Security Protection – Harry Waldron MVP Rotating Header Image

November 26th, 2012:

AV Comparatives Testing – Which AntiVirus cleans best

AV Comparatives recently tested cleaning capabilities for free and premium AV products.  All products tested did fairly well in scoring.

http://www.av-comparatives.org/images/docs/avc_rem_201211_en.pdf

http://securitywatch.pcmag.com/none/305309-which-antivirus-cleans-best

QUOTE: Bitdefender Antivirus Plus 2013 and Kaspersky Anti-Virus (2013) managed an A average in both removal and convenience. That comes as no surprise to me; both products also scored very well in my own malware cleanup test. Panda Cloud Antivirus Free Edition 2.0 came close with an A- in both categories. All three of these products earned the top rating, ADVANCED+.  Even the lowest scores weren’t dreadful. AVG Anti-Virus FREE 2013 earned a B average for both thorough removal and convenience, while avast! Free Antivirus 7 averaged a B for convenience and B- for thorough removal. These got a STANDARD rating, the lowest passing rating. All of the others were rated ADVANCED.  Overall, products in this test did better than in last year’s test.

Windows 8 – Improved System Restore utilities

The System Restore process was improved for Windows 8.  The following compares the new approach with an advanced third party recovery tool.

http://securitywatch.pcmag.com/none/305179-windows-8-reset-and-refresh-versus-faronics-deep-freeze

QUOTE: In theory, if you screw up your settings or otherwise run into trouble, the Windows System Restore feature can put things right. In my years of experience, however, I’ve found that using System Restore causes more problems than it resolves. The new Refresh feature in Windows 8 is intended as a better kind of System Restore, and the Reset feature should reset your Windows 8 installation to a pristine out-of-box installation.

When you run Windows 8 Refresh, it keeps your files and personal settings but restores all Windows settings to their defaults. Applications that you installed from disk will be removed and logged; apps from the Windows Store will remain.  Mehta found that the process took about 30 minutes. It turns out that apps from the Windows Store actually do get removed during the process, but it reinstalls them automatically. It also removed all Windows updates, so he had to reinstall those. And it gave the first-time treatment to each user account, rebuilding the profile and offering a Windows 8 tutorial.

FBI – New tactics to investigate Securities Fraud

The FBI is using social media networks to investigate security fraud, as noted below:

http://www.nbcnews.com/technology/technolog/fbi-uses-twitter-social-media-look-securities-fraud-1C7209895

QUOTE: The FBI sees social media as a potential breeding ground for securities fraud, and has agents scouring Twitter and Facebook for tips, according to two top agents overseeing a long-running investigation into insider trading in the $2 trillion hedge fund industry.  April Brooks, a special agent in charge of the New York field office of the Federal Bureau of Investigation, and David Chaves, a supervisory agent, said it is hard to predict the next wave of securities fraud, but they add that it will have a lot to do with advances in technology and social media.

“I will tell you technology will play a huge part, social media, Twitter. Any kind of technology that is new and doesn’t exist today, if there is any way to exploit it, these individuals will exploit it,” Brooks told Reuters TV in an interview for the Reuters Investment Outlook 2013 Summit. Brooks and Chaves oversee what the FBI calls “Operation Perfect Hedge,” which has led to more than 60 convictions of hedge fund traders, analysts and industry consultants.

Macy’s Day Parade 2012 – Sensitive data in shredded confetti

Sensitive police documents were apparently shredded and used as confetti in the annual Macy’s Thanksgiving Day Parade

http://nakedsecurity.sophos.com/2012/11/26/confidential-parade-confetti/

QUOTE: The world’s most famous Thanksgiving parade is probably not where you’d expect to find shredded confidential police documents. But that’s exactly what Ethan Finkelstein says he found while enjoying the annual parade in New York City last Thursday, according to an American news station.  Finkelstein told PIX11 he was watching the parade from 65th Street and Central Park West when he noticed some of the confetti stuck to his friend’s coat. As they picked it off they noticed it had the letters ‘SSN’ and a number next to it. So they gathered some more confetti that had fallen around them. They found other confidential information, such as arrest records and police officers’ details, including social security numbers and dates of birth. Some of the documents identified detectives – including undercover officers – by name.

Cyber Monday 2012 – Saftey tips for shopping via Internet

This article by PC Magazine offers excellent safety advice in four distinct vulnerable areas:

http://securitywatch.pcmag.com/none/305284-shop-online-safely-this-holiday-season

QUOTE: While Black Friday marked the beginning of holiday shopping in stores around the country, many consumers are increasingly counting on online deals to find the best gifts. In a PriceGrabber.com survey of 4,958 U.S. online shoppers, 41 percent of consumers said they planned to shop online on Cyber Monday, the first Monday after the long Thanksgiving weekend. Almost a third of respondents planned to shop online after looking for sales during the Black Friday weekend, and 29 percent planned to take advantage of Cyber Monday deals to get their shopping done early. Retailers aren’t the only ones prepping deals; cyber-criminals are paying attention, too. Consumers scouring the Web for amazing deals and acting quickly before special offers expire are highly vulnerable to email messages and posts on social networks containing malicious links.

FOUR KEY AREAS OF SAFETY REQUIRED

1. Shop on Legitimate, Secure Sites

2. Protect Your Data

3. Protect Your Accounts

4. Protect Your Devices

Facebook – How Free Gift Scams work

Excellent advice by PC Magazine as scam attacks work through malicious applications on Facebook that appear to come from a trusted friend or contact.  Avoid clicking the LIKE button or visiting a URL offered if it seems to good to be true.

http://securitywatch.pcmag.com/none/305285-dissecting-the-facebook-gift-scam-how-they-get-you

QUOTE: “Get free stuff!” is a common lure scammers use on Facebook. It doesn’t matter if the pitch is for a free airplane ticket, a free iPad, or just a voucher for a free coffee. Everyone likes getting something for free.  While the bulk of Hunt’s analysis focused on a supposed $400 voucher promotion from Australian retailer Woolworths, there are similar scams for other retailers, including Starbucks, Costco, and Harvey Norman, he said.   “The scam relies of the power of social media leverage by making the victim the advocate for the scam. It’s their wall that’s telling all their friends how awesome the scammer’s page is,” Hunt wrote.

It all begins with a friend. Or more precisely, a post from a Facebook friend in the Newsfeed advertising a voucher or a free gift from a company. Users who click on the link first land on the promotion page, which displays a share widget, user comments, and a Like button. After the user completes all three steps (and ensures friends will now see the post in their Newsfeeds), the user is redirected several times before landing on the final scam page. It may be a survey site, a form asking users to fill out information to win a prize, or some other malicious site. There will be no sign of that initial free gift, though.