Lyjotoblog

When a computer is infected with a virus today, many IT support technicians assume the user contracted that infection as a result of visiting a pornographic web site.  In fact, that represents a small percentage of the infections that are occurring with the current generation of malware.  That was a much more common infection vector in years past, but not so much in 2013.

Before going into a list of ways a computer can become infected, it may be productive to state the obvious -- no rational computer user deliberately sets out to do anything that will lead to a virus infection on their computer.  Some may engage in what they know is risky behavior, but will usually heed a warning that clicking on a link or downloading a file may cause their computer to become infected.

So, how are computers most likely to become infected today?  It is indeed through web sites, but not the ones that are considered to be "high-risk."  Those traditionally risky sites include pornographic, peer-to-peer file-sharing, gambling, and pharmaceutical sites.  While there is still some risk associated with visiting those sites, those represent a small fraction of the actual sources of infection today.

By far the most common sites to spread malware are legitimate ones that have been hacked and compromised by the producers of malware.  These include Fortune 500 companies, news media, television networks, and many small-business or personal web sites.  Many of these are easy pickings for the bad guys.  In a disturbing twist, a recent analysis by a major security software vendor revealed that you are 4 times more likely to become infected by visiting a church or religious site than a porn site!

Another recent study found that some 75% of the 100 most-visited web sites had been infected.  Most users trust these sites, because they belong to reputable companies and, in many cases, the user has actually typed in the URL instead of clicking on a link in an e-mail message.  Or they may have clicked on a link in a search engine result, from a search they initiated.  Most users don't associate any risk with visiting these sites.

As far as search engines, malware authors employ various techniques to make their infected links show up high in the results.  This is true of any search, but much of their effort is directed at searches for celebrities, nude photos, and breaking-news headlines.  Users need to pay particular attention before clicking on any of those links.

Making the threat worse is the fact that a high percentage of malware now operates "behind the scenes" on web pages, using programming languages and tools such as Java and Flash.  Many of these programs have known vulnerabilities that are exploited by malware to infect systems that have not been properly updated.  This type of attack avoids detection by most anti-virus programs and thus requires additional protective measures to prevent infection.

A related source of infection is what's known as "drive-by downloads."  These are malicious programs that infect a computer without the user doing anything to invite them.  In some cases they will be downloaded as soon as an infected web site is accessed; in most cases the user sees no indication that a file is being downloaded.

The remainder of infection vectors fall into the traditional categories, namely e-mail, social media, and external media such as thumb drives.  Even so, most of these involve directing the unsuspecting user to click on a link or download a file.  So the cautions outlined above apply equally to these additional types of exposure.

How, then, to protect a computer against all of the modern-day threats?  Clearly, the days of trusting an anti-virus program to provide all the necessary protection are long gone.  While it's still vitally important to have an anti-virus program protecting every computer, several additional elements are required in order to be adequately protected. Here is a summary of the minimum requirements:

• Internet Security suite, including firewall, possibly parental controls, and malicious web site blocking
• Spam filtering of incoming e-mail
• Windows Updates applied automatically
• Other ancillary software updated automatically

If all of these protections are in place and maintained on a given computer, it is far less likely to become infected than others in the same environment that are missing one or more of these pieces.

Mumbai: News of the Ebola virus epidemic in West Africa has hit every news outlet around the globe, and cybercriminals are once again using the latest headlines to bait victims. Symantec has observed three malware operations and a phishing campaign using the Ebola virus as a social engineering theme.

Malware and phishing campaigns

The first campaign is fairly simple. Attackers send out an email with a fake report on the Ebola virus to entice victims and what users actually get is an infection of the Trojan.Zbot malware.

In the second campaign, cybercriminals send out an email that impersonates a major telecommunications services provider and claims to offer a high-level presentation on the Ebola virus. An attached zip file with a title like "EBOLA – PRESENTATION.pdf.zip" actually executes Trojan.Blueso on the victim's computer.

Interestingly, the executed Trojan is not the final payload. The malware is also crafted to inject W32.Spyrat into the victim’s Web browser and allows attackers to perform the following actions:

·         Log key strokes

·         Record from the Web cam

·         Capture screenshots

·         Create processes

·         Open Web pages

·         Enumerate files and folders

·         Delete files and folders

·         Download and upload files

·         Gather details on installed applications, the computer, and OS

·         Uninstall itself

The third campaign piggybacks on some fresh Ebola news. In the last two weeks there has been talk of Zmapp, a promising Ebola drug still in an experimental stage. The crooks entice their victims with an email claiming the Ebola virus has been cured and the news should be shared widely. The email attachment is Backdoor.Breutmalware.

Synology NAS servers have been hit by malware that encrypts files and demands a ransom to unlock them.

The issue seems to only affect Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier).

The malware, called SynoLocker, exploits a security vulnerability that was fixed in December 2014.

Synology has confirmed that it has not observed this vulnerability in DSM 5.0 and is urging users who have not been affected yet to download and install a new version as soon as possible to prevent the issue.

For DSM 4.3, users need to install DSM 4.3-3827 or later. For DSM 4.1 or DSM 4.2 users need to install DSM 4.2-3243 or later. And for DSM 4.0 users need to install DSM 4.0-2259 or later.

DSM can be updated by going to Control Panel > DSM Update. Users can also manually download and install the latest version from our Download Center here:http://www.synology.com/support/download.

If users have noticed that when attempting to log in to DSM a screen appears informing them that data has been encrypted and a fee is required, if they notice a process called ‘synosync’ running in Resource Monitor, or if they system is saying is has the latest version of DSM when the user knows it doesn't, Synology advises they shutdown their system and contact the firm’s support team at https://myds.synology.com/support/support_form.php.

“We sincerely apologise for any problems or inconvenience this issue has caused our users,” said Synology in an official statement.

“If users notice any strange behaviour or suspect their Synology NAS server has been affected by the above issue, we encourage them to contact us at security@synology.com where a dedicated team will look into their case.”

read more at TheRegister

~ WARNING ~

Hi Everyone, We've received this today

0809 Area Code We actually received a call last week from the 0809 
area code. The woman said 'Hey, this is Karen. Sorry I missed you- 
get back to us quickly. I have something important to tell you.' Then 
she repeated a phone number beginning with 0809. We did not respond, 
this week, we received the following e-mail:

Having problems with your newly built PC? We have categorized different kinds of basic problems, and offer some tips to try below. Some of the answers may seem obvious, but you should always start troubleshooting the easiest things first, and work backwards. Many times cable connections will be a cause of failure, so always check first and don't assume!

For more detailed help and to ask questions, call us

Power Problems

My computer will not power up

1. Check to make sure the power cord is plugged in securely to both the computer and outlet. If using a power strip, it needs to be turned on.
2. Try another power cord and/or power strip.
3. Try plugging it into another outlet.
4. If you are confident that your outlet and cord are fine, then replace the power supply.

Computer shuts itself off

Does the computer shut off at the same time consistently (after opening a certain application), or is the problem intermittent?

If you notice the computer shutting down specifically when running certain software, then there may be some corrupted files or the windows registry has problems. You should try and uninstall the software and reinstall.

Many times when a computer shuts itself off randomly it is a hardware related problem, either having to do with the CPU getting too hot, or the power supply starting to fail, or perhaps you are running a power supply that is not supplying enough power for all of the hardware that you have. Open the case and make sure all fans are running properly. Go into the BIOS and view the hardware monitor for your motherboard and processor. Look at the temperature readings. If they are much higher than normal, or exceed what the manufacturer recommends as acceptable, then try replacing the CPU Fan. If everything seems ok, you can try hooking up a different power supply if you have one handy.

Video Problems

When I turn on my computer there is no video

1. Check to make sure the monitor is plugged in securely to the video card, and that the monitor is powered on.
2. Is there a light on the monitor at all? Generally an orange light or message on the screen indicates that there is no video signal, while a green light means that the signal is OK.
3. Try to hook up a different monitor to see if you have video. If you do then the monitor is failing.
4. Install a new video card if possible to determine whether or not the current one is faulty.
5. Some motherboards come with onboard video, you can use this to test as well. The onboard video must be disabled in the BIOS and/or Windows usually, so you might check to make sure that it is. This could be the cause of not seeing the video to begin with.