But there are things you can do to protect yourself. NGO-in-a-box has developed Security-in-a-box, a set of tools and tactics for your digital security. Worth taking a look!

It’s often said that “if we can envision it, we can create it,” but in the world of computer (and network) software this is only partially true. We can attempt to create it, but it will always have bugs in it. And those bugs are the chinks in the armor that allow malware to work and cyberwarfare to succeed.

[2] See also The Social Graph of Malware, my site where I explore ways in which social engineering is used by the bad guys to get malware onto your computer.

The post No chance for true security? appeared first on Sky's Blog.

That’s my experience too. So it’s actually “user stupidity” that gets users’ computers hacked. They click on a link in an email advertising a sexy video and they end up on a site that poisons their computer instead. Or they open a tempting file that has been sent to them by email. Social engineering is the technique used to get into most computers.

Don’t click that link! Don’t open that file!

The post It’s the User, Stupid (It’s the Stupid User?) appeared first on Sky's Blog.

I wonder how many of you are noticing it yet. Steep uptick in the past two weeks.

First, of course, spam continues to snowball. (A snowball from Hell!) Increasing at a ferocious rate. Since I manage email for a number of friends and customers, I have multiple spam filters in front of my mail because I receive hundreds of spam messages every day (many of them duplicates, of course, to the same account). Having three filters means that almost all spam messages are caught. But the filters are so aggressive that many messages I need to read also are trapped in the spam dragnet. So I have to go thru the spam box several times a day and 1) fish out the legitimate messages; and 2) trash-can the spam.

My defenses include: 1) SpamAssassin running on my mailserver, which catches at least half of the spam so it never reaches my computer, and almost never quarantines a message that I really want; plus 2) Intego Personal Anti-Spam which is more than aggressive and is rule and blacklist-driven; plus 3) SpamSieve, which is a Bayesian filter (looking at word combinations).

For virus-protection on the server side, I have Macafee anti-virus installed (integrated into my Kerio mailserver) – which updates its definitions every few hours, and on my computer I use Intego VirusBarrier, which complements Intego’s spam product.

The other problem that’s on the rise over the past couple of weeks is a malware explosion, including trojans/viruses embedded in attachments. We call ’em poisoned files. I have seen poisoned ZIP, RAR, PDF, DOC and JPG files recently. It has gotten so bad that I no longer open any attached files unless I know exactly what they are and where they came from.

And many of these viruses look like they came from friends – even though their computers seem to be uncompromised. (Viruses used to mail themselves from infected computers, but recently that has not been the attack vector and instead the viruses seem to know how to get a list of your friends from elsewhere and then use that list, plus a legitimate email you have sent in the past, to target only your friends who would be interested in that message. Truly social engineering.

And the most insidious attack vector is the poisoning of files that are legitimately available for download on well-traffic’d web sites. Particularly visible among the Tibet support groups, certain computers have been invaded and trojans and virus-laden versions of PDF and other files that are there for download have been poisoned with viruses. So you go to a perfectly-good web site, download a file you expect to be OK, and suddenly you’ve got a virus. This practice is so widespread that it’s almost impossible to tell 1) how the file got infected; 2) how the server was invaded; and 3) to even know that you shouldn’t download! (I can say more about this later on when we know more about the attack vectors and the results of the malware – this is still pretty new and is evolving rapidly.) I hear from friends that Kaspersky and F-Secure are the best protection against virus-laden downloads – at least for Windows users.

The post The Exploitation of the Online Class appeared first on Sky's Blog.