Some Hacks may leave no trace! IE zero-day attack delivers malware into memory then poofs on reboot.
There is a Severe security issue with Microsoft Internet Explorer. The exploit is being used now. Be sure to apply the upcoming patch that Microsoft is releasing this coming week!! Read more about it here: Microsoft to patch zero-day IE bug now under attack – Network World. As always if you need help contact us.
This is why it is important to keep up to date and review your security. This can capture passwords, disable access to AntiVirus and Security sites. FBI warns “Beta Bot” malware can kill your anti-virus programs, steal data.
ZERO DAY Vulnerability in Internet Explorer and Microsoft E-Mail Clients! You should patch your OS’s or call us to help. This Exploit can allow an attacker to run remote code on your machine as the logged in user. Microsoft Security Advisory 2887505: Vulnerability in Internet Explorer Could Allow Remote Code Execution.
As IT Professionals we see a lot of malware and phishing schemes. Something that many people still don’t realize is that bad guys still use the phone. I am writing this today because a good client and a very sweet lady called me. She said that someone just called her indicating they were from Microsoft. Said she was riddled with viruses, walked her through downloading and installing some remote access software, then tried to get $49 from her to remove the virus! She got suspicious, stopped just in time and called us. We verified she had no virus.
The SCAM: Windows Computer Service CenterThe caller claims to be from California yet the calls may originate from 212-654-3212 which is a New York area code. When asked the man with an Indian accent didn’t know the street the office is on. Not the number, but the actual street name after a second request they hung up. When we get calls like this (as techs) we like to take our time. 😉 How did you get my number? Never answered. Which computer? They don’t know. What version of Windows? No clue. How can I identify which computer? They may tell you your CLSID is 888dca60-fc0a-11cf-8f0f-00c04fd7d062 which is NOT your computer ID it’s for a component that should be on all PCs. A quick Google Search finds dozens of hits for this scam and it’s only one of thousands like it. This gentleman recorded a video of the scam. This site has some more details on it: SecureList.com Some good rules for safety and security:
- NEVER accept a support from someone you didn’t personally contact. (on the phone or in person)
- DO NOT give out private or secure information or access to your computer to ANYONE you don’t trust.
- ALWAYS call them back at their listed number. Not a number the caller gives you.
- Google Search them or go direct to their website if you know it (Like www.idez.com) Call them back at that number.
- DO NOT assume that because you see a number on your caller ID it is a valid one. With todays phone system you can put in any number you want for your own caller ID. So, ask to call them back! If they refuse, call someone else (Like us: 315-424-0707)
Check out your computer Now using the link below to see if you are susceptible to the DNS Changer exploit. DNS Changer Check-Up – Clean.
Make sure to update your Computer(s). Wether PC or even a Mac a Computer that hasn’t been updated can be exploited. See the article below from CRN. Mac without the latest Java update can be compromised while visiting a malicious Web site or one that contains a poison link secretly installed by a criminal. Clicking on a malicious link can run code through Apple Safari and Mozilla Firefox browsers without the user knowing. Flashback is designed to steal passwords to online banking and other Web sites, experts say. via Second Security Firm Finds Massive Mac Infection.