Archives
Categories
Category Archives: News
Flashback Trojan is a Warning to Mac Owners
It finally happened: for the first time, Macintosh computers have been attacked by a trojan virus in a big way. Few viruses have ever targeted them before, and for decades Apple owners were told simply not to worry, that viruses were a Microsoft problem. Now the owners of over a half-million Mac OS X computers share the pain – and some of the vulnerability – that Windows users have long been familiar with. The malware is called Flashback, and was discovered not long ago by Kaspersky Labs, a leading Moscow-based software security firm. Flashback can hijack a Mac without even an administrative password, due to its exploit of a flaw in Java. Though discovered last September, Oracle, the company that makes Java, patched the hole back in February, but that didn’t solve the problem. It turns out Apple ships its own version of Java, and their patches weren’t issued until early April. (Obviously, the company has a learning curve about prompt and effective security responses in front of them.) By now there are a lot of infected Macintoshes – not really all that many by Windows standards, but it can still spoil your day if you have one. The virus masquerades as an installer for Adobe’s Flash, and it can install itself. All you have to do is visit an infected website with an unprotected computer. As of the latest reports, the trojan has created a botnet – a network … Continue reading
What to do about your out-of-date Joomla site
We’ve noticed there are several Joomla sites out there which have not been updated to the latest version of the Joomla software. This is alarming since many security exploits have been discovered in Joomla over the past couple of years. Sites running older Joomla software are vulnerable to being taken over by cyber-vandals or crooks. The Joomla authors have done a great job of releasing new versions quickly as exploits are found. However, older versions of Joomla (1.5.x especially) are somewhat difficult to update. It’s not a simple button-push. Depending on how extensively the site has been customized, portions of the update may need to be applied file-by-file to avoid breaking functionality of the site. It’s tempting to just ignore the problem and hope your site won’t be found by hackers or vandals. However, the bad guys are quite adept at scanning the internet for sites running vulnerable versions of various software. If you don’t update your site, there is a very high probability that it will get defaced, or worse. At SWCP we have seen three Joomla sites compromised in the past month. So what to do? If you have a Joomla 1.5.x site you have 3 options: 1. Update to the latest 1.5.x Joomla release This is the simplest and probably cheapest option in the short term, but may not be good for the long haul. Have your web developer apply the latest Joomla update to your site. … Continue reading
Posted in News
Comments Off
IRS helps enable online tax fraud
Your friends at the Internal Revenue Service are eager to get everyone to do their federal taxes online. But in their efforts to make everything quick and easy, they’ve wound up helping Internet tax scammers, too. And it’s not a phishing scheme or involves hacking, but is based on filing false online returns and collecting the refund. So this tax season, the government is warning people of the dangers. Identity thieves are very busy – last year, the IRS identified nearly a million fraudulent returns to the tune of $6.5 billion. Over half of these were related to identify theft, which is three times the amount of just three years before. And those are just the ones caught before any refunds had been issued. The IRS can’t, or won’t, even estimate how much money they’ve actually sent to scammers. Tax fraud has become an epidemic especially in areas like South Florida, with some gangs replacing drug sales and robberies with online crimes committed with iPads. Gangs even hold work parties to teach each other and commit hundreds of crimes in a single session. So many local officials are complaining about the lack of governmental concern and effective action. Working the fraud, authorities claim, is quite simple, and there are even written tutorials for thieves. The criminals first acquire victims’ Social Security numbers and other personal information. Perhaps they buy the data from insiders with access to medical or financial records or … Continue reading