News from the security (encryption) frontlines..
Some important (time sensitive) items for you today.
* TrueCrypt Shut Down; What to Use Now to Encrypt Your Data
“If you use TrueCrypt to encrypt your data, you need to switch to a different encryption software to protect your files, and even whole hard drives.” Read more..
“Find out how to scan for and remove the Cryptolocker ransomware malware now, while the Gameover Zeus botnet has temporarily gone down.” Read more..
[Related: CryptoLocker Ransomware Information Guide and FAQ This is kinda important, as there really is no happy solution for Cryptolocker.]
* Some Antivirus Tools Wildly Effective Against Zero-Day Malware
“Detecting zero-day threats, meaning malware or malware variants that have never been seen before, is extremely difficult. New tests reveal which antivirus products perform best against these threats.” Read more..
* * *
Today’s quote: “Believe you can and you’re halfway there.” ~ Theodore Roosevelt
Copyright 2007-2014 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
And please, never forget – one person can make a difference.
Find a way to make someone’s day today.
(Best advice I ever heard? Don’t sweat the small stuff.)
Meet The Modern Bank Robber (Mastermind)
Folks, “viruses” and “hackers” – as the media has dubbed them, are more accurately called “malware” and “criminals”, and despite portrayal as “gifted kids”, are all about stealing our money. Cybercrime nets the bad guys over a $100 Billion (with a “B”) each year.. that we know about.
Here is a picture of a cybercriminal “mastermind”.
Photo: Arrested ‘Happy Hacker’ is the ZeuS Botnet Mastermind
And, yes. Zeus was a bad one. (See, http://en.wikipedia.org/wiki/Zeus_%28Trojan_horse%29)
* Alleged Zeus botnet master nabbed in Bangkok
“An Algerian hacker arrested in Thailand on 6 January is the master of a botnet that stole $100 million (£62 million) from banks worldwide, it is claimed.
Dubbed the ‘Happy Hacker’ because of his smiling appearance, 24-year-old computer sciences graduate Hamza Bendelladj was arrested in Suvarnabhumi Airport, Bangkok, following a tip-off from the FBI.” Read more..
If you have never heard of the “cyber mafia”, or are unaware of the undeclared “cyber warfare” that is going on, well, they say ignorance is bliss. But please be aware that we are in (at least) the 5th year of the “largest transfer of wealth by theft in history” ¹. (And clowns like this guy are just one factor.)
You really do need an (up-to-date) “antivirus” on all your Internet-connect devices, and you should learn about Internet safety and security. These bad guys are way ahead of the good guys. We are only beginning to wake up to how insecure our “databases” and “infrastructure” really are.
I hope you will take the time to learn, share what you’ve learned, and do your best to try to not become a victim of cybercrime.. (And for some of you, that means not become a victim of cybercrime again, as the number of victims is already staggering.)
¹ http://www.zdnet.com/nsa-cybercrime-is-the-greatest-transfer-of-wealth-in-history-7000000598/
.. I suppose if I had $100 million squirreled away at age 24, I’d be smiling too.. maybe.
Interesting listening? (Reader submitted): Is technology making us lonelier? Listen
“Would we be better off if we disconnected from our devices and re-connected with real-world human beings? Or do you feel more connected than ever before?
In The Big Disconnect: The story of technology and loneliness, Vancouver writer Giles Slade argues that technological developments are a big part of why we’re increasingly isolated because the quality of online relationships can’t replace the value face-to-face contact, while authors argue that our smart phones and social media if anything make us more interpersonally connected.
What do you think?” Listen
Thank you, Dear Reader, for bringing that ‘podcast’ to my attention.
Bonus reading: Prosecutors Blamed for Aaron Swartz Suicide
“Friends and allies of Aaron Swartz charge that overzealous prosecutors and draconian intellectual property laws drove the promising young hacker to take his own life on Friday.”
Read more..
Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
A Quick Tip, A ‘Don’t Miss’, And A Mini-rant.
Let’s get started. An alert reader woke me up to this highly recommended limited-time deal (thank you).
It’s WinPatrol..What are you waiting for? GET IT!
Two Day Only 99 Cent Experimental Sale!
This is a lifetime license.
”As in the past, this will be a limited time only “experiment” starting at Noon EST on Monday, April 16th 2012 and will end Noon EST on Wednesday April 18th, 2012.”
* * *
Quick tip: In doing some research for the purchase of a HDTV, I have found an excellent resource for those shopping for new audio/visual devices: complete with product reviews. This very respected place is Crutchfield, and to visit their shopper’s advice area, click here.
* * *
Old Tech Paul is a pretty important guy, don’tcha know? Not only do I receive email from the United Nations and the FBI on a regular basis, I also have friends in other areas of the diplomatic corps..
Because the ISP’s routinely block most of the more obvious cases, most people have no idea what all this investment in “high tech” and the “world wide web” is being used for. Here is the current use of the 1’s and 0’s being pushed through our “infrastructure” right now.
Unfortunately, most of that spam is being sent from our own computers. (The one’s that have been infected and turned into “spambots”.. usually a fact unknown by their owners.) Fortunately, some people are finally taking “botnets” seriously.. maybe it’s too early to say, but some are arguing that progress is being made on this front. At least on a technical level, that may be true.. But what can we do to “fix” the humans that think sending this stuff (spam) is a good idea?
Today’s free link: a quite excellent resource page, Do-it-yourself: Stop junk mail, email and phone calls – A free guide to reducing unwanted or intrusive advertising
Today’s free download: Think it might be possible that you have been ‘botted’? One tool to help you find out is the free RUBotted from Trend Micro.. recently improved.
RUBotted monitors your computer for potential infection and suspicious activities associated with bots. Bots are malicious files that enable cybercriminals to secretly take control of your computer. Upon discovering a potential infection, RUBotted will identify and clean them with HouseCall.
Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
Next Great App for Android, iPhone –> Rootkit
Rootkit, SMS text messages used to build a botnet of smartphones
The “hot” tech items to own these days are the (not inexpensive) iPhone and Android “smart phone” devices. (If you doubt that, ask yourself why does the news infotainment departments send reporters and camera crews to film lines of people standing outside the Apple Store when a new model comes out?)
These phones are really not phones anymore, but mini-computers – which happen to make cellular phones calls. They are Internet-connected, so they can send/receive e-mail, text and ‘chat’, and download files.. such as movies. They contain address books of your friends and family… In short, they have everything a cyber-criminal wants to target.
In the interest of making the world a better place, “a researcher at ShmooCon DC this weekend will demonstrate a smartphone botnet spewing spam, and unleash proof-of-concept code that builds a botnet out of Android and iPhone smartphones.”
Yes, that’s right. A “researcher” will show us all how it’s done, and provide the code.
Georgia Weidman, an independent researcher, says her botnet attack evolved out of work she did on making an Android application send SMS text messages transparently such that the user didn’t even know it was happening from his or her smartphone. “As I did more research, I [realized] if I did this in the base operating system instead of in ‘userspace’ where most apps are, it would be a better way to do it,” she says. “If I can remotely control someone’s phone, it can be part of a botnet.”
While there has been plenty of smartphone research that pits one smartphone against another in an attack, she says, a more likely attack scenario would be a user unknowingly downloading an app that contains malicious code. “I think the majority of malware installations will come from a user downloading infected apps,” which can easily be rigged with rootkits given the lack of sufficient vetting of most smartphone apps, she says.
Well.. now that all someone has to do is copy>paste the code, yeah, she’s right. Invisible viruses that turn your smart phone into relay stations for spammers — sending us come on’s for V1@gra and C1al1s, and virus-laden links and attachments are only, I estimate, weeks away.
… and before you get too angry at this particular person, there is a whole industry of people doing this “research”, and several conventions have been going on for years. I believe that (some of) these people actually believe they are doing a good thing.
And maybe they would be.. if they only released the code to the affected device (or software) manufacturers and developers. But you don’t get rich or famous for that. (Maybe you heard about the “teen hacker” who got hired after writing viruses that attacked Twitter? There’s a lot of that kind of idiocy in tech..)
Here is the entire Dark Reading article, Researcher To Release Smartphone Botnet Proof-Of-Concept Code. I suggest you read it. Particularly if you own a smart phone.
In case you don’t know what a “botnet” is, http://en.wikipedia.org/wiki/Botnet…
Or why a “rootkit” is the worst kind of virus, http://en.wikipedia.org/wiki/Rootkit
Does your smart phone have an antivirus? A firewall? Maybe you want those things?
Maybe it’s important to know that the apps at the app store are not checked (aka “vetted”) for malware? Doesn’t that *smell*?
IMHO, there is something wrong with this whole deal. Top to bottom.
Related:
* iPhone Users Are About to Be Screwed Over. The addition of the NFC chip to the iPhone isn’t for easy credit card purchases, but so the phone companies can control your financial transactions. Be warned. ~ By John C. Dvorak
“There has been a lot of talk about the addition of an NFC (near field communication) chip to the next-gen iPhone. This will allow the phone to be used as a swipe-it-yourself credit card. I consider this technology to be the most onerous ever.”
* CNet’s roundup of security apps for Android.
Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
HTC Incredible, 10 Products, Contest Deadline, more…
A few interesting items for your consideration…
HTC Incredible, source Crazy World of G
“Two days ago, my HTC Incredible arrived (a day ahead of schedule) and I charged it up and set it up the next morning. I was amazed at how easy it was to set up and how fast and snappy the Android OS is! …”
The 10 Most Overrated Products, source PC World
“Hype springs eternal. Lots of technologies, products, and services don’t merit the praise heaped on them. Here are 10 tech items that don’t live up to their billing–and 10 that deserve respect that they don’t receive …”
Know What An Internet (Web) Bot Is?…A Botnet? source Paul’s Home Computing Blog
“Okay…now let’s cover the dirty side of these destructive, criminal, and obnoxious rascals …”
** A Chance To Win A Valuable Prize! **
The folks at Eset have generously donated ten licenses for NOD32 Antivirus 4, to award to my readers. You might not have heard of Eset or NOD32, but it has quietly been around, and winning awards, since the early 90′s (the days of DOS). To enter the drawing, please see: Software License Giveaway: NOD32 Antivirus 4. Enter my current giveaway and (possibly) win!
Entries must be received before midnight (Pacific) tonight (Thurs. May 27th) so act now!
[These licenses were provided by Kimbal Binder, Network Security Manager at Rain Networks. Those of you who are in IT may want to click here and visit the IT Security Resource Center, and learn more about Eset in the enterprise (trials available). Please direct questions to Kimbal at Kimbalb(at)rainnetworks(dot)com.]
Copyright 2007-2010 © Tech Paul. All Rights Reserved. 
post to jaanix.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Night of the Living Computer*
It’s like we woke up inside a horror movie– we are being attacked by zombies.
Yes. It’s true. Real life is imitating art (if you’re willing to call Night of the Living Dead “art”). We really are under attack by zombies– only our zombies aren’t trying to eat our flesh, they are trying to sell us bootleg Ph@rmacuticals and cheap V1@gra, fake Rolex watches, and steal our identities. [note in the photo how the zombie is reaching for the wallet?]
In real life, our zombies can’t claw at us directly and they don’t have teeth. Our zombies are computers. Our computers. And they attack via e-mail and the Internet. Like the zombies in Night, they spread the zombie disease by infection. Differently, our zombies aren’t mindless; they’re controlled by villains (aka “cyber-criminals”).
Yes. Your computer may be a zombie, and odds are you wouldn’t know.
If it isn’t a zombie (yet), it is constantly under the attack of infection via the Internet. An unprotected computer, connected to the Internet, will be infected within 8 minutes (12 seconds in a recent test).
90 to 95% of all Internet traffic traveling the wires is zombie-generated junk e-mail that’s either a fraud attempt or (and?) loaded with malware– the “attack”.
How did this happen? Well, part of it is the Tech Industry’s fault (see, How the Tech Industry is Failing You), either unintentionally, or through lack of foresight, or through willful negligence and the rush to market. Security either wasn’t considered, or it was too expensive.
Nobody predicted the nerdy hackers evolving into the organized, well-financed, Mafia-style criminal gangs of today.
And they put too-powerful, fully-capable machines into the hands of the unwashed masses– us.
The rest of it is our fault.
* We let our antivirus expire and, every day, close the warning.
* We think we’ve just won the British Lottery.
* We still run Windows 98 because we’re “comfortable with it”.
* We cannot resist ‘free’ pornography.
* We cannot be bothered with those REALLY ANNOYING little windows that pop open at the worst times and tell us that a “newer version is available.”
* When someone tries to tell us about our machines, they start using big words in a funny language and we ‘tune out’.
* We believe that everything computer-related should be free, so we download cracked (aka “pirated”) software, bootleg music and video, and we don’t care who or where it comes from.
I could go on and on and on (and on, believe me!).
Yes.. we are our own worst enemies. But, you don’t have to be a part of the problem. And you don’t have to learn a big word-filled foreign language (aka “Geek speak”) to avoid the zombie attack.
Today’s free link: I have put together a list of proactive steps every computer user should know.. a checklist. In it you will find links to free, safe, and effective methods for protecting your computer, and keeping it safe. Please look over, Top 10 Things You Should Do To Your Computer. And then do us all a favor, pass the list on to your friends who have computers.
* Orig post: 08/18/08
Today’s free download: RUBotted by Trend Micro (see below)
Today’s free link: RUBotted is a free program that can help detect if your machine has been zombie-ified, and Bill Mullins has written a good description/review of it, here (he also posts the download link, so you can visit there and don’t need to return here..) Catch the Bad Bots with Free RUBotted from Trend Micro
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Do You Need AV on a Mac?
I get asked that from time to time. But usually, I’m not asked, I’m told. “I don’t need all that *crud*. I’m on a Mac.”
Usually, but not always, there’s a certain tone the speaker adopts when uttering that Standard Line (read, “dogma”) that conveys a smug superiority.. but, hey, everyone’s entitled to a little.. uh, delusion or two in my book. Keeps life interesting.
Basis in fact: There are some reasons for this don’t-need-an-antivirus belief system. One is, Apple itself has promoted the idea. Another is, there were hardly any (and at some points in history, no, zero, zip, nada) viruses / trojans / worms / etc. written to exploit the Mac OS. And even now, they’re considered “rare”.
Cyber-criminals (aka “hackers”) knew that less than 5% of computers were Macs, and essentially none of the “pots of gold” (database servers) were running the Mac OS.. so why write a attack program? (Apple products have been proven quite “hackable” – iTunes, QuickTime, Safari actually rank quite high on the list. See, Firefox More Secure? Tops ‘Most Vulnerable’ List) Answer– There’s basically nothing to attack with it.
Then and now: But, that was before Vista; and, the “I’m a Mac” series of television commercials. Now, instead of approximately 1-in-20 PC’s being Macs, it’s more like 1-in-10. Now, the idea of a all-Mac botnet has some merit (and a true Mac fan will tell you, all the Windows PC’s have already been taken!). An all-Mac botnet wouldn’t be all that big.. but the new numbers mean it’d be big enough for some uses…
So, sure enough, some enterprising criminal wrote a backdoor worm and glued it to a copy of iWork ’09 and posted it to several of the torrent sites, knowing that Mac-using folks who don’t like paying for things would download and install it.
Voilà, we got us an all-Mac botnet.
[note: this has happened before, to Mac+LimeWire² users; see, Firms discover Trojan horse targeted at Mac OS X]
Someone has named this worm “iServices.A”, which is much more rational and.. nicer (ahem) than what I might have named it. This worm allows the hacker to do pretty much what he wants with the infected machine, which so far appears to be sending boatloads of spam to specific URL’s, in what is called a “denial of service” attack (the flood of messages overloads the server, and causes it to ‘crash’/shutdown)(see, Our Modern Nightmare – Zombie Attack)
Me? I have consistently advised installing an AV, no matter what platform/OS you’re running, just as I consistently advise making backup copies of your files, (yes, I have been accused of being a bit of a “belt-and-suspenders” man) for one very simple reason — what is the cost if you do, versus what is the (potential) cost if you don’t?
Plus.. it’s simple math: the more popular Macs get, the more they’ll be targeted.
Feel free to disagree, but you won’t get me to change my mind. My Tiger machine has antivirus onboard.. though I don’t know why I bothered, I never turn the thing on.
Today’s free link(s):
* Brian Krebs has an absolutely great article detailing this worm, and I leave it to him to make what may be the most important point on the subject–
“Leaving aside (hopefully) the question of whether Mac users need anti-virus, I’ve tried to impress upon readers the importance of avoiding risky behaviors online that could jeopardize the security of their systems. The reality is that installing programs downloaded from P2P networks is about the most insecure practice a computer user can engage in,¹ regardless of the operating system in use.
This is why I think it’s important to call out this Trojan. Yes, it infects Macs, and that’s something we don’t see very often. But it’s also a teachable moment to remind readers that no security software is going to protect the user who is intent on installing software that may be tainted with malware, as long as that user is willing to ignore any advice (or alerts) to the contrary.
I highly recommend you read the whole article, Pirated iWork Software Infects Macs With Trojan Horse. Once you do, I think you’ll understand why he’s on my Blogroll.
* Blogroll member Bill Mullins posted an article that takes a look at the P2P “phenomenon” that I also highly recommend, Peer to Peer File Sharing – Evaluate the Risks – Consider the Trade-Offs
* And this article is a very good answer to the question, Is Mac still the safer bet?
¹ emphasis, mine.
² A very popular BitTorrent-style peer-to-peer program.
* One last thought.. anyone care to guess what percentage of people’s machines that I look at in my “real job” have LimeWire installed?
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 