I have recently come across an issue where good people wish to convey information about malicious websites to everyone. They’re doing very good work tying to keep us all safe and informed by discussing malicious website URLs (Universal Resource Locators), particularly on Twitter. Unfortunately Twitter creates a link in the text to anything looking like a URL. This means malicious websites that are mentioned by their URLs are given links allowing readers to accidentally go to them. Continue reading “Discussing Malicious Website URLs On Twitter”
This article covers some of the issues involved when using a Digital Signature. Each Digital Signature is generated from a Digital Certificate (otherwise known as a Digital ID) issued by a certifying authority.
All examples given are created using Microsoft Outlook 2010 on a PC using Microsoft Windows 10, but the principles apply to other versions of Outlook and other email clients.
In December 2009 the European Union obliged Microsoft to offer a choice of browsers to their European customers when they installed new versions of Windows. This browser choice was also delivered in updates to Windows and so the Browser Choice screen was born and has been with us ever since. See my featured image of Microsoft’s browser choice screen offering Google Chrome, Internet Explorer, Safari, Mozilla Firefox and the Opera browsers amongst others.
Browser Choice Ends
It turns out that this requirement by the EU had a time limit of five years which has now expired. Consequently Microsoft have quietly withdrawn the option to choose other browsers and returned to providing Internet Explorer alone. People can of course continue to use other browsers with Windows as they see fit but Internet Explorer is now what comes out of the box. Continue reading “Browser Choice In Microsoft Windows Ends”
A recently discovered Backdoor Trojan Regin is a computer bug found by the software security company Symantec. Its purpose is to spy on the activities taking place on computers. It can collect passwords, capture screen images and even recover deleted files.
The Backdoor Trojan Regin has been made to operate in five stages the last two being encrypted to make it very difficult to discover and understand. If any stage were to be discovered it would say little about the other stages. Two stages are specifically given over to loading each other and the other stages. You can see a block diagram of Regin’s stages of operation at this Symantec site.
Backdoor Trojan Regin appears to have been developed as far back as 2008 and by its sophisticated nature was probably developed by a nation state as opposed to criminals. It appears to have been withdrawn from use by its masters in 2011 and a new version reintroduced in 2013.
Regin infections have been found in the following countries:
All Regin infections have been shared by these sectors thus:
Airline – 5%
Energy – 5%
Hospitality – 9%
Research – 5%
Small Businesses & Private Individuals – 48%
Telecoms Backbone – 28%
The Backdoor Trojan Regin has been made extremely stealthy so that it is very hard to determine what it is up to even after discovery. It could go undetected for years. For those interested it uses RC5 encryption which isn’t commonly used.
While updating software on a friend’s Windows 8.1 PC he remarked that he could no longer see the Norton Safe Web (NSW) icons in his search results. He was using Internet Explorer with Google as his home page and search engine. He had Norton Internet Security (NIS) installed and the Norton Toolbar was present in his browser. At the time I couldn’t find a solution to his problem so I came home and conducted tests on my Windows 7 PC which also uses NIS.
The featured image at the top of the page shows how it looks when it works OK and an NSW icon is selected.
There is a vulnerability (flaw) which allows targeted attacks via Internet Explorer versions 6 through 11 to be made on MS Windows PC’s.
The attack seems complex to me and probably not easily made against the masses. The ultimate goal of an attacker would be to encourage a PC user to visit dangerous websites.
Microsoft plan to fix the problem with updates distributed in their normal way, i.e. monthly updates.
If you want to find out more you can visit ITPRO here. Some PC’s will be more vulnerable than others depending on what version of Windows is used and whether Outlook, Outlook Express or Windows Mail are viewing an HTML document.
I just want to pass on knowledge of this WordPress vulnerability affecting mobiles, detected by AVAST, whereby mobile device users are susceptible to redirection. They can be redirected to a malicious web site from WorbPress blogs where the blogger is using a plugin called OptimizePress. NOTE: I am not using that plugin in this blog.