Security Protection – Harry Waldron MVP Rotating Header Image

November 27th, 2012:

Holiday Season 2012 – Seven safety tips for online shopping

More online safety tips for the 2012 holiday season:

http://www.forbes.com/sites/firewall/2012/11/25/you-better-watch-out-online-attacks-are-coming-to-town/

https://isc.sans.edu/diary.html?storyid=14569

QUOTE: It is time for a more consumer oriented blog post with a couple of hints about what to watch out for during the holiday online shopping season. How do you watch out and tell who is naughty and nice online? You better check twice or you better not cry if you lose your money, your credit cards, or even your identity.

1. Stick to Sellers you Know

2. Don’t Trust Customer Reviews Blindly

3. Be Careful with “Phishing”

4. Watch Your Credit Card Statement Carefully

5. Be a Cautious Seller

6. Be Careful When and How to Meet a Craigslist Seller

7. Don’t Buy Stolen Property

Computer Security Controls – Better safe than sorry

This article in the Mac Security Blog makes a great point,  While seatbelts won’t prevent all injuries, you are much safer by buckling up.  Likewise, security controls won’t guarantee complete safety, but folks can stay better protected through technical safeguards and best practices.

http://www.intego.com/mac-security-blog/security-measures-arent-completely-effective-but-that-doesnt-mean-you-shouldnt-use-them/

QUOTE: Passwords, security software, and user education don’t prevent 100% of computer security problems. There are some large holes in “typical use” of these things — no one will disagree with that. Should you stop using them? Every few months, there is some new article suggesting exactly that. The latest to join this trend is an article by Mat Honan discussing the inefficacy of passwords.  This much is true: if you’re only using easily guessable passwords and signature-based antivirus on a Windows machine, you’re likely to get hit with malware or have your accounts hacked sooner than later. But if you’re updating your software, using complex passwords, and implementing a security suite including anti-virus with behavioral scanning plus a firewall, your odds of being hit are much lower. At the very least, your protection is going to be way better than what most people are using, so you could be a less tempting target.

W32.Narilam – New SQL data base malware emerges in Middle East

Symantec has identified a new sophisticated malware threat designed to alter SQL Server databaseswhere user rights are not properly locked down.  As with the Stuxnet attacks, this new threat is most active in the Middle East

http://www.symantec.com/connect/blogs/w32narilam-business-database-sabotage

http://securitywatch.pcmag.com/none/305296-database-modifying-malware-narilam-a-corporate-sabotage-tool

QUOTE: In the last couple of years, we have seen highly sophisticated malware used to sabotage the business activities of chosen targets. We have seen malware such as W32.Stuxnet designed to tamper with industrial automation systems and other destructive examples such as W32.Disstrack and W32.Flamer, which can both wiped out data and files from hard disks. All of these threats can badly disrupt the activities of those affected.  Following along that theme, we recently came across an interesting threat that has another method of causing chaos, this time, by targeting and modifying corporate databases. We detect this threat as W32.NarilamBased on the detections observed, W32.Narilam is active predominantly in the Middle East.

Just like many other worms that we have seen in the past, the threat copies itself to the infected machine, adds registry keys, and spreads through removable drives and network shares. It is even written using Delphi, which is a language that is used to create a lot of other malware threats. All these aspects of this threat are normal enough, what is unusual about this threat is the fact that it has the functionality to update a Microsoft SQL database if it is accessible by OLEDB.