Tag Archive

Tag Archives for " Anti-Virus "

25% of PC users disable antivirus software

A new survey from antivirus and computer security firm finds that about one in four PC users admit to turning off virus protection on their PCs because they thought the programs were slowing down their computers.

That’s not a good idea because such a practice leaves the computer totally exposed to the even simplest of viruses, allowing the bad guys to include it in a botnet used to distribute malware and phishing.

Furthermore, more than three out of five (62.8 percent) have tried multiple computer security products in the span of a year on the same computer, hoping to find one they like, and nearly one in eight (12 percent) have considered getting off the Internet altogether for safety reasons.

Adapted via Yahoo News

  • 01/11/2011
  • IT

The 2 Biggest Security Threats: ScareWare & You

Without a doubt the largest threat to the security of your computer and consequently your identity, and bank account is YOU, followed closely by ScareWare. The best firewalls and most effective antivirus won’t help a bit if you, the user, click on Rogue Security Software and fake warnings. Known also as Scareware, this thief is fooling you big time. When it knocks, do not open the door.

Every day we have people describing ScareWare that has taken over their system. They are unable to run their antivirus because they can’t get to the sites they need. The Rogue AntiVirus has hijacked their browser and will not let them near a site that could help. Not being able to access a site or download a removal program is the work of the infection. The user receives a warning, clicks on a link to download an update and BAM! They’re infected.

What Do I Look For?

Any warning or suggestion that you are somehow infected is to be treated as possible scareware. You can be casually surfing the web or simply working with a program on your system when these false warnings arrive. Don’t click on them. Just because they’re knocking, don’t let them in. The same is true for any popup suggesting you need to download the latest version of a program or video player. Treat them all as suspect.

Looking for security software? You better know the software your reviewing. Even something as simple as a Google search can produce the very Rogue you are trying to avoid. Just because it shows up in a Google search doesn’t mean it’s safe. If you don’t know it, don’t let it in the door.

How Does It Hurt Me?

The most obvious damage but also the least troublesome, is that it prevents you from using your computer. It wastes your time looking for a way to rid yourself of the pest and get where you want to go. Consider yourself lucky if you realize you are infected and are successful removing it.

The next obvious damage is a little more frightening. It simply steals your money by duping you into buying the rogue program. Your immediate monetary loss may only be a few bucks but do you really think that is the end of it? Do you really want your credit card in the hands of people who duped you to begin with? Do you think they will keep your information safe? Just the thought of it is enough to make me shiver.

adapted via PCpitstop.com

  • 08/25/2010
  • IT

How can I know if my computer is infected?

Users are often advised to use an antivirus to check if their systems are infected, but with the current cyber-crime scenario, this is simply not enough.While many of today’s threats are designed specifically to go undetected, there are still some tell-tale signs that a system has been compromised.

9 signs of infection

1. Your computer is running extremely slowly. This could be a symptom of many things, including infection by a virus. If it has been infected by a virus, worm or Trojan, among other things, which are running on the computer, they could be running tasks that consume a lot of resources, making the system run more slowly than usual.

2. Your applications won’t start. How many times have you tried to run an application from the start menu or desktop and nothing happens? Sometimes another program might even run. As in the previous case, this could be another type of problem, but at the very least it’s a symptom that tells you that something is wrong.

3. Your computer speaks to you. There are all types of pop-ups and messages on the desktop either advertising things, saying that the PC is infected and needs protection… This is a typical, surefire case of an infection. There is either spyware on the computer, or it has been infected by a fake antivirus (also called “rogueware”).

4. You cannot connect to the Internet or it runs very slowly. Loss of Internet communication is another common symptom of infection, although it could also be due to a problem with your service provider or router. You might also have a connection that runs much more slowly than usual. If you have been infected, the malware could be connecting to a URL or opening separate connection sessions, thereby reducing your available bandwidth or making it practically impossible to use the Internet.

5. When you connect to the Internet, all types of windows open or the browser displays pages you have not requested. This is another certain sign of infection. Many threats are designed to redirect traffic to certain websites against the user’s will, and can even spoof Web pages, making you think you are on a legitimate site when really you have been taken to a malicious imitation.

6. Your files are gone. Hopefully nobody will be asking this type of question, although there are still some threats around designed to delete or encrypt information, to move documents from one place to another- If you find yourself in this situation, you really ought to start worrying.

7. Your antivirus has disappeared, my firewall is disabled. Another typical characteristic of many threats is that they disable security systems installed on computers. Perhaps if one thing shuts down it might just be a specific software failure; but if all your security components are disabled, you are almost certainly infected.

8. Your library files for running games, programs, etc. have disappeared from your computer. Once again, this could be a sign of infection, although it could also be down to incomplete or incorrect installation of programs.

9. Your computer has gone crazy… literally. If the computer starts acting on its own, you suddenly find your system has been sending emails without your knowledge, Internet sessions or applications open sporadically on their own – your system could be compromised by malware.

adapted via PandaLabs

  • 08/24/2010
  • IT

Wireshark Antivirus – Rogue Badware

Wireshark Antivirus is a fake anti-malware application. These so-called “rogues” use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

All indigoGUARD clients: The application has been added to your block list.

If you think you have been infected please contact us. CALL 358-6305

  • 08/17/2010
  • IT

Is Your Copier A Security Threat? Other network Devices?

Any device attached to your network poses potential risks, in terms of stuff on the network, computers — desktops, notebooks, and servers — tend to get the lion’s share of press as tempting cyberattack targets, along with unsecured web sites, gullible/careless users, CD/DVD-ROMs, USB flash drives, PDF files, smartphones, VoIP PBXs and a few other things, not all of which, to be sure.

Often overlooked are the other devices on the network that, while not considered to be “computers,” have the same core components: a CPU, and possibly also permanent storage, either a hard disk, or flash RAM. For example, printers and multi-function devices can have sensitive data left on their storage, which requires proper safeguarding while the machine is in use, and when a company disposes of it. But there’s additional devices at risk, and more types of risks and threats besides data sitting on the drives.

Network-attached devices include postage machines, UPS (Uninterruptible Power Supply) systems, Point-of-Sales systems, digital signs, security cameras, proximity readers, facility management systems, power, lighting, HVAC, and alarms. It’s not just about “printers and copiers,” but since these are devices that people can picture most easily.

Historically, printers were single-purpose devices, with embedded operating systems with limited functionality, often proprietary, and which frequently did not attach directly to the network but were shared via a PC acting as a print server. Over time, these devices have evolved, Now they run complete operating systems like Windows or Linux, and they have multiple services running. A printer can also do web printing, FTP printing, sending outbound email and FTP.

And some of these protocols aren’t necessarily secure, meaning they’re not encrypted, and the web or FTP server running them may have vulnerabilities, e.g., an old version of the APACHE web server, and have known vulnerabilities which haven’t been patched on this machine… how many companies actually patch their printers? They know to patch their workstations and servers, but they may not even know they need to patch their printers.

Every time you print or copy a document, a digital copy is stored on the hard drive. If you compromise the printer via the web server you may be able to access whatever documents have been printed, copies, scanned, etc. And there have been cases where people have been able to access the hard drive to store malicious code there, outside the reach of virus scanners. There’s no anti-virus software on the printer, so you can store malicious code there for later use.

The other way these devices — especially printers and copiers — is in terms of physical security. Servers are probably in a data center, with restricted access. Employees’ computers not have quite as good security, but they’re often in rooms you need a ID or key to get into, or in offices. But copiers, printers, mailing machines and other devices are often in rooms where everybody has physical access. If you don’t have some user authentication required to use a device, like an ID code or a security fob,, anybody may be able to walk up to the front panel, and print from the device, or yank the hard drive and copy it.

But what happens when you’re done with that copier or printer? Remember, today’s digital copiers aren’t directly making a copy — they’re scanning the page to the hard drive, and then printing it from there, so the document is on the hard drive, just like it would be if you’d sent a file from the printer. Anyway, if it’s on lease, the supplier may send it to the next company, or a refurbisher may ship them overseas… with your data still on the hard drive.

Treat every device on your network like you would any other PC, workstation or server, as much as you reasonably can, in terms of getting and using security.

Six questions you should ask to assess security of networked devices.

  1. Where and how is it installed on the network?
  2. Who has access to it?
  3. What services is it running?
  4. Is it still using its default password?
  5. What kind of storage capabilities does it have?
  6. Is cryptography implemented properly or even used at all?

adapted from informationweek.com

  • 08/17/2010
  • IT

Searching for “Virus Removal” Tools Can Lead to an Even Worse Outcome

Many people tend to trust well known companies such as Google and Yahoo, but sometimes these search companies serve up some troubling links in their search results. There are many people who use these search sites to find out information about how to remove viruses, etc., but if a user types in “Security Tool Removal,” they are served up dangerous links that go to malicious websites. These websites can create even more of a security risk without the user even knowing.

All links in the SERP (Search Engine Results Page) that are marked red indicate that these sites are dangerous. The red indicator is from the WOT (Web of Trust) Firefox and Internet Explorer add-on. The WOT add-on shows you which websites you can trust for safe surfing, shopping and searching on the web.

When searching “Security Tool Removal” look at how many dangerous websites are marked red. The chances of someone clicking on one of those dangerous links are pretty good.

I encourage and recommend that you download the WOT add-on for Firefox and or Internet Explorer so that you know what links are marked dangerous preventing you from clicking on links that go to malicious websites.

Download the WOT plugin

  • 08/13/2010
  • IT

Photo Printing Kiosks can share malware and viruses

A common place that a lot of people probably do not think getting a virus from is digital photo kiosks. These places are prime distribution points for infections. Think about it, if you were up to no good with some know-how, you could infect the photo kiosk computers then sit back and laugh as literally thousands upon thousands of people walk in and insert their memory cards.

Some Windows-based photo kiosks apparently don’t run antivirus software, so lovely little bits of malicious software like Trojan.Poison-36 are winding up on customers’ USB keys.

What can you do to protect yourself against infection from a dirty public kiosk?

  • Buy a SD Card and use it’s read-only protection switch.
  • Burn your photos to read-only media such as a writable CD or DVD.
  • 07/21/2010
  • IT

Safe Internet Browsing Habits

We have found that when we say “practice safe browsing habits” many people have no idea what we are talking about. This is an unfortunate truth in our world, and we hope that by writing this post that we can educate some of you on how to stay safe on the Internet, so that more people will know and practice safe browsing habits.

  1. Use a modern Web browser to navigate the internet. If you have Internet Explorer 6.0 UPDATE it now.
  2. Always check the address bar at the top of the screen to ensure you’re at the official website, and not a carbon copy of the website you think you’re at, hosted at a different address.
  3. Always look for the little yellow padlock and the letters “https” rather than “http” when signing into an online account or making online purchases. This means that information you provide, such as your name, address, and credit card information, is being encrypted on it’s way to the web server that hosts the website you’re buying from. This is important because this information crosses many public devices before reaching its destination, and a man in the middle can access this data if it’s not encrypted.
  4. Avoid shady sites which promise offers too good to be true such as: free electronics, free software that you normally have to pay for, pirated software, nude celebrities, and the list goes on.
  5. Use a LinkScanner, which scans each page you visit before allowing you to visit it, preventing drive by downloads or malware installation scripts from infecting your computer.
  6. Install Anti-Virus software and keep it up-to-date. We suggest our indigoGUARD service, but there are other providers out there as well. It’s up to you to get the lowdown on each and make an informed decision as to which product to use.
  7. Anti-Virus software is not a get out of jail free card to do whatever you like on the Internet and not get a virus. If you do not practice the safe browsing habits listed here, along with some good ole’ fashion common sense, in conjunction with your AV software, then you may do something which circumvents your AV software’s protection (such as downloading and installing a virus yourself). Also, considering how Anti-Virus signatures work, you may not always be protected from all the latest threats as they occur (that’s referred to as a zero day vulnerability), but if you’re practicing safe browsing habits, you may avoid a threat that even your AV software couldn’t have protected you from.
If you have any question about these points or other computer related issues please contact us.

  • 07/14/2010
  • IT

Attacks on the Windows Help and Support Center

Microsoft has been monitoring for active attacks on the Windows Help and Support Center vulnerability (CVE-2010-1885) since the advisory was released on June 10th. At first, they only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged. Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up and are no longer limited to specific geographies or targets, and we would like to ensure that you are aware of this broader distribution.

Things to do NOW!

  1. Make sure Windows is up to date
  2. Make sure you have Anti-Virus/Malware/Spyware protection installed and up to date.
  3. When in doubt DO NOT click.

If you have questions please contact us

We also offer a great service called indigoGuard to give you the piece of mind that your computer is protected. Find out more

Via Microsoft

  • 07/09/2010
  • IT

Facebook Click-Jacking Attack distributed Through “Likes”

A new worm is being distributed through Facebook via the “Like” feature. The attack has hit hundreds of thousands of users and uses a combination of social engineering and click-jacking to make it appear as if a user has “liked” a link.

The messages that are being used in the link text include, “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE,” “This man takes a picture of himself EVERYDAY for 8 YEARS!!,” “The Prom Dress That Got This Girl Suspended From School” and “This Girl Has An Interesting Way Of Eating A Banana, Check It Out!”

When a user clicks on the text that appears to be “liked” he is taken to a blank page that just has the text, “Click here to continue.” Clicking anywhere on that page will then publish the same message to that users Facebook page.

This worm is extremely similar to the Fbhole worm that spread across Facebook 10 days ago. Because users unwittingly end up recommending the offending page to their social graph, this is the type of worm that can spread extremely quickly.

The Troj/iframe-ET worm has been identified the linked as the infection in the pages. It doesn’t appear as if the worm does anything other than add likes to your feed, but if you’ve been infected, you’ll still want to take action.

Please delete any entries in your news feed related to the links and check your profile and info pages to make sure that no links or pages related to those sites have been added to your profile.

via Sophos Blog

  • 06/01/2010
  • IT
1 2 3