registry. Over time, your computer's registry, the database containing information about programs installed on your PC, can become bogged down with corrupt and unused data. You can increase your computer's speed and stability with a registry scanner and repair tool. Try Eusing to identify, clean, and correct these errors. Always back-up your registry before you make any changes. Link #4.

9. Wipe away surfing tracks. Do a quick sweep of your browser cookies, cache, and history. makes this cleanup task simple;  With  CCleaner you can erase the tracks left behind while surfing the Web on multiple browsers, including Internet Explorer, Firefox, Chrome, and Opera, with one easy click. Link #5.

10. Manage startup programs. Too many programs automatically running at startup can be a cause of PC slow-downs. Check to see which programs run automatically when you start your computer, and remove any unnecessary ones. You can do this easily, reducing the toll on your system, with  Autoruns.
The less programs that startup with your computer means a faster boot time and more efficient operation.

I recommend that before you preform any of the internal cleaning, that you set-up a system restore point first.

Setting up a restore point for XP: http://filext.com/faq/set_system_restore_point.php

Setting up a restore point for Vista or Windows 7:  http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/

Hope these help
 
1.)  http://www.wisegeek.com/how-can-i-clean-a-computer-monitor.htm
2.) http://www.malwarebytes.org/
3.) http://www.snapfiles.com/get/eraser.html
4.) http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
5.) http://www.piriform.com/ccleaner
6.) http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

Read More

Understanding Hidden Threats: Botnets

As a follow up to my previous post, How To Prevent Your PC From Becoming a Zombie, here is an explenation of some of the terms used.
You may or may not have ever heard of a botnets. Even with all of the references to them in the news these days, it's not easy to gain a clear understanding of what they are, and how they might be affecting you. Keep reading to set the facts on botnets straight.



What is a botnet?
A botnet is a network of compromised, or infected, computers that hackers have commandeered. PCs that are part of a botnet are often referred to simply as "bots".
Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer. PCs in a botnet are under the remote command and control of hackers. As part of that, hackers can take advantage of all of the resources on a machine (from personal information to bandwidth), and use it to perform malicious tasks under remote direction - all to carry out their criminal intentions.

What is a zombie computer?
A zombie computer is a system that has been infected and taken over remotely by cyber criminals. A collection of zombie computers makes up a botnet.

What are botnets used for?
Botnets are controlled remotely by hackers to distribute spam, viruses, and theft schemes - and to hijack additional computers. The main motivation behind botnets, in recent years, is for monetary gain by cyber criminals. Once compromised, cyber criminals have complete access to the infected machine; they are able to load software onto it, or pull information off of it.

Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users. Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft.

How do I know if my computer is part of a botnet?
Most owners of compromised PC are unwitting victims, never realizing that they have allowed unauthorized access to their computers. Machines are infected without the knowledge of the computer user; usually access to the system is gained through a virus, worm, or Trojan. The symptoms of infection are generally very subtle and are not immediately apparent to the average computer user without using special tools. Still, there are telltale signs and symptoms which may indicate a problem.

•A slow computer
The most apparent sign, according to the analysts as Lavasoft Malware Labs, is "slow computer" syndrome: your Internet connection becomes strangely sluggish, or your PC gets slower as you run a few programs on it simultaneously. (However, users should note that this can also be caused by other types of malware, as well as other PC problems.)

•Accused of sending spam
Being accused of sending spam is a sign that your system is infected and is part of a spam bot.

•Detecting malware responsible for bots
By running an anti-spyware and anti-virus program, the security software will be able to root out an infection and classify it as a bot.

•An unknown or suspicious process is running in the background on your PC
If you use a firewall to monitor network traffic, the program will allow you to spot suspicious traffic on your PC.


For more technically-oriented computer users, bot activity can be discovered through packet sniffer tools and knowledge about different protocols, ports, Windows Registry, processes and TCP/IP. This includes:

•Large amounts of network traffic
Bots often connect to remove servers; they may use a questionable amount of bandwidth and cause network traffic even if you are not online.

•IRC Traffic
Internet Relay Chat (IRC) is a type of real-time Internet messaging, designed mainly for group discussion forums. IRC bots connect to IRC as a client, performing automated functions but appearing to be another IRC user.

•SMTP Traffic
Simple Mail Transfer Protocol (SMTP) is an Internet standard for e-mail across IP networks. Bots may use a built-in SMTP-engine to send spam to other users.

•Open Ports
Open ports allows applications to multitask and use different protocols at the same time. All computer devices on a network need a channel to allow them to communicate with each other. Bots may search for open ports to be able to start a synchronization or communication.

Read More

How To Prevent Your PC From Becoming a Zombie

Hello and welcome to another episode of the Kesar Tech blog.

You may know the basic facts on botnets, networks of compromised machines commandeered by hackers. But, are you aware of how to keep your own PC from being affected? Here's a look at specific steps you can take to help ensure that your computer does not end up under the control of cyber criminals.

Use anti-virus and anti-spyware software and keep your software updated.
Good news for our Ad-Aware users: you are protected with both anti-virus and anti-spyware protection. How does Ad-Aware prevent this type of infection? Ad-Watch Live's real-time protection prevents the file that installs the bot from executing. You can also find existing infections on a compromised PC by performing a scan with Ad-Aware.

Use a firewall and make sure it's properly configured.
A firewall provides critical protection to keep your PC safe from unauthorized access. To complement your anti-virus or anti-spyware software, use a user-friendly firewall, like Lavasoft Personal Firewall, to monitor and block suspicious traffic that could be a sign of bot compromise.

Run regular security updates for your operating system, web browsers, and other applications.
Keep all of your applications up-to-date with the latest security patches. It's critical that you run Microsoft Update (update.microsoft.com) to install all of the current Windows patches. You can do this easily by setting your PC to receive automatic security updates.

Run different scanners to check for infections, including rootkit revealers. But, always make sure you're using reliable, respected security software.
Many computer users like to run a variety of different scanners to help find infections. Keep in mind - you also need to use caution when it comes to the security software you use. Rogue security software is on the rise, attempting to play off of computer user's fears about malware infections to peddle their fraudulent software. Be cautious and ensure the software is legitimate before downloading any programs.

Practice safe online behavior - click with care!
Be vigilant and use common sense when browsing the Web. You should be especially cautious when checking your e-mail or messages on social networking sites; don't open attachments or click links from unknown senders or in unsolicited messages.

Read More

German Laptop

Take a look at this German concept laptop computer.

http://www.youtube.com/watch_popup?v=7H0K1k54t6A

Thanks to Kim for sending me this video.

Read More

Facebook Tagged Photos Virus.

Apparently a new virus has shown up on Facebook the past couple of days. From what I can figure out, you receive a message saying that someone “commented on a photo of you” or “posted a photo of you.”  The following links should get you up to speed on this threat as well as what to look for, how to remove it, and how to avoid spreading it.

From what I can see, this is the way to fix it:
 ACCOUNT > PRIVACY SETTINGS > CUSTOMIZE SETTINGS > PHOTOS AND VIDEOS YOU ARE TAGGED IN AND EDIT SETTINGS TO FRIENDS ONLY OR CUSTOMIZE IT TO WHOM YOU WANT.
THEN GO BELOW THAT TO SUGGEST PHOTOS OF ME TO FRIENDS AND DISABLE IT. CHECK THE OTHER SETTINGS AND MAKE SURE THEY ARE WHERE YOU WANT THEM. 

This link has info on the virus.
http://www.onlinewebmarket.net/?p=429

This link has info on the virus as well as gives evidence that the virus has been around since September of 2010.
http://www.thatsnonsense.com/view.php?id=1002

This link gives you ways remove the threat as well as more info on it.
http://casabona.org/blog/2010/01/18/facebook-photo-virus/

This link says that the whole thing may just be a hoax to get people worked up.
http://urbanlegends.about.com/b/2011/03/22/facebook-rumor-photo-tagging-virus.htm

This link is not about the above mentioned virus but I have seen it on a few friends pages.
They are "collages" of you and your "top Facebook friends." 
Some photo tagging applications on Facebook  add links to bad sites in "your" photos and your innocent Facebook friends, who are just randomly browsing your pictures, might fall in the trap.
http://www.labnol.org/internet/facebook-photo-tags-problem/11355/
 
I hope you have found this information useful.  By the way, I just tagged you in a photo on Facebook. :-)

Read More

Free Download F-Secure Anti-Theft for Mobile 6.2

Are you worried about your mobile phone being stolen and all your info (contacts, account info, etc..) being used for evil? Have no fear F-Secure has come up with a free download that will safeguard your info and lock your phone.

F-Secure іѕ аn anti-theft software fοr уουr mobile phones whісh hаѕ very useful features such аѕ remote lock, remote wipe аnd theft control functionalities. Thе remote lock саn bе used tο lock thе device tο protect confidential information quickly аnd easily wіth a single SMS message.


Thе theft control feature activates whеn thе SIM card іѕ changed bу locking thе device. Aѕ аn ultimate safety rate tο prevent misuse, іt іѕ possible tο erase аll thе data οn thе phone wіth thе remote wipe bу sending аn SMS message.


Fοr download F-Secure Anti-Theft fοr Mobile frankly tο уουr phone, Yου саn visit F-Secure.mobi              
( http://www.f-secure.com/en/web/home_global/protection/mobile-security/overview)  using уουr phone’s web browser. Click “Download Antitheft” аnd download thе software.


The download is free, but I am not sure if the service is fee based.

Read More

Malicious Web attack hits 1 million site addresses.

Attached you will find a link to an unbelievable story about how some sophisticated programmers attacked 1 million web addresses using a redirect code embedded in the websites.

http://www.msnbc.msn.com/id/42383544/?Gt1=43001

Read More

Securing your Facebook WiFi connection.

Did you know there is a new Facebook security feature that will encrypt your session so that you don't fall victim to attacks such as Firesheep, which can hijack that session while you are connected to an unsecured WiFi link?
Firesheep can steal your sessions, pretend to be you, and you won't even know it.
The encryption security feature is accessed through your Facebook Account Settings.
Get complete instructions at the following link:
http://blog.eset.com/2011/02/08/change-your-facebook-account-settings-for-better-privacy-and-security

Read More

Tracking you through your smartphone.

Technology has made our lives a lot easier, but you do know there are tradeoffs.
For example, most smartphones today have GPS capability built-in to provide location-based services.
Real-time directions help you get from point A to point B. But, did you know Facebook and third-party Facebook apps can use this same technology to track your location through your cell phone? For your privacy and safety, I recommend that you do not submit your mobile phone number to Facebook. Or if you have, remove it. Here is a link to aid you in that task:
http://news.cnet.com/8301-19518_3-20028708-238.html

Read More

Cell phone privacy reminder

Cell phone numbers became public in March, and telemarketing companies can now call you on your cell.
If you do not want to receive these calls, go to the National Do Not Call Registry https://www.donotcall.gov/Mobile/Default.aspx. You can enter up to three numbers at a time.

The National Do Not Call Registry is managed by the Federal Trade Commission.

Read More

Skype used for scam.

Hello again! Thank all of you that responded to my last post with suggestions to make this blog better. Today, I would like to share a post from another blog I follow.

This particular article is about how Skype is being used to spread a Rouge Virus.
I don't use Skype myself, but I know of several families that do use it to keep in touch with family members in the military or that live far away.
http://krebsonsecurity.com/2011/03/rogue-antivirus-via-skype-phone-call/

For those of you interested in following this kind of stuff, latest viruses, scams, attacks on technology, here is a link to his blog: http://krebsonsecurity.com/

You can also follow him on Facebook at:
 https://www.facebook.com/pages/Brian-Krebs/119740914725557?sk=wall

Hope you find this interesting and keep the comments coming.

Read More

Phone Phishing Attacks

Here is an article I found while doing some research for a problem I am trying to solve for a friend.

I figured with the wide use of smartphones and such, I would pass it along.

I remember a time when the only thing you had to worry about catching from talking on the phone was a cold. Oh the times, they are a changing.

http://krebsonsecurity.com/2010/06/a-spike-in-phone-phishing-attacks/

For those of you interested in following this kind of stuff, the latest virues, scams, attacks on technology, here is a link to the blog I got this story from: http://krebsonsecurity.com/

You can also follow the author on Facebook at: https://www.facebook.com/pages/Brian-Krebs/119740914725557?sk=wall

Hope you find this interesting and keep the comments coming.

Read More

Does Your Smartphone Need Antivirus Protection?

I have been asked about smartphone protection. Since I am not very familiar with smartphones nor do I own one, I had to do a little research. The following is an article posted at: http://www.foxnews.com/story/0,2933,515583,00.html.

I hope it is helpful and answers some of your questions.



Q: I know my home PC needs antivirus and anti-spyware programs and a firewall to surf the Internet somewhat safely. I've just gotten my first smartphone, so I have to ask: How does one surf the Internet on this phone and not catch any viruses? Or are there programs out there to protect my phone?



A: Opinion is mixed among security experts — including the ones who, just a few short years ago, were predicting real problems for mobile devices. By and large, the threat has failed to materialize, as of yet.



• Click here to visit FOXNews.com's Cybersecurity Center.

• Click here for FOXNews.com's Personal Technology Center.



Not that there aren't examples in the wild, including the recent WINCE_CRYPTIC.A worm, which targets Windows-based smartphones. But such viruses are currently as rare as malware for the Mac.



That may be changing, however, according to Denise Culver, a research analyst with Unstrung Insider.

She writes: "Mobile malware security vendors are preparing for wide-scale attacks by hackers — attacks that eventually will be as headline-grabbing as those that hit e-mail systems. Their hope is that smartphone manufacturers, carriers, and enterprises — not to mention smartphone users — will not wait until the threats have reached that level before securing their mobile systems."

Among my favorite boyhood memories are trips to the North Fork of the Snake River on the opening day of fishing season in Idaho.

In addition to the beautiful scenery and the exhilarating raft ride, there was the great fishing. The trout practically jumped into the boat!

In other words, they were plentiful and easy to catch.

The same concept applies to authors of malware: They prefer targets which are plentiful and easy to attack.



The Windows operating system (in its various versions) is certainly plentiful. It's also easy to attack, as proven by tens of thousands of malware examples.

In other words, Windows systems are "ubiquitous and attractive." To those who are not talented enough to be professional programmers and have to resort to writing malicious code to get their programming jollies, Windows is currently the target of choice.

When Windows Mobile — or Apple iPhone, or Google Android — devices become "ubiquitous and attractive," they, too, will become targets for malware. Be prepared.

Read More

I need your help.

Hello and thanks for tuning in for another episode of the Kesar Tech blog. Today I would like to go in a little bit of a different direction. Instead of me giving you information, I would like you to give me some.
I have noticed that the number of followers of my blog and people that like my Facebook page have dropped a little bit. Anyone that knows me, knows that my ego can not take it when people don't like me. Just kidding :)
What I need from you is any suggestion as to what I can do better, what I'm doing wrong, how can I improve, or are the people that have left just not interested in this subject. The gloves are off and you are free to give me any suggestions you want, just PLEASE make them appropriate and related to the topic. Who knows, maybe this post will cause more people to leave. If so, thank you for hanging with me this far and if I can ever help with a computer problem let me know.

On a related note, I would like to thank a good friend, Lori Devine, for getting the word out about me. I have received several questions from friends Lori has pointed in my direction and I do appreciate the business.

Lastly, I have been asked the following question several times, so I will just answer it now and clear up any further miscommunication. I do not charge for advice, but I do charge if I do any work.

Again, thank you for your time and I hope this doesn't make me look like the lonely pathetic loser that I am. :( I think I may need a hug now.

Read More

Package Delivery Failure Virus

A good friend forwarded me this e-mail and I felt it was worth passing along.

The newest virus circulating is the UPS/Fed Ex Delivery Failure. You will
receive an e-mail from UPS/Fed Ex Service along with a packet number. It
will say that they were unable to deliver a package sent to you on
such-and-such a date. It then asks you to print out the invoice copy
attached.

DON'T TRY TO PRINT THIS. IT LAUNCHES THE VIRUS! Pass this warning on to
all your PC operators at work and home. This virus has caused Millions of
dollars in damage in the past few days.

Snopes confirms that it is real.

http://www.snopes.com/computer/virus/ups.asp

Thank you Kim for this information.

Read More

How Anonymous Are You Online?

These days, we share more and more personal details about ourselves online — whether intentional or not. You may think that you are anonymous as you browse websites, but pieces of information about you are always left behind. This information can include browsing behaviors, but more importantly, it could also include personally identifiable information, which can potentially be exploited by criminals for identity theft. Luckily, the information revealed about you can be reduced by taking a few simple measures.

Below is an overview created by US-Cert.org (see attached link) to help you minimize your risk of revealing too much.



What information is collected?



When you visit a website, a certain amount of information is automatically sent to the site. This information may include the following:

• IP address - Each computer on the internet is assigned a specific, unique IP (internet protocol) address. Your computer may have a static IP address or a dynamic IP address. If you have a static IP address, it never changes. However, some ISPs own a block of addresses and assign an open one each time you connect to the internet — this is a dynamic IP address.
• Domain name - The internet is divided into domains, and every user's account is associated with one of those domains. You can identify the domain by looking at the end of URL; for example, .edu indicates an educational institution, .gov indicates a US government agency, .org refers to organization, and .com is for commercial use.
• Software details - An organization is usually able to determine which browser you used to access its site. The organization may also be able to determine what operating system your computer is running.
• Page visits - Information about which pages you visited, how long you stayed on a given page, and whether you came to the site from a search engine is often also available to the organization operating the website.

If a website uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. If the site you're visiting is malicious, files on your computer, as well as passwords stored in the temporary memory, may be at risk.

How is this information used?

Generally, organizations use the information that is gathered automatically for legitimate purposes, such as generating statistics about their sites. By analyzing the statistics, the organizations can better understand the popularity of the site and which areas of content are being accessed the most. They may be able to use this information to modify the site to better support the behavior of the people visiting it.

Another way to apply information gathered about users is marketing. If the site uses cookies to determine other sites or pages you have visited, it may use this information to advertise certain products. The products may be on the same site or may be offered by partner sites.

However, some sites may collect your information for malicious purposes. If attackers are able to access files, passwords, or personal information on your computer, they may be able to use this data to their advantage. The attackers may be able to steal your identity, using and abusing your personal information for financial gain. A common practice is for attackers to use this type of information once or twice, then sell or trade it to other people. The attackers profit from the sale or trade, and increasing the number of transactions makes it more difficult to trace any activity back to them. The attackers may also alter the security settings on your computer so that they can access and use your computer for other malicious activity.

How can you limit the amount of information collected about you?

Be careful supplying personal information - Unless you trust a site, don't give your address, password, or credit card information. Look for indications that the site uses SSL to encrypt your information.

Limit cookies - If an attacker can access your computer, he or she may be able to find personal data stored in cookies. You may not realize the extent of the information stored on your computer until it is too late.

Browse safely - Be careful which websites you visit; if it seems suspicious, leave the site. Also make sure to take precautions by increasing your security settings, keeping your virus definitions up to date, and scanning your computer for spyware.

Here is how you would erase your browsing history for Internet Explorer 7 from Windows:

1. Click Start on the desktop.

2. Click Control Panel.

3. Double-click Internet Options.

4. Make sure the General tab is selected.

5. Click Clear History in the History box.

6. Click OK when it asks if you want to delete all items in your history folder.

7. Click OK at the bottom of the General box to exit.

Here is how you would erase your browsing history for Internet Explorer 8 from Windows:

1. Click Start on the desktop.

2. Click Control Panel.

3. Double-click Internet Options.

4. Click Delete under the Browsing History.

5. Select what you want to delete and then click the Delete button.

A couple of other things I recomend are:

1. Under Browsing History, check "Delete browsing history on exit."

2a. Also under Browsing History, click Settings.

2b. Under History, set "Days to keep pages in history" to Zero.

To do this from your browser:

1. Click on "Tools" from your menu bar.

2. Then Internet options.

3. Follow the steps for your browser from above.

For other browsers or Operating Systems, check the following link: http://kb.iu.edu/data/ahic.html.

Hope this helps.

Source: http://www.us-cert.gov/cas/tips/ST05-008.html

Read More

Best Buy has lost it's mind.

I heard the strangest story today. A friend I hadn't talked to in a long time told me that during Christmas, he went to Best Buy to purchase 4 laptops. He ATTEMPTED to purchase the laptops with cash.
First off, the laptops could only be purchased at the Geek Squad counter. Not too strange, but kind of inconvenient
Here is the strange part. Once a Geek Squad tech got around to waiting on him, they told him that they needed a credit card to complete the purchase. The credit card was to auto purchase Norton 360's service when the trial period ran out.
My friend told them that he had $4,000 cash and was just going to delete the Norton when he got home anyway. The tech told him that he still needed the card.
My friend then asked to speak to a manager. When the manager arrived, my friend explained his situation and again was told by the manager, "This is store policy and I can not do anything about it."
So my friend took his money and went to a competitor to purchase his laptops.
I guess Best Buy isn't/wasn't effected by the economy and can afford to let a $3,700 sale walk out the door and go to a competitor.
I find this simply amazing.

Read More

Who is in charge of your family's computer security?

I have been doing a little research on Identity Theft and some of the statistics I've found are scary. In 2009, according to Javelin Strategy and Research's annual "Identity Fraud Security Report" [ http://bit.ly/aKgBRe].
11.1 million adults were victims of identity fraud. 11.1 million people, that's a lot of people! That's almost 5 percent of the total population of the United States.
If that isn't scary enough, the monetary damage from all this fraud was $54 BILLION. That's an average of $4,841 per victim.
According to this survey, small business owners suffered fraud at one-and-a-half times the normal rate.
I see the potential for this to get worst and not better. It's not like all the data we have floating around the web, our multiple PCs, our home networks, our phones, and our wallets is going to decrease over time. This makes it more important than ever that you and I assess our data security on at least a yearly basis.
I urge you to preach the mantra of digital security to your family and friends.
After all, I don't think any of us can afford $54 billion.

Here is a link to an article that tells you just how to protect yourself from fraud.
http://www.maximumpc.com/article/features/protect_and_defend_32_ways_secure_your_digital_life


On the same note, I recently read an article titled "FCC Probes Google."
Here are some key points of the article:

• At issue is Google's admission in May 2010 that its Street View cars had mistakenly gathered data, including email addresses, passwords, and URLs, in the process of photographically mapping the world's streets.
• This information was inadvertently collected from unprotected Wi-Fi networks.
• The FCC has announced that it's launching a probe to determine whether the unauthorized data collection violated the Communications Act.

Read More

Confused by ‘Update’ Jargon? Maybe this will Help!

UPDATE GLOSSARY

Lavasoft has put together a basic patch-time dictionary to help demystify common phrases associated with keeping your computer and software current. Browse through it to become familiar with the basics of what you need to know to stay safe!

• Security update/software update. A security update is a fix for a security-related vulnerability for a certain product. A software update is a patch or fix that is used to improve a certain software product or fix a specific problem.

• Operating system patches. Computer system software must be regularly updated. Operating system patches are security updates that are released by the operating system vendors, like Microsoft or Apple. Vulnerabilities have been found in every major operating system. You need to patch your operating system regularly in order to keep it up-to-date, and help stay safe from viruses, spyware, malware and other online security threats.

• Vulnerability. A vulnerability is a weakness or flaw, allowing for exposure by an attacker, due to a product flaw. Vulnerabilities are found in operating systems, software products, and web applications, and can compromise the security of your computer. The maker of the product or application fixes these flaws as they identify them or as they become known.

• Exploit. A vulnerability or bug in software used to take advantage of a user's system to gain unauthorized access.

• Zero day exploit A zero day exploit is a vulnerability for which exploit code has gone public before a fix by the software developer is available; an attacker can use this security hole to carry out an attack before the vendor has been able to issue an update.
  
• Microsoft Security Updates / Automatic Updates. Microsoft releases security updates to address specific issues and flaws in its Windows operating system and other Microsoft products. You need to install these updates on a regular basis in order to keep your system up-to-date and safe. Windows includes an Automatic Update feature that can proactively inform you that an update is available, and allows you to schedule these security update downloads and install them on a timeframe that you specify.
  
• Patch Tuesday. Microsoft releases its security updates, or patches, on the second Tuesday of each month; hence, this day is commonly referred to as Patch Tuesday.
  
• Out-of-band. Microsoft issues critical patches, outside of its regular Patch Tuesday cycle, when necessary. These are known as emergency or out-of-band updates.
  

If you still want to learn more, Microsoft provides a list of standard terminology used to describe Microsoft software updates.

* Article provided by Lavasoft News.

Read More

Do you really know what your kids are doing on Social Networking sites?

With recent examples of cyberbullying, I got to thinking about how many kids are on Social Networking Sites (i.e.: Facebook, Twitter, MySpace, etc...) and do their parents REALLY know what's going on there. There have been suicides, attempted suicides, and kids retaliating with firearms.
Another threat is online predators. I read a statistic that most kids have an average of 200 Facebook friends. I did a little experiment of my own and checked all five of my nieces and my nephew’s Facebook pages. I discovered that combined they have 1176 friends an average of 196 friends each. I'll bet their parents don't even know a quarter of these friends and for all I know, don’t even monitor their activities. I’m not suggesting that they turn into “Big Brother” and censor everything they do, but they should at least check out what’s going on.
A third issue is the pages that kids can visit. Some examples are “MTV’s 16 and pregnant”, “Teen Mom”, “Don’t have sex, because you will get pregnant. And die.” Just to name a few. If you haven’t been to or even heard of the last one, you are in for a surprise if you chose to go there.
By now you both agree with me and are interested in what I have to say or just think I’m some kind of prude. Either way, isn’t your child worth at least checking out the following links?


http://www.socialshield.com/
http://factoidz.com/social-shield-review/

Read More

Online Black Market. It's bigger than you think.

In my never ending search for information and the latest threats, I came across the following article.
http://news.cnet.com/8301-1009_3-20029163-83.html?tag=mncol;title

This article is both informative and some what surprising. You may not believe some of the avenues that cyber criminals use to sell and exchange stolen information.

Read More

Internet Security Trends in 2011

HAPPY NEW YEAR & WELCOME TO 2011!

In my surfing of the Internet I came across the following article about what computer nasties to look out for in the coming year.
One of the most interesting things I found in this article is how iPhones & Androids are being targeted. That's pretty bad, you can't even talk on the phone anymore without catching something.
As long as you surf the net wisely and keep your security, hopefully you have some, properly updated, you should have a good technological 2011.
Enjoy the article and remember, send me any questions or comments and I'll do my best to answer them.

http://www.lavasoft.com/company/newsletter/2011/01/article_internet_security_trends_2011.php?x-source=email&x-email=news&x-news=news-2011-jan-security_trends&x-news-2011-jan-security_trends=article_links&tracking=yesmail,

Read More