Watch out for “dirty” websites

In a previous post, we pointed out how just browsing the web these days can possibly infect your PC with malware . To show how dangerous surfing can become, Symantec recently released their list of the “Dirtiest Websites of Summer” – the top 100 infected sites on the Internet based on number of threats detected by their software as of August 2009. The list identifies websites that could compromise security with risks including phishing , malicious downloads, browser exploits, and links to unsafe external sites. Some interesting findings from the study: The average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for most sites 40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site 48% of the Top 100 Dirtiest Web sites feature adult content 3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months Viruses are the most common threat represented on the Dirtiest Websites list, followed by security risks and browser exploits You can read more about this research at Symantec’s website. If you suspect your PCs are at risk, or if you want to ensure your website doesn’t get hijacked by cybercriminals, contact us. We can help. Related articles: Symantec lists “Dirtiest Web Sites” Virus Security By Leveraging Community And Clouds Smartphone users need more security

Small US Firms the Target of Online Fraud

Organized criminals believed to be based in Eastern Europe are robbing small to midsized US businesses of millions of dollars via an elaborate scheme aided by malicious software . Recent reports reveal that over the past few months, several businesses have fallen victim to unauthorized fund transfers whereby hundreds of thousands of dollars from the businesses’ bank accounts have been transferred to accounts in Europe, and in some cases, to the accounts of willing or unwitting accomplices in the United States. According to the reports the victims, usually the company CFO or owner, were sent malicious software as attachments to email, which when opened remained resident on the victims’ machines and stole the victims’ passwords to their online banking websites. The cybercriminals used this information to initiate transfers from their accounts of up to US $10,000 at a time to evade notice and detection from their bank’s anti-fraud or money laundering detection systems and protocols. Your business might be at risk. Make sure you are protected from this type of fraud by securing your PC and network from malicious software. Do not open suspicious-looking attachments and make sure you have the necessary protection in place, such as firewalls, antivirus software, and other methods of protection. Need help? Contact us today. Related articles: Comment: online banking? No thanks Know When Something is Being Installed on Your Machine Cybercrime victim? 3 telltale signs and what to do

Microsoft Releases Fixes and a Workaround for Several Vulnerabilities

The web is indeed becoming a dangerous place. These days, your PC could become infected with malware or vulnerable to a hacker attack just by innocently browsing a website or opening an email. Last July 14th, Microsoft released six bulletins with fixes for at least nine known security vulnerabilities that put users at risk in a range of Microsoft products. Many of the vulnerabilities, if not patched, can allow “remote code execution” or allow a hacker or malicious software to take over your PC and run unauthorized commands. ZDNet’s Ryan Naraine has posted a helpful summary of the released fixes: MS09-029 : This update covers two privately reported vulnerabilities in the Microsoft Windows component Embedded OpenType (EOT) Font Engine, which could allow remote code execution. Rated “critical” for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. MS09-028 : This update fixes three separate vulnerabilities ( one publicly disclosed and under attack! ) in Microsoft DirectShow, which could allow remote code execution if a user opens a specially-crafted QuickTime media file. MS09-032 : This update resolves a privately reported vulnerability in Microsoft Video ActiveX Control. The vulnerability could allow remote code execution if a user uses Internet Explorer to view a specially-crafted Web page that uses the ActiveX control . This vulnerability is currently being exploited in the wild! Rated “critical” for all supported editions of Windows XP and “moderate” for all supported editions of Windows Server 2003. Some of the vulnerabilities, notably one in Microsoft Office Web Components, do not yet have a patch. An attacker who successfully exploits this vulnerability could potentially gain the same user rights as a local user, allowing the attacker to modify or remove files on the PC remotely. This could potentially happen simply by using Internet Explorer to visit a website. A workaround exists by downloading a free utility from Microsoft called FixIt , which prevents the Microsoft Office Web Components from running in Internet Explorer. Users, as always, are advised to immediately download the updates and utilities, or use Microsoft’s Windows Update service. If you need help installing the patches or workarounds, or if you feel your PCs are at risk, contact us immediately. Related articles: Microsoft Security Advisory 972890 Released Microsoft warns of Internet Explorer security hole Microsoft issues patches, including one for IE exploit Internet Explorer’s ActiveX Security Mitigations in Use Microsoft Warns of Security Hole

Businesses Should Replace PCs Every Three Years

For many small and medium-sized businesses, the cost of maintaining an old PC may be more expensive than upgrading to a new one. This insight comes from a survey conducted by research firm Techaisle , which polled 630 companies across seven countries. Their research suggests that the average cost for SMBs to repair PCs over three years old can be 1.65 times as expensive as repairing PCs under three years old. Repairs include replacements, usually from hardware failure, and the cost to fix software crashes. Small business respondents with PCs older than three years experienced network card failures nearly eight times more than respondents with PCs less than three years old. This was followed by power supply failures, motherboard failures, software crashes, and virus attacks. Midmarket respondents experienced a similar trend, with network card failures at six times higher, followed by power supply failures and motherboard failures. In addition, respondents said desktops that have been in use for more than three years are more susceptible to attacks from malware and viruses (28 percent), while older notebooks are 58 percent more likely to endure a virus attack. The cost of related lost worker productivity should also be factored in by companies wishing to hold on to outdated hardware. Are you hanging on to old PCs in an attempt to money? Contact us today. We can help you assess the health and condition of your PCs, as well as determine the cost of maintaining existing PCs versus upgrading or replacing them.

Does your business need a server?

Is it time for you to consider a server for your business? This question was raised recently by Rhonda Abrams, a writer for USA TODAY’s Small Business section. According to Ms. Abrams’s article, if your business is growing and you have more than two people in your business, then you should definitely consider buying a server. Having a server, or a dedicated computer that acts as a central resource for data and applications within your office network , can dramatically improve the way your business runs. A server allows you to consolidate your data in one place, making it easy to share among your colleagues. Network file shares allow you to upload and archive files and data in one centralized location for everyone. Centralizing data also makes it easier to secure and back up. Servers often are powerful computers that can host applications your business runs within the office network. With servers, you can run applications such as email and security services, host your business website or company intranet , deploy multi-user databases, and much more. Let us know if you are considering deploying a server for your business – we can help you do it efficiently and cost effectively. Related article: Strategies: It might be time to get serious about a server.

Hackers Launch Cyber-Offensive Against American and South Korean Sites

Last July 4th and 5th, a massive denial-of-service attack was launched against several government and commercial websites in the United States and South Korea. According to security researchers, the attacks were the work of malware that infected PCs and routed traffic to government and commercial sites during the July 4 weekend in an attempt to take them down with the flood of simultaneous requests hitting them. Among those affected were the U.S. Department of Treasury, the Secret Service, the Federal Trade Commission, and several others. The attacks, which hit South Korean sites a few days later on July the 7th, are widely believed to have been carried out by an updated version of the MyDoom worm which gained infamy when it first hit Windows machines last 2004. The motive for the attack is not yet known. In the meantime, users are advised to scan their machines and update their operating systems to protect against known vulnerabilities. Contact us to learn more about protecting your business from a similar attack. Related articles: Mysterious cyber-attacker hits at federal websites, crisis averted? Cyber Attack Targets Government Websites Who’s behind cyber assaults?

Dual Boot Windows 7 and Vista on One Machine

Excited about Windows 7 but unsure if you want to replace your existing Vista installation? Worried about potential compatibility and driver problems with the Windows 7 beta or release candidate? Why not install both on the same machine? Microsoft has posted an interesting article on how to have both Vista and the upcoming Windows 7 Beta or Release Candidate on the same machine by dual booting from one operating system to the other. Be sure to check out the system requirements for Windows 7 ensure your system is up to the challenge. Generally speaking, if your system can handle Vista then it will likely have no problem with Windows 7; however, you’ll need ample space on your hard drive to have both running. Check out the article at Microsoft’s Technet website. Not sure how (or why) to do it? Contact us – we can help! Related articles Windows 7 testers have long path to upgrade Can a Windows Vista PC Run Windows XP Instead? Windows 7 release date announced

SMBs Buy and Use Software Differently

Surprise, surprise! According to Forrester Research , an analyst firm, small businesses buy and use software differently than their larger brethren. More than 2,200 IT executives and technology decision-makers in North America and Europe were polled, and the findings show that: small businesses are more likely to purchase software than build their own they are wary of open source software because of security and support issues interest in SaaS is growing but total cost of ownership is a concern they are more optimistic than big businesses and will allocate a greater portion of their IT spend on software These conclusions come from the recent Forrester Research report The State Of SMB Software: 2009 and data from Forrester’s Enterprise and SMB Software Survey “Enterprise Versus SMB: Who Influences Your Software Purchasing Decisions?” and “Software Budget Outlook And Preferred Purchasing Channels By Company Size: 2008 To 2009”. You can purchase the research at Forrester’s website or go to bMighty to read a summary . Do you agree with the findings? Let us know – we’re interested in what you think.

Do Your PCs Host Dangerous Apps?

New research from security firm Secunia reveals that the average PC user has over a dozen insecure applications on his or her computer. They found that the typical user installs over 80 applications on his or her desktop, and around 15% are vulnerable to attack due to failure to patch the applications in a timely manner. Vendors normally release updates or patches to fix known vulnerabilities in their applications. This is an acute problem for software which connects to the Internet, especially if it hosts sensitive or private data. Only 2% of users make it a point regularly update their applications. For businesses, the problem could be greater with the need to manage multiple PCs. Protect your network today by letting us implement software patch management tools to manage and automate this process for you. Related articles: Keep your software up to date with Secunia Personal Software Inspector Patch management no longer just an IT problem Another year of handwringing on cybersecurity

New Swine Flu Outbreak: This Time the Virus may be in Your Computer

As if the scare from the Swine Flu virus were not enough, some opportunistic and malicious hackers have started spreading a computer virus with emails of the same name. Otherwise also known as the Navia.a virus, it seems to have surfaced during the height of the Avian Flu scare. However, the computer virus may have started spreading again. Initial reports from Japan say that the country’s National Institute of Infectious Diseases (NIID) posted on its website that a suspicious Japanese-language email message purportedly coming from them has been circulating with an attached file called “information on swine flu”. The email, originating from senders in the “@yahoo.co.jp” domain, seemed to be sent to random Internet users, the institute said. Users, as always, are advised to avoid opening attachments from suspicious-looking emails to prevent infecting their PCs with malware.While we can’t protect you from the real swine flu virus, we can help you protect your PCs from its new malicious online cousin. Contact us today to find out how. Related articles: Internet flooded with swine flu spam As If Swine Flu Virus Is Not Enough – We Now Have Swine Flu Computer Virus