Archive

Monthly Archives: April 2010

Malware Sent via PDF Attachment

A new attack has been detected that attempts to spread data-stealing malicious code via an email with the subject “setting for your mailbox are changed.” Users should not open this email or the attachment. The email includes an infected PDF attachment called “doc.pdf,” which, when opened, runs a set of scripts and executables on the recipient’s computer that infect or spoof various Windows programs and services. The methods used do not require JavaScript in order to execute. Once infected, the machine will then periodically contact malicious Web locations to download and update itself with any of the latest malicious and data-stealing viruses.

If you have IndigoGUARD you are protected.

If you do not have IndigoGUARD please contact BWS Technologies.

What does it do? The primary vulnerability involved is related to the “/Launch” functionality that is implemented in all major PDF viewers, such as Adobe Reader, Web browsers, and FoxIt Reader. The /Launch action does not require JavaScript to be enabled, so disabling JavaScript or other active content does not address the vulnerability. Currently, this vulnerability is being used as part of an attack that spreads via an email that may include descriptive verbiage such as the following:

Subject: setting for your mailbox are changed
Attached: doc.pdf
SMTP and POP3 servers for mailbox are changed.
Please carefully read the attached instructions before updating settings.

When the attached document is opened, the recipient’s PDF viewer will execute the /Launch command included in the document parameters. This will, in turn, pass echo statements to cmd.exe to create a vbscript file called “script.vbs”, which will then extract a second script called “batscript.vbs”, and then finally use that to create and run a Trojan executable called “game.exe.” Game.exe attaches itself to Windows Explorer and creates a new schost.exe service in order to hide itself and to ensure that it is always running.
Three seconds after installation, the original script file cleans up the remaining evidence by deleting the scripts and executable files created during infection. The new svchost.exe process will then periodically contact three domains over HTTP: jademason.com, 1foxfiisa.com, and dolsgunss.com, in order to download new code or instructions, or upload stolen data.

According to NitroSecurity’s SIEM Blog, some of the major antivirus products from vendors such as Avast, AVG, Symantec, McAfee, eTrust, and Trend Micro currently have signatures available to detect the file attachment as malicious; however, few of the remaining top 40 antivirus products are able to detect any of the files associated with this attack. Gladiator recommends that users do not open any emails or attachments like the ones described above and should always exercise caution regarding any suspicious or unsolicited email received.

via Gladiator Research and Security

  • 04/30/2010
  • IT

Fake anti-virus software

Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google. Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software.

Scammers trick people into downloading programs by convincing them that their PC is infected with a virus. Once installed, the software may steal data or force people to make a payment to register the fake product.

Surprisingly, many users fall victim to these attacks and pay to register the fake anti-virus software. To add insult to injury, fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made.

You should “always be suspicious” if they were confronted with a pop-up telling them you need to download something extra or spend money to clean up a computer.

The study, analyzed websites between January 2009 and February 2010. It discovered more than 11,000 web domains involved in its distribution of fake anti-virus. More than half of the fake software – which predominately targets Windows machines – was delivered via adverts, Google said.

One of the key ways that hackers spread fake anti-virus was so-called black hat search engine optimization techniques. The hackers track trending news stories – such as the death of Michael Jackson. They then create websites stuffed with content, which in many cases can appear on the first page of search results. Anyone clicking on the link, will be confronted with a pop-up with a link to fake anti-virus software.

Google uses tools to filter out booby-trapped websites, but hackers manage to avoid detection by moving between domains quickly.

Bottom line: If you already have anti-virus installed you shouldn’t need to do that!

If you need assistance or have questions please contact BWS Technologies

Google Study PDF via PCWorld

  • 04/30/2010
  • IT

10 Tips To Search Google Better

Just guess, you probably use Google many times a day. But, like most people, you probably still use Google in its simplest form. The list is by no means comprehensive. But, by learning and using the 10 tips below, you’ll be able to get better results faster. The search tips are intentionally short as you will more than likely learn more simply by trying these tips yourself. I suggest you bookmark this article, then they will be on hand during a desperate attempt to find something..

1. Search explicitly for a phrase:
Enclose the search phrase within double quotes.
Example: “internet marketing”

2. Exclude any results that contain a term:
Use the “-” sign in front of the word you want to exclude.
Example Search: internet marketing -advertising

3. Search within a site:
Even if the site doesn’t support a built-in search feature, you can use Google to search the site for your term.
Use the “site:somesite.com” modifier.
Example: “internet marketing” site:www.smallbusinesshub.com

4. Search Similar Words & Synonyms:
Let’s say you are want to include a word in your search, but want to include results that contain similar words or synonyms.
Use the “~” in front of the word.
Example: “internet marketing” ~professional

5. Search By Document Types:
Use the modifier “filetype:”.
Example: “internet marketing” filetype:ppt

6. Get search results for one or more terms: 
By default, Google will include all the terms specified in the search. If you are looking for any one of one or more terms to match.
Use the OR operator. (Note: The OR has to be capitalized).
Example: internet marketing OR advertising

7. Lookup Phone Listing:
If all you have is a phone number, you can look it up.
Use the “phonebook:” command.
Example: phonebook:617-555-1212 (note: the provided number does not work – you’ll have to use a real number to get any results).

8. Lookup Area Code:
Just enter the 3-digit area code.
Example: 617

9. Calculate it:
Just type your expression in to Google.
Example: 48512 * 1.02

10. Find a Definition:
Simply use the “define:” command.
Example: define:plethora

How To Protect Yourself against Credit Card Fraud

Credit card fraud haunts every credit card holder. It can strike at any time, and without warning. It can be merely annoying, such as having to call and cancel your stolen card, to the downright catastrophic, such as identity theft. So, it pays to know what the most prevalent types of credit card fraud are, how victims are tricked, and how you can protect yourself.

Six most serious threats

  1. “Card Not Present” Orders
  2. Application Fraud
  3. Account Takeover
  4. Phishing
  5. Skimming

Six protection tips

  1. Don’t Habitually Leave Home With Your Card
  2. Use Virtual Credit Cards
  3. Shred Your Mail
  4. Do Not Submit Credit Card Numbers to Bank Emails
  5. Shop Only at Trusted Merchants
  6. Review Your Billing Statements Periodically

Read more at BillShrink

  • 04/28/2010
  • IT

Facebook always asks me to update my email address

Every time I resubmit an email address it tells me its invalid. Could this be a problem with my email?

Yes and No :^)

Yes > Some users are seeing a “Please update your email address” message after logging in because their email service provider is most likely treating Facebook emails as spam. To resolve this issue, please contact your email service provider and let them know about your problem receiving emails from Facebook.

No > It appears Facebook never sends the confirmation emails out. It is a bug in their system and it has been reported. Just keep trying.


Facebook FAQ

  • 04/27/2010
  • IT

Who makes the most reliable laptops?

There’s nothing worse than buying new gear that malfunctions shortly after you purchase it. If you’re in the market for a new laptop, the warranty company SquareTrade released a research paper late last year analyzing failure rates for over 30,000 laptops covered by their warranties. The report is full of good information worth considering before your next big purchase.

The highlights of the study:

Nearly 1 in 3 Laptops fail over 3 years: Looking at the first 3 years of ownership, 31% of laptop owners reported a failure to SquareTrade. Two-thirds of this failure (20.4%) came from hardware malfunctions, and one-third (10.6%) was reported as accidental damage.

Netbooks are a lot more failure prone than laptops: Netbooks are projected to have a 20% higher failure rate from hardware malfunctions than more expensive laptop computers.

ASUS and Toshiba were the most reliable manufacturers: They have fewer than 16% having a hardware malfunction over 3 years. It’s also perhaps a little surprising that a company like Apple, known for its hardware, still ends up a percentage point or two worse off than companies like ASUS and Toshiba when it comes to laptop malfunction rates.

via SquareTrade

  • 04/27/2010
  • IT

Goodbye 3.5-inch floppy disk

The days of the 3.5-inch floppy disk are now officially numbered. Sony has delivered floppy disk’s last rites. Sony, which boasts 70 percent of the anemic market, announced Friday that it would end Japanese sales of the ancient storage medium in March 2011.

via cnet

  • 04/26/2010
  • IT

Facebook: The Community Page Push

Facebook is now prompting users to edit their profile information to link either to official Pages or to Community Pages.

Community Pages are intended to capture public-facing topics, concepts, themes and anything else that doesn’t fit either as something “official” or as a narrowly-focused Group. Examples can be anything from geographic locations to types of cuisine to whatever else you can imagine. Many unofficial Pages are being converted into Community Pages, with one key difference being that Community Pages don’t have owners if they get big enough. This also means they don’t get out into the news feed.

The new Pages started going live on April 1, but the company didn’t reveal much about it then. Now we know more. Facebook has both designated some existing Pages as new “Community Pages” and it has also created 6.5 million on its own, it tells us. These new Pages include a live stream of all recent relevant Facebook information from your friends — as well as public status updates — in addition to relevant information about the Page as drawn from Wikipedia. There are a few other bells and whistles here; pages about locations, for example, often include maps.

via insidefacebook.com

  • 04/23/2010
  • OS

Yes, Facebook Apps Have Your Data… and how to delete them

Facebook seems to change up its interface, and its settings, every few months, so if you thought you knew the easy way to remove an application entirely before, you might want to take a quick refresher. Not all Facebook applications are out to mine your personal stats for nefarious gain, but if you’ve kept an app or two hanging around because you thought there wasn’t much exposure.


1. Click on “Account” at the top-right of the screen.
2. Click “Application Settings”
3. Change the “Show” drop-down box to “Authorized.” This will show all the applications you’ve ever given permission to.
4. In the resulting list, click the “X” button on the far right next to each app you want to remove to delete it.
5. On the pop-up box that appears, click “Remove” then click “Okay” on the next box confirming the app was deleted.

Yes, Facebook Apps Have Your Data

The new policy, however, brings to light something that your average Facebook user may not have ever known at all: Facebook applications access your personal data.

The ACLU put together an awareness campaign surrounding the privacy issues of Facebook applications. Using a sample app, the ACLU’s Facebook Quiz, many everyday Facebook users were shocked to find that applications (like quizzes) could access almost everything on a user profile, including hometown, groups you belong to, events attended, favorite books, and more. What’s worse is that your profile information becomes available to developers when your friends take the same quiz.

via readwriteweb.com

  • 04/22/2010
  • IT

Earth Day – Electronics Recycling Facts

Only 13.6% of the consumer electronic products generated into the municipal waste stream (meaning, that people tossed out) were “recovered” for recycling in 2007. This compares to the overall recovery rate of all categories of municipal waste was 33.4% in 2007.


68% of consumers stockpile used or unwanted computer equipment in their homes.

The EPA estimates the following quantities of electronics were in storage by 2007

Televisions: 99.1 million
Desktop computers: 65.7 million
Desktop monitors:   42.4 million
Notebook computers: 2.1 million
Hard copy peripherals: 25.2 million (printers, copiers, faxes, multi’s)
TOTAL:  234.6 million units in storage

Precious metals are recovered from e‐waste recycling. One metric ton of electronic scrap from personal computers (PC’s) contains more gold than that recovered from 17 tons of gold
ore. In 1998, the amount of gold recovered from electronic scrap in the United States was equivalent to that recovered from more than 2 million metric tons (Mt) of gold ore and waste.

A ton of used cell phones (6000 phones, a tiny fraction of today’s 1 billion annual production) yields $15,000 in precious metals ‐‐ contains about 3.5 kilograms of silver, 340 grams of gold, 140 grams of palladium, and 130 kg of copper, according to StEP. The average mobile phone battery contains another 3.5 grams of copper.

Recycling metals from e‐waste uses a fraction of the energy needed to mine new metals  Recycling aluminum uses saves 90% of energy of mining new aluminum. It also prevents the creation of 13 kilograms of bauxite residue, 20 kilograms of CO2, and 0.11 kilograms of sulphur dioxide emissions, and causes many other emissions and impacts.

Reuse Creates More Jobs. Compared to disposal, computer reuse creates 296 more jobs per for every 10,000 tons of material disposed each year.

How can you help? It is easy… just remember to recycle your electronics

If you are worried about your data on your hard drive… contact us. BWS @ 358-6305

Local Electronic Recycling Events
Electronics Recycling Event – Saturday April 24, 2010 – more info
Electronics Recycling Event – Thursday May 20, 2010 – more info