Computer World News

Some of the worst things I’ve seen people do both in business and in the home relates back to anti virus software.

The first issue I quite commonly come a-crossed is that the user is running several anti-virus packages, some do this because their old anti-virus expired and others do it thinking they’ll increase the security of their computer.

In reality doing this does only one thing, it makes you insecure! When running more than one anti-virus the two software packages will actually quarantine or kill off each other, they will actually make themselves useless and you’ll end up with little to no protection at all. The only exception I’ve seen to this rule would be running software like Malwarebytes pro, which you can safely run along side your anti-virus, unfortunately it is very memory intensive so unless you have the hardware to handle it, you may actually see a performance drop.

I would suggest that you run Vipre anti-virus, the company has made strides to help the end-user stay secure, regardless if your a company or a home user Vipre is the only anti-virus software on the market who not only provides free USA based tech support, but they also provide free virus-removal if their software fails to keep an new infection out of your computer. That being said no anti-virus can keep you 100% protected however Vipre will pick up where other companies will not and ensure that any infection you may encounter is resolved and removed in a timely matter. Your welcome to a free 15-day trial if you’d like to give them a try, I highly recommend them. Download Vipre Trial.

The second most common problem we see is that the user either inadvertently installs a fake anti-virus -or- another virus will download it on your behalf. The software often looks quite professional and might easily fool you into thinking its a windows product, often posing as the windows security center, Not only does this fake anti-virus software install more viruses to your computer but they are becoming one of the top-runners in online identify theft because they force the user to pay to have the infection removed (paying will NOT remove any infection) many users want to fix their computer and stop the popups coming from the fake anti-virus and will gladly pay the $25 one time fee to get it removed, not knowing that they’ve actually had their credit card information stolen.

I’ll post some screen shots below, but if you run into this type of software the very first thing you need to do is turn off your wireless connection and or remove any wired connection you might have to the internet and have it removed, If you don’t know how to remove it please be sure to turn off the computer and contact someone who can help you resolve the issue, again keep in mind that Vipre support will remove this type of infection for free for any current subscriber of the software.

WPA, This security method has been used to one-up WEP for years now, being one of the single most secure methods you can possibly use to secure your wireless network. The issue today is not that WPA has been cracked, right now WPA’s only method of cracking involves using a dictionary brute force attack, an attack that has a 98% failure rate . No the issue today is WPS, This is a fairly new technology that many manufactures have been putting into all their wireless equipment.

WPS allows any user to easily secure their network with WPA by simply pressing two buttons with a 2 minute period and allow the equipment to configure itself. WPS uses a 4 digit pin to authenticate, this leaves you with only 10,000 different combinations, thus allowing a computer to crack all 10,000 combinations in a 1-4 hour period!

Some wireless routers will allow you to disable the WPS functionality but unfortunately disabling it still allows a computer to attempt to connect and thus you can still be accessed without authorization.

I highly recommend that if you are using WPS technology that you have your equiptment upgraded to something that does not support it. I personally use a Netgear WG-103, which does not include the new WPS security flaw.

Below you can see an image of a successful WPS crack, this device uses an 8 digit pin and was still cracked in a few hours.

With the comings of new telecommunications technology you see more and more companies switching over to VoIp (voice over internet protocol/internet phones) and similar technologies.

Most people know that its possible to tap a phone line, however few people realize that you can also tap voip as well as DECT (cordless phone) communications. While the tapping of voip is as simple as firing up some free software the attacker must first gain access to your network, while this is usually a simple solution that we’ve discussed before, (please refer to our post on wireless security). Cordless phones however are very much over-used and over-trusted.

Most people feel secure using a cordless phone, this is in part due to those fancy labels saying the phone is secured with DECT 6.0

What the phone providers and stores don’t tell you is that the DECT 6.0 standard does not enforce the use of encryption and on top of that the DECT6.0 standard was completed cracked back in 2009! With the use of a cheap pcmcia card you can easily tap any cordless phone, and easily decode the few phones that do use encryption.

Above you can see the card with the logo smudged out of the photo. The cards are fairly easy to obtain if you know where to look for them and the audio recorded from them is perfectly clear as I have had the opportunity to test the equipment first hand. The bundled software will find and record  all conversations in the area and after a few changes to the code I was able to listen in to my own phones audio in live real-time.

The best only way to prevent someone from eavesdropping on your DECT phones, is to simply not use any DECT phones, keep all your phone corded, or.. Use 2.4GHz wireless voip phones to interface with whatever voip equipment you might be using.

~The content of this article was written based on the understanding and opinions of the author as an Offensive Security Wireless Professional

A while back we talked about social engineering, That is just the tip of the ice burg, today we’ll go into phishing.

Below is a simple slide show I created going over the basics of avoid being taken advantage of online.

We’ve all been there, working on a project or just even browsing the web when all of the sudden… Windows wants us to install updates! It’s common for people to put off updates for various reasons, not wanting to restart the computer, trying to save hard drive space, etc. However running your computer without updates is vary dangerous.

Each day thousands or more viruses are created, old viruses are crypted to get around current patches, and the attackers find new ways in. You should always keep your anti-virus software and definitions up to date of course, however you need to update more than just your anti-virus to stay safe online. Many viruses and exploits used by cyber criminals take advantage of outdated software to find a way in, often times this can evade your anti-virus by using legitimate software to enter your computer. Keeping windows up to date is your first step, the next is making sure that you also update your other software packages such as adobe flash, java, and adobe reader to name a few.

Windows updates can add new features, or fix existing bugs. However most windows updates patch exploited software in order to protect your system.

As a general rule keep windows automatic updates enabled and allow them to install, if you must hold off on a restart windows will give you the option to post-pone this for about 1 hour, then when your able to you can restart the computer. Its also a good idea to check for updates for software such as java, and adobe flash/reader at least once a month. Make sure your anti-virus is set up to update itself each day, and if a new version of your anti-virus is available be sure to update it as soon you can.

So consider this, is leaving your computer’s software out of date worth the costs of repairing an infected system?

**The above article was of my own opinions as an IT Technician.

We’ve all had the occasional virus infection, sometimes our anti-virus caught it and some times it was stubborn and just didn’t want to leave. Virus’s and other malware can cause a great security concern to your company, home, or business in general. However virus’s are not the only concern, one of the biggest factors in security has nothing to do with the computer aspect, but the human aspect. Social Engineering can come in many forms. email, a phone call, or a face to face interaction. So what is this Social Engineering? and what makes it so dangerous?

Your anti-virus may not always catch every new threat, however it is cold and calculated, it never takes a break and it never stops protecting your computers, but… What about your employees? Lets say for example someone wants to get a credit card number from a customer in your workplace, how would they go about doing that? The easiest way in many cases is to simply ask for it.

Caller: Hi this is John, Is Melissa there.

Employee: Hi John, just a moment I’ll transfer you

Caller: Thank you

Caller: Hi, Melissa. This is John from corporate, how are you today?

Employee: Fine John, what can I do for you today?

Caller: Well, I was trying to pull up our account information on John Doe, I have him on the other line and we are trying to place an order for a new software package but my workstation’s payment software froze on me, If I give you his account number could you relay his account information back to me?

Employee: Sure John, just one moment.

What did the employee do wrong here? This one should be simple, Melissa as we called her never took the time to make sure John was really from corporate, this may or may not sound relevant to your business but how can you be sure? It is possible for someone to call you, or even email you with  a fake address or caller id. The services to do this are often free or cheap, and very easy to use.

How can you protect yourself from this? Ensure your employees never give out confidential information over the phone, and preferably over email either. Always confirm the identity of the person your talking to if they claim to be apart of the company, and never let someone you don’t recognize into your offices or computers without confronting them.

Another great thing you can do is ensure that you shred all  documents before you throw them away, its recommended to use a diamond cut shredder to ensure it cannot be placed back together, make sure to shred all documents, not just the confidential ones, Dumpster Divers/Social Engineers could take any document and use it against you. For example, lets say you throw away a shipping invoice, on this invoice it includes the company name, whos in-charge, and the invoice number along with the product name and cost. The invoice would of course also have the name, number, and address of the company that shipped the item on it. Now a Social Engineer has everything he/she needs to begin their attack. They could call your company and spoof/fake their caller id to match the invoice and make you think that they work for that company. They might be able to con you for a credit card transaction claiming they didn’t recieve the payment, or they could arrange to pickup the package due to a ‘defect’ this would allow the attacker to enter your business, often alone to do their work and access your confidential files.

Keep this all in mind, security starts with computers but ends with your employees.

**The above article reflects the opinions of myself, and are based on research on the topic