Bay Geeks Computer Repair Services

December 29, 2008

Santa left a virus under the Christmas tree

Filed under: Malware, viruses — Tags: , , — admin @ 9:14 am

Amazon has warned its customers that one of Samsung’s digital picture frames shipped to customers infected with a virus. While Samsung has some egg on its face, malware that ships on consumer hardware is not as serious of an issue as it may seem.

Earlier this week Amazon alerted its customers to an issue affecting the installation CD that shipped with the Samsung SPF-85H 8 inch Digital Picture Frame. Apparently the CD shipped with a copy of the W32.Sality.AE virus. Amazon is recommending that people download a recent copy of the application directly from Samsung’s website rather than using the CD.

So yes, this is embarrassing for Samsung. It shows that either they or the subcontractor who cut the CD need to tighten up their processes surrounding manufacturing systems. There is no reason for those machines to be exposed to malware, let alone not run up-to-date anti-virus to catch these infections.

The customers have a pretty low likelihood of being infected by this malware, though. Any system running up-to-date anti-virus would have been guaranteed to spot the potential infection, as the delay between when the CD was first cut and when the customer attempted to install the application was far longer than the average amount of time it takes for a piece of malware to be detected by an anti-virus package. If the system wasn’t running an up-to-date anti-virus package, well, it probably had oodles of malware already, and the marginal cost of one more infection is pretty small.

I suspect next year Samsung will be asking Santa for security people who are tightwads about compliance.

Adam J. O’Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.
By Adam J. O’Donnel, Ph.D.
Source

The Facebook virus spreads: No social network is safe

Filed under: Malware, viruses — Tags: — admin @ 9:10 am
“KOOBFACE” is the name of the Trojan worm that’s been making its way through the social networking site Facebook lately, but to the site’s users, it’s been simply known as “the Facebook virus.” That name will soon become a misnomer, though, because the worm is now spreading outside of Facebook’s walls to attack other social networks like Bebo, MySpace and Friendster.

About Koobface
Once a computer has become infected with the Kooface worm, it spams the friends belonging to the owner of the computer by leaving comments on their profiles. Those comments appear to come from the infected user, saying things like “Are you sure this is your first acting experience?”, “is it u there?”, “impressive. i’m sure it’s you on this video”, “How can anyone get so busted by a spy camera?” and “You’re the whole show! i’m admired with you.” Save for that last one, whose bad English will likely raise a flag that all is not what it seems, the other comments appeal to people’s vanity. They wonder: is that really a video of me? and then click through on the link provided.
The link actually takes them to an off-site page which pretends to offer a video download from “YuoTube,” but then stalls saying that you’ll need a new version of Adobe’s Flash Player installed in order to continue. Of course, if you click the button to proceed with the install, you’re infected. Infected users are then directed to even more contaminated web sites when they try to use search engines, which puts them at risk of identity theft, among other things. “Search terms are directed to find-www.net,” said McAfee’s Craig Schmugar, and that “enables ad hijacking and click fraud.”

Social networks will be the new breeding ground for viruses
Koobface may not be the first bit of malware to hit the social networks, but it has become so widespread that it now accounts for one percent of ScanSafe’s blocked malware, said ScanSafe senior security researcher Mary Landesman. (Facebook will not disclose how many members are infected.)
What’s frightening about the spread of this Trojan is not the worm itself - it’s really nothing new in terms of malware - but the way its being spread. Over the years people have learned to be suspicious of unknown links and attachments in their emails, so the virus writers turned to hit us where we’re more vulnerable: on our social networks. Here, many people still have a feeling of comfort and security. They don’t always have their guard up.
According to Graham Cluley, senior technology consultant at Sophos, “a key factor which helps social-networking spam and malware succeed is that people are more prepared to click on a link or message if they believe it is from someone they know. The average person is used to receiving unsolicited e-mails in their regular inbox, but believe messages have more credence when they arrive via Facebook. The message is clear — people need to beware.”
Cluley also warns that the situation is going to get worse next year. There will be more attacks and they will become more sophisticated. “It will probably take a long time before the general public begins to learn that hackers and scammers are using the system for their own ends.”

How To Protect Yourself From Koobface
Besides doing the obvious - running an up-to-date antivirus, security patches, and firewalls - you should be on the look out for the following:

u A sample spam message:

u The malicious site:

u The warning message:

You should also keep an eye on Facebook’s security page (http://www.facebook.com/security) which warns of the latest threats. – New York Times

By Sarah Perez
Source

October 15, 2008

State of Malware in 2008

Filed under: Antivirus, Computer Advice, General, Malware — Tags: , , , , , — admin @ 1:56 pm

Vulnerability Assessment & Vulnerability Remediation

Bay Geeks is now offering an in-depth vulnerability assessment & vulnerability remediation solution.

Bay Geeks has been strategically aligned with global leaders in the information security industry to provide the most comprehensive, in-depth vulnerability analysis which not only covers your critical systems but also your PC workstations.

We were invited to participate in a recent security conference along with several other leaders in the security industry. “We’ve seen a shift from hackers and virus writers almost exclusively targeting Windows machines (81%) to recently 92% of the exploits targeting 3rd party applications” according to a Senior Security Evangelist with Kaspersky Labs .

Microsoft, after years of public scrutiny has made tremendous progress in securing the most popular operating systems in the world. So much so, that these hackers are realizing that as soon as they start taking advantage of various exploits, Microsoft is already working on patching these holes.

These international crime rings have some of the most talented individuals, committed to their cause, constantly learning from the collective work of their respective colleagues who share tips, techniques and processes in much the same way the security analysts work who are dedicated to thwarting their archenemies, but publish much of their findings online for all to read.

These illicit groups have realized that they are having much more success targeting 3rd party software (Adobe Reader, Flash, Real Player, Google Earth and others) because these other software companies don’t have the resources in place to address the security issues as quickly as Microsoft. The more time they have with unpatched vulnerabilities, the more profitable their ventures will prove.

Keeping up with Microsoft Updates is no longer sufficient to protect yourself from these attacks. Well-trusted web sites have become unknowingly infected, such as USA Today, Superbowl, CNET, Walmart, Target, ABC News, Bank of India and more.

What we’re seeing is a frightening reality: The internet is under permanent siege.

  • - Malware is up 278%  in 2008
  • - 1-in-5 desktop applications are unpatched
  • - 98% of PCs have unpatched software
  • - Over 90% of all e-mail sent is spam
  • - Majority of these e-mails are lures for malware
  • - 2H07: MSRT removed malware from 15.8 million computers worldwide – 80% increase over 1H07
  • - Total disinfections in 2H07 rose to 42.2 million, an increase of ~ 120% over 1H07

Bay Geeks solution:

We’ll analyze your system on a quarterly basis to identify known security holes and other issues with your system.
 

Vulnerability Assessment: A Bay Geeks Security Analyst will provide an in-depth analysis of your computer systems.  Our database of more than 7,500 software titles will ensure we find problems with some of the most obscure applications on the market (past and present). We will ensure your anti-virus is up-to-date, anti-spyware measures are sufficient and up-to-date, we will identify deficiencies in your operating system and provide a detailed report on our findings. 

This detailed Vulnerability-Threat Assessment & Report is currently $50.00 for a limited time (normally $89.00).

Vulnerability Remediation: A Bay Geeks Security Analyst will work through the report to resolve outstanding security issues identified in the Vulnerability Assessment.

  Our Vulnerability Remediation service is provided at our standard service rate.
 

Call Bay Geeks today at 727.579.GEEK (4335) or go to www.BayGeeks.com for details.

Powered by WordPress