Tag Archives: old

Crashed Hard Drive? Progressive Data Recovery Steps

This guest post is contributed by Grady Winston. Grady is an avid writer and Internet entrepreneur from Indianapolis. He has worked in the fields of technology, business, marketing, and advertising – implementing multiple creative projects and solutions for a range of clients.

imageTake a deep breath, your computer crashing isn’t the end.

When a computer freezes up, or worse yet crashes, it can send even the most seasoned computer user into a hair-pulling maniacal panic. For many beginner or inexperienced users, a crashed hard drive often means the loss of gigabytes upon gigabytes of music, pictures, movies, videos, documents, and just about any other type of important digital file imaginable.

While the temptation to throw your laptop across the room in frustration is understandable, it may be a tad melodramatic. Why? Because you’d be surprised just how easy it is to recover seemingly lost data yourself. Refrain from catapulting your computer across the room, take a nice deep breath, and let’s take a deeper look into the world of hard drive data recovery.

Recovering Hard Drive Data in Four Steps

1. Purchase a New Hard Drive – Just like when you total your car, when a hard drive crashes, it’s pretty much deemed useless in that it can’t be used again. But, just like you can usually still fish out your CD collection and glove box contents, you can recover the useful parts or data from the drive.

The first step in the “recovery” process requires understanding that you need a new hard drive. Take another deep breath, head to a local computer or electronics store, and pick up a compatible hard drive.

2. Configure a Master and a Slave Drive – Before you even think about recovering your crashed hard drive’s data you must configure both drives for data recovery. This involves installing your new hard drive as the primary (or “master”) hard drive, and the crashed hard drive as the secondary (or “slave”) drive. In a nutshell, setting up your new drive as the master drive tells your computer’s operating system to recognize it as the primary system drive. Keep in mind that this process can vary widely from OS to OS.

3. Recover Your Data – Now that you have correctly configured each hard drive you can recover data from the old drive. Since the crashed drive is the secondary drive, this is pretty much a drag and drop situation. Simply locate the files you want to recover and drag them over to the new hard drive and place them in the appropriate folder.

There are certain files that you may not be able to locate easily. Take Microsoft Outlook tools for example. If you’re looking to recover lots of email conversations you’ll probably need to use an Outlook recovery and repair tool. There are plenty of affordable tools that scan your Outlook files and recover lost or hidden files for you.

4. Hire a Data Recovery Specialist – Finally, if your data recovery efforts leave a lot to be desired, it may be time to call in the big guns. While hiring a data recovery specialist isn’t the cheapest solutions, it may be the fastest way to recover lost data.

Conclusion: A Final Word of Caution

Every time you try to recover data from a crashed hard drive, you run the risk of losing some data completely and forever. This isn’t a great feeling, but it happens to the best of us. This is where safe email and web surfing practices will go a long way to protect your data from being corrupted.

Protecting your data may also mean backing it up. Fortunately, affordable online backup and recovery tools are just a click away. The bottom line is that hard drives are fickle, mechanical devices that can go bad without a moment’s notice. Keep a tight grasp on your data and you can avoid data recovery nightmares like this one.

4 Comments

Filed under Guest Writers, Hard Drive Problems

An IT Professional’s Internet Privacy Tips – Simple And Effective

https://i0.wp.com/it.sheridanc.on.ca/images/internetprivacy.jpgInternet privacy tips are often complex and mind numbing and, generally promote an overblown reliance on technology. In this guest article, IT professional Robert Coulter, cuts through the knarly knot of the usual wooden security tips with a range of suggestions designed to keep hackers and other nefarious types away from your important private data while online.

As revealed in Wired Magazine, every piece of electronic communication is able to be intercepted by someone, somewhere. Even Internet giants like LinkedIn can be compromised, as an estimated 6.5 million password were hacked earlier this month. With that in mind, the only real way to guarantee complete online security is to never go online at all. Since this is neither practical nor desirable, by most people, there are still steps you can take to protect your online security and protect your personal information while enjoying the benefits of the Web.

Don’t overshare.

This first tip is simply common sense. Don’t share more than is necessary on the Web, especially on social networking sites such as Facebook and Twitter. While it can be fun, consider the risks from sharing every last detail of your life with the world, such as birth date, where you go (check-ins), pictures of your children, details of your job and relationships.

All of these details make social engineering hacks easy to perform and open you up to identity theft. Do your bank accounts have common security questions like “Mother’s Maiden Name?” or “City of Birth?” protecting your passwords in the event you need to reset them? Well, chances are this information is easily found by snooping around your social media profiles, making it an easy matter to reset passwords on sensitive accounts.

If you do insist on sharing, at least tighten up your Facebook privacy settings and keep your circle of friends small and limited to those you actually know. Also, disable the most invasive features, like check-ins and photo tagging.

Use a cloud-based antivirus rather than a signature-based one.

Cloud-based antivirus solutions, such as those offered by Webroot and Symantec, do away with large signature file downloads, which eat up bandwidth and can take up to several gigabytes of hard drive space. Instead, all of the signatures reside in “the cloud” and every file and Web request gets run against this ever-growing, real time database using the provider’s resources rather than your computer’s, speeding things up greatly and providing the most up-to-date protection.

Set stronger passwords.

ElcomSoft recently did a study that estimates just 25% of people regularly change their password. Setting a strong password, and changing it frequently, is key to protect your identity. Many experts suggest using long strings of random gibberish with special characters for greatest safety, but these can become nearly impossible to remember, leading to the insecure solution of storing them in an unprotected spreadsheet or on little bits of paper which can get lost.

One way to get a strong password that is easy to remember is to use a four word phrase, such as “kayaking beats drudge work” and substituting the spaces for a special character, such as “#” or “_.” The length and randomness will take a hacker more time than it is worth to figure out, while also being easy to commit to your own memory.

Use a Mailinator account on potential spam sites.

Mailinator is a great tool for signing up for web offers without actually providing your real email address. Mailinator works by allowing you to invent a disposable email address, which you can check without a password and which keeps messages for only 24 hours before being automatically erased. This is great when signing up for a site which seems to offer something enticing, but which might be spammy or even a hacker site, as your real email address is never revealed.

Deactivate old or unnecessary accounts.

Old accounts might leave your information scattered across the Internet for anyone to mine, especially on sites past their prime and maintained very irregularly by their administrators, as they tend to have lax security measures. The answer is to delete these old accounts. Even Facebook now has a “delete” feature, rather than just the “deactivate” one, so take advantage of this to clean up your online traces and reduce the temptation for hackers to learn more about you in an unwholesome way.

In conclusion, online threats are constantly evolving, and the best guardian of personal data is truly the individual user himself. Be smart and be skeptical when online it just might save you thousands of dollars and countless hours of heartache.

Guest author Bio: Robert Coulter works in the security industry at authentify.com which offers two-factor verification solutions for companies who need increased security protection for their clients.

11 Comments

Filed under Cyber Crime, Guest Writers, Internet Safety, Privacy, Social Networks

Not Running Secunia PSI? Why Not?

imageDespite the fact that burglaries are at an all-time high in my neighborhood, and despite the fact that the Police regularly caution residents to lock both windows and doors when not at home, one of my close neighbors always leaves at least one window open while she’s out. I have to say – it just boggles my mind.

Throughout the summer she is out of town every weekend and, you guessed it – she still leaves at least one window wide open. Her behavior, not to put too fine a point on it – is idiotic. If you’ve ever wondered why your home owners insurance policy is more expensive than it needs to be, it’s partially due to lamebrains like my neighbor.

Computer systems running insecure and unpatched applications are analogous to the open window in my neighbor’s house, and are a common gateway used by cyber-criminals to infect unaware users’ machines. Worse, unlike the aftereffects of a home burglary, which are rather self evident, a compromised computer can often remain undetected.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you close any “open windows” in your operating system, by keeping your installed applications current and up-to-date. And, Secunia, the leading provider of Vulnerability Intelligence, can help you do just that with its free application – Secunia Personal Software Inspector (PSI).

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

During the install process, you will have an opportunity to select “Auto Updates”. I suggest that you take advantage of this feature.

image

Again, during the install process, you will have an opportunity to select “full changes in the tray icon”. If you have selected “Auto Updates”, as per the previous window, you should select this option.

image

The settings menu provides a full range of adjustments so that you can configure the application to more accurately meet your specific needs.

image

The following screen capture illustrates a security scan in progress. The full scan took under two minutes to complete.

image

According to the scan results, my test machine is 12% more secure compared to non-users of PSI in my local area. This is no cause for celebration though, since the test machine is running two insecure applications. One of which, VLC Media Player, has been a recent target of cyber criminals. Ouch!

image

The following screen capture shows the full test results and you can readily see, that both Adobe Flash Player and the previously mentioned VLC, are both insecure. Adobe Flash Player, dramatically so. Double ouch!

image

Additional data on an insecure program can be gathered by double clicking on the program, as shown in the following screen shot.

image

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how to resolve it.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Application Vulnerabilities, Cloud Computing Applications, Computer Audit Applications, cybercrime, Don't Get Hacked, downloads, Freeware, Recommended Web Sites, Secunia, Software, System Security, Utilities, Windows Tips and Tools

Secunia PSI Updated – Version 2.0 Released

imageSecunia has just released (December 20, 2010), Version 2.0 of their award winning vulnerability and patch scanning free application – Secunia PSI.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you keep your installed applications current and up-to-date. Insecure and unpatched applications are a common gateway used by cyber-criminals to infect unaware users’ machines.

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

image

Following the initial scan of two Hard Drives – which took only two and a half minutes, PSI found two end-of-life applications, and one insecure application. The insecure application (VLC Media Player 1.1.14), is currently under attack by cyber-criminals. So, that was a good catch.

image

image

Updating VLC Media Player 1.1.14, was a snap – I simply clicked on “Install Solution”. Boom – done!

image

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

Improvements in Version 2.0.

  • Automatic Updates: Functionality for Auto Updates is now implemented as a core feature in the Secunia PSI.
  • New User Interface: A new User Interface has been implemented. The design has been updated to make it simpler and easy to use the Secunia PSI, as well as improving the overall look and feel.
  • Integration with Secunia CSI: The new Secunia PSI features integration with the commercial Secunia CSI. Secunia CSI customers can learn more about this feature with the release of the Secunia CSI 4.1.
  • Improved Presentation of Scan Result: The presentation of scan results have been significantly improved, using techniques that have been tested during the Technology Preview. The Scan Results are grouped according to their installation and patch state, which in turn makes it simpler to identify the programs that actually requires the latest security patches.

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, is quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Cloud Computing Applications, Computer Audit Applications, Don't Get Hacked, downloads, Free Security Programs, Freeware, Malware Protection, Security Rating Applications, Software, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

How Secure Are Your Software Applications – Not Very, It Seems

Most of us, I expect, are familiar with the expression – If you fail to plan, then you plan to fail. If you accept the findings of Veracode’s second edition of their State of Software Security Volume 2, which reports unfavorable on the security reliability of more than half of the 2,922 web applications tested, you might  wonder if application developers are familiar with this expression.

This report, coupled with the Qualys Vulnerability Report, which I receive weekly, leaves little doubt in my mind that software developers, by and large, need to focus more intently to ensure their applications are appropriately hardened against security vulnerabilities.

The following partial listing taken from the Qualys Vulnerability Report, from several weeks ago, highlights this lack of focus on this point. Frankly, I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the IT security community. It’s as if, application vulnerabilities are a dirty little secret.

Critical Vulnerabilities – Widely Deployed Software

(1) HIGH: Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability
(2) HIGH: Mozilla Firefox Multiple Vulnerabilities
(3) HIGH: Apple Safari Multiple Security Vulnerabilities
(4) HIGH: Google Chrome Multiple Security Vulnerabilities
(5) HIGH: Apple iOS Multiple Vulnerabilities
******************************************************************
Comprehensive List of Newly Discovered Vulnerabilities from Qualys
–  Third Party Windows Apps
10.37.1  – HP Operation Agent Privilege Escalation and Remote Code Execution Issues
10.37.2  – Tuniac “.pls” File Buffer Overflow issue
10.37.3  – Microsoft Internet Explorer CSS Handling Cross-Domain Information Disclosure
— Mac Os
10.37.4  – Apple Mac OS X Mail Parental Control White List Security Bypass Issue
— Linux
10.37.5  – Linux Kernel “keyctl_session_to_parent()” Null Pointer Dereference Denial of Service
10.37.6  – Linux Kernel “IrDA” Protocol NULL Pointer Dereference Denial of Service Issue
10.37.7  – oping Local Information Disclosure
10.37.8  – Linux Kernel “irda_bind()” Null Pointer Dereference
10.37.9  – Linux Kernel “SIOCGIWSSID” IOCTL Local Information Disclosure Issue 10.37.10 – Linux Kernel “XFS_IOC_FSGETXATTR” Information Disclosure Issue
— Novell
10.37.11 – Novell Netware SSH Remote Buffer Overflow Issue
— Cross Platform
10.37.12 – Blackboard Transact Multiple Insecure Password Handling Information Disclosure Issues
10.37.13 – Zope Unspecified Denial of Service Issue
10.37.14 – httpdx “h_readrequest()” Remote Format String
10.37.15 – Techlogica HTTP Server Remote File Disclosure
10.37.16 – Arno’s IPTABLES Firewall IPv6 Detection Remote Security Bypass
10.37.17 – Hitachi JP1/Desktop Navigation Unexpected Data Denial Of Service Issue
10.37.18 – Google Chrome Multiple Security Vulnerabilities
10.37.19 – LDAPUserFolder Emergency User Arbitrary Password Authentication Bypass Issue 10.37.20 – ffdshow “.avi” File NULL Pointer Dereference Denial Of Service Issue
10.37.21 – Squid Proxy String Processing NULL Pointer Dereference Denial of Service
10.37.22 – VLC Media Player “smb://” URI Handler “.xspf” File Buffer Overflow Issue

Veracode’s State of Software Security Volume 2, reveals what may well be the true state of the software we have come to rely on.

The following are some of the most significant findings:

More than half of all software failed to meet an acceptable level of security and 8 out of 10 web applications failed to comply with the OWASP Top 10.

Cross-site Scripting remains the most prevalent of all vulnerabilities.

Third-party applications were found to have the lowest security quality.

The security quality of applications from Banks, Insurance, and Financial Services industries was not commensurate with their business.

Equally as important – 57% of all applications were found to have unacceptable application security quality. Even more troublesome, more than 80% of internally developed and commercial web applications failed to comply with the OWASP Top 10 which is shown below.

OWASP Top

  1. Injection – Examples of injection flaws are SQL, LDAP, HTTP header injection (cookies, requests), and OS command injections.
  2. Cross Site Scripting (XSS) – Malicious scripts are executed in the victim’s browser allowing the attacker to hijack the user’s session, steal cookies, deface web sites, redirect users to malicious web sites, and remote browser control.
  3. Broken Authentication and Session Management – Flaws used against one account may be replicated against an account with higher privileges.
  4. Insecure Direct Object References – Attack occurs when an authorized user can change a parameter value that refers to a system object that they are not authorized for.
  5. Cross Site Request Forgery (CSRF) –  CSRF attacks can complete any transactions that the victim is permitted to perform such as access data, transfer funds or make purchases.
  6. Security Misconfiguration – Attacker exploits unsecured pages, default accounts, unpatched flaws or any other vulnerability that could have be addressed by proper configuration.
  7. Failure to Restrict URL Access – Links can be obtained from: hidden fields, client-side code, robots.txt, configuration files, static XML files, directory access.
  8. Unvalidated Redirects and Forwards – Unvalidated parameter allows an attacker to choose a destination page where they wish to send a victim to trick them into disclosing private information.
  9. Insecure Cryptographic Storage – The most common reason for this attack is that data that should be encrypted is stored in clear text.
  10. Insufficient Transport Layer Protection – Most commonly, this attack occurs when a site does not use SSL/TLS for pages that require authentication where an attacker can monitor network traffic to steal an authenticated user’s session cookie.

The full report in PDF format is available here.

So how do you ensure that your software installations are relatively secure? Unfortunately, there’s no perfect answer – but you can reduce your overall exposure by installing the free  Secunia Personal Software Inspector, (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

Installing this small free application will definitely assist you in identifying possible security leaks.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7

Download at: Download.com

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Windows Tips and Tools

If You Get A Malware Infection Who’s Fault Is It Really?

imageThe security industry, especially security analysts, and for that matter, computer users at large, love to dump on Microsoft when they get a malware infection. If only Microsoft got their act together, the theory goes, and hardened Windows more appropriately, we wouldn’t have to deal with this nonsense.

But, what if it isn’t entirely Microsoft’s fault? What if it’s really a shared responsibility split between Microsoft, third party software developers, and the user?

From time to time, I’m accused of being “too frank”; usually on those occasions when diplomacy needs to put put aside, so that realities can be dealt with. For example, I’ve left myself open to criticism, in some quarters, by stating on more than one occasion –

It has been my experience, that when a malware infection occurs, it’s generally safe to say, the user is, more often than not, responsible for their own misfortune.

Computer users, by and large, are lackadaisical in securing their computers against threats to their Internet safety and security.

Strong statements I’ll admit, but if you consider the following, which I have repeated over and over, you’ll understand why I feel comfortable making this statement.

Not all users make use of Microsoft’s Windows Update so that they are current with operating system critical updates, and security fixes. More to the point, few users have given consideration to the vulnerabilities that exist in third party productivity applications and utilities.

Unless you monitor your system for insecure and unpatched software installations, you have left a huge gap in your defenses – it’s just plain common sense.

The just released Secunia Half Year Report – 2010, shows “an alarming development in 3rd party program vulnerabilities, representing an increasing threat to both users and business, which, however, continues to be greatly ignored”, supports my view that security is a shared responsible, and blaming Microsoft simply ignores the reality.

The report goes on to conclude, “users and businesses still perceive the operating system and Microsoft products to be the primary attack vector, largely ignoring 3rd party programs, and finding the actions to secure these too complex and time-consuming. Ultimately this leads to incomplete patch levels of the 3rd party programs, representing rewarding and effective targets for criminals.”

Key highlights of the Secunia Half Year Report 2010:

Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.

A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year.

In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010, to 760.

During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached.

A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010.

The full report (PDF), is available here.

Each week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.

There is a solution to this quandary however – the Secunia Personal Software Inspector (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

image

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Link: Secunia Online Software Inspector

As an added bonus for users, Secunia provides a forum where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

23 Comments

Filed under Anti-Malware Tools, Cloud Computing Applications, cybercrime, Don't Get Hacked, downloads, Free Security Programs, Freeware, Internet Safety, Reports, Software, Spyware - Adware Protection, System Security, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Secunia Personal Software Inspector – Insurance Against Vulnerabilities

Secunia PSI – Checks for Software Vulnerabilities

image A recent article on IE 6 and the inherent dangers involved in running such an outdated Browser, supports the view that not all of us make use of Microsoft’s Windows Update so that we are current with operating system critical updates, and security fixes.

As important as that is, it’s equally as important that we keep our installed applications current, and up-to-date. Every week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.

Should we be worried? Well, I think we should be. In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched. This is a perfect scenario for the redistribution of malware.

Secunia goes on to report that the rate of patching and updating compliance, is even less than in previous years. This, despite the fact, that on a daily basis critical vulnerabilities continue to be discovered in popular software applications.

Some recent application vulnerabilities included, Mozilla FireFox, Apple iTunes, QuickTime, Skype internet phone, Adobe Acrobat Reader, Sun Java Run-Time, Macromedia Flash, AOL Instant Messenger, Windows/MSN Messenger, Yahoo Instant Messenger, Bit Defender, and RealPlayer.

Survey statistics:

Survey sample size – 20,000 users

User exposure – 98.1% have one or more insecure programs

User exposure – 30.27% have one to five insecure programs

User exposure – 25.07% have six to ten insecure programs

User exposure – 45.76% have eleven or more insecure programs

It has been my experience, that when a malware infection occurs, it is generally safe to say, the user is often responsible for their own misfortune. This survey points out, once again; computer users need to be more vigilant in order to ensure their own Internet safety and security.

The Secunia Personal Software Inspector (PSI) can help dramatically with this task. PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

image

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7

Download at: Download.com

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

21 Comments

Filed under Application Vulnerabilities, Cloud Computing Applications, Computer Audit Applications, Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Internet Safety Tools, Security Rating Applications, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Play Russian Roulette – Don’t Update Your Applications

image I’m a games player, and I bet you are too. But unlike most computer users, I do not play games with my computer’s security. I don’t play games where the odds are stacked against me, and neither should you.

Many of us now store a large volume of confidential personal information on our home computers, including information concerning our personal finances, taxes, health, and perhaps personal documentation of other types.

Yes, I know you think that your data is well protected from cyber-criminals since you run the most expensive anti-malware suite available, and you are careful and cautious while surfing the Internet. But, unless you monitor your system for insecure and unpatched software installations, you have left a huge gap in your defenses. In a sense, this amounts to playing Russian Roulette with cyber-criminals.

Playing Russian Roulette with cyber crooks is a mugs game – the six-shooter is loaded with SIX bullets. Unfortunately, you get to go first, and ducking is not an option in this game. The bad guys will win; you will lose. But hey, you might get lucky!

So how do you ensure that your software installations are secure and remain patched? There’s an easy answer – download and install, the free  Secunia Personal Software Inspector, (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

image

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

image

Quick facts:

The Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

Let me offer you this recent quote from PSI Partner Manager, Mikkel Winther, “PC users need to patch! They need to patch all their vulnerable programs and they need to do so as fast as possible after the patch has been issued from the vendor. It is only a question of time – and luck – as to when your system will be compromised.”

He adds “The best solution is to have a program taking care of your patches and your vulnerabilities. Secunia Personal Software Inspector is the only tool that does this and since it is available for all private users for free, there is really “no excuse” not to patch.”

I couldn’t agree more Mikkel.

System Requirements: Windows 2000, XP 32/64bit, and Vista 32/64bit

Download at: Download.com

As an added bonus for users, Secunia provides a forum where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related.

If you need to update, or add, additional security applications to your computer, then checkout, Need Spyware, Virus, and Browser Protection? – Free Solutions, on this site for reviews and free security application downloads.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Anti-Malware Tools, Application Vulnerabilities, Computer Audit Applications, Don't Get Hacked, Free Security Programs, Freeware, Interconnectivity, Safe Surfing, Security Rating Applications, Software, Spyware - Adware Protection, Windows Tips and Tools

Secunia PSI – Checks for Software Vulnerabilities

Not all of us, it seems, make use of Microsoft’s Windows Update so that we are current with operating system critical updates, and security fixes. More to the point, few of us have given consideration to the vulnerabilities that exist in our currently installed productivity applications and utilities.

In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched.

Secunia goes on to report that the rate of patching and updating compliance, is even less than in previous years.

Virtually on a daily basis, critical vulnerabilities continue to be discovered in popular software applications. Some recent application vulnerabilities include, Mozilla FireFox, Apple iTunes, QuickTime, Skype internet phone, Adobe Acrobat Reader, Sun Java Run-Time, Macromedia Flash, AOL Instant Messenger, Windows/MSN Messenger, Yahoo Instant Messenger, Bit Defender, and RealPlayer.

Survey statistics:

Survey sample size – 20,000 users

User exposure – 98.1% have one or more insecure programs

User exposure – 30.27% have one to five insecure programs

User exposure – 25.07% have six to ten insecure programs

User exposure – 45.76% have eleven or more insecure programs

It has been my experience, that when a malware infection occurs, it is generally safe to say, the user is often responsible for their own misfortune. This survey points out, once again; computer users, by and large, are not up to the task of securing their computers in order to ensure their own Internet safety and security.

The Secunia Personal Software Inspector (PSI) can help dramatically with this task. PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

image

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, and Vista 32/64bit

Download at: Download.com

As an added bonus for users, Secunia provides a forum “where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related”.

2 Comments

Filed under Anti-Malware Tools, Application Vulnerabilities, Computer Audit Applications, Don't Get Hacked, Freeware, Online Safety, Security Rating Applications, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Shocking – 98% of Computers are Insecure

Recently, both I, and fellow Blogger Rick Robinette, over at What’s On My PC, have written on Secunia Personal Software Inspector (PSI), a free application that ensures all installed applications on your computer are either patched, or up-to-date.

Here’s one more reason to bring this free application to your attention once again. According to Secunia, the Danish security firm responsible for PSI, 98% of computers running Windows operating systems, are open to a successful malware attack.

Not all of us, it seems, make use of Microsoft’s Windows Update so that we are current with operating system critical updates, and security fixes. Even worse, virtually none of us have given any consideration to the vulnerabilities that exist in our currently installed productivity applications, and utilities.

Less than one in 50 Windows driven computers, according to Secunia’s released statistics, are totally patched. Secunia goes on to report that the rate of patching and updating compliance, is even less than in previous years. Now, how dumb is that?

Virtually on a daily basis critical vulnerabilities are discovered in popular software applications. Some recent application vulnerabilities include, Mozilla FireFox, Apple iTunes, QuickTime, Skype internet phone, Adobe Acrobat Reader 7.02, 6.03, Sun Java Run-Time, Macromedia Flash 7, WinZip 8.1, AOL Instant Messenger 5.5, Windows/MSN Messenger, Yahoo Instant Messenger 6.0, Bit Defender, and RealPlayer.

Just this morning, for example, according to anti-malware company BitDefender, a new Trojan horse program identified as Trojan.PWS.ChromeInject.B which works as a Firefox plug-in, has been discovered.

Two files, one Javascript and one Windows executable, are being used to steal user logon credentials when logging on to one of 103 bank domains. Scary.

Survey statistics:

Survey sample size – 20,000 users

User exposure – 98.1% have one or more insecure programs

User exposure – 30.27% have one to five insecure programs

User exposure – 25.07% have six to ten insecure programs

User exposure – 45.76% have eleven or more insecure programs

It has been my experience, that when a malware infection happens, it is generally safe to say, the user is primarily responsible for their own misfortune. This survey points out, once again; computer users, by and large, simply refuse to take responsibility for their own Internet safety and security.

The following are the essential details from a recent article on Secunia Software Inspector.

Check Software Vulnerabilities – Free Secunia Software Inspector v1.0 Released

The Secunia Personal Software Inspector (PSI) constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

(Click pic for larger)

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

(Click pic for larger)

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, and Vista 32/64bit

Download at: Download.com

As an added bonus for users, Secunia provides a forum “where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related”.

6 Comments

Filed under Anti-Malware Tools, Application Vulnerabilities, Don't Get Hacked, Freeware, Internet Safety, Malware Advisories, Online Safety, Security Rating Applications, System Utilities, Utilities, Windows Tips and Tools