Top
Navigation
This form does not yet contain any fields.
    Powered by Squarespace

    Entries in Security (9)

    Thursday
    Mar222012

    DNSChanger malware

    DateThursday, March 22, 2012 at 8:05AM
    Malware which alters a computer's DNS (Domain Name System) settings, known as "DNSChanger" malware, has been in circulation for some time. DNS is an Internet service which translates user-friendly domain names (e.g. ssoalertservice.net.au) into the numerical Internet Protocol (IP) addresses (e.g. 203.15.34.230) which are used by computers to communicate with each other. By infecting a victim's computer with this type of malware, criminals are able to alter the DNS settings on a user's computer. By controlling the DNS settings on victim's computer, criminals force the infected computers to communicate with "bad" or "rogue" DNS servers, rather than legitimate "good" DNS servers. The criminals can then use these "bad" or "rogue" DNS servers to redirect the unsuspecting users to fraudulent websites or interfere with a user's web browsing. For example, if a user's computer is infected with the DNSChanger malware, a! nd the user enters "google.com" in their web browser, rather than take the user to the legitimate "google.com" website, they would be taken to a fraudulent website instead.

    In November 2011, the FBI uncovered a network of rogue DNS servers and took steps to disable them. However, by disabling the rogue DNS network, victims who are infected by the DNSChanger malware could lose access to DNS services entirely. To address this issue, the FBI developed a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims for a temporary period. As of July 9th 2012 the FBI will no longer be operating this service; computers that are infected with the DNSChanger malware could lose access to DNS services, preventing access to the Internet, including access to legitimate websites.

    What we recommend you do

    The Australian Government has created a diagnostic website which will, in most cases, confirm whether or not a user's computer is infected with DNSChanger malware: Australian Government DNSChanger Diagnostic

    The FBI has provided a PDF document with detailed instructions (including screenshots) to manually check the DNS settings on both Windows and Mac OS X based computers: FBI DNSChanger Malware Document

    As a minimum step, we recommend that you click on the Australian Government's diagnostic website and see whether it displays a green box with the words, “You do not appear to be affected by DNSChanger”.

    Then, if you want to be more certain that this diagnosis is correct, it is also recommended that you follow the detailed instructions in the FBI's PDF document to help to determine whether your computer is infected with DNSChanger. You should also perform a thorough virus-scan of your computer using an up-to-date virus scanner to ensure that it is not infected with the DNSChanger malware.

    If you do find that have been infected with the DNSChanger malware, you should seek professional assistance to ensure that the malware is removed successfully.

    Where you can find more information

    The Australian Government has also provided some additional information regarding the DNSChanger Malware here: DNSChanger Information

    The FBI has also provided further information regarding internet fraud associated with the DNSChanger Malware here: Manhattan U.S. Attorney Charges Seven Individuals for Engineering Sophisticated Internet Fraud Scheme That Infected Millions of Computers Worldwide and Manipulated Internet Advertising Business

    Additional information regarding the DNSChanger Malware can be found at the DNS Changer Working Group (DCWG) website: DNS Changer Working Group

    Source: Stay Smart Online Service 

    AuthorWilkie IT | CommentPost a Comment |
    tagged in
    Thursday
    Sep292011

    Mozilla releases version 7.0 of Firefox and Thunderbird

    DateThursday, September 29, 2011 at 7:27AM

    Software affected

     The following software is affected

    • Mozilla Firefox version 6.0.2 and prior 
    • Mozilla Thunderbird version 6.0.2 and prior

    on 

    • Windows (All Versions)
    • Mac OS X (All Versions)
    • Linux (All Versions)

    What is the problem?

    Mozilla Firefox version 6.0.2, Thunderbird version 6.0.2 and their prior versions contains several bugs, which if not fixed, could result in your computer being attacked by criminals and may make your web browser or email client unstable and crash.

    Your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).

    What we recommend you do

    To find out which version of Mozilla Firefox you have, open Mozilla Firefox and in the top left corner click the "Firefox" button and then select the triangle next to 'Help' and click 'About Mozilla Firefox'. The problem can be easily fixed by selecting the "Check for Updates" menu item under the "Help" menu and then clicking "Apply Update".

    To find out which version of Mozilla Thunderbird you have, open Mozilla Thunderbird and click the 'Help' option from the main menu. Then select 'About Mozilla Firefox'. The problem can be easily fixed by selecting the "Check for Updates" menu item under the "Help" menu and then clicking "Apply Update".

    Alternatively you can download and install the update from:

    http://www.mozilla.com/

    If you have a version of Mozilla Firefox which begins with 3, 4, 5 or 6 it is recommended you upgrade to the latest version, 7.0.

    Where you can find more information

    http://www.mozilla.com/en/firefox/7.0/releasenotes/ 
    http://www.mozilla.org/en/thunderbird/7.0/releasenotes/

     

    Source: www.ssoalertservice.net.au.

    AuthorWilkie IT | CommentPost a Comment |
    tagged , , in , ,
    Wednesday
    Aug102011

    Microsoft Patches for August 2011

    DateWednesday, August 10, 2011 at 8:25AM

    Software affected

     The following software is affected

    • Microsoft Windows XP
    • Microsoft Windows Vista
    • Microsoft Windows 7
    • Microsoft Windows Server 2003
    • Microsoft Windows Server 2008
    • Microsoft Windows Server 2008 R2
    • Microsoft Visio 2003
    • Microsoft Visio 2007
    • Microsoft Visio 2010
    • Internet Explorer 6
    • Internet Explorer 7
    • Internet Explorer 8
    • Internet Explorer 9 

    on 

    • Windows 2000
    • Windows XP
    • Windows Vista
    • Windows 7
    • Windows Server 2003
    • Windows Server 2008
    • Windows Server 2008 R2

    What is the problem?

    There are several bugs in the Microsoft products listed above which, if not fixed, could result in your computer being attacked by criminals. Your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).

    It has been reported that criminals are actively exploiting these vulnerabilities at present

    What we recommend you do

    The problem can be easily fixed by downloading and installing the software updates recommended by Microsoft.

    Setting up automatic updates on your computer's operating system will save you time and reduce the risk to you and your files.

    Unless your operating system is already set to update itself automatically, it is recommended you apply the updates as soon as possible to reduce your risk.

    Information on how to set up Automatic Updates can be found here:

    For Windows XP:

    Factsheet 2 - Setting up automatic updates in Windows XP
    http://www.microsoft.com/protect/computer/updates/xpsp2.mspx

    For Windows Vista:

    Factsheet 22 - Setting up automatic updates for Windows Vista
    http://www.microsoft.com/protect/computer/updates/vista.mspx

    For Windows 7:

    Factsheet 23 - Setting up automatic updates for Windows 7
    http://windows.microsoft.com/en-us/windows7/Turn-automatic-updating-on-or-off

    The Microsoft Update web site enables you to update your Microsoft operating system and all other Microsoft software, such as Microsoft Office, from one location. When you visit Microsoft Update, the site scans your computer and gives you a list of updates relevant to your computer and its configuration. You then decide which updates you want to download and install.

    http://update.microsoft.com/microsoftupdate

    Where you can find more information

    http://www.microsoft.com/technet/security/bulletin/ms11-aug.mspx

    AuthorWilkie IT | CommentPost a Comment |
    tagged , in , ,
    Saturday
    Jul232011

    Apple IOS Update

    DateSaturday, July 23, 2011 at 3:56PM

    Software affected

    The following software is affected

    • Apple iOS 4.3.3 and earlier 
    • Apple iOS 4.2.8 and earlier 

    What is the problem?

    There are several bugs in Apple iPhone, iPad and iPod Touch software which, if not fixed, could result in the device being attacked by criminals.

    Your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).

    Apple iPhone, iPad and iPod Touch might crash and become unusable.

    What we recommend you do

    The problem can be easily fixed by updating your Apple software. For each Apple iPhone, iPad and iPod Touch device: connect to your computer, start iTunes and click Check for Update.

    Information about the update can be found here:

    http://www.apple.com/ios/

    Where you can find more information

    More information about these security bugs can be found here:

    http://support.apple.com/kb/HT4802

    http://support.apple.com/kb/HT4803

    AuthorWilkie IT | CommentPost a Comment |
    tagged , in ,
    Monday
    Jun062011

    Adobe Flash Update

    DateMonday, June 6, 2011 at 9:20AM

    Software affectedSoftware affected

    The following software is affected

    • Adobe Flash Player prior to version 10.3.181.16
    • Adobe Flash Player for Android prior to version 10.3.185.22

    on all Operating Systems

    What is the problem?

    There are bugs in the Adobe Flash Player software which, if not fixed, could result in your computer being attacked by criminals. Your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft). It has been reported that criminals are actively exploiting this vulnerability at present.

    This software may be installed on your computer or smart phone as a browser plug-in to display “flash” content found on many popular web sites. Flash content includes some animation and video formats, such as those found on the video site YouTube.com.

    What we recommend you do

    The problem can be easily fixed by updating your computer to the latest version of Adobe Flash software from:

    http://www.adobe.com/go/getflashplayer

    Please note that if you have more than one web browser installed on your computer it is recommended to update the Adobe Flash Player for each browser. This is done by connecting to the Adobe web site separately using each browser. Android users can update their phones by browsing to The Android Marketplace. Adobe expects to make available an update for Flash Player 10.3.185.22 for Android during the week of 6 June 2011.

    Where you can find more information

    Adobe Product Security Incident Response Team (PSIRT):

    http://blogs.adobe.com/psirt/

    Adobe - Security Bulletins: APSB11-13 Security Updates available for Adobe Flash Player:

    http://www.adobe.com/support/security/bulletins/apsb11-13.html

    To verify your existing Adobe Flash Player version number visit:

    http://www.adobe.com/products/flash/about/

    This will also tell you if Adobe Flash Player is installed for the particular browser you use. If you have more than one browser installed, eg, Windows Internet Explorer and Safari or Mozilla Firefox, etc, repeat this process using each browser. If the Adobe Flash Player plug-in is not installed in your Mozilla Firefox browser, it will say that "additional plugins are required to display all the media on this page". You do not need to install the plug-in for Adobe Flash Player unless you wish to do so.

    AuthorWilkie IT | CommentPost a Comment |
    tagged , , in ,
    Page 1 2 Next 5 Entries ยป