Major Web Browsers Fail Password Protection Tests – ZDNet

Posted on December 16, 2008 by wjimenez275

http://blogs.zdnet.com/security/?p=2305

That nifty password management feature in your favorite Web browser could be helping identity thieves pilfer your personal data.

That’s the biggest takeaway from the results of this test which shows that all the major Web browsers — including IE, Firefox, Opera, Safari and Chrome — are vulnerable to a total of 20 vulnerabilities that could expose password-related information.  Among the problems are three in particular that, when combined, allow password thieves to take passwords without the user’s knowledge.  They are:

  1. The destination where passwords are sent is not checked.
  2. The location where passwords are requested is not checked.
  3. Invisible form elements can trigger password management.

Google’s shiny new Chrome browser was among the worst offenders.   According to the study,  Chrome’s password manager contains multiple unpatched issues that “form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity.”

Read the entire article here

See my blog article on Password Programs here

Filed under: Internet Items, PC Security, Uncategorized | Leave a comment »

Personal electronics websites too good to be true

Posted on December 12, 2008 by wjimenez275

12/2/2008

Calgary, Alberta – The Better Business Bureau is warning consumers of a number of websites purportedly selling personal electronics, but failing to deliver product after receiving payment by wire transfer.

The outfit, most recently operating as Qbelam.com and Circuitown.com, advertises a variety of personal electronics including PS3s and laptop computers at discounted rates, and the website gives a number of options available for payment.  However, when interested parties try to check out, they are sent a message stating that the only available method of payment is wire transfer.

“Anytime you’re being asked to pay for something by a wire transfer service, that should be a huge red flag,” said BBB Serving Southern Alberta and East Kootenays spokesperson Daniel MacDonald.  “Once money has been sent, there’s no way to get it back – using a credit card to pay for items online provides a great deal more security.”

According to verbal complaints to BBB, which have all been lodged from the United States, the products ordered may never be delivered.  Further, the organization seems to change its name and URL frequently: in recent weeks it has appeared as Bargain Town, Qbelam, Circuitown, and now Cesa Room with a Calgary address.

A BBB staff member posed as a customer and contacted the organization under the guise of buying a laptop – she indicated she wished to pay using a credit card, and received a message back indicating that “due to high rate of fraudulent activity” they would only accept a wire transfer from consumers outside of Canada.  As the BBB operative had indicated she was a Canadian resident, it appears that the return message was automatically generated, intending to dupe citizens of other countries.

BBB recommends consumers research companies they intend to solicit online, and to never send money to an unknown recipient.  And, of course, if an offer sounds too good to be true, it probably is. (http://calgary.bbb.org/WWWRoot/SitePage.aspx?site=154&id=83aca452-4703-433a-a1d4-db2dfc0e5bef&art=8073)

Filed under: PC Security, Uncategorized | Leave a comment »

Gadget trade-in services that pay off – CNET News

Posted on December 7, 2008 by wjimenez275

Posted by Elsa Wenzel December 3, 2008 8:45 AM PST

Web sites that promise to pay for your old gadgets look bright around the holidays, when every extra dollar can count toward new gifts or even utility bills. But are the services worthwhile? How much can you earn?

We examined nine services that pay for your unwanted digital wares. These are among the newest options to help keep electronics waste out of landfills, while uncluttering your closets.

We looked up what each service said it would pay for working iPods, PDAs, laptops, gaming consoles, and more, with cables but lacking their original boxes. For dead devices, some offer a pittance, or will connect you with willing recyclers and charity recipients. Our chart (at right) shows what each site claims it pays for specific equipment. Keep reading for highlights of the trade-in services.

To read the entire article, click here (http://news.cnet.com/8301-17939_109-10110288-2.html?tag=nl.e433)

Filed under: Instructional, PC Tips and Tools, Uncategorized | Leave a comment »

XP Service Pack 3 blocks .NET security patches

Posted on December 6, 2008 by wjimenez275

One more reason not to install XP Service Pack 3, or if you’ve already installed it to remove it…

XP Service Pack 3 blocks .NET security patches
By Susan Bradley

Installing SP3 on Windows XP eliminates the operating system’s ability to install important security patches for Microsoft’s .NET technology and possibly other software.

This problem forces XP SP3 users to apply patches manually to complete vital updates.

The new error is the latest in a long series of glitches relating to XP’s SP3, which Scott Dunn described in his Sept. 11 Top Story. The issues include spontaneous rebooting of systems based on AMD chipsets, as documented by Jesper Johansson in a blog post from last May.

To determine whether your XP SP3 system has a version — or multiple versions — of the .NET Framework installed, open Control Panel’s Add or Remove Programs applet and look for it among the list of currently installed programs. If you don’t see any .NET entries, you don’t have the framework installed on your system and needn’t be concerned about the update problem.

If you do see a listing for Microsoft .NET Framework, you need to use a third-party update service such as Secunia’s Software Inspector (described below) to patch the program.

To read the entire article, click here – http://windowssecrets.com/2008/12/04/03-XP-Service-Pack-3-blocks-.NET-security-patches/?n=story1

Filed under: Instructional, PC Security, PC Tips and Tools | Leave a comment »

Keep Your Laptop From Being Stolen

Posted on December 2, 2008 by wjimenez275

With laptops being such an important part of our lives, and many times businesses, it’s important to know how to protect them from being stolen, or if they are stolen how to get them back quickly. The following are a few ways to do so.

Laptop Alarm for PC’s. Laptop Alarm will emit a loud alarm whenever someone tries to steal your laptop. It sounds when your power cable or external peripherals are disconnected or when the mouse is moved.

Security Cables. Most laptops have built-in slots that accommodate a security cable. These cables come as key based locks or as combination based locks and allow you to physically lock your laptop to a table or desk, so if you need to leave it for a few minutes it’s actually locked in place.

Lojack For Laptops. Computrace® LoJack® for Laptops is a software-based computer theft recovery service that tracks and recovers lost or stolen computers. If your computer is stolen, their recovery team uses the software to track the stolen computer and provides local police with information they need to get it back and apprehend thieves. There is a small subscription cost for this program but it starts at just $39.95 per year.

Laptops are easy to steal. It’s important that you keep your important data backed up on an external drive so if your computer is stolen, you have a good copy of it’s data. Additionally, these options will help in either keeping it from being stolen, or if it is taken, in getting it back.

Filed under: Instructional, PC Security, Uncategorized | Leave a comment »

Christmas Lures Being Distributed Via Spam

Posted on November 29, 2008 by wjimenez275

Websense® Security Labs™ ThreatSeeker™ Network has discovered that malware authors are already using Christmas themes this year as a social engineering tactic, in an effort to gain control over compromised machines. This campaign uses email messages in the form of e-greetings, leading to supposed animated postcards. These actually lead to a Trojan backdoor that has been distributed in previous malicious spam campaigns.

The email messages, spoofed to appear as though they have been sent from postcards.org, display an animated Christmas scene. A URL link within the email leads to a malicious file called postcard.exe hosted on various servers.

Once executed, a backdoor is created by the malware author enabling access and control over the resources of the compromised machine. During the install process an image called xmas.jpg is displayed to the user as a distraction technique.

Example of malicious email:

Filed under: Instructional, PC Security, Uncategorized | Leave a comment »

Thanksgiving

Posted on November 25, 2008 by wjimenez275

I’d like to give thanks to all of you who have honored me by following my tips here on my blog. Today’s entry will be a little different…It’s all about Thanksgiving.

Thanksgiving Trivia

Here are some interesting facts about Thanksgiving that each of us should know about:

  • The first Thanksgiving celebration can be traced back to the Plymouth Pilgrims in the fall of 1621.
  • The first Thanksgiving feast was held to thank the Lord for sparing the lives of the survivors of the Mayflower, who landed at Plymouth Rock on December 11, 1620. The survivors included four adult women and almost forty percent children.
  • The Wampanoag chief Massasoit and ninety of his tribesmen were also invited to the first thanksgiving feast. Governor William Bradford invited them for helping the Pilgrims surviving and teaching them the skills of cultivating the land.
  • The celebration in 1621 lasted for three days and included games and food.
  • The president to proclaim the first ‘National Day of Thanksgiving’ in 1789 was George Washington.
  • Sarah Josepha Hale, a magazine editor, campaigned to make Thanksgiving a National Holiday in 1827 and succeeded.
  • Abraham Lincoln announced Thanksgiving to be national holiday in his proclamation on October 3, 1863.
  • The ‘wishbone’ of the turkey is used in a good luck ritual on Thanksgiving Day.

The President’s Pardon

The animal lovers determined to counter the animal sacrifice introduced the custom of letting a turkey, pardoned by the President of the United States, free to live a natural life comfortably in a zoo at Herndon. This pardon is given at the last minute before the execution of the Turkey in a ceremony at the White House. Here we reiterate the words of the official pardon:

“By virtue of this pardon, (Turkey of the year’s name) is on her way not to the dinner table but to Kidwell Farm in Herndon, VA. There she’ll live out her days as safe and comfortable as she can be.”

It is said that this tradition was first observed in 1947 and was conceived by Harry Truman. After the Turkey gets the Presidential Pardon, it is transported to Kidwell Farm, a petting zoo at Frying Pan Park in Herndon, Virginia to be welcomed as the chief guest along with the President in a Turkey ‘Roast’ celebration. Here, the Turkey is not ‘roasted’ in the oven but through humor and turkey jokes.

And then, there’s the most important site of all on Thanksgiving – Butterball’s website(http://www.butterball.com/tips-how-tos/tips/thanksgiving-guide), for when you need help with what’s going on.

However, when things go wrong with the food, you can find some quick fixes at http://www.chefrick.com/thanksgiving-food-first-aid/

Enjoy your Thanksgiving, and thank you…

Filed under: Instructional, Uncategorized | Leave a comment »

Avoid Online Scams When You’re Shopping for the Holidays

Posted on November 21, 2008 by wjimenez275

From Trend Micro TrendSetter

Every year we see staggering new statistics about how many people are buying gifts online instead of braving traffic, long lines, and parking nightmares at brick-and-mortar stores. During the holidays, many online retailers will also offer breaks on shipping costs—so the advantages of less physical hassle, no sales tax, and potentially free or cheap shipping make online shopping pretty appealing. However, the risks involved in online shopping are persistent as ever. Here are a few key ways you can protect yourself.

1. Use a virtual account number. This is a service that most credit cards now offer. Here’s how it works: Log onto your credit card account and with one click you can generate a random credit card number that makes it virtually impossible for anyone to steal your account number while shopping online. When your virtual number is generated, simply enter it into the merchant’s form and complete your purchase without revealing your actual card number. This virtual credit card number is only valid for a short period of time-long enough for the retailer to process your transaction, which will be charged to your real credit card account. But if a retailer stores that number and a hacker later breaks into their system, the number will be useless. Please note: Virtual account numbers cannot be used for purchases that require you to show your credit card at time of pick-up (e.g., movie tickets, etc.), because the account numbers will not match.

2. Make sure you’re shopping on a secure site. Look for the padlock icon or a URL that starts with https://. That means your transaction is encrypted.

3. Don’t trust emails from “retailers” claiming you need to verify your credit card information. This is almost certainly a scam. Every year millions of emails go out from hackers pretending to be eBay or PayPal customer service and asking consumers to provide information that the actual service already possesses. If you’re worried that a retailer really has failed to process your order, go to the site and look up your account or contact their customer service center—don’t click on a link in email that could redirect to a dummy site.

Filed under: Instructional, PC Security, Uncategorized | Leave a comment »

Block sales calls to your cell phone

Posted on November 19, 2008 by wjimenez275

The following article is reprinted from PCWorld.com

Telemarketing is especially annoying when it reaches your mobile phone, costing you money to hear a sales pitch. Be cautious in giving your mobile number to companies, and especially be aware of opting in or out of a company sharing or selling that information.

If you do give out a mobile number, be sure to tell companies that it’s mobile. If someone calls with a pitch, ask them to take you off their list, and also mention that they have called a mobile number. It’s illegal for telemarketers to use autodialers to reach mobile numbers, so they’ll likely respond quickly if you let them know.

The National Do Not Call Registry can add another layer of protection, with caveats. The list is a database of numbers that telemarketers can’t call, but loopholes allow calls from political groups, surveys, and companies with which you’ve established a business relationship. Nearly the same restrictions on sales calls apply to mobile phones already; however, if you’ve begun to receive sales calls on your cell phone, adding your number to the Do Not Call Registry (www.donotcall.gov)can be the easiest way to stop them.

If, after registering your number with the Do Not Call Registry, you continue to receive sales calls on your cell phone, don’t just hang up in exasperation. Instead, gather as much info about the caller as you can, and file a complaint using the online form at donotcall.gov

Filed under: Instructional, Uncategorized | Leave a comment »

iPhone Charger Recall

Posted on November 17, 2008 by wjimenez275

Apple has recalled the ultracompact USB adapters sold with its 3G iPhones, warning that the metal prongs could break off and put owners at risk of electric shock. Apple has urged owners to recharge the phone by connecting it to a computer until they can trade in the faulty charger for a new one. They can initiate such a trade either in person at an Apple Store or through Apple’s Web site, http://www.apple.com/support/usbadapter/exchangeprogram/.  (From PCWorld Magazine)

Filed under: Instructional, Uncategorized | Leave a comment »

« Previous PageNext Page »