Without futher delay here is the link :
Choosing the right Firewall

I came across a great list of these Fake Anti-Virus programs
Via Technibble.com If one of these Rogue programs is installed call your IT department or contact your Computer Consultant.

– Tim Krabec

Those Who Cannot Remember the Past are Condemned to Repeat it.

During the last decade, many Information Security practitioners have predicted the rise of mobile phone malware. The predictions thus far have fallen short, however, there have been the occasional incidents of malware infections but to date nothing has occurred on a mass scale. I cannot predict when such malware becomes lucrative enough to develop, but I do believe that the transformation of a mobile phone to a fully functional computing system with a robust browser may signal that the day is coming soon. With the recent increase in mobile phone functionality there is an increase in sensitive data stored on the device, thus making it a valued target.

Those of us who supported and used corporate computer systems during the early part of the millennium, remember the chaos caused by virus and worm outbreaks. Being a desktop support tech at the time, it was not unusual to spend several days chasing a worm around the corporate network while frantically locking and patching systems as you went. The users were not happy, management was not happy, customers were not happy, and I can personally tell you none of us in IT were happy.

At the time, patch management was not centralized at many small to mid-sized organization; servers were installed with the default settings; users ran with local administrative rights; code reviews were non-existent; and wireless, if encrypted at all, used WEP. Over time, many organizations became conscious of the value of securing their systems. Well, some organizations did anyway.

There is a lesson to be learned in the history of computing. The mobile platform that we all use today is, for all essential purposes, the PC of 1999 all over again. The aforementioned problems of the PC during the late 90′s still exist now on the mobile phone. Moreover, what limited security features that do exist on this platform are often not enabled or configured.

During 2009 we began to see the emergence of malicious software on the mobile phones. In July 2009, the BBC reported about mass distribution of spyware on Blackberry devices in the United Arab Emirates. In November, two iPhone worms were making the rounds (http://www.f-secure.com/weblog/archives/00001822.html and http://www.f-secure.com/weblog/archives/00001814.html). Several credit unions reported malicious applications in the Android Marketplace targeting banking credentials in December (http://www.bayportcu.org/site/mobilesecurityupdates.html and http://www.firsttechcu.com/home/security/fraud/security_fraud.html).

At ShmooCon 2010, I watched a talk presented by Tyler Shield of Veracode entitled “Blackberry Mobile Spyware – The Monkey Steals the Berries” (watch the presentation at http://shmoocon.org/2010/videos/BlackberryMobile-Shields.m4v). During the talk he demonstrated proof of concept malicious code for the Blackberry platform. Veracode has posted numerous blogs about the presentation and issues demonstrated but I think Chris Wysopal formerly of L0pht and @stake summarizes the situation facing mobile phone users the best:

“We need to leave the “detect and revoke” mentality of the PC world behind as we move to new platforms. Attackers are able to game the PC antivirus model by continuously flooding the software ecosystem with new unknown malware. The attackers will win in the mobile world too if we don’t change it. The mobile app store is a form of whitelisting that can assure the security of an entire platform if the whitelisting means something. That is if the apps are tested for security before being published.”

I could not agree more. The unfortunate truth is RIM, Google, and Apple are not performing any detailed code review and security testing right now. Moreover, the only mobile solution that provides any measure of centralized security is RIM’s Blackberry Enterprise Server and many companies are not leveraging those features and settings. The title of this post is a well known quote from George Santayana and is sometimes referred to as the Santayana’s Law of Repetitive Consequences. I fear the security failures of the past apply to the mobile platform of today. Let’s hope we take heed and act. I think everyone could agree that the thought of chasing malware around on a platform that knows no physical bounds would be counterproductive to any organizations’ goals.

~ Tim M.

**************

Hey, some jerk has posted your pictures (u understand what kind of pictures are there) and sent a link of them to all ur friends. I have already replied back. Said, that he is an idiot. See the link:

http://photobank.********.****.*****/id1073bv/get.php?email={Your Email is here}

{SOME NAME}

**************

Newsflash folks, they haven’t. Well, at least not the people purporting to have done so in this email!

Educate your users, don’t click on the link. We’ve had a user actually do so and managed to infect their machine. To most, it seems more of a pain to clean it than anything. But let’s put it this way: Your technical company (or your internal technical person) has to go clean this up. Say your outsourcing firm charges $100 per hour. Something like this takes at least 2 to 3 hours to clean let alone ensure it has been eradicated. I’m not counting the checks of ALL your other systems on the network. Now we’re talking more along the lines of 5 or 6 hours. Now factor in the cost of the downtime to the user who has been infected. Now you’re looking at $1,000 or more in real money that has been lost. Now factor in there is the very real possibility this user has had documents lost or destroyed by this virus.

User education doesn’t seem so expensive any more.

Subject: “Update for Microsoft Outlook / Outlook Express (KB910721)”

Now unless you’ve signed up with Microsoft to receive notifications via email you’re not going to get them.  And most certainly the WILL NOT be sending patches via email, except possibly if you’re on an active support call.  So once again don’t open attachments,  when you’re not expecting them.

Sorry about the audio in part 1.

http://media.libsyn.com/media/tkrabec/SMBMinute-nickerson-SMB_part_1.mp3

– Tkrabec

It has been my observation over the past few weeks that thee has been a sharp increase in these fake av’s. So be on the lookout and make sure you and your employees KNOW what programs are on your machine.