Toms Advice Blog

March’s Security Newsletter

March’s Security Newsletter is here and this month we are focusing on the tools that can help you better secure and manage your servers, desktops, users and more! I talk to customers from all over the world about computer security. One of the common things I hear is that it’s difficult to articulate the return on investment (ROI) of the secure development efforts undertaken by their IT departments and development organizations. To help chief security officers, IT professionals, and developers better communicate the value of secure development, we commissioned Forrester Consulting to conduct a survey study. The study, entitled “State of Application Security: Immature Practices Fuel Inefficiencies, but Positive ROI Is Attainable,” provides insight on the current state of application security development practices and identifies key trends and market directions for application security. We hope this can be a helpful tool in your future ROI conversations. We also have some new threat ...

Internet Security Camera:

Knowing What’s Happening inside Your Home While on Vacation Being away from your home is always an unpleasant feeling especially when you’re on vacation, principally if you don’t know what’s happening inside your home. You will have thoughts of getting robbed, and getting your home invaded by strangers. With this kind of thought, you will most probably have an unpleasant vacation. Having a vacation means that you should relax and take it easy. It is a fact that you can’t bring everything inside your home. So, the best way to protect all your things is by locking your home whenever you leave. However, because of the lock picking skills that some people may have, locking your home is not really enough. Home alarm systems are very expensive. So, one good idea for securing your home and record every second on what’s happening inside your home is through an internet security camera. ...

Backing It Up With A CD Rom

With the technical age upon us, computers are far more important now than they have ever been in the past. A lot is done on the computer these days, from paying bills to earning a living. Therefore, the data that you have on your computer is very important. Among the data found on your computer, you may have precious pictures and memories that you wouldn’t dream of losing. No matter how sophisticated computers get, they will still crash, or encounter other problems that can result in a loss of data. For that reason, a backup of your data is very important. While there are several ways that you can go about backing up your data, a CD Rom is by far the easiest and quickly becoming the most popular as well. Like other backup methods, the CD Rom does have it’s faults, although it has more pros to offer you than cons. One ...

Phishing scams: Everything you need to know

You hear about phishing scams all the time, both in the general media and in this newsletter. But what is phishing, really? These links will give you the essential information that you need to know: What is phishing? Phishing (pronounced “fishing”) is a type of online identity theft. It uses email and fraudulent websites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information. Con artists might send millions of fraudulent email messages with links to fraudulent websites that appear to come from websites you trust, like your bank or credit card company, and request that you provide personal information. Criminals can use this information for many different types of fraud, such as to steal money from your account, to open new accounts in your name, or to obtain official documents using your identity. Common phishing scams: Spoofs of businesses that you know and ...

Microsoft Security Advisory (2269637)

Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries. This issue is caused by specific insecure programming practices that allow so-called “binary planting” or “DLL preloading attacks”. These practices could allow an attacker to remotely execute arbitrary code in the context of the user running the vulnerable application when the user opens a file from an untrusted location. This issue is caused by applications passing an insufficiently qualified path when loading an external library. Microsoft has issued guidance to developers in the MSDN article, Dynamic-Link Library Security, on how to correctly use the available application programming interfaces to prevent this class of vulnerability. Microsoft is also actively reaching out to third-party vendors through the Microsoft Vulnerability Research Program to inform them of the mitigations available in the operating system. Microsoft is also actively investigating which of ...

Tips For Data Recovery

Anytime your hard drive crashes or you lose your data, you’ll need to turn to data recovery to properly restore your information. Data recovery is something most computer users are familiar with, as a majority of us have had to turn to data recovery at some point in time. Even though hard drives are becoming better and better, they are still mechanical and will always encounter problems. The first thing to do, before any problems happen, is to always back up your data. If you create backups of your information, you’ll be well prepared in the event of a disaster. This way, even if your hard drive cannot be repaired and the data is lost forever, you’ll have the backups to continue going as normal. If you didn’t make backups, you’ll find the situation very traumatic when you discover that your data cannot be recovered. Most hard drives will last for years ...

What are Intrusion Detection Systems?

Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way: “The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss ...

Microsoft Security Bulletin Advance Notification for January 2011

Microsoft Security Bulletin Advance Notification issued: January 6, 2011 Microsoft Security Bulletins to be issued: January 11, 2011 This is an advance notification of security bulletins that Microsoft is intending to release on January 11, 2011. The following table summarizes the security bulletins for this month in order of severity. For details on affected software, see the next section, Affected Software. Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software Bulletin 2 Critical Remote Code Execution May require restart Microsoft Windows Bulletin 1 Important Remote Code Execution May require restart Microsoft Windows Affected Software This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The following tables list the bulletins in order of major software category and severity. How do I use these tables? Use these tables to learn ...

Manually Removing Any Trojan Horse

Hello folks, today I want to try something different, I want to show a video on how to remove Virus.trojan Zlob Virus Horse Removal! I did not how ever make this video I found it studied it and found it to be very helpful! Hope you like. Thanks www.youtube.com/watch?v=1ZV1UK5s608

RedCrossAntivirus

Common name: RedCrossAntivirus Technical name: Adware/RedCrossAntivirus Threat level: Medium Type: Adware Effects: It is a fake antivirus program which deceives users and warns them of unexisting threats in their computers. It can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. Affected platforms: Windows 2003/XP/2000/NT/ME/98/95 First detected on: Sept. 7, 2010 Detection updated on: Sept. 30, 2010 Statistics No Brief Description RedCrossAntivirus is an adware program which warns users of unexisting threats in their computers so that they purchase a certain program that removes them from the computer.RedCrossAntivirus can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. It can also reach the computer in a link that can be received via spam messages, fraudulent websites, etc. Visible Symptoms RedCrossAntivirus is easy to recognize, as it shows the symptoms below: When it is run, it displays the window of an installer, like the following: Once it is ...