«

»

Jan
17

A pop-up that’s safe to click

by

Editor’s Dossier

Greeting VSNers,

It seems like it was only yesterday that I sat down and started writing this newsletter. Back then it was called CounterSpyNews, and we’ve gone by several other banners since. Well, almost seven years have passed, and the ride has been more than interesting. We have seen quite an evolution in the state of malicious software, and 2012 promises to be even more intriguing and challenging. Fortunately, VIPRE Security News is here to help you through the cyber-jungle with practical tips you can use to keep your computer and vital information safe and secure.

We also will be evolving to keep up with these most demanding times. This latest issue represents just the beginning of a new phase for VIPRE Security News. We’re moving to a bi-weekly publication to provide you with more quality and helpful content. We’ll still bring you information on the latest security trends, but be on the lookout for more reports on threat discoveries made by GFI Labs, a new section called “Larry’s Cool Spot” and advice to help you better defend yourself by making the most of your VIPRE antivirus software.

The VIPRE Security News team and I are extremely excited to continue helping you protect your computer. As always, if you have questions or suggestions, let us know by sending email to vipresecuritynews@gfi.com.

Best,
Larry Jaffe
Editor, VIPRE Security News

VIPRE News & How-Tos

A pop-up that’s safe to click

If you’ve been unsure about whether or not it’s safe to click that pop-up claiming to be a VIPRE update, don’t be afraid. It’s a message from VIPRE, letting you know that updates to VIPRE Antivirus 2012 (formerly VIPRE Antivirus Home) and VIPRE Internet Security 2012 (formerly VIPRE Antivirus Home Premium) are available.

We encourage you to download the update the next time you’re prompted to receive the latest VIPRE product features and capabilities. Don’t worry about selecting the right version or having to re-enter your license key, we’ve taken care of that for you! Best of all, updating is free for current customers. Here’s a step-by-step guide to updating:

Note: Make sure you’re running Microsoft Windows XP Service Pack 2 or later, Windows Vista or Windows 7 before updating VIPRE. You can find out what version of Windows you’re using by visiting the Microsoft website here.

  1. Click the Update Now button.

  2. If you have User Account Control enabled in Windows, you will receive this pop-up:

    Click the Yes button to continue with updating.

  3. You may see a pop-up of the End User License Agreement:

    To continue the update, read and agree to the terms of the license, then click the Agree and Continue >> button.

  4. VIPRE will begin to download and install the update. This may take a few minutes to complete. During the install, you may see notifications that your antivirus and/or firewall software is turned off or out-of-date. This is to be expected and VIPRE and the firewall will be enabled after the installation is complete.

  5. You may receive a pop-up prompting you to restart:

    To complete the update, save your work and close any open programs, then click the Restart button.

  6. This pop-up will appear when your VIPRE update is complete:

    Click the Explore VIPRE >> button to see the new look and product features, including:

    • Simpler user controls – New user interface, preconfigured threat removal settings and other advancements make malware protection easy for everyone, ranging from the most tech-savvy users to PC novices.
    • Stronger detections and quicker scans – Constantly evolving in response to emerging threats, VIPRE now features newly refined detection technology that scans PCs quicker and provides users with greater flexibility in scheduling scans.
    • Remote-control tech support – With a user’s permission, the VIPRE tech support team can remotely taking control of their PC to remove viruses, Trojans and other threats.

    Additional features in VIPRE Internet Security 2012:

    • Spam filtering – Identifies spam messages for desktop email clients using POP3.
    • Smarter firewall – Operating off a VIPRE whitelist of ‘safe’ applications and other preconfigured settings, the VIPRE firewall is easier to use and requires less user input upon installation. More tech-savvy users can still adjust advanced settings to customize the firewall based on their personal preferences.

    As always, call VIPRE tech support at +1-877-673-1161 or chat live with a support technician if you need assistance.

Deb’s Deep Dive

Getting under the hood of HTTPS

You probably already know that HTTP (or HTTP Secure) is the “encrypted” version of the HyperText Transfer Protocol (HTTP) on which the web is based. But do you know how it works to secure your communications, and just what it means to be connected to an HTTPS site?

First, let’s distinguish between two protocols that are easy to get mixed up: HTTPS and S-HTTP (Secure HTTP). Although they sound the same, they aren’t. The latter is seldom used now; in the mid-’90s they were competing standards for encrypting web transactions, but S-HTTP encrypts only the page data and not the packet headers. HTTPS encrypts the entire packet, before any data is sent. All the headers are inside the encrypted transmission. Because Netscape and IE both went with HTTPS, S-HTTP fell by the wayside. Just realize that if you say “Secure HTTP” (which many people do when referring to HTTPS), you’re really talking about something different.

HTTPS uses SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt web communications. TLS is the later incarnation of SSL. HTTPS connections use a different port from regular HTTP connections (port 443 instead of port 80). This tells the server that the client is requesting a secure connection. SSL and TLS use digital certificates to authenticate the server (validate its identity). The digital certificates are issued by a Certification Authority (CA), which is a server set up for that purpose. The CA is known as a “trusted third party.” We use certificates to validate the identities of computers in much the same way we use driver licenses – which are issued by a trusted third party (the government) – to validate the identities of people.

But just how secure is this system? Terrorists were able to get driver licenses rather easily in some states prior to Sept. 11. The DMV required little documentation to issue a license, and once a person had that license, everyone else assumed it was reliable ID. CAs generally validate the domain of an HTTPS website by sending an email with an authentication link to the registered administrative contact for the domain. The theory is that only the real owner of the domain would get those email messages and respond to them.

There are a few problems with that. Because most email isn’t encrypted and authenticated, the validation messages could be intercepted. But the bigger problem is that even if the ownership of a site is validated, it doesn’t mean that site is a legitimate one. Malware distributors and phishers/scammers can get certificates for their sites too.
The little “locked” icon in your web browser means the communications are sent in encrypted form and can’t (easily) be intercepted and decrypted by an outsider, but is no guarantee that the person running the site didn’t use a fake name or fake company name to obtain the domain and the SSL certificate, or that the site isn’t a dangerous one.

The CA itself has to be secure, too. When CAs aren’t on the ball, bad things can happen. CA Comodo not long ago was hacked from an Iranian IP address and bogus certificates for such major sites as Google, Yahoo and Windows Live were issued.

Extended validation (EV) is a process by which the CA goes to much greater lengths to validate the true identity of the entity that requests a certificate. The CA then issues a certificate marked as an EV certificate. In most web browsers, if the site has an EV certificate, instead of just a padlock icon you’ll see the whole address bar turn green. EV certificates are much more expensive than standard SSL certificates, however, so many small businesses don’t use them.

Certificates aside, there are weaknesses that have been discovered in the SSL and TLS protocols themselves. In September, Microsoft released a security advisory about an attack that exploited a long-known TLS vulnerability and provided a Fixit tool to enable support for a newer version of TLS in IE/Windows, for which the attack doesn’t work.

HTTPS is useful for engaging in more secure communications on the web, and using HTTPS versions of popular websites (such as Facebook and Gmail) will enhance your security, but it’s important to also be aware of the limitations.

Till next week,
Deb Shinder
Contributing Editor, VIPRE Security News

Larry’s Cool Spot

Download and backup your Facebook profile

There is a little known feature in Facebook that enables you to download and backup your entire profile. This is an important security precaution, should somehow your profile get corrupted, or any other mishap. It is a complete copy of all of the personal information you’ve shared on Facebook. It should be treated as a Val Doc (valuable document) and kept protected. Your profile copy includes your profile (timeline) information (for example your contact information, interests, groups), your wall and/or timeline posts and content that you and your friends have posted to your profile, photos and videos that you have uploaded to your account, your friend list, any notes you have created, events to which you have RSVP’d, your sent and received messages, plus any comments that you and your friends have made on your Wall (timeline) posts, photos and other profile content.

Like I said it is a very comprehensive reproduction of your Facebook life.

Having this information can be very valuable as it enables you to have your complete record so you know exactly what you have shared and can control it. Also if you have lost any photos, etc. after uploading to Facebook, you now have them all back!

Here is how you can download your information from Facebook. Go to your Account Settings page by clicking on the account menu at the top right of any Facebook page and select Account Settings, click on "Download a copy" of your Facebook data, then click the Download button on the following page. You will receive an email with the download information shortly after you do that.

Furthermore, Facebook has implemented some excellent security measures to prevent anyone else from downloading your data. You go through several authentication procedures to make sure that you are you. And you have to confirm your identity prior to completing the process.

One word of warning: Your file contains sensitive information and you should keep it protected by taking appropriate precautions when storing, sending or uploading it to any other services.

Now you can have a complete record of your Facebook profile and postings, just like that!

Security News Room

2012 will be rife with familiar cybercrime tricks

“Most cyber-attacks at any given time rely on old techniques deployed with a new disguise. The reason we see them again and again is quite simply because they work, and we anticipate 2012 to bring many fresh takes on old scams.”
http://bit.ly/zhQMl8
Source: GFI Labs

Rogue antivirus alert

GFI malware researchers uncovered a new scareware scam which hijacks host files and sets a proxy in the Internet options, LAN settings which is used for search engine results hijacking:
http://bit.ly/yLOn5e
Source: Malware Protection Center

Social spam vs. email spam

Incidents of email spam are declining, but social spam is on the rise. Learn the differences between the two and what Facebook and Twitter engineers are doing to keep you protected online:
http://on.wsj.com/z3T6dY
Source: The Wall Street Journal

Phishers target Chase bank customers

GFI Labs discovered this recent email scam that “phishes” for bank customer account info. Confirm with your bank’s customer service that email notifications are legitimate to keep your financial information safe from phishing attacks:
http://bit.ly/rZyJSU
Source: GFI Labs

Make your pin code more secure

Using three unique numbers can make your smartphone PIN code 50% more secure against brute-force hacks:
http://bit.ly/s7jfQi
Source: Geek.com

Just for Fun

New animals discovered in 2011

From purple acorn worms to psychedelic geckos (real name!), the most fascinating new species of 2011:
http://bit.ly/vKjbAM
Source: Wired Science

Cat vs. computer

“Test your might” with this epic battle between a cat and a disc tray:
http://bit.ly/A81sVF
Source: YouTube

Geek vs. nerd

Are you a geek, a nerd or both? Find out:
http://www.mastersinit.org/geeks-vs-nerds/
Source: Masters in IT

Harry Potter as… Harry Potter

Daniel Radcliff hosts SNL and pokes a little fun at his most famous role:
http://www.nbc.com/saturday-night-live/video/Harry-Potter-Epilogue/1379118
Source: NBC

Just say no to…?

What word should be banished in 2012? Take the poll and share your opinion:
http://newsfeed.time.com/2012/01/11/poll-what-word-should-be-banished-in-2012/
Source: Time

Share on TwitterShare on LinkedInSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to redditShare via email

1 comment

  1. tim says:

    January 17, 2012 at 11:30 pm (UTC 0)

    how about a brief note on the popup that is so prevelant on youtube now referring to flash drive and wanting to load from “s.ytimg.com”
    what research I find on it is confusing and one guy says that its Googles website and shows proof. so what is it and is it safe to use or not?

    thanks
    Tim

Comments have been disabled.