Have A Computer That Is Hassle Free: July 2009

Friday, July 31, 2009

News of Other trends in malware - - - - News clips - - - - - -

Not all malware spreads via email or the web.

The Conficker worm43,

for instance, uses Internet and network protocols to spread, alongside infecting USB sticks — but does not infect email or web systems.

While Conficker, which exploited a Microsoft security vulnerability and first appeared in late 2008, truly made its presence known during the first few months of 2009, media hysteria leading up to April 1, 2009 (when it was scheduled to change the way it looked for new instructions) helped push Conficker into notoriety.

Although it is clear that many firms and organizations struggled to protect themselves adequately from attack49, it is debatable whether the hyperbole regarding the worm helped improve the general state of computer security or was mistakenly seen as the computer security industry "crying wolf."

Conficker – A worm gains notoriety

"Will your PC be jacked on April first,44"

"The Conficker Worm: April Fool’s Joke or Unthinkable Disaster?45" and "PC security forces face April 1 showdown with Conficker worm46" are just some of the headlines that helped Confickermania gain momentum before the alleged significant date of April Fool’s Day.

Ironically, by and large, the computer security industry was not responsible for the hysteria regarding Conficker and April 1. Instead, it appears that the story was largely brewed up by elements of the media, despite many security vendors announcing that users were unlikely to notice anything different on April Fool’s Day.

Sure enough, April 1 2009 saw no unusual activity by Conficker and many were left wondering who had started the buzz 47— and perhaps more importantly, how to protect themselves from future iterations48.

Hackers exploited death of an actress using SEO techniques

Malware

Cyber Criminals Using fear
Prey on IT security fears and fool users into believing their computer have a problem when their computer does not. Such attacks, commonly know as scareware or rogueware love to prey on our computers. the fake antivirus software business is a growing business continues to be a big earner for cyber criminals.

Usually, scareware is planted on websites in the form of pop-up advertisements, or disguised downloads. Many times however, there have also been occasions when hackers have spammed out scareware, or links to it, using from an average of five dtectedper day during 2008.
Many hacking gangs have become proficient at rapidly producing professional - looking fake websites posing as legitimate security vendors. Bogus anti-virus software has also been distributed by poisoning the results of popular search engines through search engine optimization [SEO] techniques and other affiliate schemes

Many other attempts . . . . .
Beatty and Shania Twain in their attempts to steal money38.

• March Hackers used Natasha Richardson’s untimely death in advantageously39 stuffing webpages with keywords about the late actress in order to lure unwary surfers into visiting their dangerous sites and infecting their computers.

• March Hackers capitalized on a widespread issue with Symantec’s Norton Anti-Virus product40, poisoning search engines in an attempt to cash in on unsuspecting computer users searching for advice.

• June Opportunistic cybercriminals took advantage of the deaths of Farrah Fawcett41 and Michael Jackson42 to spread malware and spam.

Wednesday, July 8, 2009

THREAT: INTERNET EXPLORER FLAW GIVES HACKERS

INVISUS IALERT

WHAT YOU NEED TO KNOW:

Microsoft corp. has released a warning about a serious
computer security vulnerability it hasn't fised yet.

This new hole disclosed Monday affects Internet
explorer users whos computers run the windows xp or windows
server 2003 operating software.

The exploit used by hackers can allow them to remotely take control
of victims' machines. What makes this treat even more serious
is that the victims don't need to do anything to get
infected except visit web site that's been hacked. there
are no prompts to download anything or open anything up.

WHAT YOU NEED TO DO:

* What you need to do:

*Try not to visit any sites you are unfamiliar with until this is
patched by microsoft.

* Remember to always keep your INVISUS software updated
and run scans regularly. Your software will detect tools
the hacker may use to control your computer.

* Don't click on links or visit websites that are sent to you in
emails . they may be taking you to a hacked website.

OTHER INFORMATION:

The vulnerability affects a part of Internet Explorer that is
used to play video. The Problem arises from the way the video
software interacts with internet explorer, which opens a hole for
hackers to tunnel into.

Thousands of sites have been hacked to serve up malicoius
software that exploits the vulnerability. People are drawn
to these sites by clicking a link in spam e-mail.

Virus: Michael Jackson's Death Spread Viruses

What you need to know:

Another major news story sparks the release of viruses. Hackers
Are takin advantage of the highly publiscized death of Michael
Jackson and duping unsuspecting users into installing malware on
their computers.
What you Need to Do:

* Be Skeptical of links and sites that play on the hot news topics

* Do not open email that contain attachments that you were not expecting.

* Do not click on links in emails that promise information
or picuters of michael Jackson.

* Be sure to keep your Invisus software up and to date and run
regular scans.

Other Information:

ONE OF THE VIRUSES IS DISTRIBUTED THROUGH A FILE NAMED
Michae-wwww.google.com.exe. This file has been distributed
throught photos - google.com and possibly also through photo-msn.org,
facebook-photo.net and orkutimages.com. Don't visit these sites.

If you run Michael-www.google.com.exe. it drops files named
reptile.exe and winudp.exe, which are backdoor IRC bots, and
which display a fake error message dialog box: "Picture
cannot be displayed." Once a backdoor is installed, you
are open to many more attacks and risk of losing personal
information.

Social Security Numbers continued

Concern over the privacy of those numbers has grown in the wake of hundreds of data breaches reported by businesses, governments and educational institutions, breaches that have exposed millions of consumer records -- including SSNs.

In recent years, a number of states have passed legislation to redact or remove the numbers from public documents, such as divorce and property records, and bankruptcy filings. In addition, legislation introduced this year by Rep. Rodney Frelinghuysen (R-N.J.) and Sen. Dianne Feinstein (D-Calif.) would prohibit the display, sale, or purchase of Social Security numbers without consent, and would bar businesses from requiring people to provide their number.

The researchers at Carnegie Mellon set out to see if they could discover people's numbers by first exploiting what is publicly known about how the numbers are derived.

The Social Security number's first three digits -- called the "area number" -- is issued according to the Zip code of the mailing address provided in the application form. The fourth and fifth digits -- known as the "group number" -- transition slowly, and often remain constant over several years for a given region. The last four digits are assigned sequentially.

As a result, SSNs assigned in the same state to applicants born on consecutive days are likely to contain the same first four or five digits, particularly in states with smaller populations and rates of birth.

As it happens, the researchers said, if you're trying to discover a living person's SSN, the best place to start is with a list of dead people -- particularly deceased people who were born around the time and place of your subject. The so-called "Death Master File," is a publicly available file which lists SSNs, names, dates of birth and death, and the states of all individuals who have applied for a number and whose deaths have been reported to the Social Security Administration.

CMU researchers Acquisti and Ph.D student Ralph Gross theorized that they could use the Death Master File along with publicly available birth information to predict narrow ranges of values wherein individual SSNs were likely to fall. The two tested their hunch using the Death

Master File of people who died between 1972 and 2003, and found that on the first try they could correctly guess the first five digits of the SSN for 44 percent of deceased people who were born after 1988, and for 7 percent of those born between 1973 and 1988.

Acquisti and Gross found that it was far easier to predict SSNs for people born after 1988, when the Social Security Administration began an effort to ensure that U.S. newborns obtained their SSNs shortly after birth.

They were able to identify all nine digits for 8.5 percent of people born after 1988 in fewer than 1,000 attempts. For people born recently in smaller states, researchers sometimes needed just 10 or fewer attempts to predict all nine digits.

Records of an individual's state and date of birth can be obtained from a variety of sources, including voter registration lists and commercial databases. What's more, many people now self-publish this information as part of their personal profiles on blogs and social networking sites. Indeed, the researchers tested their method using birthdays and hometowns that CMU students published on social networking sites, with similar results.

Privacy and security experts praised the Carnegie Mellon study, saying it should be a wake-up call to policy makers and industry leaders, many of whom have resisted switching to a more secure consumer authentication system due to the sheer cost of changing the current system.

"Sure, the study says that if you were born in a big state on a busy day you're probably still safe," from having identity thieves guess your entire SSN, Anderson said. "Still, I think many people would find it unacceptable that a system continues in use which in effect exposes tens of millions of Americans to fraud and other kinds of harm."

"Because of the way the SSN has been designed, asking for the last four numbers of the SSN puts people at risk because those are the only numbers that are unique to you and cannot be guessed easily by someone who might want to use your identity,"

Social Security Numbers Can Be Guessed

Researchers have found that it is possible to guess many -- if not all -- of the nine digits in an individual's Social Security number using publicly available information, a finding they say compromises the security of one of the most widely used consumer identifiers in the United States.

Many numbers could be guessed at by simply knowing a person's birth data, the researchers from Carnegie Mellon University said.

The results come as concern grows over identity theft and lawmakers in Washington push legislation that would bar businesses from requiring people to supply their Social Security number when purchasing a good or service.

"Our work shows that Social Security numbers are compromised as authentication devices, because if they are predictable from public data, then they cannot be considered sensitive," said Alessandro Acquisti, assistant professor of information technology and public policy at Carnegie Mellon University, and a co-author of the study.

A Social Security Administration spokesman said the government has long cautioned the private sector against using a Social Security number as a personal identifier, even as it insists "there is no fool proof method for predicting a person's Social Security Number."

"For reasons unrelated to this report, the agency has been developing a system to randomly assign SSNs," which should make it more difficult to discover numbers in the future, Mark Lassiter, a spokesman for the Social Security Administration, said by e-mail.

Introduced in the 1930s as a way to track individuals for taxation purposes, Social Security numbers were never designed to be used for authentication. Over time, however, private and public institutions began keeping tabs on consumers using the numbers, requiring people to present them as proof of identity, such as when applying for loans, new employment, or health insurance.

Friday, July 3, 2009

Up to 95 Percent of All Email Is Now Spam

It's hard to believe it's come to this, but only l or 2 out of 20 email messages are now not spam according to Barracuda Networks, which offers spam filtering services and which analyzed a billion messages to arrive at that figure.The speed with which this figure is rising is astonishing. In 2001, Barracuda says spam accounted for only 5 percent of all mail, hitting 70 percent by 2004, 80 to 85 percent by 2005, and 85 to 90 percent by 2006. While spam won't actually hit 100 percent next year, it could certainly be close. (For its part, Symantec pegs the 2007 spam figure at 71 percent, up from 56 percent last year.)

Whichever figure is right doesn't really matter: The truth is that spam is getting worse, and fast, no matter how many laws are passed outlawing the nuisance. (The linked story also notes that over half of business customers consider spam the "worst form of junk advertising" there is. My vote: Junk faxes.)

Another trend I've been seeing: Spam filters' false positives for good messages are getting worse, too, but at the same time you can't really live without the filter, can you? The takeaway: Check your spam folders regularly, and train your filter as accurately as you can to reduce false positives down the line.

10 Quick Fixes for the Worst Security Nightmares

In the world of comic books, every bad guy is an evil genius. On the Web, hackers, spammers, and phishers may be evil, but they're not required to be geniuses. They can make a healthy living just by exploiting known security holes that many users haven't bothered to patch. Or by relying on the propensity of millions of people to do things they've been told over and over not to do.

The silver lining is that you don't have to be a genius to avoid these common attacks either. Implement a few simple fixes, and you'll avoid most of the bad stuff out there.

Fix 1: Patch Over the Software Bull's-Eye

Have you turned off automatic updates for Windows and other programs on the rationale that "if it ain't broke, don't fix it?" Then consider this: Your programs may be very, very broken, and you don't know it. The days of big splashy viruses that announce themselves to PC users are over. The modern cybercriminal prefers to invisibly take control of your PC, and unpatched software gives them the perfect opportunity to do so.

Today, a hijacked Web page--modern digital crooks' attack of choice--will launch a bevy of probes against your PC in search of just one unpatched vulnerability it can exploit. If it finds one, better hope your antivirus program catches the ensuing attack. Otherwise you likely won't even notice anything amiss as it infects your system.

PHONE CALLS Recorded By New Skype Trojan

WHAT YOU NEED TO KNOW:

A new trojan has been discovered that is designed to listen to
and record conversations via the popular Skype VoIP application, in what could be the first wiretap Trojan discovered in the wild.

The Trojan has been named Trojan. Peskyspy, and it uses Windows API Calls to grab sound coming from various audio devices plugged into into an MP3 file, which is then stored on the vicutim's machine.

The Trojan contains a back door, which enables an
attacker to send the captured audio to a new location
for listening.

What you need to do

Always keep your invisus software updated and run scans
regularly. Your software will detect tools the hacker may
use to steal your conversations.

Don't click on links or visit websites that are sent to
you in emails.

Other information:

So Far the Trojan does not contain any method to spread
from one computer to another. Once the Trojan is in
stalled on a victim's machine, it bypasses security
protocals or encryption applied by Skype because it sit
between the Skype process and the audio device.
process.

About The PCI Compliance Guide

Payment Card Industry (PCI) compliance is a complex and ever evolving subject affecting millions of businesses – acquiring banks, Independent Sales Organizations (ISOs), processors, hosts, shopping carts, e-commerce and retail merchants and other merchant services providers. The PCI Compliance Guide, powered by ControlScan, is one of the leading educational Websites available focused exclusively on PCI compliance. Beyond the expertise we bring to the PCI Compliance Guide, we work with many of the most renowned subject matter experts in the industry to deliver the latest information about PCI compliance guidelines, trends, best practices and practical tips to help educate the entire PCI compliance food chain.http://www.pcicomplianceguide.org/aboutpcicompliance.php

Your Questions Answered

By checking Microsoft Update regularly, you can make sure you've got the most recent Windows and Office improvements available to you. For Windows XP, go to Microsoft Update to start the process. Vista users don't need to sign up for Microsoft Update as an account is automatically created for you during registration.To Update: Click Express Install for priority updates. If you just want general updates that aren't critical, choose Custom Install. The site will do a quick check to see if any new updates are available for your computer. A window will appear if there are new updates ready to download. Click Install Now to update your computer.You can also configure your computer to receive critical updates automatically while you are on the Microsoft Update site. This free service is called Automatic Updates.

Your Hard Drive May Develop Bad Sectors

Detect and repair disk errors

Check the integrity of hard disk files running the
Error Checking utility.

Through use, your hard drive, it may develop bad sectors. Bad sectors slow down hard disk performance and can make data writing difficult, or impossible. This will scan the hard drive for bad sectors, file system errors to see whether certain files or folders are misplaced.

How To Use Error Checking Utility:

1. Close all open files.

2. Click Start, and then click My Computer.

3. In the My Computer window: right-click the hard disk you want to scan for bad sectors, then click Properties.

4. In the Properties box, click Tools tab.

5. Click Check Now button.

6. In the Check Disk box, select Scan for and attempt recovery of bad sectors check box, and then click Start.

(Select "Automatically fix file system errors" check box ONLY if you believe that your disk contains bad sectors.)

7. If bad sectors are found, choose fix them.

Welcome to the News Archive

Cyber-crime, Internet predators, and identity theft seem to make the headlines every day. This news archive provides you the most important and influential news stories about computer and Internet security, identity theft, how to stay protected, and more. The archive is constantly updated, so be sure to check back frequently for the latest news. Submit news articles: If you find a compelling news article you think should be added, please send the link to the article to .

http://www.invisus.com/

Tips On Hardware Upgrades For Your PC

XP's GUI theme is a candy-land departure from its classic Windows 95 style. It's blue, green and goofy looking. Some users like it, others detest it. Disabling XP's main GUI theme and enabling the Windows Classic theme can bring about a slight performance improvement. If anything, it gives you the classic Windows look that you will recognize right off the bat. Right press on the desktop and select the "Properties" option; drop down the "Theme" selection box and choose "Windows Classic".

Tweaking out DMA

Direct Memory Access or "DMA" is a method for hardware to request memory read/write access without bothering your CPU. When hardware can dip directly into the memory pool, your CPU is able to concentrate on other binary crunching tasks, effectively speeding up system performance.

Check to see if all your hard drives have DMA permission; giving DMA access to your hard drives can speed up disk access operations dramatically.

Use the right mouse button on "My Computer" and select"Properties"; navigate to the "hardware" tab and select "Device Manager"; look for the "IDE ATA/ATAPI controllers" item, expanding it; right press on each of your hard drives and select the "Advanced Settings" tab; make sure that "DMA if available" is selected for each hard drive attached to your PC.

Weeding out Unused Programs and Fonts

You can decrease the amount of time it takes for XP to boot up by uninstalling any programs that you don't use. Removing old fonts can also clear up much needed disk space. Give your TEMP folders a good cleaning:

C:\WINDOWS\PREFETCH, C:\WINDOWS\TEMP, C:\TEMP

Tweaking out XP's settings and options can dramatically improve your PC's performance, eliminating bottlenecks and giving your computer a much needed zip.

Don't want to waste time with your PC problems? I can save you money from high cost PC repairs. Give me a call for more information on hassle-free computing and making being on the computer fun again. You'll be able to relax with true peace of mind.

And Here’s The Shocking Truth

"Hackers Are Gaining Control Of Home And Small Business Desktops, Stealing Data And Collecting Processing Power…"

…And Here’s The Shocking Truth:

"Today’s Over The Counter And FREE Computer Software Protection Is Little More Than A Bandage To Cover A Large Wound…"

We know that’s a strong statement. We’ll give you proof:

A PC Advisor Magazine Blog article titled, "The Sky Has Fallen," dated January 22, 2007 states the sky isn’t falling, it fell a long time ago. And human greed combined with passive indifference means it’s only going to get worse. The article states that in 2006 alone, a third of all US adults had their identity and financial information stolen or lost. Bogus messages make up 90 percent of the email traffic on the Internet. Ninety-nine percent of all spyware exists to steal your money. Tens of millions of dollars are being stolen off the Internet every day from bank fraud, phishing attacks, bogus stock trades, extortion, etc. A large percentage of the Internet is owned and operated by the criminals, and they almost never get caught.

This article makes a eye opening prediction: In the future, there will be huge Internet crime theft. The loss will total in billions of dollars after a single hour. When it is through, it will interrupt the Internet, the banking system, and business in general for a week or more as we struggle to find out how it happened. Our resolve and trust in our money being stored in electronic bits will be tested. The author is so sure it will happen because we’ve got human greed on one side and passive indifference on the other.

The article wraps up with this… These are the facts, Internet criminals almost never get caught. They are successfully stealing tens of millions of dollars every day. Which is more likely to happen in the future: criminals will steal more, or criminals will steal less? We all know the answer. And while you are reading this free report and care, society in general doesn’t.

The FBI has stated that over the counter and free computer protection programs fail 82 percent of the time. This allows the spy ware, ad ware, viruses, Trojan Horses, and other maladies to get on the computer. What’s worse is that most of these products are reactive, meaning they allow the problems on the computer in the first place and then try to take them

Better Computer Performance

New Life To Your Computer

Just Follow these instructions regularly and you'll breathe new life into your PC.

Today I would like to share some quick tips on file recovery for your PC

Recovering Files Deleted from the Recycle Bin

It's an all too common disconcerting situation: you decide to do some spring cleaning--digital style--by emptying out your Windows Recycle Bin. With the mouse you command Windows to trash everything in your bin. A few minutes later you're hunting around your hard drive for an older copy of a spreadsheet you need to work on, and then you realize the horror. You tossed it into the Recycle Bin, and now it's gone forever! Take a deep breathe and don't stress out. You may have recourse in a situation like this; you may be able to retrieve your precious data from oblivion.

Many Windows users believe that once a file is deleted from the Recycle Bin, it's gone for good, not to be found again. This is what appears to be happening, but if you take a look underneath the hood of Windows, you may be surprised at what's happening. In actuality, when trashing files from the Recycle Bin, Windows doesn't erase your data from disk; it's still there, but it's hidden from your view, leading you to believe it's been entirely erased.

Windows covertly "marks" deleted files from the Recycle Bin, so the next time data needs to be written to your hard drive, Windows knows that it can completely erase the "marked" files (data deleted from the Recycle Bin) with the new data.

With this concept in mind, it becomes possible to recover the "marked" files, retrieving what you once thought to be lost forever. Let's go over a couple techniques to prevent a data lose situation.

Prevention: A First Defence

Windows XP has a neat little feature built into Windows Explorer called "Briefcase". Briefcase is essentially an intuitive way to synchronize folders of files across two locations. Instead of working on files in one folder, and then copying over the entire folder to a new location each time you want a backup of it, Briefcase takes care of the synchronization task for you, quickly and easily.

So if you know you have a backup of your data somewhere, you'll be more confident of deleting extra copies of files, and deleting from the Recycle Bin won't produce anxiety. A good way to use the Windows Briefcase is to have one folder that you wish to backup on your PC's hard drive and a synchronized copy of this folder on a USB flash drive, completely separate from your PC's main hard drive. Knowing that you have an up-to-date backup of your data can certainly put your mind at ease.

To use the Briefcase, simply open up Windows Explorer, go to "File", "New", and select the Briefcase option. Follow the Briefcase instructions that Explorer pops up in a dialog box. With a current backup of all your important data, you'll be able to easily recover from accidental data deletions.

Recovering Deleted Recycle Bin Files

Now let's discuss a way to recover files that you've deleted from the Recycle Bin. How does one go about retrieving these files? There's a neat freeware tool called "Restoration" that lists files that have been deleted from the Recycle Bin, allowing you to recover gracefully from your hasty deletion campaign. So, let's say you've just deleted a file you just realized you really needed from the Recycle Bin. Provided you didn't just write a lot of data to your hard disk, "Restoration" may be able to find and recover it for you. "Restoration" is very easy to use: simply select the hard drive that the deleted file resides on and press the "Search Deleted Files" button.

If you know all or part of the file's name, type this in to aid in the search process. "Restoration" isn't perfect; there were several instances where this utility couldn't find a file that I recently deleted from the Recycle Bin, but, for the most part, it seems to work great a majority of the time, and it's without any charge. You can download the latest version of "Restoration" here:

http://tinyurl.com/33ef6v

Don't want to waste time with your PC problems?For I can save you money from high cost Computer PC repairs. Call me for more information on hassle-free computing and making being on the computer fun again. You'll be able to relax with peace of mind.

Your Questions Answered

How to Add More Memory to Your Computer.

Your Computer RAM stands for Random Access Memory. This is where a computer files your work. The more RAM a computer has the larger the file that you can work on. Adding RAM to an older computer is a great solution for speeding it up before you plunk down cash on a new one.

Desk Top:

1. Shut down computer and unplug from wall.

2. Open side of the case. It should just pop off unless your computer was manufactured more than 3 years ago. If it is older, you'll need a small Philips screwdriver.

3. Pull off the slot and locate the empty spot where the memory stick goes.

4. Use a static strap ($5.99 at radio shack) to make sure there's no static electricity. The presence of static electricity could potentially damage your memory.

5. Install your memory stick. Align the tab properly, hold the slide in slot and gently push down. Plug in and boot up computer. It should say, "The amount of system memory has been changed." All you have to do now is press the F1 key.

Laptop:

1. You can purchase memory from any online manufacturer. Plug in the model number to ensure that you get the right memory.

2. Locate the door on the bottom of the laptop. Open it with a Phillips screwdriver.

3. Find empty slot and take the memory stick and gently place it with the tab properly oriented (It can only go one way) gently push down on one side.

4. Your laptop is ready to go.

To receive my Insider's Computer Security Report:

http://topsecretfreereport.com/makeadifference-x

Friday, July 31, 2009

Wednesday, July 8, 2009

Friday, July 3, 2009

About Me

Who Is Lurking On Your Computer's PC ....

Blog Archive

Keep Your Computer Running Safe and Hassle Free, Like New

Approved Scanning Vendors

468x60px Hosting Special!

PHONE CALLS Recorded By New Skype Trojan

About The PCI Compliance Guide

468x60px VPS

Your Questions Answered

For Unprotected Small Firms Sophisticated Cyber Attack Can be Financially Devastating

Your Hard Drive May Develop Bad Sectors

Welcome to the News Archive

120x60px Hosting Special!

Tips On Hardware Upgrades For Your PC

And Here’s The Shocking Truth

Better Computer Performance

Bank Statements Next-gen Trojan Rewrites

About Identity Theft

FBI.gov Internet Crime

Business Owners, are you complying with the Red Flags Rule?

Cyberspies penetrate electrical grid: report

How to tell, what to do if computer is infected

Free Spyware Test

look at the Numbers "Cybercrime"

Your Questions Answered

If you have a question about ID cybercrime, computer protection,

A new tool to fight identity theft

You Need Whole Identity

Followers

Also: E-mail petitions are NOT acceptable to White House, Congress or any other