Online security threats

Similar Messages

• Online security for dummies?

  I have to openly admit that I am relatively uneducated on "online-security" threats. I thought that this would probably be a good place to get information from regarding potential threats in surfing online. (who would know better than Java Programmers?). I am hoping to get a feel for the reality of potential online security threats... Does the average person really need to worry? Or is this just another meme being sent around by the government (I may be a conspiracy theorist at heart). If there is indeed a real threat, what can you do to really help secure yourself?
  Erik Parkette | [Home Security|http://www.home-security-rochester-ny.com/home-security/home-security-shutters-who-would-have-thought] Buff.

  eparkette wrote:
  If there is indeed a real threat, what can you do to really help secure yourself?
  Erik Parkette | [Home Security|http://www.home-security-rochester-ny.com/home-security/home-security-shutters-who-would-have-thought] Buff.
  If you want to secure myself, start by securing yourself :)
  This is not a good place to learn the first things you have to know.
  Find some website talking about general security.
  Marc.

• Firefox will not let me get on any websites (safe AND not safe), claiming that it "may pose a security threat to your system"; when I try to choose the "proceed unprotected" option, it won't let me.

  My computer's anti-virus software recently expired. A few days later, I went to download a new anti-virus software . . . when I opened up Firefox, I received a warning that claimed Firefox was infected with "Trojan-BNK.Win32.Keylogger.gen", and gave me two options: "Activate XP Security 2011 (recommended)" (this was a $60 charge and required credit card info) or "Continue unprotected (Dangerous)"
  Since I needed to install new anti-virus, I figured I would continue unprotected, download my new software quickly, and remove the virus. But when Firefox opened, it gave me a message saying: "Firefox alert. Visiting this site may pose a security threat to your system!". Gave me three options:
  1. "Get a copy of 'XP Security 2011' to safeguard your PC while surfing the web (RECOMMENDED)"
  2. "Run a spyware, virus and malware scan" (I already did this)
  3. "Continue surfing without any security measures (DANGEROUS)"
  I tried clicking on different links, but the same warning kept showing up, even on verified and safe sites. I tried to choose the third option so that I could download my anti-virus software quickly, but nothing happened when I clicked on it - the page reloads and the warning shows up again.
  My computer is still without anti-virus software because Firefox will not let me surf the internet. Please help!

  It sounds as though your PC is infected with fake antivirus software. The detailed cleanup instructions vary depending on which fake AV you have. However, as a first step, try this:
  Download the following on a different PC, copy them to a USB flash drive or CD, and then run them on the infected PC:
  Malwarebytes Anti-malware : http://www.malwarebytes.org/mbam.php
  SUPERAntiSpyware : http://www.superantispyware.com/
  Hopefully these will get you back online safely. If not, search for clean-up instructions for the specific malware.

• Security threat detected by my cable operator but I can't find it

  I received the following email from Cogeco this morning and they are going to shut me down soon if I can't deal with it. From my research at McAffee and Symantec it appears to something that only Windows users would get. I am confused. How can I detect a problem on my Mac?
  You are receiving this email as Cogeco's network security dept has received reports of atypical traffic from your system that is indicative of malware (ie: a virus or trojan). Your system(s) are exhibiting symptoms of The Downadup (aka: Conficker) malware – see http://www.f-secure.com/v-descs/wormw32_downadupa.shtml for more detailed info.
  Some items to note about The Downadup malware,
  1. This malware could have been prevented by ensuring your Windows system(s) is updated regularly. In particular Cogeco recommends you ensure Windows Auto Update is enabled on all systems in your household – see http://www.microsoft.com/protect/computer/updates/mu.mspx for further info
  2. This malware can also propagate via USB drives, if you are using a USB external drive please review http://support.microsoft.com/kb/953252 for more on how to disable USB autorun feature in Windows
  For more information on how your system could be hijacked for these purposes see http://en.wikipedia.org/wiki/Zombie_computer
  If you are unable to contain and/or investigate this threat immediately we request you temporarily power down or disconnect your system from the internet until you are able to further investigate. To prevent any possible interruption in service we require a follow up email within 24 hours - what malware you found, alternate reasons for this activity, what actions you are taking to prevent further incidents.
  If you do not have access to an up to date security scanner or you would like a second opinion you can run a free online security scan at http://www.cogeco.net/security - you may also be interested in Cogeco's Security Services which are free for most customers. Alternately Windows users can visit http://www.microsoft.com/protect/support/default.mspx for further information on system security.
  *Remember that security scanners need to be updated with new signature files frequently and Windows operating systems need to check for critical security updates on a regular basis.*

  If you have a Windows virtual machine (VMWare or Parallels) or use Boot Camp to load Windows on your Mac, then it is possible. You should treat the virtual machine or copy of Windows you use in Boot Camp per their instructions. Window will always require additional anti-malware software.
  If you have a PC with Windows on your home network, that's a possible source of the problem. Also, if you use a wireless network and it's open, someone nearby with an affected PC might be infected and causing the problem (Cogeco couldn't know whether it was your computer or someone else's, only that it came through your network connection).
  If you don't have any of these things, then there's some confusion. You Mac system doesn't support the cited malware - it simply can't run on it. In that case, there's several possibilities: the Cogeco e-mail is fake (perhaps a phishing attempt to try and coax you into providing personal information or downloading software), or Cogeco's traffic analysis is wrong (the software used improperly interpreted some other activity as the virus, or the operator of said software has misinterpreted the results).
  In any case, you need to contact Congeco (by telephone) and point out that you don't use Windows and are not able to run Windows malware (even if you wanted to).

• IMac online security

  Hi, my question is: do i need to instal online secuity(that little signal status bar that is green if its safe to visit site or red if it s not for example avast) on my imac safari browser?

  You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful: The User Tip seeks to offer guidance on the main security threats and how to avoid them.
  https://discussions.apple.com/docs/DOC-2435
  More useful information can also be found here:
  www.thesafemac.com/mmg

• Turn Telstra Online Security features on or off

  Step 1
  On the Telstra Online Security dashboard select the Computer Protection icon
  Step 2
  Click on the Computer Protection icon. This will expand the product dashboard to offer more options.
  Step 3
  Next to the computer protection heading will be the Settings button. Click on this to open the Settings dialog box. By default, the Antimalware Settings page will pop up. Here you can select your profile for antimalware protection. Setting this to Off will disable Telstra Online Security's antimalware protection. Likewise, setting it to Always on or Prompt will enable it:
  Step 4
  To change settings related to Telstra Online Security's firewall, select the Firewall Settings page from the left-hand menu. Here you can choose to either disable or enable Telstra Online Security's firewall features.
  Step 5
  Once you are finished adjusting your settings, select OK to close the settings screen.
  If you want to shut down the Telstra Online Security on your computer:
  Step 1
  Right click on the Telstra Online Security icon in the windows taskbar.
  Step 2
  Click Exit and you will be presented with a prompt asking if you are sure you want to exit. Click on yes. You will then be prompted to enter your Telstra email and password to confirm your request. After these have been entered Telstra Online Security will close.
  Please Note: Your computer will now be unprotected from any threats which you may encounter on the internet or on your computer. It is recommended you enable Telstra Online Security to help protect your computer and your Internet experience.

  Re: Turn Telstra Online Security features on or off
  I am connected to the Internet via cable and the modem provides Wi-Fi connection. I have given access to the Wi-F to my grandkids lap top & smart phone. They are using all my data. How do I block them? I don't wish to take them off just block them when the usage is high i.e can I turn the Wi-Fi on and off as and when I want to.

• Since I can't upgrade my iPad 1 to iOS 6, is it now vulnerable to security threats?

  Since I can't upgrade my iPad 1 to iOS 6, is it now vulnerable to security threats?

  According to my brief search on the support site, there is some discussion on this very topic.  No operating system is completely secure!!  Read http://support.apple.com/kb/HT5503  for iOS 6 security content.  Since Apple does not want to provide support for the iPad 1, I have now stopped doing anything online that requires a password or other sensitive data.  No more new apps or upgrades to my present apps.  It has gone from a fantastic piece of technology to a toy in two years.

• Is there any security threat?

  Hi Group,
  I have my IIS webserver outside the fire wall and my coldfusion application server and SQL Server is behind the firewall . Can IIS Still access the cold fusion application server and SQL Server for coldfusion pages, is it for this situation do i need to open the port no 1433 in the firewall for SQL Server, if so is there any security threat?
  Thank You for your Time

  You can run CF in a distributed mode if it is running on JRUN.  So the IIS server would only need access over JRUN ports (which are uncommon) to the CF server.
  This is a little harder to setup, but is covered in the livedocs.
  Alternately, if the person who does your firewall knows how to, you can place everything behind the firewall and segment the firewall into zones, so only your application has access to the database.
  Then your only concern would be what code is being placed on the server and by whom, internally.
  Of course, if your internal network is not secure and accessible, this is a "way in".
  Best practice is to allow no access, and grant only what is necessary.  This applies to all networks and routes that would have access to the entity being protected.
  There is also something to be said for security by obscurity.  Meaning if you have to make 6 jumps to upload code to your server, and only a handful or people know this process, that makes it all the harder to be compromised.
  Byron Mann
  [email protected]
  [email protected]
  Software Architect
  hosting.com | hostmysite.com
  http://www.hostmysite.com/?utm_source=bb

• Has anyone seen the following on their WP? Message from webpage WARNING: Time Warner Cable Customer – Your Internet Explorer browser and  computer may be compromised by security threats. Call 844-600-6224 now for IMMEDIATE assistance.  OK

  Has anyone seen the following on their WP?
  Message from webpage
  WARNING: Time Warner Cable Customer –
  Your Internet Explorer browser and
  computer may be compromised by
  security threats. Call 844-600-6224 now for
  IMMEDIATE assistance.
  OK

  This sounds like a virus or malware program that has made its way onto your computer.  I would ensure you have the latest virus definitions on your computer and run a thorough (complete) scan of your system.  If this doesn't work, I would suggest  you use Microsoft's Malware Removal Tool.  You can download it at the link below.   Hope this helps.
  http://www.microsoft.com/security/pc-security/malware-removal.aspx

• Is my OS X Mountain Lion installation vulnerable to security threats?

  Hello dear community members,
  I am a bit concerned about my OS X installation being vulnerable to known security threats which may not have been patched. Also came across an article:
  http://www.zdnet.com/os-x-mountain-lion-users-no-more-security-updates-700002232 2/
  What are your thoughts on this and how are you handling this issue?
  I can not upgrade my mac to Mavericks because I need to use some software which is only compatible with Mountain Lion.

  Aceattack wrote:
  It is not Apple's responsibility to ensure 3rd party compatability however the concern was that Apple continue to support and provide security fixes for old OS X versions rather than force people to upgrade just because Mavericks is a free upgrade.
  But Mavericks is a free upgrade. And any Mac that runs Mountain Lion will also run Mavericks.
  It is standard procedure to discontinue support for old products. I will quote the AppGate on the topic:
  Important note: End of Life AppGate Version 9*
  After due consideration, Cryptzone is declaring End of Life (EOL) on AppGate Security Server v9.x This became effective on October 30, 2013. Full support will continue to be provided for AppGate Security Server v9.x up until the end of Q2 2014 After this time any customers wishing to continue to receive support and updates must move to version 10.x (or newer). Most customers have already migrated, but if you have any still on this version please work with them to migrate to version 10.x.
  Why is it acceptable for one company to stop supporting an old product but unacceptable for another? And why do I suspect that the AppGate upgrade is not free?
  If you depend on AppGate and eToken and those products do not run on Mavericks, you should be asking why. Like all developers, they have had access to Mavericks since early June. What was so radically different about Mavericks that takes over 7 months get working? Either they aren't very committed to the platform or they really don't know how to write OS X software. Considering that the product seems to be Java-based, I suspect both.
  That is an interesting conundrum that is pretty typical for enterprise customers. You are running an old OS version without security updates because you depend on 3rd party security software that depends on 4th party Java software proven to be one of the last major malware conduits. And people wonder why these enterprise servers are always the ones to get hacked and hand over 45 million customer records.
  I feel your pain. I only recently updated my work machine to Mountain Lion due to similar enterprise security issues. Our market-leading antivirus vendor that protects us against the latest zero-day malware was unaware or just didn't care that Apple had released a new OS. And I'm talking about Lion! I have similar problems with my Java-based Juniper VPN. The Apple-provided VPN works fine, as it always has. And I can't really do without my Mac because I need it to develop on when my Linux servers with 24x7 on-site support from IBM and Oracle are out of commision for 4 months. Apple is not the cause of either of our problems.

• The whtopic.js  file was identified as a security threat

  Hello,
  We generate WebHelp using RoboHelp HTML. The security teams contantly runs security checks on the applications and the whtopic.js file that RoboHelp generates was identified as a security threat becuase of "DOM ocde injection". The comment was that the document.location.href is controllable and, at a minimum, ought to be run through some html encoding.
  Any one else ever run into security analysis of the RoboHelp generated files?
  Anything we can do about it?
  Thanks,
  Rakefet

  These security things sometimes come up in tools. As the code here doesn’t have anything to do with cross frame scripting, so I very much doubt this is an XSS vulnerability. I have asked the people who know about this to look it over.
  Greet,
  Willam

• Install and activate Telstra Online Security

  We recommend you keep Windows up-to-date at all times so your computer stays fully protected. It's best to check if: Windows needs to be updated before you start your Telstra Online Security installation as you may need to restart your computer if Windows requires updates.
  Installation
  The Telstra Online Security Installer now supports installation from any browser. You'll then be prompted to 'Save' and then 'Run' a small file which will launch the installation wizard.
  Step 1
  Once the installer opens Click 'Next' and the Installation Wizard will check your computer to ensure its compatibility with Telstra Online Security. Your computer must meet the Minimum System Requirement in order to proceed with the installation.
  Step 2
  If you have other commercial security software solutions installed, these may potentially conflict with Telstra Online Security and you may be prompted to remove it, or the installer may offer to remove it for you:
  Step 3
  If Telstra Online Security is already installed on your system, you may be prompted to remove it if it can't be updated by the installer.
  Step 4
  Press 'Next' and the installer will automatically begin downloading the necessary components for the installation of Telstra Online Security. Once the components are all successfully downloaded the installation will automatically begin.
  Step 5
  After the Installation is complete, you'll be asked to restart your computer
  Activation
  After restarting, you'll be presented with a dialog box asking you to enter your Telstra email address and password, in order to confirm your identity and validate the installation
  Please Note: Your Telstra email address and password are used to lock and unlock your Telstra Online Security settings. Once you've entered this information, select 'Next'. Telstra Online Security will launch and begin protecting your computer. It will automatically run an update check to ensure your computer is updated with the latest protection.

  Re: Install and activate Telstra Online Security
  Trying to follow the emailed instructions to load Online Security onto a new HP Pavilion with Windows 8.1 .
  When I load Online Security and re-start, it returns to the download routine and tells me there is an old version that needs to be removed. It goes into an endless loop of removing/re-installing/re-starting.
  When I try to load Safe Browser it locks the computer after indicating approximately 75% complete. I tried several times. On one occasion I had to "REFRESH" the laptop and this re-initialised the computer, taking me back to the initial set-up of the device.
  The instructions appear to be out of date.

• Glitch between Firefox and Avast 9 online security

  i like keeping my navigation window closed but whenever i enable Avast's online security add on it opens it by itself every time. below is a youtube link showing what i mean..........
  http://youtu.be/6p_mIPWxfF4
  i like Avast's online protection, its really good, but this glitch is annoying. i have tried uninstalling both programs with no luck

  Avast Internet Security Add-on for firefox 25 and 26 has caused website failures and constant freezing. When disabled, firefox acts normally. My suggestion is to mail avast about the issue and disable it for now.

• USA declares Chinese companies a security threat (...

  Hey all,
  I know most, if not all of us are using Huawei VDSL2 modems with BT Infinity. I was just wondering how much BT is relying on Huawei as a vendor to provide hardware for their network. According to the article below, US ISPs and businesses are being dissuaded from using Huawei and ZTE products because of the potential security threat posed by control that the Chinese government could exert over Huawei and ZTE. Australia has also blocked Huawei out of their next generation fibre rollout. 
  Here's the article:
  http://www.abc.net.au/news/2012-10-08/usa-declares-chinese-companies-a-security-threat/4302304
  The US Congressional Intelligence Committee has labelled China's top two telecommunications manufacturers a security threat and says Huawei Technologies and the ZTE Corporation should be shut out of the American market because they are open to Chinese state influence.
  I'm not looking to start a new tin foil hat association. I'm just genuinely interested in your opinions. I don't know much about networks, and this article might be a little sensationalist. I just thought it was interesting (especially seeing as we all rely on Huawei hardware to connect to the internet).

  Ultimately as a residential customer I would put the tin foil hats away it would be impossible for the chinese to slurp all your data to China as I think BT would notice all that extra traffic on there links! For anything really sensitive just ensure you are using a HTTPS connection to the website in question or for business use consider setting up some sort of VPN. I'd be far more worried about someone sniffing out passwords on badly written websites on unencrypted wifi links. Historically there used to be a number of websites for all sorts of things including banks that sent the initial login information in clear text before switching to an SSL/TLS encrypted session, that sort of newbie error has been fixed for the most part though.

• Have A "Security Threat Analysis" Problem

  While browsing with Firefox today, I received a pop up box warning me of a "Security Threat Analysis" and inviting me to click "OK" to start the analysis. The Firefox browser window showed "www1.avforall119.co.cc" I tried to shut the box using the red "X" and the Firefox window minimised. Thereafter, I could not get Firefox to open except in the minimised "Security Analysis" window.
  I have scanned with Windows Defender and Malwarebytes, but nothing found. Meanwhile, I have been able to get an operational Firefox back by uninstalling it and reinstalling it. However, I am concerned that there is still a hidden nasty on my PC. Grateful for advice as to what to do next.
  == This happened ==
  Just once or twice
  == Browsing

  You probably picked something up when you clicked on the red X in that window - in the future you should open the Windows Task Manager > Processes tab and kill the process that exploit opened.
  First thing to do is to update your AntiVirus program definitions, and then run a full, deep scan of your PC.
  Second, I don't know how good Windows Defender is, but Malwarebytes seems to pickup like 90% - only, you should do a scan using other programs, too.
  SuperAntispyware - [http://www.superantispyware.com/]
  Spybot Search & Destroy - [http://www.safer-networking.org/en/index.html]
  These forums specialize in Malware detection and removal.
  [http://www.spywarewarrior.com/index.php]
  [http://forum.aumha.org/]
  [http://www.spywareinfoforum.com/]
  [http://bleepingcomputer.com]