Horizon threats, Here already! Direct Memory Access Malware – GPU others

HORIZON THREATS? Here already! DMA and RDMA Threats
Malware could be hiding in your GPU
(Let us become familiar by browsing the DMA Direct Memory Access links below)
Direct memory access
From Wikipedia, the free encyclopedia
What is DMA? – A Word Definition From the Webopedia
What is Direct Memory Access (DMA)? – Definition from Techopedia
Remote direct memory access (RDMA)
From Wikipedia, the free encyclopedia
Introduction to direct memory access
Implementing direct memory access is straightforward, once you know how it works and how to configure your DMA controller. Here’s a primer on this most efficient means of moving data around in a system.
“Malware writers have worked out ways of hiding trojan horses in places where viruses checkers can’t look, according to one security researcher.
Patrick Stewin has demonstrated a a detector which can be built to find sophisticated malware that runs on dedicated devices and attacks direct memory access (DMA).
This will mean that it will finally tell us how effective crackers have been at getting malware into graphics and network cards.
The code has managed to find attacks launched by the malware, dubbed DAGGER, which targeted host runtime memory using DMA provided to hardware devices.
DAGGER attacked 32bit and 64bit Windows and Linux systems and could bypass memory address randomisation. It has now been developed to a point where the host cannot detect its presence, Stewin said.”….
memory address randomisation / Address space layout randomization
http://en.wikipedia.org/wiki/Address_space_layout_randomization
“Address space randomization hinders some types of security attacks by making it more difficult for an attacker to predict target addresses. For example, attackers trying to execute return-to-libc attacks must locate the code to be executed, while other attackers trying to execute shellcode injected on the stack have to find the stack first. In both cases, the system obscures related memory-addresses from the attackers. These values have to be guessed, and a mistaken guess is not usually recoverable due to the application crashing.”
NOW READ THIS…
Direct Memory Access | Security Architect
Sep 5, 2013 – … when someone mentioned “HBGary Direct Memory Access tools. … as well as use tools to protect against malware delivered remotely. ….
“You ask, “Can they really do that?” and you may be thinking “Only in the movies”  but all along I would have told you “Yeah, they probably can.” The other day I got confirmation when someone mentioned “HBGary Direct Memory Access tools.” That was enough of a lead to spawn a Google search and soon I confirmed such tools aren’t just in the movies.
Of course, if you’ve got great contacts in law enforcement and defense/intel you probably knew that already. But for the rest of us, you don’t have to watch the detectives anymore, there’s a considerably better source for such secret knowledge. I pulled up an old Ars Technica titled “Black ops: how HBGary wrote backdoors for the government.” This was written in the wake of the Anonymous attack on Federal contractor HBGary which led to a Wikileaks-style puke out of the company’s email data banks. Per the article:
“In 2009, HBGary…partnered with…General Dynamics to work on a project euphemistically known as ‘Task B.’ The team had a simple mission: slip a piece of stealth software onto a target laptop…they focused on the ‘direct access’ ports [PCMCIA, ExpressCard and Firewire] that provide ‘uninhibited electronic direct memory access’…[allowing] a custom piece of hardware delivered by a field operative to interact directly with the laptop [and] write directly to the computer’s memory…The [USB and wifi ports] needed “trust relationships” or relied on ‘buffer overflows…”
From the email records it seems HBGary wrote multiple exploits including so-called “rootkits,” a type of malware that installs deep in the OS to become undetectable to anti-virus scanners using standard I/O interfaces. The DMA rootkit was the malware of choice on “Task B” because it was thought to have the lowest risk of detection. And it could be used in physical access scenarios such as a spy accessing a laptop left on a desk or in the hotel room. ….”
PRESS:
Hacker Defeats Hardware-based Rootkit Detection – Slashdot
Mar 4, 2007 … And that’s what hardware-based rootkit detection is about. Use hardware with DMA (which you trust) to access memory instead of letting the …
Researchers Find Way to Detect Direct Memory Access Malware
September 27th, 2013, 08:11 GMT · By Eduard Kovacs
http://news.softpedia.com/news/Researchers-Find-Way-to-Detect-Direct-Memory-Access-Malware-386671.shtml
RELATED:
How to Enable Direct Memory Access (DMA) – Microsoft Support
This article describes how to enable Direct Memory Access (DMA) on your Windows 98-based, Windows 95-based or Windows Millennium Edition-based…

Forensics: “Unknown Flash Movie Virus”

Forensics: “Unknown Flash Movie Virus”
By bluecollarpcLast updated: Tuesday, May 7, 2013 – Save & ShareLeave a Comment
 

(((FORENSICS~BUILD)))

Forensics: “Unknown Flash Movie Virus”

For a friend….

ESTIMATE: Embedded Flash Movie Malware Payload
NOTE: Possible Network Attack Associated – Botnet/Botmaster
SEE: Common Types of Network Attacks – TechNet – Microsoft
http://technet.microsoft.com/en-us/library/cc959354.aspx
(According to payload that executed, spoofed PC Identity apparent, unsuccessful)

DEVICE: Windows Vista HP (Home Premium) SP2 (Service Pack 2, Fully Patched) / IE9 (Internet Explorer Version 9) – on Home Network / Microsoft Security Essentials installed/running.

SYMPTOMOLOGY:
Viewing Flash Movie in embedded webpage player. Best description from user was sudden turbulence of browser and disconnection and system crashings and then the WGA (Windows Genuine Advantage) panel pop up on restart identifying PC as an illegitimate copy of Windows was running. Connectivity was not further possible.

SUSPENDED FORENSICS:
A full payload forensics was suspended citing any in-the-wild attack or proof-of-concept – and is not being posted publicly. Operating System was reinstalled to Factory Fresh – wiping the disk – now fully patched to current operation.
HISTORY: New virus first to infect Macromedia Flash (January 8, 2002)
http://news.cnet.com/New-virus-first-to-infect-Macromedia-Flash/2100-1023_3-803829.html

SYNOPSIS:
Apparently malware payload (not just a virus) executed on Windows Vista HP SP2 / IE9 while viewing flash movie in an embedded player at website. This was the only affected computer on a Home Network with other computers unaffected. Other peripherals and router were not affected. This may constitute as specific targeting of the IP via Network Attack. It seems possible a botnet infection was unsuccessful as connectivity was destroyed, yet the operating system was spoofed and identified as now a pirated copy of Windows via WGA technologies apparently. There were no ransomware activities observed http://en.wikipedia.org/wiki/Ransomware_(malware) …thus the spoofing of the Windows OS (operating system) itself as now a pirate copy indicates the WGA notification window/panel was valid and not a fake shell as some ransomware scam. Note it is possible it was simply a targeted payload to simply destroy the system from further use as the intended malware malicious intent.

DIAGNOSIS:
Apparent multi-malware payload executed through infected flash movie possibly originating from Apple/Mac computer as possibly an iFrame Movie.

iFrame (video format)
http://en.wikipedia.org/wiki/IFrame_(video_format)

Universally and historically Apple/Mac users are in ‘caveman’ days as not using antimalware. Recently things have changed, as infections have increased dramatically in infancy for this operating system. Linux even more so, their users are now told it is “polite” to use antivirus to protect uploading or exchanging any Windows infecting files from a Linux computer that do not affect Linux – but will infect Windows PCs. Newer Community guidelines. Years ago…..

Microsoft JPEG Vulnerability and the Six New Content Security Requirements
http://whitepapers.silicon.com/0,39024759,60129423p-39000575q,00.htm
In November 2004, a critical Microsoft security vulnerability (MS04-028) was discovered which could allow attackers to embed malicious code inside JPEG image files. Until that time, JPEG image files were considered immune to attack. To effectively deal with this vulnerability, security and IT professionals need to incorporate six new and critical content security requirements into their networks.

…..so that this is the idea with an infected flash movie. Simply visiting a website with the infected picture (JPEG) would infect the unprotected PC. Same with infected flash files is apparent here as source of infection.

REMEDY:
With a multi-malware payload as opposed to just a virus, the operating system was reinstalled / restored to Factory Fresh condition – wiping the disk first of all data. A much higher quality paid subscription antimalware product was installed and absolutely recommended! Note that Microsoft Security Essentials was the installed and active protection on the PC…. HOWEVER:

Is Microsoft Security Essentials adequate protection?
http://bluecollarpc.us/2013/04/21/is-microsoft-security-essentials-adequate-protection/
Review: Microsoft Security Essentials
http://www.expertreviews.co.uk/software/1295698/microsoft-security-essentials
Microsoft Security Essentials bombs AV-TEST, loses certification
http://www.geek.com/articles/geek-pick/microsoft-security-essentials-bombs-av-test-loses-certification-20121129/
Microsoft Security Essentials Fails Tests, Loses Antivirus Certificate
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft Security Essentials fails AV-TEST again
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft fights back on antivirus certification fail, claims malware tests …
http://www.zdnet.com/microsoft-fights-back-on-antivirus-certification-fail-claims-malware-tests-arent-realistic-7000009998/

PLEASE REVIEW THE FOLLOWING INFORMATION AND RECOMMENDATIONS….

How to Fix a Flash Virus | eHow.com
http://www.ehow.com/how_5998536_fix-flash-virus.html

Adobe Flash
http://en.wikipedia.org/wiki/Adobe_Flash

SWF (ShockWave Flash)
http://en.wikipedia.org/wiki/SWF

What Is a Flash Cookie?
http://www.ehow.com/info_10020896_flash-cookie.html

Can Flash Extensions Be Harmful?
http://www.ehow.com/info_12229878_can-flash-extensions-harmful.html

How to Check & Uninstall Flash Cookies
http://www.ehow.com/how_5943906_check-uninstall-flash-cookies.html

How to Clear Macromedia Flash Shared Objects
http://www.ehow.com/how_6182429_clear-macromedia-flash-shared-objects.html

Website Storage Settings panel
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Visit the Adobe Flash Player Settings Manager http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html

It is recommended to be aggressive here and deny all actually, especially noting that nefarious hackers break into microphones and webcams to spy. If having trouble after choosing to block all from being stored on computer go back and make adjustments. Any ‘faster’ use of allowing storage is antiquated and ancient as pertaining to 56K Dial Up years and years ago – as the vast majority have switched to broadband/dsl where available – not quite everywhere though (rural etc).

WEBMASTER BLUECOLLARPC.US
http://bluecollarpc.us/

The BlueCollarPC.US (and former domain extensions) has always been a free Community Help Site and here is a mock severe billing if able to work from an official PC Repair Shop…… LOL

————

JOB BILL / TICKET #001

# Bench Charge………………….$75.00

# Forensics Basic / Suspended…….$25.00
(Normally $150.00 with full reporting)
Discounted!

# Reinstall Factory Fresh Windows…$50.00
…Discounted !

# Fully Patched and Reinstalled
softwares, 18 hours (Vista SP2)….$100.00

TOTAL ……..$250.00

Forensics: “Unknown Flash Movie Virus”

(((FORENSICS~BUILD)))

Forensics: “Unknown Flash Movie Virus”

For a friend….

ESTIMATE: Embedded Flash Movie Malware Payload
NOTE: Possible Network Attack Associated – Botnet/Botmaster
SEE: Common Types of Network Attacks – TechNet – Microsoft
http://technet.microsoft.com/en-us/library/cc959354.aspx
(According to payload that executed, spoofed PC Identity apparent, unsuccessful)

DEVICE: Windows Vista HP (Home Premium) SP2 (Service Pack 2, Fully Patched) / IE9 (Internet Explorer Version 9) – on Home Network / Microsoft Security Essentials installed/running.

SYMPTOMOLOGY:
Viewing Flash Movie in embedded webpage player. Best description from user was sudden turbulence of browser and disconnection and system crashings and then the WGA (Windows Genuine Advantage) panel pop up on restart identifying PC as an illegitimate copy of Windows was running. Connectivity was not further possible.

SUSPENDED FORENSICS:
A full payload forensics was suspended citing any in-the-wild attack or proof-of-concept – and is not being posted publicly. Operating System was reinstalled to Factory Fresh – wiping the disk – now fully patched to current operation.
HISTORY: New virus first to infect Macromedia Flash (January 8, 2002)
http://news.cnet.com/New-virus-first-to-infect-Macromedia-Flash/2100-1023_3-803829.html

SYNOPSIS:
Apparently malware payload (not just a virus) executed on Windows Vista HP SP2 / IE9 while viewing flash movie in an embedded player at website. This was the only affected computer on a Home Network with other computers unaffected. Other peripherals and router were not affected. This may constitute as specific targeting of the IP via Network Attack. It seems possible a botnet infection was unsuccessful as connectivity was destroyed, yet the operating system was spoofed and identified as now a pirated copy of Windows via WGA technologies apparently. There were no ransomware activities observed http://en.wikipedia.org/wiki/Ransomware_(malware) …thus the spoofing of the Windows OS (operating system) itself as now a pirate copy indicates the WGA notification window/panel was valid and not a fake shell as some ransomware scam. Note it is possible it was simply a targeted payload to simply destroy the system from further use as the intended malware malicious intent.

DIAGNOSIS:
Apparent multi-malware payload executed through infected flash movie possibly originating from Apple/Mac computer as possibly an iFrame Movie.

iFrame (video format)
http://en.wikipedia.org/wiki/IFrame_(video_format)

Universally and historically Apple/Mac users are in ‘caveman’ days as not using antimalware. Recently things have changed, as infections have increased dramatically in infancy for this operating system. Linux even more so, their users are now told it is “polite” to use antivirus to protect uploading or exchanging any Windows infecting files from a Linux computer that do not affect Linux – but will infect Windows PCs. Newer Community guidelines. Years ago…..

Microsoft JPEG Vulnerability and the Six New Content Security Requirements
http://whitepapers.silicon.com/0,39024759,60129423p-39000575q,00.htm
In November 2004, a critical Microsoft security vulnerability (MS04-028) was discovered which could allow attackers to embed malicious code inside JPEG image files. Until that time, JPEG image files were considered immune to attack. To effectively deal with this vulnerability, security and IT professionals need to incorporate six new and critical content security requirements into their networks.

…..so that this is the idea with an infected flash movie. Simply visiting a website with the infected picture (JPEG) would infect the unprotected PC. Same with infected flash files is apparent here as source of infection.

NOTE…. Was a novice user and is believed there were possible additional clicks not mentioned possible that caused the malware payload execution.

REMEDY:
With a multi-malware payload as opposed to just a virus, the operating system was reinstalled / restored to Factory Fresh condition – wiping the disk first of all data. A much higher quality paid subscription antimalware product was installed and absolutely recommended! Note that Microsoft Security Essentials was the installed and active protection on the PC…. HOWEVER:

Is Microsoft Security Essentials adequate protection?
http://bluecollarpc.us/2013/04/21/is-microsoft-security-essentials-adequate-protection/
Review: Microsoft Security Essentials
http://www.expertreviews.co.uk/software/1295698/microsoft-security-essentials
Microsoft Security Essentials bombs AV-TEST, loses certification
http://www.geek.com/articles/geek-pick/microsoft-security-essentials-bombs-av-test-loses-certification-20121129/
Microsoft Security Essentials Fails Tests, Loses Antivirus Certificate
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft Security Essentials fails AV-TEST again
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft fights back on antivirus certification fail, claims malware tests …
http://www.zdnet.com/microsoft-fights-back-on-antivirus-certification-fail-claims-malware-tests-arent-realistic-7000009998/

PLEASE REVIEW THE FOLLOWING INFORMATION AND RECOMMENDATIONS….

How to Fix a Flash Virus | eHow.com
http://www.ehow.com/how_5998536_fix-flash-virus.html

Adobe Flash
http://en.wikipedia.org/wiki/Adobe_Flash

SWF (ShockWave Flash)
http://en.wikipedia.org/wiki/SWF

What Is a Flash Cookie?
http://www.ehow.com/info_10020896_flash-cookie.html

Can Flash Extensions Be Harmful?
http://www.ehow.com/info_12229878_can-flash-extensions-harmful.html

How to Check & Uninstall Flash Cookies
http://www.ehow.com/how_5943906_check-uninstall-flash-cookies.html

How to Clear Macromedia Flash Shared Objects
http://www.ehow.com/how_6182429_clear-macromedia-flash-shared-objects.html

Website Storage Settings panel
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Visit the Adobe Flash Player Settings Manager http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html

It is recommended to be aggressive here and deny all actually, especially noting that nefarious hackers break into microphones and webcams to spy. If having trouble after choosing to block all from being stored on computer go back and make adjustments. Any ‘faster’ use of allowing storage is antiquated and ancient as pertaining to 56K Dial Up years and years ago – as the vast majority have switched to broadband/dsl where available – not quite everywhere though (rural etc).

WEBMASTER BLUECOLLARPC.US
http://bluecollarpc.us/

The BlueCollarPC.US (and former domain extensions) has always been a free Community Help Site and here is a mock severe billing if able to work from an official PC Repair Shop…… LOL

————

JOB BILL / TICKET #001

# Bench Charge………………….$75.00

# Forensics Basic / Suspended…….$25.00
(Normally $150.00 with full reporting)
Discounted!

# Reinstall Factory Fresh Windows…$50.00
…Discounted !

# Fully Patched and Reinstalled
softwares, 18 hours (Vista SP2)….$100.00

TOTAL ……..$250.00

What are Information – Data security threats?

What are Information – Data security threats?

By bluecollarpc – Last updated: Sunday, April 21, 2013

http://bluecollarpc.us/2013/04/21/what-are-information-data-security-threats/

 

This is from an actual question I fielded as Antibotnet alternate Yahoo ID at yahoo Answers > Security….

QUESTION:

Information security – threat? In information security what do we call a “threat” exactly? Hacker? or action itself aka eavesdropping/ system intrusion? Kinda confused about the concept http://answers.yahoo.com/question/index?qid=20130420123253AAJSqc2

MY ANSWER AS ANTIBOTNET YAHOO id (ALTERNATE id)

 

Best Answer – Chosen by Asker

 

ANSWER:

Not sure if you mean general average user or actual IT Security ? The term threat to the average user computer is several fold.

Threat generally means malware such as a computer virus, worm, trojan, spyware etc. Malware can pose a threat to the actual operating system (Windows etc) as destrutive to the system and even hardware. It can destroy the operating system rendering it inoperable via corruption of files and/or actual deletion of system files such as by a worm.

Threats by spyware are generally referring to comprimising personal information generally always meaning financial information such as account numbers and pins etc that might be stored by a user in a document or text file etc. Another spyware category threat as “keylogger” can record everything being typed such as purchases online etc. Threat here means ultimately as an attempt as ID Theft, but also includes like personal photos and media etc that can be copied and transmitted in stealth from the infected unprotected computer. As well these threats to information includes all email contacts and any information there as a phone number, address, etc. – such as copy/transmitting these via spyware or even some viruses from the Contacts/Address Book information stored in the computer email programs contacts area. When you consider a broad term as “Social Engineering” you can place together additional areas of crime as stalking etc outside the computer system and worldwide web – robberies, kidnaps, and worst – due to threats to information or “data” stored in the computer.

Quality antimalware installed on the computer prevents these.

Threats also mean hackers trying to break into and take over a computer, and an acute looming threat if there is no personal software firewall installed.

Threat may also refer to security holes in the operating system and/or other softwares installed. These get patch/fix/update/upgrade through as example Windows Updates or similar in other operating systems as Linux, Apple/Mac etc.

It is on the enterprise corporate level in IT Security that refers to computer security for Home/Small Businesses all the way up to major companies/corporations etc. These are hired to address computing security for businesses against malware threats and much more. Computer forensics is an additional add-on or hired outside the/for the firm.

Biometrics security refers generally to physical type preventions as voice and retina and fingerprint recognition etc. to even gain entry into like a security firm as a major antivirus company as example. These too may include similar to even access a company computer. Threats to these areas are another area other than malware and an up to date fully patched computer.

SEE Zero Day threats…. also:

http://www.webopedia.com/TERM/Z/Zero_Day_exploit.htm

http://en.wikipedia.org/wiki/Zero-Day_Attack

List of threats to PCs….

http://bluecollarpc.us/threats-faqs/

 

Source(s):

http://bluecollarpc.us/forensics/

http://bluecollarpc.us/threats-faqs/

 

 

Is Microsoft Security Essentials adequate protection?

Is Microsoft Security Essentials adequate protection?

By bluecollarpc – Last updated: Sunday, April 21, 2013

http://bluecollarpc.us/2013/04/21/is-microsoft-security-essentials-adequate-protection/

Is Microsoft Security Essentials adequate protection?

This is from an actual question at Yahoo Answers > Security that I fielded and is some good recent information about MSE (Microsoft Security Essentials) which is FREE to all users offered from Microsoft to the community.

QUESTION:

Is Microsoft Security Essentials adequate? I’m thinking it isn’t because I can’t get rid of CouponDropDown. I know my computer is infected. Thoughts, anyone?

http://answers.yahoo.com/question/index;_ylt=ArLGuoRWqBKjLKEmq4rqkeLsy6IX;_ylv=3?qid=20130418163217AAL3qlR

MY ANSWER AS ANTIBOTNET – ALTERNATE YAHOO ID…..

ANSWER:

This year MSE (Microsoft Security Essentials) has taken some bad hits…..

PRESS: (all recently just in the news this year)

Review: Microsoft Security Essentials

http://www.expertreviews.co.uk/software/1295698/microsoft-security-essentials

Microsoft Security Essentials bombs AV-TEST, loses certification

http://www.geek.com/articles/geek-pick/microsoft-security-essentials-bombs-av-test-loses-certification-20121129/

Microsoft Security Essentials Fails Tests, Loses Antivirus Certificate

http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1

Microsoft Security Essentials fails AV-TEST again

http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1

Microsoft fights back on antivirus certification fail, claims malware tests …

http://www.zdnet.com/microsoft-fights-back-on-antivirus-certification-fail-claims-malware-tests-arent-realistic-7000009998/

Now historically, Windows Defender as antispyware was created free from Microsoft to the community as about one of the only in the world with Real Time Protection activated and free. When you buy a security product this is activated, protects 24/7 against malware installations). A guess from memory was they purchased the Giant antispyware company and made it that better.

Windows OneCare was the antivirus you paid for by Microsoft. They added this to the antispyware Windows Defender to create Microsoft Security Essentials – free to the community today. Windows OneCare has been West Coast Labs Certified and has won the VB100 Award ! That means the product has got 100 percent scores. So to be fair, MSE is not a real piece of crap, but there are a good handful of more superior products available for purchase. You get what you pay for.

Check out….. Remove the CouponDropDown Adware (Uninstall Guide)

http://www.bleepingcomputer.com/virus-removal/remove-coupondropdownn

Note BleepingComputer.Com has been a well known community help site for several years and is staffed. CouponDropDown is being described as a PUP, or potentially unwanted program. Since it is being identified only as a PUP and not malware, would explain why MSE is not detecting it as “adware” which is a threat in the antispyware category not antivirus. Adware gets removed by antispyware products. Note that adware and spyware etc can not be called that legally unless it is or they can sue / libel suit SEE http://www.spywarewarrior.com/rogue_anti-spyware.htm

Source(s):

http://bluecollarpc.us/threats-faqs/

Adware Definition:

http://searchcio-midmarket.techtarget.com/sDefinition/0,,sid183_gci521293,00.html

Challenges extending protection afforded to computer programs?

Challenges extending protection afforded to computer programs?

By bluecollarpc – Last updated: Friday, April 19, 2013

http://bluecollarpc.us/2013/04/19/challenges-extending-protection-afforded-to-computer-programs/

 

Challenges extending protection afforded to computer programs?

An actual good question put forth I fielded…. (handle “antibotnet” is a secondary one I use at Yahoo)

 

Q. What are some challenges with extending the extent of the protection afforded to computer programs? http://answers.yahoo.com/question/index?qid=20130418173109AALNJvq

 

My Answer….

Malware has become quite sophisticated over the years because of antimalware programs becoming the more. Briefly, the point is that cyber crimewares and their malicious users (generally for illicit profit) oft times seek “softer targets” then the usual drive-by infection or malware laced email attachments etc.

Some of these have been softwares installed on the PC affording a break in to the system and even install many malwares and to even attempt to disable existing antimalware installed to take over the computer for nefarious reasons.

Those creating software have had to include adding security to them – to create safer programs by code hardening etc.

There is a security company that has offered free to the community (for several years now) a program that completely automates updating softwares installed on the computer. Many times newer established software programs have Update buttons in them to manually check for and apply important updates. These may also include a program Upgrade to a newer version which will be safer security wise, and may include cosmetics/features upgrades or additions.

The “challenges” you ask, to me, would be learning about the computer system and all the many Settings it contains which includes Recommended Security Settings. In short, if you want to really get serious and tweak the system and softwares installed – you may ultimately run into a 100 settings to observe and change to preferences – security minded preferences as recommended.

The challenges as to keeping all installed softwares up to date with patch/fix/update/upgrade has been automated by a very durable program from Secunia – millions of users now. The PSI scans softwares and their creators for any issued. You can choose to automatically or manually update any available. You can choose to run it at start up or manually once every two weeks or monthly etc. Those challenges would be to comb every website the softwares were downloaded from – the product company – to see if there are any messages/notices about Updates available as opposed to Upgrades. These are issued time to time and not always posted on their websites. It becomes all too tedious unless using only a couple wares. Most users end up trying everything under the sun to have fun or productivity on their PCs – what you can do with them. That results in a too painstaking search for keeping things up to date.

 

I TOTALLY RECOMMEND …. (to automate the challenges safely) …..

Secunia Personal Software Inspector (PSI) The Secunia PSI is a free security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. http://secunia.com/vulnerability_scanning/personal/

“Free computer security Stay secure by updating insecure programs on your computer with the Secunia PSI

The Secunia Personal Software Inspector (PSI) is a free computer security solution that identifies vulnerabilities in non-Microsoft (third-party) programs which can leave your PC open to attacks. Simply put, it scans software on your system and identifies programs in need of security updates to safeguard your PC against cybercriminals. It then supplies your computer with the necessary software security updates to keep it safe. The Secunia PSI even automates the updates for your insecure programs, making it a lot easier for you to maintain a secure PC. Using a scanner like Secunia PSI 3.0 is complementary to antivirus software, and as a free computer security program, is essential for every home computer.”

There is a total ongoing maintenance you learn by habit of manually “looking under the hood” – inspecting areas like Program Files, System32, Windows Registry, etc. Manually looking for malware entries. After first time spring cleaning of the PC and ongoing use of quality antimalware, this becomes a time to time task. It is good to know the PC like the back of your hand eventually.

Windows Updates of course are most times critical and important to install when issued. This should be set to automatic as recommended for the average user. You can check for missing Windows Updates with a click and quick scan using….

Microsoft Baseline Security Analyzer http://www.microsoft.com/en-us/download/details.aspx?id=19892

There are many more “power tools” to make you a “power user” . here are a few more….

Belarc Advisor http://www.belarc.com/free_download.html

HiJackFree http://www.hijackfree.com/en/

jv16 PowerTools / PowerTools Lite http://www.macecraft.com/powertoolslite2011/

Microsoft Malware Prevention troubleshooter http://support.microsoft.com/kb/2534555

CCleaner http://www.piriform.com/ccleaner

 

You will find a good short list here http://bluecollarpc.us/pc-help/  of the security technologies Microsoft has developed over the years and incorporated into the Windows Operating System.

 

Source(s):

http://bluecollarpc.us/windows-registry-help/

http://bluecollarpc.us/help-center/

 

 

Welcome all, archived blog installed

Welcome all, archived blog installed….. We have imported our archived blog posts from our original BlueCollarPC @ WordPress security blog. This is located at https://bluecollarpcwebs.wordpress.com/

We will keep the free version and continue to post to it, as has been linked for years. I am the original webmaster of the BlueCollarPC .Net and .Org and lastly .US . The BlueCollarPC .Net originally began about year 2005 as a help and information site dealing with spyware as main course. There were many video help tutorials for download in several formats. This became a huge site trafficking about 2,700 to 3,000 Visitors monthly, and tolled in at just over 6 million by 2009. Those kinds of numbers are usually seen at small business sites, but I had just a simple personal website !

Being able to help that many people who found our site as a primary or a main additional site for help and instruction in PC security and malware removal outweighed any personal pride or egotism in hits counters. That is what it was launched for, genuine informed help – not a personality contest. It was humbling to see those kinds of numbers though.

Push come to shove, our site was attacked and there were several behind the scenes personal attacks against myself and equipment – attempts at destroying computers and mobile computer. These attacks were sophisticated dreaded botnet payload attacks and another as attempting circumventing Vista technology and destruction. So, my site theme being “BlueCollarPC” as a spyware removal  site originally, now was upgraded to a full blown malware removal help and instruction site – all malware with heavy concentration into botnet detection and removal and restoration of damaged systems and I graduated through this all into Amateur Forensics (Computer Forensics). What did not kill us makes us stronger, and so it goes. All but the BlueCollarPC .US were closed with this new full malware removal site including information and help against all malware now as viruses, worms, trojans, rootkits, adware, spyware, botnets and bootkits. etc etc etc.

At the end of the decade (2000 to 2010) and into the new one, things seemed to be a ghost town at many help destinations as groups, forums, and lists, others. It seemed the whole “XP Generation” of  the “XP Years” (Windows XP) had graduated and learned it all or enough to carry them through. Of course I invested into a Vista PC which was the actual crown jewel of the decade in security software – unprecedented as an operating system itself being the best security software available. To this day Windows Users are unaware that viruses could not run on Vista and neither the dreaded rootkit malware. UAC User Account Control was just one of these new security technologies in Vista. First hand, no lie, two or three times I saw a virus execute to install on my Vista (drive by hit – bad website, tried to install scareware fake antivirus programs). Sure enough and word for word from Microsoft – “viruses are not able to write to the disk in Vista”. They the payloads were in Temporary Internet Files. All I had to do was close the browser with the settings I had clicked to “Delete All Temporary Internet Files” etc. I also use and ran CCleaner offering a little more clean up. That was it. The virus was gone ! I then scanned with high quality antimalware to prove it. Zero infection. The point  was, or joke, you did not even need antivirus with Vista – like “you’re kidding, you actually purchased antivirus for Vista ? What for ? ” Seeing is believing.

Windows 7 was the first time in history an operating system (Windows, Linux, Apple/Mac etc) was actually downgraded security wise. Users screamed about UAC. The security world kind of went with – what idiots, sorry to say. This did not make sense. It did not make sense worst, that Microsoft themselves accomadated them. LOL. You get what you pay for. They seemed to love no intrusion whatsoever on having a good time on the Net – utterly regardless of the dangers. It was like handing drunk teenagers the keys to the sports car. We all know how that ended. Many never made it home.

Enter Windows 8 with the new anti-rootkit / anti-bootkit technologies – the ‘secure boot’ Windows 8. Windows 8 is a gigantic leap forward from XP as blocking rootkits/bootkits from running before antimalware programs are able to boot to begin detecting malware attempting to run in the session. With XP, we all know if a rootkit was suspected it meant reinstalling Windows as the ONLY cure. The trouble was most anti-rootkit softwares were crap at detecting them and even worst at attempting to remove them. Enter Windows 8 new security technologies. THOSE DAYS are over with forever. Just before Windows 8 hit the streets there was hint at they could crack this. But as well there is new anti-malware softwares that can “cold boot” to detect this. Somewhat as being able to scan the system without even starting the computer and as it does start up. Bye bye, covered anyway.

Well back to re-launching BlueCollarPC.US – now in the WordPress format rather than the traditional website. Kind of all in one – blog and content, links. Spread the word – “We are back !” (StarTrekkies – Romulans and Enterprise Captain Picard in the Neutral Zone Confontation over Borg encroachments).

From our alternate back up website at https://sites.google.com/site/pcsecurityhelper/

Welcome to the BlueCollarPC Security Helper!
SPECIAL NOTE: Our Main Domain BlueCollarPC.US is being closed June 2012.
For the record….. I began the BlueCollarPC Computing Security Community Website in 2005 at the original .Net website. I believe at that time, the .Com website was actually a PC Repair Shop which I was not connected with. Towards the end of 2009, the BlueCollarPC .Net created by me had enjoyed just over 6 Million Vistors/Users! – are proud to have been a part of it all and indeed actually had “discovery” in the security industry concerning the malware RASautodial registry entries discovered by Yours Truly. Never be afraid to ‘take a look under the hood’ of your PC ! You never know what you’ll find.
%d bloggers like this: