If you haven’t heard already about the PlayStation Network compromise, you should pay attention if you have a PS3 and use PSN. Your PSN online ID, name, address and birth date have all been compromised, and (potentially) your secret questions, and credit card numbers. Sony finally admitted that on April 20, 2011 they were victim of an attack on one of their servers. The database with information from it’s 77 Millions subscribers was compromised. Sony is now recommending that you “…be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.”
For a full news report on the PSN data breach, click here.
Do largely in response to the recent Firesheep “side jacking” add-on to Firefox, that made hacking someones Facebook, Twitter and other Social Media and WWW connections, a point and click technology, Facebook is stepping up its security. As of Friday, January 26, 2011 Facebook has added the option for secure (https) connections. So for all you mobile/coffee shop social media types, make sure you turn it on! Turning on the secure connection will connect you to your Facebook account the same way you would connect to your bank, through a secure connection. You will get the familiar little yellow lock signifying a secure connection. This means that the connectio0n to Facebook will be encrypted, pretty much disabling Firesheep and other “ease droppers” who may be lurking on the public network.
The secure connection option is turned “OFF” by default, you must turn it on yourself, and I strongly recommend that you do so, here is how.
While on the Facebook web site click on “Account” in the upper right hand corner of the page. Then click on “Account Settings” in the drop down menu. Once on the Account settings page scroll down until you see “Account Security”. Click on Account Security and check the box for; Browse Facebook on a secure connection (https) whenever possible. Then click the save button.
Notice the option said “whenever possible”. There are still some third party apps (games/quizzes) that do not work under https, so they will be transmitted in plain text.
Kudos to Facebook for a step in the right direction. You can read more about it on Facebook’s blog.
I wanted to make you all aware that Microsoft has released a very important patch today (Aug. 2, 2010). This patch fixes a major flaw in all Microsoft operating systems (see below) dating back to Windows 2000 commonly referred to as the “Windows Shortcut Exploit”. This flaw was discovered in late July and Microsoft has responded quickly and are providing this update out of their typical second Tuesday of the month patch cycle.
I am recommending that you install this patch. If you have windows updates turned on (and you should) you will get the patch automatically, if not, you can download it and install it from the Windows Update web site, it is the Security update with the (KB2286198) designation. The patch will only be issued for actively supported products, Windows XP w/service pack 3, Vista, Windows 7, Server 2003 and 2008. If you have an older unsupported version of windows, the security company Sophos has issued the “Windows Shortcut Exploit Protection Tool”. I would urge you to install it.
More Info Here – Network World Article
Microsoft has announced a very serious flaw effecting all versions of the Microsoft Windows operating system, even fully patched Windows 7 systems. It requires no user interaction to infect the system, simply viewing icons is enough to trigger it. Currently there is no patch for the vulnerability. Microsoft Security Essentials has added signatures for detecting it, most other vendors are likely to follow.
For more information, (Network World Article)
Sophos has a temporary patch to help lessen the threat, I haven’t tested it thoroughly. You can get it HERE.
With recent opening of the new Starbucks in Lewisburg and Starbucks nationwide offering free wifi as July 1, 2010; I wanted to take this opportunity to issue the “Free Wifi” Caution. It is important to remember that your wifi device, (phone, notebook, touch or pad) is a radio broadcasting everything you do and type over the wifi. That means it is also free for others to access as well. So let’s be careful out there and watch what we’re doing. At least make sure you have a secure ssl connection if you plan on sending any confidential information or passwords (email, facebook, banks…)….better yet, leave the banking for home….we’ll cover that in an upcoming post.
B e aware of a newly discovered vulnerability in the Windows Help and Support Center function that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. (Vista, windows 7 and Server 2008 users are not effected)
This vulnerability was discovered and disclosed before Microsoft was given a chance to test and issue any patches, so it’s out there and the bad guys know it! Microsoft has issues a “Fix-IT” that I strongly encourage you to do!
Get the Fix-It.
More information from Gibson Research.
Update July13, 2010
This one is fixed in today’s Microsoft Windows update Patch KB2229593
Two simple changes to your Adobe Acrobat program (Reader, Standard or Pro) can help make your Acrobat program more secure and thwart some serious security gaffs.
The changes are quite simple.
Open Adobe Acrobat (reader, Standard or Pro) by clicking on the desktop icon or any pdf document.
Click on “Edit” from the menu bar.
Scroll down and select “Preferences”
Scroll down through the list and highlight “JavaScript”
On the right hand side un-check “Enable Acrobat JavaScript”
Now scroll further down the list until you come to “Trust Manager”
On the right hand side un-check “Allow opening of non_PDF file attachments A with external applications”.
Click on “OK” and your finished.
It appears there are lots of issues with Adobe’s flash player, if you don’t need it, just uninstall it. If you want it please update to version 10.1 which seems to have fixed some of the more serious flaws.
You can upgrade here. Get Flash 10.1
For more information you can go here. Adobe Security Bulletin
Welcome to my new computer security blog. In an effort to get information out to customers to make them aware of new and ever increasing computer security threats, I decided to start this blog. This is not intended to be a comprehensive security blog. This is information I wish to make known to you, that you may wish to act on. Generally these will NOT include the regular Microsoft/Adobe and other vendor updates. Rather they will include information on threats that may not have a timely patch forthcoming or something that I believe will be of interest or concern to my customers.
With any luck, I will not have to post here often.
There are already several threats and issues posted on my web site. www.qnworks.com/security, feel free to check them out.
