Is Your Password In The Dictionary?
The other night Steve and Johnnie asked if I could spend a few minutes talking about hacked email accounts on the radio.
One of the topics I talked about was making sure your password is not a word or combination of words that can be found in the dictionary. This includes proper names.
Now, just a couple of days after we talked about it, it appears the Sony Entertainment Network, the PlayStation Network, and Sony Online Entertainment have been hacked yet again!
Only about 0.1%, or 93000 users, private information was jepordized.
Philip Reitinger, Sony’s chief information security officer, said in a blog post that they tested “a massive set of sign-in IDs and passwords against our network database, [and while] the overwhelming majority of the pairs resulted in failed matching attempts,” the hackers did have some success.
What does that mean? In a programmers world it means that a dictionary attack was used to comprimise Sony’s database.
Passwords like “mydogsue” or “fordmustang” or even “sarah100689″ are not safe passwords. A strong password includes special characters and symbols as well as capital letters and numbers. Another attribute that helps to make it harder to break your password is to make it longer.
Here is an example of a secure password:
V/lxU3N6N_;/nTV{b_W-fxWPxX!,thZ1m:Pc&EXSL<pQEZ>sYclDvL$xMJEOpKD
Now, you are not going to use a password like this. First, it’s to long for almost all sites. Then, it’s not memorable.
To borrow from Steve Gibson at FRC.com, a passord that has at least one of every character is far more secure. As an example, !Myd0gSue1 or $F0rdMu$tang65 or *Sarah1oo689!
Any combination of characters, numbers, and symbols makes your password exponentially harder to crack. Don’t forget, if you can make your password longer with this scheme it is even HARDER to break.
If you would like to read a little more about strong passwords you can visit Steve Gibsons site at GRC, https://www.grc.com/haystack.htm
As a word of caution, the strongest passwords in the world are no good if you give them to the bad guy.
If you have malicious software on your computer that was designed to capture user names and passwords, then you’ve just given it all away.
If you respond to emails that ask you to verify your login information at some site, like your bank or PayPal, then you’ve just given it all away.
For your on security you should change your passwords on all the sites you visit to something stronger using all characters but memorable and make sure your computer is as healthy as possible.
The Savemybutt Bootcamp and Step-By-Step instructions and free software can help you keeping the computer clean, healthy, and fast.
List of Fake Antivirus and Rogue Programs
Time and time again, it seems like every week we mentioned on the radio show some sort of fake antivirus program. In an attempt to help people figure out if what they are looking at on the screen is a fake or not, I’ve taken some time and searched some websites that list some of these programs and created a combined database for your reference.
If by chance, you find a program that is not on the list. Please let me know so that I can update it. The list is quite long and is in alphabetical order, currently containing 853 known fake antivirus and rogue programs.
Continue reading
Massive Earthquake in Chile Leads to a Surge of Rogue Antivirus
Is seems like when there is a natural disaster or other big news worthy story like Michael Jackson’s death, the scammers come out of the woodwork.
With all of the devastation caused by the earthquake in Chile and the earthquake not long ago in Hati, the need for help is huge.
Turns out, the scammers have a need, too. The need to fool you into infecting your computer with their rogue virus protection software that can take over your computer.
As it turns out there are a number of websites that have been poisoned that are easily found by doing a search of the phrase “Chile Earthquake”.
The infection, as many of them do, looks likes this:
Quote from Symantec:
“Notice that this fake scan window was actually presented inside a Firefox browser window but the fake scan window says I’m using IE 7.0, I guess the people behind this particular scam slipped up a bit on this minor point.
After the fake scan is complete or if you try to navigate away from the page, you are offered the obligatory download of files with various filename such as packupdatebuild[RANDOM NUMBER]_[RANDOM NUMBER].exe or inst.exe. These are being detected by Symantec as Trojan.FakeAV or VirusDoctor“.
If you search for places on the web to make a donation to help with these natural disasters, make sure you type the address to a site you trust, like the American Red Cross. If you are going to click on a link, make sure that your recognize the name of the site’s address, usually in green under the listing on Google for instance.
Make sure you are donating to trusted sites. It’s to easy to get fooled into giving money, your credit information, and your computer to the bad guys.
Stop Using Internet Explorer!!!
I don’t know if you’ve been watching the news lately about the problems Google has had with China, but it appears that the bad guys in China have figured out a way to use a vulnerability to exploit Internet Explorer and attack Google and some 20 other odd companies’ websites.
Microsoft has released a patch to repair the vulnerability and if you have automatic updates turned then this should not be an issue. Sort of…
From the experience repairing consumer computers, I have discovered the following:
1. Many people do not have automatic updates turned on, and they don’t do updates manually. Update manually once a week just to make sure you are up to date!
2. Most people are still using Internet Explorer, usually version 7 or version 8. If you’re going to use Internet Explorer, make sure you have upgraded to version 8, weather you like it or not.
3. Many people do not have a newer version of an antivirus. This means you must install the latest software once every year or two. Not just the daily updates that you pay for.
The best advice I can give you is this, STOP USING INTERNET EXPLORER, PERIOD!
Download another browser. For example, Firefox, Chrome, Opera, or Safari. I my favorite browsers are Firefox and Chrome for their safety and speed.
The vulnerability found by leading antivirus companies which used Internet Explorer to attack Google and other companies has already been found and 100 popular websites. And, it’s spreading! When using Internet Explorer, if you visit these sites, you can become infected without your knowledge. Without clicking on anything. Without downloading anything. Just by visiting this site.
It’s time to stop paying me to repair your computer and take matters into your own hands. What’s the easiest way to do that? The first step is to STOP USING INTERNET EXPLORER!!!
Do it now. Go to get GetFirefox.com, click the green download button, and install it.
Conficker Worm Strikes Again
Back in October, Microsoft released a patch, MS08-067 , that would block the Conficker.A worm in a special update.
Over the last couple of weeks, a new variant of this worm has been affecting customers. Microsoft detected it as Worm:Win32/Conficker.B. In addition to exploiting MS08-067 (the patch from October), this variant also uses other propagation methods; it tries to copy itself to network shares by guessing their passwords. If the password is weak, it may succeed. It also tries to spread via removable media like thumb or jump drives.
In the last few days, including January 15, 16, and 17. It has infected more than 3.5 million computers worldwide. And, it is spreading rapidly.
- Shared computers with weak passwords may get infected by the worm
- External hard disks and USB sticks may get infected by the worm
- Computers without the latest patches and updates may get infected by the worm
It is important that you update all of the computers on your business or home network that are running the any version of the Windows operating system immediately, including Windows XP, Vista, and Server Operating systems. The update will block Conficker.B from infecting your computers if it has not already!
If you have been infected by Conficker, I have a link below that will allow you to download the Microsoft Malicious Software Removal Tool directly from Savemybutt to get rid of it.
However, because the warm blocks not only the Microsoft site, but also, most major security sites, including Norton, McAfee, Trend Micro, AVG, and Avast. You will have to download the removal tool from my site on the infected machine (because it is not blocked) or onto a clean machine that is not on your network, and then install it on all machines in your network. This MUST be run, and all computers on your network, because it spreads over your network to other machines.
Click here to download the Microsoft Malicious Software Removal Tool directly from this site. Savemybutt is not be blocked by the worm. Run it on EVERY computer on your network!
Also known as by different security companies:
TA08-297A (other)
CVE-2008-4250 (other)
VU827267 (other)
Win32/Conficker.A (Computer Associates)
Mal/Conficker-A (Sophos)
Trojan.Win32.Agent.bccs (Kaspersky)
W32.Downadup.B (Symantec)
List of word, character strings, websites, and domains that are blocked (that we know of).
virus
spyware
malware
rootkit
defender
microsoft
symantec
norton
mcafee
trendmicro
sophos
panda
etrust
networkassociates
computerassociates
f-secure
kaspersky
jotti
f-prot
nod32
eset
grisoft
drweb
centralcommand
ahnlab
esafe
avast
avira
quickheal
comodo
clamav
ewido
fortinet
gdata
hacksoft
hauri
ikarus
k7computing
norman
pctools
prevx
rising
securecomputing
sunbelt
emsisoft
arcabit
cpsecure
spamhaus
castlecops
threatexpert
wilderssecurity
windowsupdate
