Archive for the ‘news’ Category
A court has ruled that a home owner is responsible for securing his wireless network with a password. The owner had been away on holiday when someone used his internet connection to download copywrited material from the internet. While the owner proved he did not download any of the material he could still be fines up to €100 (£86)
The courts said
Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation, while it did not find the owner guilty of actual copyright violation the ruling was that the person must take a degree of responsibility for their connection being used to break the law.
Davis Harris, a British intellectual property barrister said that the verdict was "eccentric"
I don’t think there is any prospect that a UK court would follow that guideline," he told BBC News.
"There is no criminal provision in English law that requires you to secure a wi-fi connection, and currently no liability for the acts of another party if they misuse your connection.
There would be "substantial hurdles" to implementing this judgement in the UK
This just goes to show what having an unsecured wireless network can do and while this might not be enforceable in the UK what would happen if you were not away and the police had to take your computer equipment just to prove you had not committed any crime.
It is always worth while securing your network not only to stop people accessing it but also to stop them being able to view what you are doing as well
I have tweeted about this before but now Google has started to warn about it. Scareware is where a malicious piece of software disguises itself as a normal program but then demands money from you otherwise your something will happen.
I have always seen the fake anti virus ones that pop up and can not be closed down, they say your computer is infected and unless you pay a set fee to buy this program then they will not remove anything. The truth is that program is the malicious code and often adds other malicious programs which, even if you did pay, it would not remove them. The name of this program changes every so often, one was called anti virus 2009.
Anyway back to Google, they scanned 240 million web pages over 13 months, January 2009 to February 2010, and found that fake anti virus programs accounted for 15% of all malicious software. Over 11,000 web domains were involved in the distribution of the fake anti virus software. This attack is mainly aimed at Windows machines and is usually delivered through ADVERTS. The reason I highlighted adverts is I often get asked if it was because someone in the household had been on ‘adult’ sites, while some will be on adult sites most are now using normal looking website so they can get a greater infection.
Trusteer, a security company, reports that Zeus is the number 1 botnet with over 3.6 million pc’s infected and that is only in America. Now that is a scary figure.
What is a botnet and what does Zeus do?
Botnet is a term for a collection of softyware agents or robots that run autonomously and automatically. A bot typically runs hidden and uses a covert channel to communicate with its C&C server. Generally, the perpetrator of the botnet has compromised a series of systems using various tools. Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community
See the Wikipedia definition
Zeus steals you information like back details and other usernames and passwords and reports them back to someone who can then sell this information onto criminals. The BIG problems with zeus is even if you have a good anti virus program and keep it up to date it only reduces your chances of being infected by 23%. It spreads by email and by downloading or activating activ-x controls on infected websites.
Another security company called Prevx said in their blog that only a few computers are infected by each variant of this virus to help prevent it from being detected and by the time it is detected it usually has done it’s job.
If you want to search for it Prevx also says what to look out for, although these name may have changed
The ZEUS trojan will commonly use names like NTOS.EXE, LD08.EXE, LD12.EXE,PP06.EXE, PP08.EXE, LDnn.EXE and PPnn.EXE etc, so search your PCs for files with names like this. The ZEUS Trojan will typically be between 40KBytes and 150Kbytes in size.
Also look for a folder with the name WSNPOEM, this is also a common sign of infection for the ZEUS Trojan.
Finally, check the Registry lloking for RUN keys referencing any of these names.
According to the BBC news the latest version 1.6 can only infect people using Internet Explorer or Firefox but I would be careful no matter which browser you are using
The guardian has also reported that two people were held over this virus but is continues to be a major problem today so please watch out and search for the above.
Fix it is a piece of software that has been available for windows 7 and they have now made it available for windows XP and Vista, although it is only in the Beta version.
It’s goal it to is to alert you to known issues and help you fix them easily. It does not have everything in it’s database but has about 300 of the most common problems that stop Windows from working, as well as trying to anticipate how any security updates will affect your computer before it tried to apply them.
The software does keep a list of both hardware and software on your computer so you can give Microsoft detailed information, or give the information to your local computer repair company.
This free software can be downloaded from Microsoft’s support pages and installed on several computers if you wanted. If you are using XP then you must have service pack 3 installed
This might sound like a silly question if you have selected automatic updates, but times have changed and Microsoft have introduced a new rule. If Microsoft detect a root kit virus they will not install any more updates.
Why?
In February Microsoft issued an update that conflicted with a root kit virus and left a lot of machines unusable due to some operating files becoming incompatible with the kernel.
Microsoft know that if they were to blindly apply these updates and more computer crash then people will turn the automatic updates off. This mean that a lot more machines will be able security loop holes in them and more change of being hacked or ending up with a virus, both are not very good and can get you disconnected if your ISP detects any unusual behaviour from your computer.
Detection and removal
Knowing what program are genuine and trustworthy is not easy from looking at a website but bellow are some that we trust. If you are getting the above problems and have installed one of these but it does not detect anything then try another as I have yet to see one that is perfect. The below list are free but you can also buy the full version
- AVG
- Avira
- Malwarebytes
- F-Secure – Blacklight
- Mcafee
- Panda
- Sophos
- Trend Micro
If you are wanting to pay to get better protection I would also recommend
- AVG internet security
- Malwarebytes
- Bit defender
- Gdata
If possible I would start a scan in safe mode using one of the above, this will stop some viruses from starting up and give the programs a better chance of removing them.
Some of you may remember the good old days of dial up internet access and the pearls it brought with viruses. The dreaded dialler virus where it would disconnect your modem from your ISP and then dial a premium rate number costing up to and sometimes over £1 per minute. By the time you realised what had happened or you got your phone bill you quite often had to pay several hundred pounds after all dial up was slow and took a while to do anything online and if it had a lot of pictures then you had tine to make a coffee. Now these people were clever in that they muted your modems speaker and had it done so quickly you just thought that it was taken a bit longer than normal to load a web page.
Well they are back but not for your computer but for your new shiny smart phone. Security firms have noticed a rise in the amount Trojans known as diallers. like their older relatives they dial premium rate numbers and you then get hit by a large bill and they get some of that money.
Writing on the CA security blog, Akhil Menon said
it was seeing a "an increasing trend of trojan diallers.
Mr Menon profiled one such virus, called Swapi.B, which sends premium SMS messages.
"The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent,"
Mikko Hypponen, head of research at F-Secure which makes security software for mobiles, said
it had seen a "handful" of diallers in recent months.
They were popular because they get round one of the big problems facing anyone wanting to make money out of Windows viruses. PC malware can’t just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam.
However, mobile malware can just instantly steal from you by making premium-rate calls or messages. Some diallers sent messages or rang many different numbers, including legitimate ones.
The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number. How would you fight this? Shut down all the numbers, including the innocent ones?
A lot of people still think that you only get viruses by visiting porn sites but this is not true. I have seen computers being infected from normal looking sites and even sites which are legitimate websites but had been hacked into and malicious code inserted but the overall look was not alerted.
If you want to protect your phone from this type of attack then you will need a mobile anti virus program. F-secure make one and if you search around you will find others as well.
The battle between the EU and Microsoft
After years of court battles, hefty fines and more fines in the future it looks like Microsoft have finally given the EU a solution they are happy with. If you use Internet Explorer in the EU you will be sent a small update giving you the choice of between 10 and 12 different browsers including some of the more common ones. This will happen on XP, Vista and windows 7 machines and is reportedly going to be in a neutral window and not in an Internet Explorer windows with the options in a random order.
The main browsers will be:
Internet Explorer , Firefox, Chrome, Opera and Safari on the main page but you can scroll to get AOL, Maxthon, K-Meleon, Flock, Avant Browser, Sleipnir and Slim Browser. This list will be reviewed every 6 months and Microsoft expects 100 million machines to have displayed the pop-up by mid-March.
Browser Popularity
The percentage of global internet traffic using the following browsers:
Internet Explorer – 56%
Mozilla Firefox – 32%
Google Chrome 5%
Safari – 4%
Opera – 2%
This could just be the beginning with other now wanting to challenge other default programs the Windows bundles, like notepad.
What browsers do you use and why?
I use Internet Explorer for Microsoft sites and go between Safari and Chrome form my main browsing. I used to like Firefox but I think it has went downhill in the last year.
