The creators of the Storm Worm has switched tactics according to F-Secure’s reports.

The report says, “This operation is apparently the work of the same gang that did the original ‘Storm worm’ run in January 2007.”

The original tactic was that they promised information about storms in Europe. Now, they are sending emails that promise a racy picture or a romantic e-mail.

Recently, they sent fake greeting cards to people and they also offered bogus Microsoft updates. Even if a user’s machine is up to date, it will still try to infect the user’s computer. The infection is caused by a botnet client called Zhelatin-gg.

Source: The Register

The Globe and Mail’s website reported that Skype is blaming Microsoft for the recent outage that occurred recently on their peer-to-peer telephone software. The outage lasted for approximately two full days.

“The disruption was triggered by a massive restart of our users’ computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update. The high number of restarts affected Skype’s network resources,” says a post from Skype’s blog.

There is also a flaw in their software and it is also one of the reason of the outage.

The blog also stated, “Normally Skype’s peer-to-peer network has an inbuilt ability to self-heal, however, this event revealed a previously unseen software bug within the network resource allocation algorithm which prevented the self-healing function from working quickly.”

Source: The Globe and Mail

A new Yahoo Messenger bug has been confirmed by McAfee.

The bug was first reported on a forum with a Chinese language. It is a serious vulnerability according to McAfee.

Users can get affected when they accept a webcam invite from people who want to take over their machine.

The Register suggests that users of this chat program should block outgoing traffic on port 5100.

A few months ago, a similar bug was also discovered. The vulnerability is located in the ActiveX control. McAfee did not eleborate how this new bug is different from the one that was fixed in June.

The software developers of the company are scrambling to fix it according to a representative from Yahoo.

Source: The Register

A news has been released that approximately 46,000 users who went to job hunting sites had their information stolen.

“When a user views or clicks on one of the malicious ads, their PC is infected and all the information they are entering into their browser, including financial information being entered before it reaches the SSL protected sites, is being captured and sent off to the hacker’s server in Asia Pacific. We deployed the [countermeasurers] on clients’ systems, then watched where the network traffic was going and followed it to the server,” said Don Jackson, a SecureWorks researcher.

He added that the information that were stolen include Social Security numbers and credit card account numbers.

Source: SC Magazine

Yesterday I got a technical support call as I often do. However, this one wasn’t like my normal ones. This one had more different situations occur in it than usual. The client called up angry and left happy, in this article I’ll tell you everything that happened in between.
Read the rest of this entry »

Avinti Inc. and F-Secure Corp. has released alerts about fake e-cards in emails that are being sent to people.

The emails are in plain text which means that most of them are not scanned by most anti-virus software.

“Apparently, they’ve found that they can be very successful in getting these through by not having it be formatted as an HTML message,” said Dave Green who is the chief technology officer for Avinti at their Lindon, Utah location.

The emails contain a link to a file named msdataaccess.exe. This file is a virus.

Danny Allan of Watchfire Corp. said that users should not click on links in their emails.

Source: COMPUTERWORLD

A question that many computer businesses are faced with. Should their pricing be variable on a per hour basis, or fixed on a per job basis? In this article we’ll talk about the advantages and disadvantages of both.
Read the rest of this entry »

Microsoft has released a new pack of patches yesterday. This pack fixes 14 security holes and there were a total of nine bulletins for the patches.

The flaws for Internet Explorer allows remote code execution. There is also a critical hole in the XML component according to The Register’s article. It says that this flaw made it possible for hackers to hijack a machine by simply luring those that use the Internet Explorer browser to malicious sites.

The other flaws that have been fixed are vulnerabilities that are located in Excel and Windows components such as Vector Markup Language and Object Linking and Embedding automation.

Source: The Register

Most computer technicians have seen it before, fresh after a format of a system there are Unknown Devices in the System Properties that are lacking drivers. You cant get the drivers for it because its an unknown device, you don’t know what it is. Its a nasty catch-22. This is where the application “Unknown Devices” comes to the rescue.
Read the rest of this entry »

As you have probably noticed from our last few posts I was interviewed for an hour with Computer America. We now have the podcast which you can download and listen to.

In the interview we talk about:

• Dealing with Time Wasters
• Dealing with Homes and Businesses
• Setting Prices
• When does a hobby become a business & overheads.
• Advertising and Effectiveness
• Good Paperwork
• Dealing with Family

Listen Now! (to download, right click and “Save As..”)