SECURITY TO THE CORE

Posts tagged “Microsoft

Windows 8 spam let to malware ..

While most people are enjoying a long weekend off, others are busy hacking websites, writing malware, sending spam and monitoring the progress of their growing Botnet(s).

Microsoft has hardly announced Windows 8 and the first cyber-criminals are already on top of it. Below a copy of a curious email that is being spammed over the “Ascension holiday/weekend”:

From: Microsoft.com [mailto:news@microsoft.com]
Send on: Wednesday 1 June 2011 21:40
Subject: Windows 8 released.
Microsoft R Corporation is proud to announce the latest and the best
operating system available yet. For more details, click
here

When clicking on the link, a file called “8final.gif.exe” is downloaded from a hacked website.

8final

File length: 1136678 bytes.
MD5 hash: b3babe1040d10ab4cbbc62ee2d986f85.
SHA1 hash: 096d5248144240097bc4eb398301a4d355713a09

Depending on your view settings you might not be able to see the second file extension (.exe)

The website (http://ed???ormer.com) which hosts the malware is an educational interest organization, which has unfortunately been compromised by criminals.

This malware is not installed by itself. You have to click on the download link AND double click the downloaded file to be able to infect yourself. One picture is shown you while in the background the malware is installed and started.

The currently downloaded malware is a Trojan which installs an IRC Backdoor which can be used to flood IRC channels. It talks to hxxp://irc.darkbit.info and sets up a connection to 70.32.83.146 and 94.125.182.255 on port 6667.

By adding itself to the Run section of HKLM\Software\Microsoft\Windows\CurrentVersion the malware will automatically load itself when restarted.

AutoStart

This malware was first reported on June the 1st around 10:50 (UTC) and was still available while writing this. More spam and malware will be using the upcoming Windows 8 to lure you into their net.

Don’t fall for this type of spam. Do not open suspicious emails and/or links. Keep your computer up-to-date and use common sense.

For more technical details see the Threat Expert Report: b3babe1040d10ab4cbbc62ee2d986f85

- Lucky H
Advertisements

Microsoft Goes to the Cloud: “Microsoft Office 365”

The new version of Microsoft’s office application is now based on cloud computing, and gives a big step for collaborative editing of files with integration to the existing system.

Capture

Microsoft Office 2010 took the initial step, and now Microsoft has taken the matter seriously. The new version presented by the Redmond company takes a giant step toward the future of computing and collaboration: The Cloud.

Capture1The launch of Microsoft® Office 365 brings you a collaborative solution that integrates the online versions of Microsoft’s most trusted communications and collaboration products like Microsoft Exchange®, Microsoft SharePoint®, and Microsoft Lync®, with the latest version of the Microsoft Office® Desktop Suite.

Microsoft Office 365 is accessible from any browser on any system at any time and at any place.

The test phase will begin soon in 13 countries, with a limited number of companies and is expected to be available in 40 countries by 2011. The Office365 will have two versions: The Small Business and Enterprise.

Documents “In-Cloud” for Small Business & Enterprise

The Microsoft Office 365 for Small Business is designed for enterprises with up to 25 people, and is a default package that includes Office Web Apps, SharePoint Online, Lync Online and a Synchronization Client Mail (Microsoft Exchange Online) and an external website at a cost of US $ 6.00 per user, per month.

Since the Enterprise version, designed for medium and large companies, comes with all the contents of the Small Business version and still has extras:

  • Office Professional Plus;
  • Voice mail;
  • Private social networking company;
  • Corporate instant messaging service;
  • Web portal;
  • Office Web Apps for viewing, sharing and minor editing of documents directly from a browser;
  • Extranet;
  • Conference on IM;
  • Industry-leading, up-to-date anti-virus and anti-spam solutions;
  • Voice conferencing;
  • Video Conferencing;
  • 24×7, IT-level support over the phone, the Web or e-mail;
  • And much more …

Capture2

Due to the amount of available tools, Office Enterprise 365 has a variable cost depending on the uses of each company. The managers will be able to add or remove "modules" to better tailor the tool to the needs of the company.

Therefore, Office Enterprise 365 has a variable cost, which will go from US $ 2.00 to US $ 27.00 per user, per month.

After the release of final version, Microsoft promises that they will release a version devoted exclusively to educational groups, students, teachers and K–12 institutions.

If you or your organization is interested in participating in the Beta phase, you can make the request for inclusion in the Official website of the Office 365.


Combat The Top 5 Hidden Computer Security Threats !!

I am sure every one of you must be aware of the constant threat presented by IT Insects (Computer Malware) these days. But tell me honestly have you ever fear that one day your computer system will be compromised or attacked by malware or malicious hackers because you have never took any precautionary measures to stop hidden computer security threats?

By the way do you know that due to lack of knowledge, thousands of computer users, i must say millions of computer users are becoming the victims of hacking attacks and are getting exposed to possible identity theft every year. According to a survey released by Javelin Strategy & Research on Feb 2010, there’s over 11.1 million cases of online identity theft registered in the U.S. last year. And the amount of money potentially affected by these frauds is about $54 billion. Shocking, isn’t it? This the one of the first and foremost reason to take computer security seriously.

Don’t let it happen to you. There are many ways to protect yourself from the most recent and most malignant security threats. The following are a few best practice guidelines to follow which can help you avoid becoming the next victim of these heinous crimes by halting them in their tracks that could be lurking around waiting for your next wrong move.

Top Hidden Security Threats

Social Networking

One of the most recent security threats including phising, scams initiated on popular social networking websites. These threats can be a real disaster waiting to happen to you. If you have connected with someone on social networking websites like Facebook, Orkut, Twitter, LinkedIn, Hyves or another social network website, it’s probably because you know and trust them. But still you should take a few important steps to protect yourself from being attacked. I am sure you must be wondering WHY? Reason is because Attackers, can take control of your friend’s online persona and then exploit that trust. But you can take few precautionary measures to protect yourself from being attacked. One step you can take is check your privacy settings  within Facebook, Orkut and Twitter. These settings allow others users to view your personal details that you may have forgot that you provided, which in-turns open the floodgates and permit everyone to see your information . By locking down the privacy settings you can block an authorized person to dig your information that could give away a password to an online account. In addition to that don’t accept any friend requests from people that you do not know because this can easily give an outside attacker access to additional information that you block for others. So if you’re damn serious about protecting your personal details then you shouldn’t accept such requests.

Not to mention, a Facebook “friend” or Twitter “follower” can send also send you malicious messages as because they himself chances get compromised because malware infection or clickjacking attack. So you should be cautious every time.

Computer Snooping

If you use a public computer to access any of your personal information or banking websites, then it is highly recommended to erase your tracks, as because at the end of every browsing session, there is considerable amount of tidbits information gets stored in Internet TEMPORARY Files. This can be done by erasing the history in the web browser that you used and choosing the option to NOT save passwords.

It is never suggested that you use a public computer to access any of your personal or confidential information. Even using your own personal computer can be a risk as well if you allow others to access to the same account or profile. If you use a personal desktop or laptop computer then always ensure that you use best password to protect it to keep others from accessing personal data.

Scareware

Scareware  is a class of software designed only to cause anxiety in the unsuspecting user. One of the best example is  rogue anti-malware program that puts up a dialogue box saying “Attention !! Dangerous Threats Found On Your System” with two  buttons labeled OK (To download the anti-spyware) and CANCEL. Regardless which button is chosen you would be either taken to fake website or will be compromised by getting rogue software installed in your system.

The use of scareware aka extortionware is a growing problem that the normal computer user might not be aware of. Popular rogue anti-spyware program such as AntiVirus 2010 are used to initiate scareware tactics on the affected system without any end-user intervention. Once  the malware is installed onto a user’s computer, it opens up numerous possibilities on how the malware can take advantage of the end user.

Sometimes these attacks are presented in the form of alert messages that pop-up on the computer screen or an email message that appears to be from a legitimate banking or financial institution. Being in-the-know of these types of hidden threats can greatly reduce the risks/chances of your computer system being compromised or even being damaged by malicious scareware aka extortionware methods. Another and most foolproof way to protect yourself from these hidden threats is by installing and running an updated Anti-Malware software.

Wi-Fi Network Security/Rogue Wi-Fi Networks

Today, one of the most popular hidden threats that exist literally in thin air is a rogue Wi-Fi access points or malicious Wi-Fi network. If you connect to the internet at your local coffee shop, shopping mall or even at the airport, chances are there is a cyber-spy who can capture your PC’s traffic and can assemble all the insightful information such as your user name & password, banking information and other confidential information. Any unsecured wireless network can be hacked into to monitor and view every communication you make over the internet.

This kind of hidden threat can be avoided by simply finding out the SSID of that center’s network. Security Set Identifier (SSID) is the name of the wireless network which is relayed over the airwaves and your computer receives this networks signal as a result of which the name appears in the list of all the existing networks. Connecting to only a secured Wi-Fi network is always advisable and also a good step to take. Just because a Wi-Fi network appears in your list of available networks doesn’t mean that it is safe to connect to.

Outdated Software

Do you know that Microsoft and Adobe products  are one of the most leading and favorite targets for cyber criminals? It is not just Windows operating systems that hackers only target. Attackers usually target many Microsoft and Adobe applications too that are out dated or left un-patched. That simply means if you are running an outdated software application that had a vulnerability discovered, then a hacker can use those vulnerabilities and weakness of that specific program to attack your system. These are the main reasons why companies such as Microsoft and Adobe keep rolling out security patches within the application updates. The same thing also applies to security applications such as Anti-Virus or Anti-Spyware programs. The main purpose for downloading and installing latest virus definitions is to keep your Anti-Malware application updated so that it can able to recognize a new threat that was recently released into the wild. If a program is left out-dated by you, then there is a high chance that your machine could be at risk of being getting compromised or attacked. The best way to guard you self from this type of attack is to keep all your software applications updated.

You can also use a program such as the Secunia Personal Software Inspector a FREE security tool which is designed to detect known vulnerabilities and out-dated programs and plug-ins which expose your PC to attacks and install the necessary updates.

Keep in your mind that “You are the ONLY one who can protect yourself from being getting compromised” … Stay Safe, Stay Secured !!

If you know more hidden security threats that you have discovered recently, then do share it with me… 🙂