Saturday, September 30, 2006

Why I take home PC security seriously...

Saw this post from the ISC-SANS handler's diary today.

A Report from the Field

Summary, ISC-SANS reader Kevin Shea has off-hand discussion with kid's first-grade teacher regarding a VML security exploit for Windows machines and that a patch was available.

Teacher calls husband to check their systems. Husband checks and finds PCs had been infected by a trojan and hackers used that to obtain information to drain the family's back accounts.

The bank replaced the funds and I can only hope the machines got a thorough software cleaning. If it were me, I'd run a full DoD wipe of the drive(s) and reload the system from the ground-up, clean-from-scratch just to be certain.

Related topics:

Example: (e-mail) Greeting Card Scam - Know why I almost always delete "e-card" messages without clicking further? Read on.

Email Spyware: (or) How HP used email spyware in their corporate shenanigans). Helpful background info and how to protect against it.

Analysis of the IM Worm: "Hartworm" - Focused on the MSN Instant Messaging Network via a "virtual card" hoax, Security advocate and ninja wordsmith PaperGhost points out some highlights on this bad boy. More analysis if you are curious over on the Spywareguide blog.

Internet Security Threat Report Volume X, September 2006 - Yes, it is Symantec's job to make all kinds of scary predictions and analysis of threats on the Web. Unfortunately, they are pretty accurate in their assessments. Pretty technical report, but worth reading if you are into computer security trends. And it does have some pretty charts and stuff for the kiddos. Don't have the time to read the full Symantec report? Read's writeup: Symantec: Cyber Attacks Increasingly Target Home Users for Financial Gain

...I encourage you to take your home PC/laptop security seriously, too.


No comments: