Common security attacks and countermeasures

As a security professional, I talk to a lot of people about common security attacks and countermeasures. I’m not always certain the people I’m talking to know what these things mean. I am almost certain they aren’t willing to ask.

I know it’s more complicated than it was when I took my Security+ exam a decade ago. The stakes are much higher now. The attacks I had to identify caused inconvenience, but someone conducting a successful smurf attack on your printer won’t get you in the headlines. Today’s attacks will.

Read more

What can I do to improve the security of my digital information?

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: “What can I do to improve the security of my digital information?”

This, fortunately, may be the easiest question to answer and the easiest step to implement.

Read more

End of the innocence for Mac security

Antivirus vendor Kapersky has identified a new trojan horse targetting Macintoshes.  It spreads a botnet based somewhere in China via an infected Microsoft Word document, typically sent as an e-mail attachment.

The spin is that if you don’t use Word on your Mac, you’re safe. That’s true–this week. But going forward, it’s going to take more than that. Read more

Happy Patch Tuesday, September 2011

Microsoft has five updates and Adobe has two for us on this fine Patch Tuesday, in addition to a patch Mozilla pushed out for Firefox last week.

Don’t get too complacent if you run something other than Windows. If you run Microsoft Office on a Mac, or Adobe Reader or Acrobat on a Mac, or Adobe Reader on Unix or Linux, you’re vulnerable. The vulnerabilities in those affected products are more serious than the vulnerabilities for Windows. So keep that in mind. Don’t be smug about security. It’ll bite you.

Read more

How to view questionable PDFs safely

I said Tuesday that it’s a bad idea to download and view PDF (Adobe Acrobat/Adobe Reader) documents from questionable sources, but I didn’t really elaborate on why, nor did I tell you how to view questionable PDFs safely.

The reason is that pretty much anybody with a little bit of determination and the ability to follow a recipe can plant a trap in a PDF file and use it to gain access to your computer. Adobe Reader is extremely prone to these kinds of attacks, and don’t think you’re safe if you don’t run Windows. There are toolkits that will inject traps that work on Macintoshes and Linux too.

Yes, your antivirus software should catch it. But most antivirus software doesn’t dig deeply enough into PDF files to find it.

Scared yet? You should be. You do have some options.
Read more

Happy Patch Tuesday

Today was the first Patch Tuesday in nearly four years that I didn’t have to worry about professionally. Since Microsoft released 13 patches today and Adobe released two, my former coworkers might be wondering if I knew something. (I didn’t.)

But I still patched my machine at home, and I recommend you do too. Macintosh owners, you’re not immune, so I have some homework for you too.The Adobe patches apply to Acrobat and to the so-called Adobe Reader (which used to be called Acrobat Reader). I recommend you launch Adobe Reader, go to the Help menu, and select Check for Updates. Unless you’re reading this site on a Commodore 64, these updates apply to you.

Mac users tend to be awfully smug about security, and that myth really needs to stop. Apple hasn’t released any security fixes this month, but they did release 9 fixes last month. The biggest one fixes flaws in 16 different applications. Microsoft probably would have released 16 different patches instead of just one. I prefer the Microsoft approach–besides being a little more honest, it also results in smaller download packages if by some chance one or more of those 16 vulnerabilities happen to not apply to a particular machine.

And now, please excuse me for a moment while I recover from the shock of having used the word “honest” to describe Microsoft.

Just out of curiosity, I looked, and Apple has released security updates every month this year except for April. Unlike Microsoft, they don’t follow a set schedule, and the month isn’t over yet, so I wouldn’t be surprised to see something from them later this month.

I won’t bore you with the details, but basically, what it comes down to is this: If I really want into your computer, all I really have to do is booby-trap a file and get you to open it. It could be a PDF file, a movie, a music file, or something else. I can embed code into that file that gives me complete control of the computer. I just have to know whether your computer runs Mac OS or Windows. And how to write the code, of course. (I don’t know how to write the code and I don’t want control of your computer, so there’s no reason to be afraid of me.)

If you’ve been installing your patches, there’s little reason to be afraid of the guy who who DOES know how to write the code and DOES want control of your computer.

Your computer may update automatically. If you don’t know for certain whether it does, I suggest you find out. Now. No matter whose name is stamped on the case.

WordPress Appliance - Powered by TurnKey Linux