Malware Revolution: A Change in Target

It used to be that most security problems facing computer users were caused by amateur hackers - the online equivalent of vandals - but the criminal fraternity now represent a bigger threat. I strongly recommend that even the least technically minded computer user, and all users regardless of platform who aren't IT security specialists, should read this Microsoft Technet article: www.microsoft.com/technet/community/columns/secmgmt/sm0307.mspx

The basic rule of thumb is, if you don't now what it is, then don't open it!

As opposed to the old rule of 'if you don't know who the sender is', as these Trojans can 'send' an e-mail from a trusted contact's address.

Updates released today from Microsoft are also of a critical nature - discovered flaws and vulnerabilities could allow remote users to infiltrate a users PC and be used to gain access to files, gather personal information, and maybe even become an ultrapeer. It is not quite related to John's article above, but no point doing a new thread. Most people will be getting the little yellow shield in their toolbar to update their version of Windows anyway.

If you do not see the update prompts, or know what to do, please see the following for help:

www.microsoft.com/athome/security/update/bulletins/200704.mspx

Seanie.

P.S. Bart, we know that Apple are better at OS's than Microsoft!

P.S. Bart, we know that Apple are better at OS's than Microsoft!

LOL

Just to set the record straight, Apple users are not immune to malware. Sure, there is very little out there now, and there will probably always be less, but less is not zero. I hate smug Linux/Mac users who live in this imaginary place where they are totally immune from cyber nastiness. YOU'RE NOT, NO ONE IS IMMUNE!!!!

The basic rules apple to Mac and Linux users too (and obviously doubly to windows users):

1) ALWAYS keep your OS up-to-date
2) ALWAYS keep ALL apps that in any way interact with the internet up to date (browsers, email clients, RSS readers, chat clients etc)
3) Use FireFox & Thunderbird over IE/Safari (yes, Safari is dangerous too because of Apple's insane policy of automatically opening downloaded 'safe' files) and Outlook.
4) NEVER open an attachement you weren't expecting REGARDLESS of file type. No type is safe NONE! There are been serious problems with 'safe' types like images and PDFs so be REALLY careful, suspect everything.
5) Avoid turning on JavaScript. This is becoming a major vector of attack. If you use FireFox use the NoScript extension and only approve trusted sites for using JS (has a wonderful side-effect of blocking lots of AJAX based ads)

This is a rule of thumb for all. It's part of my job to stay informed about current security threats. Not following this advice leaves you open to serious problems.

Bart.

3) Use FireFox & Thunderbird over IE/Safari (yes, Safari is dangerous too because of Apple's insane policy of automatically opening downloaded 'safe' files) and Outlook.

I used to use Firefox alot but lately I have noticed that it crashes alot. So much so, that I've moved back to using IE all the time now. Any idea why Firefox might have gone so unstable??

3) Use FireFox & Thunderbird over IE/Safari (yes, Safari is dangerous too because of Apple's insane policy of automatically opening downloaded 'safe' files) and Outlook.

I used to use Firefox alot but lately I have noticed that it crashes alot. So much so, that I've moved back to using IE all the time now. Any idea why Firefox might have gone so unstable??

That's odd .... how uptodate is it? 2.0.0.3 is really stable for me on the Mac .... don't use Windows so I have no direct experience of 2.0.0.3 on Windows.

If you must use IE then here are some tips to keep you safe:
1) TURN OFF ACTIVE X .... that's the HUGE one ... letting sites run THEIR code on YOUR PC is a recipie for disaster.
2) Use Internet zones to turn off JS on all sites but trusted ones.

Hope that helps.

Bart.