Categories
Security

Duqu: new zero day malware targets businesses

Since the media has made a huge hype about this, I thought I’d clear up to my readers what Duqu is and how it affects you.

Duqu, also commonly referred to as the ‘son of Stuxnet’, is a Remote Access Trojan that uses a zero-day vulnerability in Microsoft Word to infect a machine. Once dropped on the system, Duqu’s primary task is to stealthily gather data, including logging keystrokes, making it a prime tool for cyberwarfare. However, Duqu is unique in that it was likely developed over several years and its primary method of distribution is through e-mail.

Specifically, Duqu is more likely used to target higher profile targets, such as large companies, from which it can steal data. Microsoft said they “see low customer impact at this time,” which makes sense if Duqu was indeed a targeted attack.

Here are a few tips for those who suspect they are vulnerable:

  1. While Microsoft has not issued a full patch just yet, it is important to know that a workaround exists. Simply click on the Suggested Actions menu.
  2. Scan all e-mail attachments you try to open with both anti-virus and anti-malware software. This should automatically be done if you have licensed versions of both products.
  3. The e-mails can be forged to look like they came from somebody else in the company. If you weren’t expecting an e-mail or the attachment looks fishy, err on the side of caution and ask if the attachment is indeed legitimate.

Note that these types of attacks are common and it is good practice to always follow the steps above.

Safe surfing!

Categories
Security

How many security researchers does it take to rob a bank?

Thought I’d share something that made me laugh today.

Moran Cerf talks about his work as a hacker who breaks into banks digitally. He reports these exploits to the bank and they pay him. Listen to his story as he attempts to break into a bank physically and everything goes wrong.

With this story, Moran won the 2010 Moth GrandSLAM story-telling competition.

I don’t think you’ll see me robbing banks anytime soon.

Categories
Security

Teaching security to the hopeless

One of my Twitter followers suggested that I write about security tips for the technically challenged. Instantly, I thought about my last visit home.

If you’re anything like me, you’ll notice that your friends, your family, and even people you rarely interact with always turn to you with their computer troubles. Sometimes, the questions are easy to answer, like recommending anti-virus software. Other times, you get the friend or family member that is technically savvy enough to follow your advice. Unfortunately, most of the time you get to deal with the hopeless, my parents being a prime example. Luckily my mother doesn’t read this blog. If she did, I’d get an earful on my next visit home.

Below are some easy tips you can recommend to those you may be hearing from a bit too much:

  1. Don’t just click next. When installing a piece of software, read each page of the installation. Many software companies now ask you to install a toolbar and if you don’t opt-out you may end up with browsing the Internet with this.
  2. Be vigilant while browsing. If you search Google for “car rentals,” make sure you select a search result that looks credible, like Hertz. This sounds obvious, but I can’t tell you how many times I’ve seen someone get infected by clicking the first link or advertisement.
  3. Buy your anti-virus software. Okay, that may be stretching it but make sure your anti-virus is scheduled to update continuously. Most full versions of anti-virus software have automatic updating enabled by default.
  4. You don’t have any friends trying to sell you Viagra, I promise. Don’t open e-mails from senders you don’t recognize. More importantly, don’t open attachments unless you absolutely trust the sender.

With these quick tips, I was able to significantly reduce the number of calls from my parents. Leave a comment to share what’s worked for you!