Archive for the ‘Security’ Category

« Older Entries

How To Recognize a Nigerian Scam

Thursday, December 8th, 2011

It’s quite simple, really – if it sounds too good to be true, it probably is. Here’s an email one of our staff received in response to an inquiry to a Craigslist apartment listing. See if you can spot the red flags. (more…)

Posted in Internet, Scams, Security | Comments Off

Know Your Browser

Tuesday, December 6th, 2011

Lately I’ve noticed several of my clients entering URLs into the search bar in their browser. This is both inefficient and potentially harmful.

For example, if you want to go to Dropbox.com or Facebook.com, it’s faster and safer to type “drobox.com” or “facebook.com” into the address bar than in the search bar. Why? Because if you already know the address, you’re wasting time searching for it. This is like calling information and asking “what is the number for 802-234-6368?” You already know the number!

Which is a search result and which is an ad?

Potentially more concerning is the risk that someone may be gaming the results of the search you perform. For instance, someone could take out a malicious ad on a URL, e.g., “facebook.com” so that when you search for Facebook.com, a link to their site is returned along with the other search results. Many users don’t know the difference between the main website they are looking for and the plethora of other results that are returned, and just click on the first link they see.

The thumbnail at left highlights the location of the URL bar versus the search bar in Mozilla Firefox. Note that they are close, and it’s easy to mistake one for the other. Apple Safari looks very similar. However, Google Chrome and Internet Explorer have taken to combining the search bar and URL into one. That way, if you type a valid URL, you get the resulting website, but if not, the browser does a search for you instead. I like this simplified approach.

Posted in Internet, Security, Web Browsers | Comments Off

MySQL.com Hacked

Sunday, October 2nd, 2011

Last week, the website for MySQL, the world’s most popular open-source database server which is now a division of Oracle, was hacked. While this likely doesn’t affect most of our blog’s readers, it goes to serve as a valuable example of why running a web content filter on your network is vital to information security. MySQL.com is a legitimate business website with a good reputation. However, it was compromised by hackers, essentially turning the website into a platform for distributing malware to anyone who visited the site. Keep this in mind the next time you think that you don’t need a web content filter because you only visit “legitimate websites.”

Posted in Database, Internet, Open Source, Security | Comments Off

Version 8.2 of Astaro Security Gateway

Friday, July 22nd, 2011

Today, Astaro (a division of Sophos) released version 8.2 of their Astaro Security Gateway. As announced on their blog, highlights include:

  • A new web reporting engine*
  • Support for 3G/UMTS USB modems
  • Web Application Security form hardening
  • Next Generation Firewall/Application control features.

These are some of the 60 new features in this release. If you run an Astaro Security Gateway, this upgrade is definitely worth checking out. And if you don’t yet run an Astaro Security Gateway, contact us so we can set you up with a free trial.

Posted in Internet, Security, System Administration | Comments Off

Should You Change Your Password? (Trick Question)

Wednesday, July 13th, 2011

Here’s a great website that everyone (yes, that means you) should check out: https://shouldichangemypassword.com/ (more…)

Posted in Email, Internet, Security | Comments Off

Don’t Assume Dropbox Is Secure

Saturday, June 25th, 2011

Dropbox, a very popular online file storage solution, recently made a big mistake, allowing any user to log in to their service without a password. This means that if you have a Dropbox account and I tried to log in as you, with your email address instead of my own, I would have been granted access to your files. No fancy hackery needed (more…)

Posted in Desktop Software, Security | Comments Off

Phishing Scam du Jour

Sunday, April 24th, 2011

Today I found this little gem in my inbox. Rather than repeating the text, I’ll just put the actual image, which I received, embedded in the body of the email. The hardest thing to believe is that people are still actually falling for these things.

WINNER OF 2010 FIFA WORLD CUP

 

Posted in Internet, Phishing, Security | 1 Comment »

Beware Fake Delivery Confirmation Scams

Friday, April 1st, 2011

In 2008, and again last year around the holiday season, we saw a lot of emails purporting to be from the “United Postal Service” with an attached file claiming to be the tracking or delivery confirmation information for your shipment. They were fake, and they’re back.

(more…)

Posted in Business, Email, Internet, Security | Comments Off

Facebook Alert: “New teacher” or “Panties” Videos Are Not What They Seem

Sunday, March 20th, 2011

We appear to have another Facebook malware or, at very least, scam, running rampant. If the frequency with which I’m seeing this pop up on my friends’ profiles is any indicated, this one’s spreading quickly. If you see any links for videos with subjects like “New Teacher From Behind” or “When Panties Go Bad” (or anything else that seems a little too racy to actually have been posted by one of your friends), do not click it.

Don't Click These

 

Posted in Internet, Security, Social Networking | Comments Off

What Would a Data Breach Cost Your Business?

Friday, March 18th, 2011

Have you ever wondered what a data breach would cost your company? I mean, really sat down and thought “if hackers managed to compromise our system and walk away with all of our data, what would the damages be, what would it cost us, and how would we recover?” Symantec has released a new website to help you determine the cost of a breach for your business. (more…)

Posted in Business, Internet, Security | Comments Off

« Older Entries