Home |
Search |
Today's Posts |
#1
|
|||
|
|||
OT Malware in news
For those of you with Windows computers, tablets etc, please read the
following web site if not already done so ... https://www.getsafeonline.org/nca/ -- Regards Bob Hobden Posting to this Newsgroup from the W.of London. UK |
#2
|
|||
|
|||
OT Malware in news
On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden"
wrote: For those of you with Windows computers, tablets etc, please read the following web site if not already done so ... https://www.getsafeonline.org/nca/ That's far too much for me to read! Steve -- Neural Network Software http://www.npsnn.com EasyNN-plus More than just a neural network http://www.easynn.com SwingNN Prediction software http://www.swingnn.com JustNN Just a neural network http://www.justnn.com |
#3
|
|||
|
|||
OT Malware in news
On Thu, 05 Jun 2014 13:24:19 +0200, Martin wrote:
On Thu, 05 Jun 2014 12:19:42 +0100, Stephen Wolstenholme wrote: On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden" wrote: For those of you with Windows computers, tablets etc, please read the following web site if not already done so ... https://www.getsafeonline.org/nca/ That's far too much for me to read! In that case you are doomed. Symantec link always downloads a 64 bit copy, contrary to the instructions on the Symantec website I don't think I will respond to Symantec marketing. Steve -- Neural Network Software http://www.npsnn.com EasyNN-plus More than just a neural network http://www.easynn.com SwingNN Prediction software http://www.swingnn.com JustNN Just a neural network http://www.justnn.com |
#4
|
|||
|
|||
OT Malware in news
On 05/06/2014 12:44, Stephen Wolstenholme wrote:
I don't think I will respond to Symantec marketing. Agreed. Unfortunately, the hype over all this makes me think that either the gov agencies or the AV providers are running a marketing campaign. Yes, these threats are potentially dangerous - but they have been for a long time now. There really isn't anything significantly different about it now. Yes, such malware will increase and become more effective, as will the means of trapping the unwary. You always need to be vigilant and this news doesn't change that. However, the hype over this '2 week window' is largely meaningless. If you are very recently infected with cryptolocker (like the day the 'command and control' servers were taken down) then you may have 2 weeks to get it cleaned up before the servers are back and able to issue the encryption keys. This will be a very small number of people affected in this way though. As with all these things, some basic hygiene will keep you safe. (Particularly relevant for windows users, of course). My view of the important stuff is as below. Some parts are more important than others. You can do all the right things with protective software, but the absolute key is your online behaviour. So... * Keep programs and operating systems fully patched and remove programs you don't use; * Have an anti-virus program running in real time, keep it updated at least once a day and run periodic system scans; * Have an anti malware program such as 'malwarebytes' or 'spybot search & destroy' - keep them uptodate and run periodic scans; * Don't click on links in emails (preferably at all, but certainly not unless you absolutely know the source of the mail and what the link is); * Don't open any attachments in emails unless you absolutely know the sender and what they are sending and you are expecting it; * Never click on a link in an email to change account details - always go direct to the correct site and to the correct part of it to change your details; * Be very careful about what websites you go to and what you click on; * Remember that social media is a prime location for picking up malware; * Never change any sensitive details on any public wifi network - and don't use any sensitive log in details; * If you have home WiFi, make sure it is very secure; * Preferably have a router to connect your broadband rather than a USB modem; * Change your passwords regularly; don't use the same password for multiple services; have complex, difficult to guess passwords. (A good password manager such as LastPass can help take away a lot of the burden of this as long as you know its limitations). If you have an eBay account, change your password *NOW* if you haven't done so in the last couple of weeks. Doubtless some will disagree with some of the items above. I know people that refuse to use AV programs, for example - but to take that step, you need to be super-vigilant, and most people just aren't. Most people that get hit with malware are not IT professionals and I accept that from scratch, some of this stuff can be daunting - unfortunately, that is what the bad guys know and they are their targets Sorry this is a bit long, but some of it might help someone... -- regards andy |
#5
|
|||
|
|||
OT Malware in news
On Thu, 05 Jun 2014 13:57:04 +0200, Martin wrote:
On Thu, 05 Jun 2014 12:44:13 +0100, Stephen Wolstenholme wrote: On Thu, 05 Jun 2014 13:24:19 +0200, Martin wrote: On Thu, 05 Jun 2014 12:19:42 +0100, Stephen Wolstenholme wrote: On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden" wrote: For those of you with Windows computers, tablets etc, please read the following web site if not already done so ... https://www.getsafeonline.org/nca/ That's far too much for me to read! In that case you are doomed. Symantec link always downloads a 64 bit copy, contrary to the instructions on the Symantec website I don't think I will respond to Symantec marketing. NCA isn't Symantec marketing. Then why did you mention Symantec in the thread? Steve -- Neural Network Software http://www.npsnn.com EasyNN-plus More than just a neural network http://www.easynn.com SwingNN Prediction software http://www.swingnn.com JustNN Just a neural network http://www.justnn.com |
#6
|
|||
|
|||
OT Malware in news
On 05/06/14 13:18, News wrote:
On 05/06/2014 12:44, Stephen Wolstenholme wrote: I don't think I will respond to Symantec marketing. Agreed. Unfortunately, the hype over all this makes me think that either the gov agencies or the AV providers are running a marketing campaign. Yes, these threats are potentially dangerous - but they have been for a long time now. There really isn't anything significantly different about it now. Yes, such malware will increase and become more effective, as will the means of trapping the unwary. You always need to be vigilant and this news doesn't change that. However, the hype over this '2 week window' is largely meaningless. If you are very recently infected with cryptolocker (like the day the 'command and control' servers were taken down) then you may have 2 weeks to get it cleaned up before the servers are back and able to issue the encryption keys. This will be a very small number of people affected in this way though. As with all these things, some basic hygiene will keep you safe. (Particularly relevant for windows users, of course). My view of the important stuff is as below. Some parts are more important than others. You can do all the right things with protective software, but the absolute key is your online behaviour. So... * Keep programs and operating systems fully patched and remove programs you don't use; Yes, but you want to disable/remove services; an installed but non-running program is not a threat. * Have an anti-virus program running in real time, keep it updated at least once a day and run periodic system scans; Yes, but one of the AV *vendors* recently said they are becoming ineffective. At best they are heuristic and the updates scan for what has recently been discovered by the vendor to be active in the wild - which implies some people have already been affected. * Have an anti malware program such as 'malwarebytes' or 'spybot search & destroy' - keep them uptodate and run periodic scans; I hear good things about MS EMET tool, but I'm not in a position to have an opinion. * Don't click on links in emails (preferably at all, but certainly not unless you absolutely know the source of the mail and what the link is); * Don't open any attachments in emails unless you absolutely know the sender and what they are sending and you are expecting it; Necessary but not sufficient; there have been drive-by attacks where opening the email wasn't necessary. * Never click on a link in an email to change account details - always go direct to the correct site and to the correct part of it to change your details; Valid, important, but phishing is completely different to malware. * Be very careful about what websites you go to and what you click on; Necessary but not sufficient; sometimes malware is delivered via advert networks used by reputable sites. Yet another reason for having an adblocker in your browser. * Remember that social media is a prime location for picking up malware; .... even reputable social media sites! * Never change any sensitive details on any public wifi network - and don't use any sensitive log in details; * If you have home WiFi, make sure it is very secure; Valid, important, but not a malware phenomenon. * Preferably have a router to connect your broadband rather than a USB modem; Why? Surely it is what is inside the device rather than its method of connection. * Change your passwords regularly; don't use the same password for multiple services; have complex, difficult to guess passwords. (A good password manager such as LastPass can help take away a lot of the burden of this as long as you know its limitations). Arguably impractical. There are many alternative strategies. In any case remember the purpose of a password is to shift responsibility from the website back onto you "if the right password was given it must have been you" If you have an eBay account, change your password *NOW* if you haven't done so in the last couple of weeks. Doubtless some will disagree with some of the items above. I know people that refuse to use AV programs, for example - but to take that step, you need to be super-vigilant, and most people just aren't. Most people that get hit with malware are not IT professionals and I accept that from scratch, some of this stuff can be daunting - unfortunately, that is what the bad guys know and they are their targets You forgot what will become very important, especially with the Internet of Things... * don't have any "smart devices" where the manufacturer doesn't regularly update the software. For example "smart TVs", which are just computers with an aerial * when visiting any financial website, use the browser in a "live CD" operating system on either a CD or USB stick. Turn off the machine, boot directly from the CD/USB, only visit the financial website, turn the machine off. Since you get a new original operating system every time you use it, it simply cannot have been infected with malware. Of course, neither can you store bookmarks nor cookies between sessions! The live CD/USB is also helpful in an internet cafe, but won't stop someone shoulder surfing. |
#7
|
|||
|
|||
OT Malware in news
"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing. Where on that page is there any Symantec marketing? There is a link to a removal tool by Symantec as there is a link to a similar tool by McAfee and a few others. I used the McAfee tool because I use their anti-virus and firewall programs but anyone can use any one from what I read. Even if you are sure you haven't been infected as I was, what is the harm in downloading and running one of those tools just to be 100% sure. Perhaps you might get a few e-mail adverts from them, so what. -- Regards. Bob Hobden. Posted to this Newsgroup from the W of London, UK |
#8
|
|||
|
|||
OT Malware in news
On 05/06/2014 14:39, Tom Gardner wrote:
On 05/06/14 13:18, News wrote: On 05/06/2014 12:44, Stephen Wolstenholme wrote: I don't think I will respond to Symantec marketing. Agreed. Unfortunately, the hype over all this makes me think that either the gov agencies or the AV providers are running a marketing campaign. Yes, these threats are potentially dangerous - but they have been for a long time now. There really isn't anything significantly different about it now. Yes, such malware will increase and become more effective, as will the means of trapping the unwary. You always need to be vigilant and this news doesn't change that. However, the hype over this '2 week window' is largely meaningless. If you are very recently infected with cryptolocker (like the day the 'command and control' servers were taken down) then you may have 2 weeks to get it cleaned up before the servers are back and able to issue the encryption keys. This will be a very small number of people affected in this way though. As with all these things, some basic hygiene will keep you safe. (Particularly relevant for windows users, of course). My view of the important stuff is as below. Some parts are more important than others. You can do all the right things with protective software, but the absolute key is your online behaviour. So... * Keep programs and operating systems fully patched and remove programs you don't use; Yes, but you want to disable/remove services; an installed but non-running program is not a threat. The list was intended to be for someone that doesn't know a lot about how computers run under the bonnet. Having lots of old programs lying around (and possibly running if they have insinuated themselves into automatic startup) is no good for housekeeping - and is potentially another place that an infection could hide (although no more likely than in a 'wanted' program). * Have an anti-virus program running in real time, keep it updated at least once a day and run periodic system scans; Yes, but one of the AV *vendors* recently said they are becoming ineffective. At best they are heuristic and the updates scan for what has recently been discovered by the vendor to be active in the wild - which implies some people have already been affected. Which is why it is a tool to assist thoughtful safe computing. * Have an anti malware program such as 'malwarebytes' or 'spybot search & destroy' - keep them uptodate and run periodic scans; I hear good things about MS EMET tool, but I'm not in a position to have an opinion. Yes - must have a closer look at that * Don't click on links in emails (preferably at all, but certainly not unless you absolutely know the source of the mail and what the link is); * Don't open any attachments in emails unless you absolutely know the sender and what they are sending and you are expecting it; Necessary but not sufficient; there have been drive-by attacks where opening the email wasn't necessary. Again, mine was a basic list that will protect from 95% of attacks via most vectors. * Never click on a link in an email to change account details - always go direct to the correct site and to the correct part of it to change your details; Valid, important, but phishing is completely different to malware. It can be - phish links can also be to sites containing malware - and whether you get infected or give someone the password to your bank account, the end result is not good. * Be very careful about what websites you go to and what you click on; Necessary but not sufficient; sometimes malware is delivered via advert networks used by reputable sites. Yet another reason for having an adblocker in your browser. Wouldn't disagree there. * Remember that social media is a prime location for picking up malware; ... even reputable social media sites! * Never change any sensitive details on any public wifi network - and don't use any sensitive log in details; * If you have home WiFi, make sure it is very secure; Valid, important, but not a malware phenomenon. * Preferably have a router to connect your broadband rather than a USB modem; Why? Surely it is what is inside the device rather than its method of connection. Maybe things have changed, but I've always considered a router to have more inherent firewall capabilities than a modem. But maybe its not the case - and certainly it is not for security 101. * Change your passwords regularly; don't use the same password for multiple services; have complex, difficult to guess passwords. (A good password manager such as LastPass can help take away a lot of the burden of this as long as you know its limitations). Arguably impractical. There are many alternative strategies. I find it eminently practical. Strategies depend on what works best for someone. The only strategy that is really dangerous is very weak passwords, repeated. (Apart from obvious things such as not remembering complex passwords and writing them down on a postit stuck to your forehead). In any case remember the purpose of a password is to shift responsibility from the website back onto you "if the right password was given it must have been you" Sure, but a whole other argument If you have an eBay account, change your password *NOW* if you haven't done so in the last couple of weeks. Doubtless some will disagree with some of the items above. I know people that refuse to use AV programs, for example - but to take that step, you need to be super-vigilant, and most people just aren't. Most people that get hit with malware are not IT professionals and I accept that from scratch, some of this stuff can be daunting - unfortunately, that is what the bad guys know and they are their targets You forgot what will become very important, especially with the Internet of Things... * don't have any "smart devices" where the manufacturer doesn't regularly update the software. For example "smart TVs", which are just computers with an aerial * when visiting any financial website, use the browser in a "live CD" operating system on either a CD or USB stick. Turn off the machine, boot directly from the CD/USB, only visit the financial website, turn the machine off. Since you get a new original operating system every time you use it, it simply cannot have been infected with malware. Of course, neither can you store bookmarks nor cookies between sessions! The live CD/USB is also helpful in an internet cafe, but won't stop someone shoulder surfing. Not particularly forgot - I'm sure I didn't include a lot of things - but it wasn't intended as a definitive article - just a list of things that most people could do quite easily. Perhaps the best thing would be to get someone to print the internet off for you (the general you, not you personally) and return to physical bartering -- regards andy |
#9
|
|||
|
|||
OT Malware in news
On 06/06/2014 09:11, Martin wrote:
On Thu, 5 Jun 2014 17:21:10 +0100, "Bob Hobden" wrote: "Stephen Wolstenholme" wrote I don't think I will respond to Symantec marketing. Where on that page is there any Symantec marketing? There is a link to a removal tool by Symantec as there is a link to a similar tool by McAfee and a few others. I used the McAfee tool because I use their anti-virus and firewall programs but anyone can use any one from what I read. Even if you are sure you haven't been infected as I was, what is the harm in downloading and running one of those tools just to be 100% sure. Perhaps you might get a few e-mail adverts from them, so what. Stephen didn't read what was on the website. One question I had is that if you are already using one of the tools listed why should it be necessary to download and run a test for a specific virus. Not sure how this malware works, but a lot of viruses disable the av programs when they infect a machine (and block access to common av websites). And if someone has bad or non-updated av, they still might get infected. -- regards andy |
#10
|
|||
|
|||
OT Malware in news
On 06/06/14 11:08, Chris Hogg wrote:
On Fri, 06 Jun 2014 09:20:30 +0100, News wrote: On 05/06/2014 14:39, Tom Gardner wrote: I hear good things about MS EMET tool, but I'm not in a position to have an opinion. Yes - must have a closer look at that I've just asked on uk.d-i-y about it, if you want to follow the thread. See also http://www.dedoimedo.com/computers/windows-emet-v4.html and have a look at his other pragmatic opinionated views |
#11
|
|||
|
|||
OT Malware in news
On Fri, 06 Jun 2014 10:11:22 +0200, Martin wrote:
On Thu, 5 Jun 2014 17:21:10 +0100, "Bob Hobden" wrote: "Stephen Wolstenholme" wrote I don't think I will respond to Symantec marketing. Where on that page is there any Symantec marketing? There is a link to a removal tool by Symantec as there is a link to a similar tool by McAfee and a few others. I used the McAfee tool because I use their anti-virus and firewall programs but anyone can use any one from what I read. Even if you are sure you haven't been infected as I was, what is the harm in downloading and running one of those tools just to be 100% sure. Perhaps you might get a few e-mail adverts from them, so what. Stephen didn't read what was on the website. I looked at the first page. The message I got from the first line is somebody is trying to sell something so I didn't read anything else. Steve -- Neural Network Software http://www.npsnn.com EasyNN-plus More than just a neural network http://www.easynn.com SwingNN Prediction software http://www.swingnn.com JustNN Just a neural network http://www.justnn.com |
#12
|
|||
|
|||
OT Malware in news
On 05/06/2014 13:18, News wrote:
Most people that get hit with malware are not IT professionals and I accept that from scratch, Some of the professionals running IT for large companies seem to be clueless about malware etc. -- mailto:news{at}admac(dot}myzen{dot}co{dot}uk |
#13
|
|||
|
|||
OT Malware in news
On 05/06/2014 14:39, Tom Gardner wrote:
Yes, but one of the AV *vendors* recently said they are becoming ineffective. At best they are heuristic and the updates scan for what has recently been discovered by the vendor to be active in the wild - which implies some people have already been affected. This is no different from what has been happening with AV software for the past 15+ years. Some people will always be caught with a new or modified virus before the 'fix' is found. -- mailto:news{at}admac(dot}myzen{dot}co{dot}uk |
#14
|
|||
|
|||
OT Malware in news
On 05/06/2014 17:21, Bob Hobden wrote:
"Stephen Wolstenholme" wrote I don't think I will respond to Symantec marketing. Where on that page is there any Symantec marketing? There is a link to a removal tool by Symantec as there is a link to a similar tool by McAfee and a few others. I used the McAfee tool because I use their anti-virus and firewall programs but anyone can use any one from what I read. Even if you are sure you haven't been infected as I was, what is the harm in downloading and running one of those tools just to be 100% sure. Perhaps you might get a few e-mail adverts from them, so what. Are you sure that page was genuine? All the links could be to install Malware! -- mailto:news{at}admac(dot}myzen{dot}co{dot}uk |
#15
|
|||
|
|||
OT Malware in news
"alan" wrote
Bob Hobden wrote: "Stephen Wolstenholme" wrote I don't think I will respond to Symantec marketing. Where on that page is there any Symantec marketing? There is a link to a removal tool by Symantec as there is a link to a similar tool by McAfee and a few others. I used the McAfee tool because I use their anti-virus and firewall programs but anyone can use any one from what I read. Even if you are sure you haven't been infected as I was, what is the harm in downloading and running one of those tools just to be 100% sure. Perhaps you might get a few e-mail adverts from them, so what. Are you sure that page was genuine? All the links could be to install Malware! Absolutely certain it's genuine and all the links are correct. -- Regards. Bob Hobden. Posted to this Newsgroup from the W of London, UK |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Well there's good news and bad news.... | United Kingdom | |||
Good news/bad news | Ponds | |||
Good News-Bad News | Ponds | |||
Sad news, good news and questions all in one message | Orchids | |||
There is good news and bad news | United Kingdom |