Chad's News

Here’s a new type of computer attack that could catch the unwary user. The program, called Ippon, scans unsecured wireless traffic for software update requests, many of which are automatically performed by the programs on your computer. It then responds to the update request before the real site does, and your system is updated with malware that can take over your computer, steal personal information, or destroy data. There are ways to defend against this, but it takes a tech-savvy person to use them.

Link: http://blogs.techrepublic.com.com/…

Criminals placed a fake ATM in a Las Vegas hotel, hoping to skim card and PIN data. Unfortunately for them, the hotel was hosting the Defcon hacker conference. While normal people might not notice a problem, it didn’t take long for attendees to spot the fake ATM and report it to the authorities.

Link: http://www.computerworld.com/…
(via Slashdot)

Be careful when connecting to airport wireless networks, especially if they’re free or unsecured. Problems range from legitimate but poorly secured networks to fake networks designed to grab your login credentials. According to the linked article, this problem is very rampant, and you shouldn’t do anything sensitive or confidential on these networks. This would mean not entering any login information, even to check email.

Link: http://www.foxnews.com/…
(via Slashdot)

Back in March, there was some concern about the Conficker worm. The linked article has a very readable overview of the worm, its history, what happened on April 1^st, and what it’s up to now.

Link: http://www.newscientist.com/…

There’s a new virus/worm out, and it’s taking the web by storm. Here’s how it works:

1. You visit an infected site that has a malicious script.
2. The script takes advantage of bugs in Adobe Reader and Adobe Flash to infect your system with a virus.
3. If you have any FTP programs installed on your computer, the virus gets the login credentials, connects to the sites, and infects those websites with the script. This means that anyone visiting -your- site will now be infected.
4. Whenever you use Internet Explorer to visit Google, you are redirected to a different site, possibly to activate pay-per-click advertisements.

To protect against Gumblar, do the following:

1. Install the latest version of the Adobe Reader.
2. Install the latest version of Adobe Flash Player. (Note, there’s one version for Internet Explorer and another version for all other browsers—you may need to install both.)
3. Update your antivirus software and definitions, then run a virus scan.

For those who have FTP programs installed with saved passwords, I suggest (1) configure your FTP client so it doesn’t save the passwords, and (2) change the passwords. Also, this article explains how to determine if your website is infected and lists methods to remove the malicious code.

Link: http://www.itworldcanada.com/…

Here at the Chad’s News network command center, we do external site/database backups on a weekly basis. The website in the linked article maintained a backup server but did not create an external or off-site backup. A hacker broke into their system and destroyed the data on both servers. Thirteen years of irreplaceable data lost.

Link: http://news.bbc.co.uk/…
(via Slashdot)

You’re a hacker who wants to break into a large web forum, steal their user data, and destroy their database. The site is using the latest software patches and has a large array of security features to prevent unauthorized intrusion. What do you do? Simple, hack into their off-site backup, which is not nearly as secure but still contains their database login credentials.

Link: http://ask.slashdot.org/…

Well-informed Chad’s News readers may have heard about the latest variant of the Conficker worm and the fact that it’s going to do something on April 1^st. Simply put, the impact of this worm has been exaggerated. First, all that will happen is that the worm will change how it operates. Second, any effects will occur on systems that have already been infected. Keeping Windows updated and using current anti-virus software should be sufficient to keep yourself protected.

Link: http://www.networkworld.com/…
(via Slashdot)

There’s a serious Firefox exploit that’s been published on the web. It relies on the user viewing a maliciously coded XML file. Mozilla is working on a patch, but until it’s ready, I recommend being careful about where and what you’re browsing.

Link: http://www.infoworld.com/…
(via Kim Komando)

Update: The fix is available now but won’t be pushed out via the update channel until next week.

There’s a new, critical flaw in the Adobe Reader software. Be careful about opening untrusted PDF files.

Link: http://www.infoworld.com/…
(via Kim Komando)

Update: The situation is getting even worse. On Windows systems it’s no longer necessary to even open the file.

Update #2: Adobe has released a fix.

From the Neatorama article: “Analyst Robert Graham of Dark Reading, a website dealing with computer security issues, authored a fascinating report on the recent hacking of the popular website phpbb.com. The hacker published approximately 20,000 passwords from the site.” Many of the passwords were blatantly insecure, but who really cares if someone hacks your forum account? I have a standard, throw-away password for things like that. My online banking passwords, on the other hand, are much more complicated.

Link: http://www.darkreading.com/…
(via Neatorama)

Turns out that wiping data from an SSD is much easier than from a traditional magnetic hard drive.

Link: http://www.computerworld.com/…
(via digg)