Tag Archives: malware

Watch Out for WordPress Vulnerabilities

At SWCP, we love our WordPress. This site is run on WordPress, we support the platform and strive to make it as easy and safe to use as possible, and we even host meetings at Ideas and Coffee to discuss how to use it most effectively. After all, WordPress is now used by up to a quarter of all sites on the Web, and there are thousands of themes and plug-ins to make it look and behave pretty much any way you want. But all that success brings with it a downside, which is that now the bad guys have begun to target it. The latest attack is both frightening and dangerous. Somehow – the means is still unknown – hackers have been able to inject code that sends visitors to a fake ad site. These sites are loaded with evil ransomware that can take over the user’s machine. More information can be found here. Before freaking out, note that: The redirect only attacks first-time visitors. Regular visitors and the site administrators will therefore be unaware of this and unaffected by it. Apparently, only users with out-of-date versions of Adobe Flash Player (yet again), Adobe Reader, Microsoft Silverlight and Internet Explorer are vulnerable. For some reason, the flaw is not detectable by most anti-virus programs yet. So users need to be alert. If you visit a site and are redirected to another, do not click on anything. Instead close your … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , , , , | Leave a comment

Beware Pop-up Survey Scams

Pop-up ads are generally merely annoying, but some can actually pose a threat. Of course, it’s the worst that try the hardest to make themselves look legitimate and helpful. You might find yourself faced with one that purports to be a survey of Internet services. And it looks quite official, even down to the legalese text on the bottom, and offers valuable gifts for a few minutes of your time. And above all, it looks totally innocuous, with easy, objective, multiple-choice questions. What could be the harm in that? Plenty, though you might not realize it for awhile. Filling in the form can leave your computer infected, maybe just with more annoying adware, or something more serious. But any adware is a breach in your privacy defenses, and other nasties you may run into while browsing can make the gap worse. Now, this “survey” may be for a site you visit, or even your ISP,  which is why we’re issuing this warning. We’re seeing more reports of our members being asked to rate Southwest Cyberport. Some customers, wishing to give SWCP a good word or help us improve, have gone ahead and filled out the form, to their regret. The only party that got a favor from it were the scammers. The best response is the same for all pop-ups: ignore it, close the window without clicking anything. If you think you might have been infected see here for steps … Continue reading

Posted in Security, Warnings | Tagged , , , , , | Leave a comment

Superfish Troubles Continue

The March 2015 Portal just came out. It’s all about Superfish, adware preinstalled on certain Lenovo laptops, supposedly to enhance user choices and options while shopping. But the software breaks the basic protections embedded in TLS and the digital certificate system that are vital to online commerce. Superfish, to paraphrase our Vice President Jamii Corley, is like a salesman so pushy that he breaks all the locks on your house in his eagerness to enter and leaves them broken so that anybody else, salesman or impersonator, can get in. Another way of looking at it is that Superfish forged the seals on the documents that make sure the party you’re talking to is the one intended, rendering the whole system worthless. Either way, it smells. It’s such a dangerous threat that the Department of Homeland Security has recommended it be removed ASAP. However, it turns out it’s not that easy. Lenovo claims to have stopped installing it on their computers, but some are still being shipped. And while Lenovo has published removal instructions, it turns out that their method leaves the application and libraries intact. Fortunately, there are other options.  First of all, there’s a simple online test to see if your brand-new laptop is affected. And here’s Lenovo’s list of models that “may be” infected. It may prove safer, if more complicated, to remove it by hand. Some commercial software antivirus programs offer removal tools available for those less technically oriented. … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , | Leave a comment