Security Protection – Harry Waldron MVP Rotating Header Image

May, 2012:

London 2012 Olympics – Please be careful of Malware attacks

These are starting to surface in all vectors (e.g., email, Facebook, malicious websites, etc)

London 2012 Olympics – Please be careful of Malware attacks
http://securitywatch.pcmag.com/apps-and-websites/298489-beware-of-olympic-related-scams-malware-spam

QUOTE: Cyber-criminals are using the upcoming summer Olympic Games in London as bait to lure unsuspecting Internet users to their malicious websites and scams. The Department of Homeland Security laid out the many threats to the Olympic Games in a detailed warning last week. DHS warned about politically-motivated attempts to disrupt the Games that may use physical methods or cyber-attacks, such as defacing websites and distributed-denial-of-service attacks. The warning also devoted a section to potential spear phishing attacks to steal information and malware and spam designed to divert Internet users to malicious sites.

Internet users need to beware of social engineering scams, malware redirects, poisoned search results using blackhat search engine optimization (SEO) techniques, and regular scams, DHS warned. The DHS is also worried about the potential of malicious mobile apps masquerading as Olympic-related applications.

McAfee Study – 1 in 6 users do not use AV protection

An up-to-date report on AV protection trends

McAfee Study – 1 in 6 users do not use AV protection http://securitywatch.pcmag.com/security-software/298505-one-in-six-pc-users-goes-naked-security-wise

QUOTE: You’ve got antivirus protection, I’m sure – perhaps you even have a full security suite installed. But what about your friends and neighbors? A study by security giant McAfee reveals that one in six consumers worldwide either has no security protection installed or has protection that’s disabled. An optimist might say instead that five in six do have protection. However, the billions who don’t cause trouble for all of us, as their PCs can easily be co-opted to spread malware, spew spam, or participate in distributed denial of service attacks.

 Who’s Safest? – According to McAfee’s report, the top five best-protected countries are, in descending order: Finland, Italy, Germany, New Zealand, and Denmark. In Finland, a hair over 90 percent of consumers have at least basic security protection installed on their PCs. That figure drops to a bit over 86 percent in Italy and on down to 85 percent in Denmark.

Windows 8 Release Preview – released today with Metro compliant apps

The apps were highlighted as a key surpise in early reivew of the new Windows 8 version released to the public today

Windows 8 Release Preview: Microsoft gets its apps together
http://www.zdnet.com/blog/bott/windows-8-release-preview-microsoft-gets-its-apps-together/5042

 

QUOTE:  Microsoft’s carefully timed unveiling of Windows 8 has been frustratingly incomplete. Today’s launch of the Release Preview fills in many of the missing pieces, with the biggest surprise being a rich and polished collection of Metro style apps. Microsoft publicly unveiled the Windows 8 Release Preview today. If you’ve been skeptical of Windows 8 so far, prepare to be surprised. Microsoft’s painstakingly staged reveal started with a Developer Preview last September, followed by a Consumer Preview at the end of February. Each milestone has unveiled new features, but the overall picture has been frustratingly incomplete.

ADDITIONAL LINKS FOR NEW RELEASE OF WINDOWS 8
Microsoft’s Windows 8 Release Preview: What’s in and what’s out
Windows 8 from every angle: A guided tour of the Release Preview

Microsoft – New MVP Award Website launched

A new implementation of the Microsoft MVP site was launched today

Microsoft – New MVP Award Website launched today http://blogs.msdn.com/b/mvpawardprogram/archive/2012/05/31/the-new-mvp-award-web-site-has-launched.aspx

The new MVP Award Web site went live today, offering a more in-depth look at this dynamic global community. Here are a few new features you’ll find at the site’s new URL:

· MVP Spotlights—a monthly series that offers a picture of the way individual MVPs make a difference in the community.

· Regional highlights and events—the site is published in 11 languages and showcases what’s happening in MVP communities around the world.

· Live social media feeds—these often reflect local languages and events.

And don’t forget to sneak a peek at the new Find an MVP page, featuring a mosaic of MVP profiles that updates regularly. Recognize anyone?

Microsoft – New MVP Award Website http://mvp.microsoft.com

Facebook – New More granular site ADMIN rights implemented

Facecrooks Security shares how administrators for large corporate sites can set authoring rights on a more granular level than in the past.

How to Set Admin Roles for your Facebook Page http://facecrooks.com/Internet-Safety-Privacy/how-to-set-admin-roles-for-your-facebook-page.html

QUOTE: Finally, Facebook is allowing multiple roles for page administrators! Prior to this feature, giving someone admin access to a Facebook page was an all or nothing thing. All admins had complete and total access to the page. Obviously, this posed huge security risks on many different levels and made it way too easy for pages to be hi-jacked or deleted. Also, if any admin had their Facebook account compromised, then pages under their control were in jeopardy.  Now all of that has changed and page owners can breathe a sigh of relief. Pages can have admins assigned with the following roles:

1. Manager 2. Content Creator 3. Moderator 4. Advertiser 5. Insights Analyst

MORE DETAILS CAN BE FOUND HERE https://www.facebook.com/help/?page=394501407235259

Skywiper (Flamer Virus) – Huge 20MB modular suite of malware

The new Skywiper (aka Flamer) malware suite is modular and incredibly complex as documented in this PC Magazine article:

PC Magazine – Flamer Isn’t a Stuxnet Spinoff http://securitywatch.pcmag.com/security-spyware/298425-flamer-isn-t-a-stuxnet-spinoff

QUOTE: A new and seriously complex malware threat came to light this past weekend, targeting PCs in the Middle East. Some researchers and commentators made the natural assumption that it was connected with the Stuxnet worm which made news in 2010 by disrupting Iran’s nuclear research. After all, when Duqu turned up in 2011, experts concluded it was indeed written by the Stuxnet crowd, or coders with full access to Stuxnet source. But like the song says, it ain’t necessarily so.

 

This latest threat is called Flamer, Flame, or sKyWIper, depending on who you ask. Flamer, Duqu, and Stuxnet do have some things in common. To start, all three are seriously modular, in a way that lets their command and control servers add or update functionality at any time. Flamer takes this to an extreme, downloading its modules in multiple sessions.

Flamer definitely needs to take it easy on download impact to avoid giving itself away. At 20MB for all modules, it’s a veritable giant. A Stuxnet infestation takes just 500KB of space, according to Kaspersky researchers. Part of Flamer’s size involves the use of many third-party code libraries, prefab modules that handle tasks like managing databases and interpreting script code. Neither Stuxnet nor Duqu rely on third-party modules.

Skywiper (Flame Virus) – Several good links here http://securitygarden.blogspot.com/2012/05/flame-aka-flamer-or-skywiper.html

McAfee shares excellent summary of Skywiper’s features http://blogs.mcafee.com/mcafee-labs/skywiper-fanning-the-flames-of-cyber-warfare

QUOTE: Skywiper is a modular, extendable and updateable threat. It is capable, but not limited to the following key espionage functions:

- Scanning network resources - Stealing information as specified - Communicate to C&C Servers over SSH and HTTPS protocols - Detect the presence of over 100 security products (AV, Anti-Spyware, FW, etc) - Both kernel and user mode logic is used - Complex internal functionality utilizing Windows APC calls and and threads start manipulation, and code injections to key processes - It loads as part of Winlogon.exe then injects to Explorer and Services - Conceals its present as ~ named temp files, just like Stuxnet and Duqu - Capable of attacking new systems over USB Flash Memory and local network (slowly spreads) - Creates screen captures - Records voice conversations - Runs on Windows XP, Windows Vista and Windows 7 systems - Contains known exploits, such as the Print Spooler and lnk exploit found in Stuxnet - Uses SQLite Database to store collected information - Uses custom DB for attack modules (This is very unusual, but shows the modularity and extendibility of the malware) - Often located on nearby systems: a local network for both C&C and target infection cases - Utilizes PE encrypted resources

Windows 8 – Creating the new Desktop experience

A detailed and historical recap detailing Microsoft’s vision for Windows 8

Building Windows 8 Blog – Creating the Windows 8 user experience http://blogs.msdn.com/b/b8/archive/2012/05/18/creating-the-windows-8-user-experience.aspx

QUOTE (a few key excerpts): The Windows 8 user experience is forward-looking, yet respectful of the past. It reimagines what a PC is capable of, the scenarios for which it is optimized, and how you interact with it. It enables tablets and laptops that are incredibly light and thin, with excellent battery life, which you can use with touch and keyboard and mouse in any combination you prefer. It is also the most capable, lean, and usable OS ever to power desktop PCs and gaming rigs.

The new Windows 8 user experience is no less than a bet on the future of computing, and stakes a claim to Windows’ role in that future. We tried to break new ground in imagining how using a PC might become a fluid and enjoyable experience, how apps might work together to simplify the tasks you do every day, and how a single screen could bring together everything you love and care about into one always up-to-date place.

We believe in convergence—this has happened again and again in technology, and it will continue. We believe that you will want to carry around fewer, more capable devices. In addition to your phone, you want only one device that is equally at home on the couch and on the desk. You want a device that is light enough to hold for hours, but powerful enough to do real work with familiar and full-featured software—and which also allows a mouse or physical keyboard if you want. A device that is deeply personal, that natively understands the cloud, that roams your settings and content wherever you go.

Our vision for Windows 8 was to create a modern, fast and fluid user experience that defines the platform for the next decade of computing. One which upends the way conventional people think about tablets and laptops and the role of the devices they carry.

Facecrooks Security – Top 10 Facebook scams for May 2012

Please avoid all of the attacks currently in circulation:

Facecrooks Security – Top 10 scams for May 2012 http://facecrooks.com/Scam-Watch/top-ten-facebook-scams-to-avoid.html

QUOTE: We have created a top ten list of the most common and active Facebook scams to look out for

1. Profile Viewers and Profile Blockers 2. Free iPads & iPhones 3. Free Facebook Credits 4. Free Items, Gift Cards & Tickets 5. Breaking News Stories 6. Phishing Attempts to Steal Your Login Info 7. Bogus Chat Messages 8. Shocking & Sexy Headlines 9. Fake Celebrity Stories 10. “Help I’m Stranded and Need Money”

Facebook – Avoid new Account Verification scam

Facecrooks security warns of a new scam actively circulating. Please avoid clicking on all untrusted links and especially installing a special application under Facebook.

WARNING : Announcement From FACEB00K Verification Team. All Profiles Must Be Verified Before 1st June 2012 To Avoid Scams and Scams Under SOPA ACT.The Unverfied Accounts Will Be Terminated. http://facecrooks.com/Scam-Watch/warning-announcement-from-faceb00k-verification-team-all-profiles-must-be-verified-before-1st-june-2012-to-avoid-scams-and-scams-under-sopa-act-the-unverfied-accounts-will-be-terminated-facebook-s.html

Scam Type: Rogue Application, Survey Scam

Trending: May 2012

Why it’s a Scam: Clicking the wall post link takes you to the following Facebook application installation screen

Windows 8 – New Family Security Controls are coming

Windows 8 will introduce some new features allowing parents to better monitor or filter website visitation by their children. Each child can be setup with a user account that parents can customize controls to help ensure greater safety.

Windows 8 – New Family Security Controls http://blogs.msdn.com/b/b8/archive/2012/05/14/keeping-your-family-safer-with-windows-8.aspx

QUOTE: One of the intrinsic capabilities of Windows 8 is the ability to use multiple accounts on any PC. This makes it much easier for parents to use tools that can help protect their children from content on the Internet as they see fit. It is also a great way for each family member to maintain their own unique online identity while still sharing a single PC. Microsoft has been a leader in creating tools to help maintain a safe computing environment for all users as well as for parents in particular. With Windows 8 we have substantially improved the family safety features and services available.