Smokey's Security Weblog

veritas odium parit

Safe Computing and Preventing Malware Infections

The current outbreak of the polymorphic worm Downadup, aka Conficker and Kido, and all its variants make very clear that many users don’t act in a responsable and secure way. After all, at the moment 9 (nine) million PCs are contaminated by that worm for reason of a missing Microsoft Security Update for Windows (KB958644). At the same time numerous users don’t posses safe computing and surfing habits, ignore standard precautions, haven’t the slightest idea how to prevent malware and in case they have a PC contaminated by malware they are trying to clean the PC by themselves or by self-declared “security experts”. Keep in mind that malware cleaning/removal isn’t a job for amateurs, it is a dedicated job for well trained and full qualified malware hunters.

Safe computing/surfing and preventing malware is a matter of education. Only well educated users have the reasonable possibilty to remain “clean”. The sole aim of me and my staff on Smokey’s Security Forums is to fulfill this aim by providing the user for free with Education, Support, Help and Advice, and in case the PC of the user is infected by malware to offer malware cleaning/removal by real security experts: comprehensive trained, full qualified HJT/OTListIt2 Analysers/Malware Hunters.

Some basic rules for safe computing, related links at the end of this post:

– Activate the automatic update function in Windows. Always accept and install all updates offered by Microsoft.
– If you don’t like automatic updates, consider to use the Microsoft Baseline Security Analyzer (MBSA). MBSA is an easy to use free tool that helps individuals, small and medium businesses to determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It will improve your security management process by using MBSA to detect common administrative vulnerabilities and missing security updates on your computer systems.
– Always install all Service Packs offered by Microsoft.
– Educate and protect yourself, e.g. by visiting my board and reading the FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware.
– In case your PC is infected by malware, adware or any other undesired badware or nasties visit my board to get rid of such crap. Only full qualified HijackThis & OTListIt2 Log Analysers/Malware Hunters will care about these infections and help you in a professional way, of course for free, to get rid of it. Note: only registered board members will receive malware removal/cleaning help, registering on my board is also for free.

Update 2010-14-03: Guests allowed to post on Smokey’s for Log Analysis and Malware Removal help

Links

Smokey’s Security Forums
FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware
HijackThis (HJT) & OTListIt2 Log Analysis and Malware Removal/Cleaning Assistance and Services
Microsoft Baseline Security Analyzer (MBSA) Frequently Asked Questions
Download Microsoft Baseline Security Analyzer

Safe computing!
.

asap1
Smokey’s Security Forums is Site Member ASAP

Advertisements

January 17, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Phishing, Recommended External Security Related Links, Toolbarware, Uncategorized, Vulnerabilities | , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

“How Do I?” Videos for Security

Here you’ll find videos that explore a variety of security questions for developers, including encryption, handling attacks, security best practices, and a lot more. New videos are added regularly, so check back often.

This week’s featured videos:

– How do I – Get Started with Encryption?
– How do I – Export and Import Certificates?

Previous videos:

#1 How Do I: Secure Data Using Symmetric Key Encryption?
#2 How Do I: Secure Data Using Asymmetric Key Encryption?
#3 How Do I: Secure Passwords Using Hashing Algorithms?
#4 How Do I: Improve Cryptographic Security by Storing Keys in Containers?
#5 How Do I: Add Hashing to Existing Application?
#6 How Do I: Perform Imperative Security Checks?
#7 How Do I: Create a Windows Principal for Role Based Security?
#8 How Do I: Create a Generic Principal for Role Based Security?
#9 How Do I: Add Security to Applications Built with Visual Basic.NET and Visual C#?
#10 How Do I: Create a Secure Custom Membership Provider?
#11 How Do I: Improve Data Security by Encrypting and Decrypting XML Data Using Asymmetric Keys?
#12 How Do I: Improve Data Security by Encrypting and Decrypting XML Data Using Symmetric Keys?
#13 How Do I: Attach Client Credentials to a Web Service Call For Security?
#14 How Do I: Integrate SqlMembership Provider into My Existing Database?
#15 How Do I: Set up SqlMembership Providers?
#16 How Do I: Add Security to Applications by Digitally Signing XAML Documents?
#17 How Do I: Digitally Sign Documents with the Signature of a Single Party?
#18 How Do I: Add Security to Visual Basic and C# Applications with Digital Signatures?
#19 How Do I: Add Security to .Net Applications with the ProtectedData Class?
#20 How Do I: Add Security to Visual C++ Applications?
#21 How Do I: Prevent a SQL Injection Attack Over a PHP/MySQL/Linux Platform?
#22 How Do I: Use Managed Cards in Windows CardSpace to Increase the Security of My Web Site?
#23 How Do I: Prevent a SQL Injection Security Flaw in an ASP.NET Application?
#24 How Do I: Prevent a Cross Site Request Forgery Security Flaw in an ASP.NET Application?
#25 How Do I: Encrypt My Web.Config File?
#26 How Do I: Use Discretionary Access Control Lists in Windows?

Source: MSDN

April 4, 2008 Posted by | Advisories, Friends, Recommended External Security Related Links | , , , , , , , , | Leave a comment