Tuesday April 30, 2013
Trojan:JS/Seedubator.B and Android/NotCompatible.A are two very good examples of how you can become infected with malware just by simply visiting a website. You don't have to click on hyperlinks to get infected with drive-by downloads because cyber criminals target website and browser vulnerabilities.
Android/NotCompatible.A is similar to the Seedubator.B malware. This malware specifically targets Android devices, such as smartphones and tablets. If you're an Android user, be careful what sites you surf and what you download. The cybercriminal can disguise a link and name it "Android Update" to entice you into clicking the link. However, this may in turn install the malware on your device.
You should always have your systems updated with the latest patches and releases. Always use an antivirus application and ensure that your virus definition files are up-to-date. Furthermore, one of the best prevention method is to ensure that you have the latest Internet browser version installed and that you have the appropriate settings configured with security add-ons.
Image ©Ryan Whitwam
Monday April 22, 2013
A common way to get infected with malware is by visiting compromised websites. Cybercriminals use drive-by download attacks to gain access to your system. Drive-by downloads are malicious programs that are installed on your computer while visiting an infected website or viewing an HTML email message. Just like other malware, drive-by downloads are installed without your consent and can infect your PC, tablet, or smartphone.
Drive-by downloads are dangerous because you don't have to click on a hyperlink within a webpage or email to get infected. The malware installs on your computer just by visiting the compromised website or by opening the infected email. Drive-by downloads are considered to be client-side attacks, which target vulnerabilities within your system. The malware can exploit browser and system vulnerabilities due to low security settings.
Once installed, the malware deployed by a drive-by download is capable of stealing your personal information by logging your keystrokes and can install additional malware. iLivid and Seedabutor are malware examples that are deployed by drive-by downloads. The best prevention method is to ensure that you have the latest Internet browser version installed and that you have the appropriate settings configured with security add-ons. Furthermore, you can view your emails in plain text with no HTML formatting. Disabling HTML features can prevent an infected email from compromising your system.
Image ©K. Lawrence
Sunday March 24, 2013
The Firefox Redirect Virus can be an annoying, dangerous malware. Similar to the iLivid Virus, it reconfigures your Firefox browser by changing your security settings and home page, and modifying your Domain Name System (DNS) settings. Consequently, the Firefox Redirect Virus manipulates your search engine results and loads malicious websites. It will attempt to infect your system with additional malware, such as logic bombs and Trojan horses.
Please be aware that Mozilla Firefox is not responsible for the Firefox Redirect Virus. Mozilla offers a simple way to restore your Firefox Internet browser to its default settings. The Reset Firefox feature provides a fast and easy way to fix most of your issues, including the Firefox Redirect Virus. This feature also allows you to keep your bookmarks, browsing history, passwords, and Internet cookies. Perform the following steps to reset your Firefox browser to its default state:
- Launch your Mozilla Firefox Internet browser. Click on the Firefox button located on the upper-left corner, select Help, and click on Troubleshooting Information.
- The Troubleshooting Information support page will be displayed on your Firefox browser. Click on the Reset Firefox button located on the upper-right corner.
- When the confirmation window opens, click on Reset Firefox.
- The Firefox browser will close and a window will list the information that was imported. Click Finish, and Firefox will open with its default settings.
These steps may help you remove the Firefox Redirect Virus. As always, keep your antivirus and antispyware applications updated to combat the latest malware threats. If you use other browsers, such as Internet Explorer, you will encounter similar security threats. Ensure that your browser is running the latest version.
Image ©Mozilla Firefox
Sunday March 17, 2013
A recent vulnerability has targeted Adobe Reader and Acrobat users. In February 2013, Adobe discovered that Adobe Reader and Acrobat memory corruption vulnerabilities exist in the following versions:
- 11.0.01 and earlier
- 10.1.5 and earlier
- 9.5.3 and earlier
By using the compromised application, the vulnerability can crash your application process and can allow a remote attacker gain access to your system and perform attacks such as causing a denial of service, deploying logic bombs, reconfiguring your Internet browser, or executing additional malware. Other malware may include threats such as Firefox Redirect Virus and iLivid virus.
Adobe has released the following updates for all affected versions. The updates address the vulnerabilities that cause the application to crash and help prevent remote attacks. Adobe recommends that you apply these updates immediately to mitigate these security risks.
To ensure you always have the latest Adobe updates, I recommend you use Adobe's update mechanism. If you have not changed your product's default settings, then you should already be receiving the latest updates on a regular schedule. If you are unsure that you have the latest updates installed, you can check by navigating to Help -> Check for Updates.