|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Extra security for all your devices
ON SECURITY
By Susan Bradley
These days, I don’t have just traditional PCs that I must protect — I have iPads, iPhones, Kindles, Chromebooks, and others. And these don’t run Microsoft operating systems.
Not to pick on her, but my sister used to randomly surf with her Windows PC and, after searching, would end up with some sort of infection or malicious browser plugin. But when she did the same on her iPad or iPhone, I was spared the chore of cleaning up those devices — they were less targeted and less likely to end up compromised.
Read the full story in the AskWoody Plus Newsletter 19.09.0 (2022-02-28).
-
Falling for the click
ON SECURITY
By Susan Bradley
After watching the technology-related advertisements from this year’s Super Bowl, my takeaway was that we are a gullible population that will absolutely and utterly click on anything without verification.
For Super Bowl LVI, cryptocurrency companies were a major advertising presence. Coinbase ran an ad with a floating QR code moving around the screen. So many people scanned the QR code that Coinbase couldn’t handle the load, crashing the website and the app.
Read the full story in the AskWoody Plus Newsletter 19.08.0 (2022-02-21).
-
Don’t click those pop-ups that say you’ve been infected!
PUBLIC DEFENDER
By Brian Livingston
It’s been said before, but it bears repeating — when you see a pop-up window on your desktop, laptop, or smartphone screen that says you’ve been infected with a virus and must act immediately, don’t click it!
These frightening warnings are invariably “bad ads” that use advertising networks to insert these pop-ups into websites and phone networks. Their goal is to get you to click a link and download malware, whether it’s a fake “antivirus program,” a malicious “virtual private network,” or some other backdoor into your personal life.
Read the full story in the AskWoody Plus Newsletter 18.20.0 (2021-05-31).
-
The web has a padlock problem
Danny Palmer (ZDNet) has just written about recent changes to websites showing “security padlocks” in browser bars, in a very easy-to-digest article.
Internet users are being taught to think about online security the wrong way, which experts warn might actually make them more vulnerable to hacking and cyberattacks.
HTTPS encrypts that information, allowing the transmission of sensitive data such as logging into bank accounts, emails, or anything else involving personal information to be transferred securely. If this information is entered onto a website that is just using standard HTTP, there’s the risk that the information can become visible to outsiders, especially as the information is transferred in plain text.
Websites secured with HTTPS display a green padlock in the URL bar to show that the website is secure. The aim of this is to reassure the user that the website is safe and they can enter personal information or bank details when required. Users have often been told that if they see this in the address bar, then the website is legitimate and they can trust it.
…
“This is why phishers are using it on phishing sites, because they know that people who use the websites think that means its OK when it’s not,” said (Scott) Helme. “The padlock doesn’t guarantee safety, it never has, that’s just a misunderstanding of the interpretation of what this actually means.”…the (cybersecurity) industry needs to improve its messaging, because cybersecurity can be complicated for the average web user and changing advice all the time isn’t going to help, especially if people stick to adhering to the first thing they were told – like believing the padlock automatically means the website is safe.
I’m sure many of us will have seen information by Troy Hunt and Scott Helme in recent months, on browser security. Changes are afoot in how browsers indicate websites’ security; e.g. Firefox’s recent changes on how padlocks work is related.
WSJ indicate the depth of the problem here:
The use of security certificates, once a badge of authenticity for the internet, among phishing websites has almost doubled, rising to 15% in 2019 from 8.5% in 2018
Even CASC (Certificate Authorities Security Council) recently published, in a very interesting article:
The padlock is putting users in danger
We all need to get used to these changes, for our own safety.
-
Patch Watch: Office 365 – The trendy new phishing target
Here phishy, phishy, phishy…..
Attacking Windows 10 is so yesterday. Malicious hackers have known for some time that phishing is a fruitful and cheap method for stealing data. And the bigger the mark, the better the returns. So it should be no surprise that Office 365 has become a tempting target.
Patch Lady Susan Bradley offers the first in a series of articles about Office 365’s vulnerable underbelly, and what you can to do protect yourself and your organization.
Details in this week’s AskWoody Plus Newsletter 16.11.0, out this morning to AskWoody Plus Members.
-
Microsoft targeted by phishing attack
Probably by Syrian Electronic Army.
Man, if MS can’t protect itself, how can any organization?
InfoWorld Tech Watch
-
How well does IE’s phishing filter work?
This will undoubtedly change shortly, but…
In the past hour I’ve received several messages from people here in Thailand saying that they’re receiving phishing mail from their bank, SCB. The mail instructs people to click on a link and log in. The link goes to the site new11010scb dot com (no, I’m not going to link to it).
If you go to that location with either Firefox or Chrome, you get the standard phishing warning message. But if you go there with either IE 9 or IE 10 (on Windows 8), you sail right on through to an ad…
#Fail IE Smart Screen.
-
PayPaI phishing scam
I don’t write about phishing messages that I receive very frequently because most of them are poorly done, amateurish and (even if they’re enticing) you can see through most of them in a New Yawk minute.
Not so this one. I just got a message, seemingly from PayPal Inc. [noreply1@paypal-community.com], titled “Your regularly scheduled account maintenance !” In typical phishing fashion, it says that my PayPal account needs to be verified “to protect your identity.”
Attached to the message is an HTML file called “PayPal_Limited_From.html” The mis-spelling was the first thing that tipped me off.
I double-clicked on the HTML file and up came a form inviting me to provide my credit card information and click a button marked Submit Form. The form admonishes “By clicking the button “Submit Form” you confirm your identity with us. The form is submitted instantly. Your session will be closed after you verify your information.”
Of course I didn’t fill in any of the information, but for the heck of it, I clicked the Submit Form button. The screen flashed a little bit and I ended up on the PaylPal Refund page. Not a bogus page. The real thing.
Delving a little deeper, I looked at the program behind that Submit Form button, and discovered all sorts of references to a site called vitgrim.org. Sure enough, vitgrim.org is registered to a fellow in GyeonGi, Korea.
The moral of the story is the same as always: don’t click on anything you receive in the mail. But this particular man-in-the-middle phisher is particularly well done.
-
100 arrested in giant phishing sting
Wired reports that 100 phishers have been arrested in a sting spanning the US and Egypt.
A gang of more than 100 alleged phishers has been charged in the U.S. and Egypt in connection with a global scheme to steal bank credentials of victims and siphon money from their accounts.
A total of 53 defendants ranging in ages 18 to 44 are charged in a thick indictment unsealed Wednesday in federal court in Los Angeles. An additional person is being charged at the state level, and another 47 alleged co-conspirators have been charged in Egypt.
The indictment is the culmination of a two-and-a-half-year investigation, dubbed Operation Phish Phry.
-
Beware phishers
I”m always admonishing people to be careful about phishers, but it looks like Hotmail, Yahoo Mail and Gmail are getting a particularly nasty dose at the moment. Neowin reports that 20,000 Hotmail users have already given up their userids and passwords. BBC says that they have “seen two lists that detail more than 30,000 names and passwords from e-mail providers, including Yahoo and AOL, which were posted online.”
It’s always been a problem, but the phishers are getting much more clever these days.
Of course, you’re savvy enough to pass by those emails that say you underreported your income to the IRS, the ones that say your package couldn’t be delivered because it had the wrong address, and the ones that say you better pay for that new Mac or else…
I’ve tried clicking through on several of those phish mails as soon as I get them (hey, who can resist running down somebody who says I’m due a tax refund?), and have been pleasantly surprised to discover that Firefox is blocking the sites, just like it should.
SANS Internet Storm Center recommends that you immediately change your passwords on Hotmail, Gmail, Yahoo Mail and AOL accounts.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
CCleaner’s Driver Updater – does it work?
by 2 hours, 20 minutes ago
-
Issue 2439: CentOS Stream 9: missing kernel security fixes
by 4 hours, 47 minutes ago
-
Microsoft to throttle emails to online email if you are running old stuff
by 4 hours, 51 minutes ago
-
fre-ac updates
by 5 hours, 10 minutes ago
-
Windows 10 lost start up password
by 5 hours, 2 minutes ago
-
Windows 11 Insider Preview Build 22621.1470 and 22623.1470 released to BETA
by 6 hours, 1 minute ago
-
Windows 11 Insider Preview build 25324 released to Canary
by 7 hours, 22 minutes ago
-
Windows 11 Insider Preview build 23419 released to DEV
by 7 hours, 48 minutes ago
-
Dribble?
by 9 hours, 23 minutes ago
-
Allow defenderbootstrapper.exe to phone home?
by 22 minutes ago
-
KB 5022836 will not install
by 1 minute ago
-
Windows 11 desktop for Windows 10 user
by 9 hours, 16 minutes ago
-
GNOME 44 ‘Kuala Lumpur’ released
by 1 day, 5 hours ago
-
Emotet adopts Microsoft OneNote attachments
by 1 day, 5 hours ago
-
US : The Spy Law That Big Tech Wants to Limit
by 47 minutes ago
-
Ferrari confirms customer data breached following ransomware attack
by 1 day, 6 hours ago
-
Outlook bookmarks redirects to a different location, Help!
by 1 day, 7 hours ago
-
Should I go to win11?
by 4 hours, 34 minutes ago
-
The Framework Laptop – Fully Modular
by 1 day, 13 hours ago
-
Windows Snipping Tool is vulnerable to Acropalypse too.
by 11 minutes ago
-
Pale Moon updates
by 1 day, 16 hours ago
-
“Local Security Authority protection is off.” with persistent restart
by 1 day, 5 hours ago
-
Self-encrypting drive setup on Linux
by 1 day, 17 hours ago
-
Windows 11 Moments and local account setup
by 11 hours, 25 minutes ago
-
Older versions of Roboform
by 9 hours, 10 minutes ago
-
Long string filenames
by 1 day, 22 hours ago
-
Windows 11 Build 22621.1483 released to Release Preview
by 2 days, 2 hours ago
-
Will adding RAM to re-purposed PCs trigger activation again?
by 41 minutes ago
-
Digital Photography Review to close
by 1 day, 13 hours ago
-
Dish Network Hacked
by 1 day, 5 hours ago
