September 2009

I previously reported that I had become a contributing writer on Suite 101. For my first article, I decided to summarize some of the Best Free Encryption options available for computer users.  I covered the pros and cons of Encrypting File System (EFS), TrueCrypt, and GnuPG.  Here’s the quick rundown:

• EFS: OK for Windows users who aren’t using a home / basic edition of Windows.  Can’t encrypt on removable devices.
• TrueCrypt: Good for encrypting not only sections of the hard drive (or entire partitions), but also removable media like thumb drives, CDs, etc.  Encrypted emails possible, but not ideal.
• GnuPG: Best for end-to-end encryption of data at rest and in transit (via email or IM).  Most complex to set up, but messages can only be decrypted and read by the intended recipient.

For download links and full details, please check out the entire article.

Various security vendors are reporting a significant drop in the percentage of emails comprising phishing attacks lately.  For example, Kaspersky Labs noted a 37% drop from 1st quarter to 2nd quarter this year.  They attribute the drop to better security tools like spam filters, and anti-phishing technology showing up in the latest browsers.  I’d like to think it also has something to do with the Internet’s user base getting smarter about phishing and other types of on-line fraud.

The news is welcome, to be sure.  The trouble is, the cyber criminals aren’t just giving up because phishing has become less profitable.  Most of them are turning to more sophisticated “crimeware” in order to swindle you out of your hard-earned money.   If they can’t trick you into giving them your bank account number and passwords, then they’ll try to get them by using key-loggers and banking trojans.  And these tools are getting more sophisticated all the time.

Recently, security and hacker sites alike are a-buzz about a new botnet control framework called ‘Fragus.’  The features it advertises include encryption (to defeat signature-based anti-malware software),  a sophisticated control interface, customizable exploits, and real-time statistics showing the size and distribution of an operator’s botnet.  Zombie computers controlled by the operator not only are prone to deeper infection as the operator sends more trojans, viruses, etc., but they become conduits, used by the controller to spread the botnet to non-infected PCs.

So, while we can celebrate the drop in spam emails, just remember to keep your security tools up to date, and remain vigilant.  The war against cybercrime is still heating up.

Save 10% on Kaspersky AntiVirus 2010 Instantly!
Instant savings on KAV 1 pc, one year license Digital product Offer Expires 12/04/10

Coupon Code: No Code Needed!

The Apache Foundation shut down several servers last Friday when administrators discovered rogue processes running on one of their machines that serves websites. Investigation revealed that a compromised SSH key on a 3rd party hosting provider allowed attackers to access an account. From there, they were able to create files on an Apache Foundation server, and these files were then propagated to the web servers by automated processes.

A briefing on apache.org gives an overview of the method of attack and the steps administrators took to remove the malicious processes. The page includes the following statements:

“To the best of our knowledge at this time, no end users were affected by this incident, and the attackers were not able to escalate their privileges on any machines.
While we have no evidence that downloads were affected, users are always advised to check digital signatures where provided.“

The Apache admins were able to restore from backup to their web servers, and bring the site back online.  They report that some servers remain offline for further investigation, but that most site functionality has been restored.

The Apache Foundation deserves some applause for being open about the attack and the steps they took to combat it.

One take-away from this incident: protect your private keys.