malwarebytes Archives

Home » malwarebytes

Watering hole attack prevention

Dave Farquhar security August 2, 2017August 1, 2017Adobe Flash, antivirus, breach, malware, malwarebytes, Proxy server, Whitelist, Windows 10, windows 7, Windows XP

A watering hole attack is an indirect attack on a victim. Rather than directly attacking the victim’s network, the attacker attacks a web site that the victim’s employees are likely to visit. Then the attacker attacks the victim’s network, via its own workstations, from that web site. A former colleague asked me how you protect against watering hole attacks, and I thought this was a good exercise. So here are some strategies for watering hole attack prevention.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

How to clean viruses off your computer for free

Dave Farquhar security December 14, 2016March 13, 2021antivirus, bitdefender, compaq, computer security, hp, malwarebytes, thumb drive, toshiba, Windows 10, windows 7

Whether you’ve gotten a tech support scam phone call or not, it can be helpful to know how to clean viruses off your computer for free. And yes, I do mean free.

A lot of people get ripped off due to virus scares and it makes me mad. I’m a computer security professional. I advise large companies on computer security for a living. Today I’ll take a few minutes to advise you.

Dave Farquhar

dfarq.homeip.net

Simple tips to prevent ransomware

Dave Farquhar security March 8, 2016April 23, 2017antivirus, malware, malwarebytes, Microsoft Security Essentials, oracle, Proxy server, psi, vector, Windows 10, windows 7

Last week at work, I noticed some odd events in an event log, and when I investigated them, I found they were part of a failed ransomware attack. This got me thinking about how to prevent ransomware at home.

Ransomware, if you aren’t familiar, is an attack that encrypts your data and demands a ransom, usually around $300, in bitcoins, and you get a short deadline until it destroys your files. More often than not, paying the ransom is the only way to get the files back, so it’s much better to prevent it.

Dave Farquhar

dfarq.homeip.net

Cleaning a PC when fdisk-format-reinstall isn’t an option

Dave Farquhar Uncategorized September 24, 2015September 19, 2015antivirus, chrome, defragmenter, malware, malwarebytes, psi, ublock

There are any number of pie-in-the-sky pundits who will tell you when a computer starts to get slow, to format the hard drive, reinstall Windows, and go on your merry way.

Unfortunately it’s not always realistic. I don’t clean up PCs all that often anymore, but here’s what I do when I need to.

Dave Farquhar

dfarq.homeip.net

How I turned a junker PC into a trap for scammers

Dave Farquhar scams, security April 4, 2014February 10, 2019antivirus, avast, caller id, Computer Maintenance Department, garage sale, malware, malwarebytes, Windows Control Panel, Windows XP

As my regulars will be aware, for the past few weeks I’ve been getting lots of phone calls from “Peggy” from “Computer Maintenance Department.” What I’ve found during these phone calls is that debating with them does no good, and saying that your computer is crazy fast gets them to hang up on you, but they’ll call back again in a few days anyway.

Last week, I had lunch with a group of future coworkers–I’ll be joining them once my background check results come in–and I mentioned these phone calls. The guy sitting across the table from me said he wants their malware, so he can reverse-engineer it. So I said I would cooperate the next time I got a phone call. Read more

Dave Farquhar

dfarq.homeip.net

So just how dangerous is an old, out of date operating system anyway?

Dave Farquhar Retro Computing March 18, 2014May 25, 2020antivirus, AV, Bitcoin, malware, malwarebytes, spyware, windows 2000, windows 7

Glaurung brought up a good point in a comment yesterday. If you never go online and/or you’re really careful, do you really need to update your OS to something new?

In my professional opinion, it depends. Didn’t you know that would be my answer? Read more

Dave Farquhar

dfarq.homeip.net

The men (boys) who spy on women through webcams

Dave Farquhar security March 13, 2013March 12, 2013antivirus, Ars Technica, avast, Bit Defender, bitdefender, chrome, defense in depth, firefox, macintosh, malware, Malware Domains, malwarebytes, Microsoft Security Essentials, Task Manager

Ars Technica made a bit of a splash this week with this provocative headline. This is real.

The article gives the usual advice, like not opening e-mail from strangers, not clicking attachments from strangers, and not visiting dodgy websites. That’s all good advice, as is staying off torrent and other file sharing sites, but even all that is not enough.
Read more

Dave Farquhar

dfarq.homeip.net

Advice on dealing with ransomware

Dave Farquhar security February 8, 2013December 1, 2018android, asus, bitdefender, infestations, malware, malwarebytes, thumb drive

PC Mag has some advice about ransomware. The most important bit of advice is to have a secondary machine that you can use to go get help.
Read more

Dave Farquhar

dfarq.homeip.net

Things I wish everyone knew about home computer security

Dave Farquhar security May 16, 2012December 1, 2015antivirus, boxcar, certifications, computer security, firewall, malwarebytes, Microsoft Security Essentials, passwords, spam, spyware, vista, WEP, Windows XP, yahoo

I’m a security professional by trade, with two certifications. I’m not responsible for defending your computer networks, but I want your networks to be secure. There’s a really simple reason for that. If your computer and your network is secure, then it isn’t attacking mine. Or anyone else’s.

Several fellow subscribers to a train-related interest group that I like got hacked recently, and have been sending out spam messages. They’ve received a lot of advice in the hours since. Some of it has been good, and some not as good. So I tried to think of some things that people could do in about 30 minutes to keep the crooks at bay.

Incidentally, the computer crooks won’t be going away. Computer crime happens because the criminals can make more money doing that than doing something legal. The only way to make it stop is to make it too hard, so that getting a real job becomes more profitable. You won’t solve that problem in 30 minutes, but if we all take that single step down that road, we’ll make the world that much safer. So, with that, let’s roll up our sleeves. Read more

Dave Farquhar

dfarq.homeip.net