Thursday, August 30, 2012

Watch out for the Facebook Scam!

Many Facebook users receive notifications by email when they are tagged in pictures, or if someone had written something on their wall and so on. This is not a really a good idea because of a newly discovered malware by the security firm "Sophos". Why isn't it a good idea? Basically, because this malware sends a fake email notification masquerading "Facebook Notification Emails" informing you that "one of your friends has tagged you in a picture". Once you click on the link provided in the email, a file that is able to infect your Windows-operated computer will be downloaded automatically, allowing hackers to gain control and access to your PC. 

This is how the email looks like:

How identify this Malware?
Usually, when Facebook sends you an email notification, it identifies the user that tagged you in a photo, wrote on your wall or sent you a message by displaying the Name or Alias. Notice that in the above picture, this email does not specify who tagged you, it just states that "one of your friends". So whenever you see "one of your friends" in the email notifications, do not open that email, just delete it and mark it as junk mail.

Another way to protect yourself from this scam is to stop email notifications in general. Who wants a bulk of email notifications in their inbox? It just causes your inbox to be congested and that will discourage you from checking your email more often. I advice you to stop these email notifications. So whenever you receive an email notification from Facebook, it will probably be a scam since you already stopped all email notifications. You can always check your Facebook notifications on the Facebook site itself. It is simple, easy and most importantly safe.

Always remember to keep your antivirus up to date, that will also help in identifying new malware.

Thursday, August 23, 2012

Gauss A targeted Cyber Threat

What is Gauss?
In simple words Gauss is a new virus capable of spying on bank transactions and stealing sensitive data such as browser passwords, cookies and network information has been discovered infecting computers in Middle East. 
Called Gauss aka Win32/Spy.Gauss.A, the virus may also be capable of attacking critical infrastructure and was very likely built in the same laboratories as Stuxnet, the computer worm widely believed to have been used to attack Iran's nuclear program.
Gauss Complexity
Kaspersky Lab would not speculate on who was behind Gauss, but said the virus was connected to Stuxnet and two other related cyber espionage tools, Flame and Duqu. Experts said that surveillance viruses like Gauss are perfect tools for government intelligence units to gather information for such investigations.
The discovery of Gauss indicates that there are probably many other related cyber-espionage malware in operation. The current tensions in the Middle East are just signs of the intensity of these ongoing cyber-war and cyber-espionage campaigns.
The Moscow-based firm said it found Gauss had infected more than 2,500 personal computers, the bulk of them in Lebanon, Israel and the Palestinian territories

Why the name Gauss
Kaspersky Lab said it called the virus Gauss because that is the name of the most important module, which implements its data-stealing capabilities.

The toolkit earned its name because of references discovered within the code that pay tribute to mathematicians and philosophers. Johann Carl Friedrich Gauss was a German mathematician.

Stop the Gauss
1- Make sure that your anti virus definitions are up to date. 
I assume that you already use an antivirus.
2- continuously monitor all the PCs you use for the Trojan "win32.Gauss" 
3- Refrain from Using the Option "Save Password" that stores your credentials within web browsers.
4- Keep your Operating System Up to date. 
5- Change your Password using a trusted clean, in case you doubt that your PC is or was compromised by Gauss or any other Virus.
6- Exercise cautious when using external storage devices (CDs, USBs), in order to limit the propagation of the Gauss or any other infection.

Finally In order to remove this Malware follow one of the following links and install the appropriate removal tool / Antivirus:

Read more in Details 

Thursday, August 2, 2012

Software Updates, why should I bother?

Why Update
Usually Software updates are released for four reasons:
  1. Patch a security vulnerability; 
  2. Fix bugs;
  3. Add new features;
  4. Pure marketing purposes.
Staying away from the fourth reason, I believe that the most important aspect to apply a software update is to patch security vulnerabilities. Hackers do exploit these security vulnerabilities in order to gain access to your workstation and ultimately compromise your confidential data (passwords, emails, bank accounts).
Usually, when any software is being created it goes through series of phases within its development life cycle (SDLC). Two important parts of this life cycle are quality assurance and user acceptance testing. Yet the best testing any software could get is the Wild Testing.
Wild testing is done when vendors release their software un-officially (leaks, test or evaluation versions) to be tested and reviewed by enthusiastic users.
When these users submit their feedback directly to the vendor or share their experience using social networking media such as Facebook and twitter or even write a detailed review on Cnet they are able to draw the software vendor / developer attention. The developer consequently fixes the problems reported. And therefore a bug free update is released.
Sometimes, the term software update is used instead of software upgrade, this happens when the developer company releases a new version of their software with added features that is didn’t exist in the previous release.  
Most software nowadays, given the proper permission from their operator, has the ability to periodically and automatically check for updates. Moreover you as an operator can configure this software to download and install updated seamlessly and on recurrent basis, without any further more intervention from your part.

Four Software updates that shouldn’t be missed:

1. Operating Systems
Operating systems provide a software platform on top of which other programs, called application programs, can run, examples of operating systems include windows 7, windows XP, ubentu, fedora, snow leopard, Lion, and most recently mountain lion released by apple a week ago.
Vulnerabilities are discovered within an operating system on daily basis, the vendor of that operating system tries to mitigate these vulnerabilities by releasing patches. Since these patches should be able to save the day, you should install updates as soon as you see a prompt to do so, or set the computer to install them automatically.

2. Web Browsers and Supporting Software
Since the internet service and browsing experience is always evolving the ability to keep your data secure becomes a greater challenge. Microsoft’s Internet Explorer and Apple ‘s Safari are updated the same way an operating system is updated, while Google’s Chrome and Mozilla Firefox are updated automatically. 
For an ultimate user experience, web browsers need supporting packages like Adobe Flash, Adobe Reader, Sun Java and Microsoft Silverlight. And therefore due to their popularity, they are often the target of malicious attackers. It is extremely essential to update these type of software as soon as you see an alert.

3. End User Applications
Every now and then applications downloaded from the internet inform their user than a newer software update is released and ready to be downloaded and installed. These software updates are there either to fix bugs within the application or to offer brand new feature: perhaps a new graphical user interface or even better processing speed. Keep in mind that although these updates may not be mandatory, but sometimes these updates fix undisclosed security vulnerabilities within the application. So whenever an application prompts you for an update. Go ahead and do it.

4. Anti-Virus/Anti-Malware Software
New threats are introduced to the information technology field every day. And so, in order immune your PC against these threats you should keep your Anti-Virus/Anti-Malware updated. Usually these protection software update themselves seamlessly without any user intervention. 

Finally, keeping all the software installed on your PC updated can sometimes be hectic, but if you consider the risks you are mitigating, it is definitely worth the hassle