A new type of malware has been discovered that breaks SSL encryption, mainly to insert ads in your browsing. This “Superfish” style vulnerability means that even when you connect to your email, bank, 401(k), or even health insurance site, the connection is being re-routed on the fly to the bad guys servers but your browser will still show that green lock saying the connection is secure.
Continue reading “Superfish, Man-in-the-middle, and SSL”
A zero day bug in Internet Explorer was found by FireEye research labs and released to the public on Saturday, 4/26/14. This virus does not have a super fancy name but is being actively exploited on the web: Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-1776).
Microsoft’s security advisory detailing the bug can be found here
If you must use Internet Explorer, only use it for those specific sites that it is required. Also be aware that many other applications such as Outlook and Word use Internet Explorer as the engine to render HTML objects. There are a few steps you can take to mitigate your exposure to the security flaw. Continue reading “Internet Explorer Remote Code Execution Vulnerability”
The best post-infection removal success rate can be had by using a Rescue CD / USB. Here are three that are free:
Kaspersky Rescue Disc 10
note: Avast! requires a full installation on an unaffected machine to download and create the ISO file. Bitdefender and Kaspersky will let you download ISO files directly to burn to disc or create a bootable USB drive. In addition, Bitdefender comes with Team Viewer for Linux pre-installed to allow easy remote desktop sharing for support.
The best real time protection for your business is the one that gives you a complete overview of your company network health. I have found these two products to be the best in terms of features and confidently recommend Webroot Secure Anywhere for their great support. Bitdefender does get the highest marks in online A/V tests. However, I have found their tech support completely underwhelming, often taking days to respond to phone calls.
Webroot Secure Anywhere Endpoint Protection for Business
The following is a round-up of many available free antivirus programs and malware removal tools.
Continue reading “Malware and Virus Removal”
“An ounce of prevention is worth a pound of cure” -Benjamin Franklin
This old saying holds just as true in today’s modern world of electronics. This short post will deal with a few simple steps to make sure your computer and your data are secure from disaster. First, we will focus on making sure software is secure and up to date. Second, I will discuss free antivirus and antimalware real time protection software. Third, I will rehash some best practices regarding passwords. Finally, I will try to drive home the security hole of Java.
Keep Software Up-To-Date
Stop using Windows XP. Period. Technically, you still have one year of critical security updates left. Microsoft will officially stop supporting Windows XP in April of 2014, a full TWELVE years after its original release. But why wait until then? Get your data backed up and either install a free operating system such as Ubuntu, install a paid upgrade of Windows 8 or 7 ($199), or purchase a new computer running Windows 8 for well south of $500. Preventing a security breach and stolen identity is worth far more than the pain of a new computer system.
ENABLE WINDOWS UPDATE. Control PanelSystem and SecurityWindows Update – First, change the default setting of updates to also install updates for all Microsoft software (not just Windows i.e. MS Office). Once this is changed, the Windows Update window will read “You Receive Updates: For Windows and Other Products from Microsoft Update”.
Now click “Change Settings” in the left panel or go to Control PanelSystem and SecurityWindows UpdateChange settings & Choose “Install Updates Automatically“. Also, Laptop users might want to change the update frequency to “Check for Updates, but let me choose when to download and install them.” This is especially true if you are using a metered 4G cellular connection. If you do this, you MUST be sure to keep an eye out for the Windows System Update icon next to the System Clock. Speaking of which…
Enable “Always show all icons and notifications on the taskbar“. Control PanelAll Control Panel ItemsNotification Area Icons. Check box for “Always Show”. Taskbar icons are typically where applications will nag you to update them. Do not ignore these icons. Certain running programs minimize to this area as well, such as antivirus, sound settings, network settings, dropbox, boxcryptor, etc. Get to know what should be there when everything is up to date and notice when something changes.
Last – use an automated software updater program. Microsoft Windows Updates are wonderful at updating security fixes for the Operating System, Word, and Excel, but what about all those security updates to Java, Adobe, Firefox, etc? Secunia software has a FREE application called Personal Software Inspector that can handle this automatically.
Continue reading “Preventing Computer Disasters”
In the past months, every online web service appears to be a target for hacking or just plain old fashion social engineering. LinkedIn passwords were hacked in June. Yahoo leaked online account information in July. Dropbox dropped the ball (again) in August. An Amazon & iCloud social hack devastated an online blogger after a hacker took control, reset his iPhone, wiped his iPad, formatted his MacBook, and locked him out of his Gmail and Twitter accounts!
What we have learned is three fold:
- Never use the same password twice!
- Use “disposable” Credit Card numbers; or at the least, do not use the same credit card for Amazon as Apple.
- Always use Two Factor Authentication when available! Continue reading “Protecting Your Online Accounts”
“SOPA and PIPA wouldn’t stop piracy
To make matters worse, SOPA and PIPA won’t even work. The censorship regulations written into these bills won’t shut down pirate sites. These sites will just change their addresses and continue their criminal activities, while law-abiding companies will suffer high penalties for breaches they can’t possibly control.”
Keep the Internet in technocratic hands.
W3SVC1 log file located in C:inetpublogslogfiles grew to 50GB on a client SBS 2003 server.
Safe to delete manually. Controlled by Start>Run>%SystemRoot%system32inetsrviis.msc
Web Sites > Right click Default Web Site > Properties > Enable Logging
Scheduled task to keep it on but stop the log file from growing unrestricted found here on Microsoft Technet:
at 12:00 /EVERY:Su Forfiles.exe -p C:WINDOWSsystem32LogFilesW3SVC1 -m *.log -d -30 -c “Cmd.exe /C del @path”
Best I’ve found so far.
The process is a little different with SBS 2008 and IIS7:
Disabling WSUS Logging (or any website on Windows Server 2008)
The latest service pack for Time Matters has a quirk that causes it to lose the desktop shortcut to the program and possible corrupt the TM Save link in MS office Add-ins.
Here is how to fix the Microsoft Office 2007 integration error with TM Save plugin for Time Matters 11. If you experience the following errors, please read on.
Time Matters Shortcut is damaged or missing:
Open Start > My Computer and browse to C:Program FilesLexis NexisTime Matters 11
Right click the file “TMWE.exe” and choose “Send to > Desktop (Create Shortcut). Right click the new desktop shortcut and rename to “Time Matters 11”. Right click again and choose “Pin to Start Menu”.
Continue reading “Time Matters 11 sp1 TM Save and Shortcut Errors”
Looking to use your iPad as a dual monitor / extended laptop screen? There are currently three apps that claim to do the following & I put each through its paces and make a recommendation.
- Use your iPad as a second monitor / dual display
- Supports both landscape and portrait mode
- Allows you to set your screen resolution
- Works on either Macs or PCs
Each of these apps basically work in the same way. All three claim to extend your display when both your laptop and iPad are on the same WiFi network. However, the difference between these apps becomes apparent in execution.
Air Display vs iDisplay vs MaxiVista using Win7 64bit SP1 and first gen iPad w/ IOS 4.2.1
Continue reading “Using Your iPad as an Extended Monitor”