Computer Security Weblog

One thing that criminal computer attackers like to use in their phishing e-mails is some current event.  All around the world, there is a lot of support for Tibet against the Chinese government.  With news coming out being restricted by the Chinese, people are hungry for information.  What a perfect setup for a social engineering tactic to get people to click on either attachments or links in phishing e-mails.

Never trust unsolicited e-mail period.  Never, never, never trust it.  No matter what the topic in e-mails, never click.  Computer attackers have to have your help before YOU can be taken advantage of.  Clicking things many times installs the attackers downloaders that then downloads and installs the really nasty code.  Gone are the days where e-mails that have misspelled words, broken English that really gave us a clue that something isn’t right.  Attackers have linguists, psychologist, and some really smart people who can code the malware (criminal malicious software) and you are the target.

Remember that they need you to click on either an attachment or link to a malicious site to take advantage of you.  You are your own best defense.  Know the tactics being used.  Be prepared and don’t click.  NEVER.

It was a short night for me because I was watching my Kansas University Jayhawks win the National Championship game last night.  Gotta love those Hawks and I’m so happy for Coach Self and every single kid on that team but especially the 5 seniors on the team.  Rock Chalk Jayhawk.  GO KU!!!  What a season and what a dramatic finish.  Now the story is, what will Coach Self do when he gets offered TONS of money to move to coach Oklahoma State University.  Personally I think he will stay and be there for a long time.

Stay safe out there.  Rock Chalk!!  We’ll talk again in a few days.

Well any readers know that I’m a big Kansas University fan and we played the Tarheels from Carolina tonight. Kansas dominated out of the box but then went flat before finishing the Tarheels from UNC. Well I must admit that I was worried when Carolina made its big run.

Anyone familiar with Kansas University basketball knows that Roy Williams left Kansas as the coach and went back home to UNC to coach. Many in this part of the country are mad at Roy. Well I’ve been asked am I mad at Roy for leaving after 15 years at KU. I say this every time. During the KU run in the 2003 Final Four, I always felt that Dean Smith was actively going after Roy right in the middle of when he should have been concentrating on KU. Everyone who saw as KU had won a game, I think against Duke, a reporter was asking Roy about the UNC coaching vacancy. His comment was not censored when he said “I don’t give a sh@t about North Carolina” on CBS. Wasn’t true but at the time, around here we all felt the same way. Long story short. He left. So I was really ready to play them when they both went on to the Final Four this year.

Really I was concerned because Roy is a great coach and his teams were always good. Kansas is a very good team this year also. Anyway, Roy, I’m good with you. I’m not among the haters here. And for us fans, I felt pretty good as well as all others in Jayhawk country after the game was over. Rock Chalk Roy. Join us in cheering on the Kansas University Jayhawks Monday night.

Next post will actually be about computer security. I promise. Bring it home Hawks!!!

I am signed up for regular online newsletters through SANS.org which is a computer security site that I reference daily.  In this current issue I found this story to be applicable to many people out there today.

Here is the story:

John Y. at a US community college writes us:
A computer used by one of our staff was compromised in December, and began sending email advertisements for Viagra and Cialis to large numbers of addresses. We caught it fairly quickly because we have monitors that look for that kind of behavior on our network.  An analysis of the computer showed that it had been infected when the user visited a small Mom-and-Pop type arts & crafts store on the web. The
Mom-and-Pop website had been “re-programmed” by someone in Ukraine to send a blast of software attacks at anyone unlucky enough to visit it.  One of these attacks was directed against a vulnerability in a version  of Apple QuickTime released just two weeks before the attack. Symantec Anti-Virus stopped all of the attacks except the QuickTime attack.  Sadly, it only takes one successful attack to compromise any computer.

Lessons We Learned
- - - Small Mom-and-Pop websites can pose a greater risk than the sites of big vendors like Amazon.com. Owners of small businesses often don’t have the expertise or resources to protect their sites from being
compromised and used by Bad Guys. Once a website has been compromised, it can then be used to attack your computer.

- — Anti-virus is still a necessary defense, but it can’t do the whole job.  In the past, computer criminals wrote viruses that broadcast themselves all over the Internet, making it easier for anti-virus companies to identify them and develop a countermeasure quickly.  Now, attacks are much more targeted and the criminals have gotten better at making attack software that is harder to detect. Anti-virus makers are
finding it difficult to keep up with the criminals.

- — Bad Guys are targeting many applications that run on your computer, as well as the operating system. The campus computer that was compromised was completely up-to-date with its Windows security patches.
But in order to keep your computer secure (besides patching Windows, Internet Explorer, and Office, all done automatically through update.microsoft.com, you have to patch commonly installed applications like QuickTime, RealPlayer, Adobe Reader, Adobe Flash Player, and Sun Java, all of which can be attacked through your email or web browser.

—————-

Now we’ve talked about these other applications and the importance of patching.  Many of these vendors are automating their process to update their applications.  It’s not there yet so you need to make sure on your own that these applications are patched.  Most times, you can open them up and go to the HELP option and there you will find an option to Check for Updates.  Do this to protect yourself.

Tonight is the BIG GAME!!! Remember all Tarheel fans can disregard any advice I give.  Tyler Hansborough (Don’t know if that is the correct spelling.  Really don’t care.) is on the cover of SI so hopefully that will be the famous SI Jinx.  ROCK CHALK JAYHAWK!!! GO KU!!!!  Love my Jayhawks and both these games today will be awesome to watch.  Stay safe, patch and may my Jayhawks from the University of Kansas bring home the National Championship.