Computer News & Safety – Harry Waldron Rotating Header Image

November 14th, 2011:

Facecrooks – Facebook Safety Blog

This blog highlights new Facebook attacks

Facecrooks – Facebook Safety Blog
http://facecrooks.com/

Facecrooks – Best Practices in using Facebook
http://facecrooks.com/Safety-Center/Safety-Center.html

Facecrooks – Privacy and Security made simple
http://facecrooks.com/Safety-Center/Facebook-Privacy-and-Security-Made-Simple.html

Facebook – Avoid the 15 Second video challenge

Please avoid suspicious links like this on Facebook

Facebook – Avoid the 15 Second video challenge
http://blog.eset.com/2011/11/13/facebook-video-scam-15-seconds-dont-watch-it-at-all

QUOTE: One of my Facebook friends drew my attention today to a fast-spreading link. I’m pleased to say that he knew better than to look at it, but I figured it was worth seeing what it was all about. The link comes with this message, according to Facecrooks.com (a good place to check for stuff like this):

98 Percent Of People Cant Watch This Video For More Than 15 Seconds

CLICK LINK TO WATCH VIDEO & SEE HOW LONG YOU CAN LAST!!

Needless to say, clicking the link is not a good idea. It’s a survey scam: if you do follow the link, it takes you to a fake Facebook page that looks as if it contains a video, but if you click the “play” button, it loads a “Share” box so that you can irritate all your friends by spamming them with the same message

Microsoft Hyper-V Security recommendations

Below are key resources for improving Hyper-V security 

Simple Security Recommendations When Using Hyper-V
http://technet.microsoft.com/en-us/security/hh535714

QUOTE: Microsoft has a few articles on TechNet that outline some of the key aspects of a secure deployment of the Hyper-V virtualization technology, a feature of Windows Server 2008 R2.

Microsoft Hyper-V Security Best Practices
http://technet.microsoft.com/en-us/library/dd283088(WS.10).aspx

— Use a Server Core installation of Windows Server 2008 for the management operating system.
— Do not run any applications in the management operating system—run all applications on virtual machines.
— Use the security level of your virtual machines to determine the security level of your management operating system.
— Do not give virtual machine administrators permissions on the management operating system.
— Ensure that virtual machines are fully updated before they are deployed in a production environment.
— Ensure integration services are installed on virtual machines.
— Use a dedicated network adapter for the management operating system of the virtualization server.
— Use BitLocker Drive Encryption to help protect resources.

Additional Recommendations

FBI Operation Ghost Click – Largest Cybercriminal shutdown in history

As Trend Labs notes, the FBI’s Operation Ghost Click initiative is so far the largest cybercriminal shutdown in history

FBI Operation Ghost Click – Largest Cybercriminal shutdown in history
http://blog.trendmicro.com/esthost-taken-down-%e2%80%93-biggest-cybercriminal-takedown-in-history/

QUOTE:  On November 8, a long-living botnet of more than 4,000,000 bots was taken down by the FBI and Estonian police in cooperation with Trend Micro and a number of other industry partners.  In this operation, dubbed “Operation Ghost Click” by the FBI, two data centers in New York City and Chicago were raided and a command & control (C&C) infrastructure consisting of more than 100 servers was taken offline. At the same time the Estonian police arrested several members in Tartu, Estonia. Here is the link to the press release of the FBI.

The botnet consisted of infected computers whose Domain Name Server (DNS) settings were changed to point to foreign IP addresses. DNS servers resolve human readable domain names to IP addresses that are assigned to computer servers on the Internet. Most Internet users automatically use the DNS servers of their Internet Service Provider.  The following links relate to this entry: