Sunday, November 28, 2010

Maybank phishing emails

Of late, me and numerous others have been receiving emails purportedly from Maybank telling us about the status of our account.


For those who use webmails to read your emails and if the webmail does not throw this mail to the junk mail, check with your administrator about this.
For those who believe that the email above was genuine, I hope you have not click on the link and entered your information as requested.  If you have, make a report to the bank immediately.



Take note that banks do not
  1. Do not provide you a little extra help by suspending your account access.
  2. Email to you to ask you to validate your information. In any situation you will need either need to present yourself at the bank counter or go through telephone banking after validation.
  3. Banks do not email from AOL accounts. 
  4. If you note closely, the link goes to  a dubious website.
  5. Not all actions need a Transaction Authorization Code (TAC) especially at login. It is only used to conduct important transaction such as paying someone, transferring money to someone or changing your online account password.
  6. Finally, if you are unsure, do not hesitate to contact Maybank directly and ask about this email authenticity. You may contact Maybank at 1-300-88-6688 
Both ESET Smart Security and ESET NOD32 Antivirus offers phishing link protection against these sort of targeted threats. ESET Smart Security with its anti-spam control will ensure that you will not be needing to read this fake email as it gets moved to your junk mail. 

This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.

      Posted by at No comments:
      Labels: , , , , , ,

      The sky is falling....

      I was drawn to David Harley's post on ESET blog site about Sky News reporting on Stuxnet. It would seem even to me that accurate reporting has gone out the window with this latest piece of news from the folks at Sky News minced with Hollywood scenarios.

      For those who want to have the real picture, please check out F-Secure's updated FAQ compilation about the Stuxnet.

      I think that is enough of Stuxnet news for now...  


      This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.
      Posted by at No comments:
      Labels: , , ,

      Monday, November 22, 2010

      The case of ' I told you so'

      The Register has reported that security firm Sophos has released a report on malware prevalence in Macs. As confirmed, most Mac users are carriers of malware. While they themselves do not suffer from the malware, they seem to be passing it round when they share data.

      Now, don't you think it would be wise to start putting an Antivirus in that Mac machine as soon as you possibly can.

      ESET has now released the protection for your Macs via ESET Cybersecurity for Mac. Read about it here.

      Ready to purchase? write to us at ask-us@basicgateway.com

      This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.
      Posted by at No comments:
      Labels: , , , , , ,

      Sunday, November 14, 2010

      Launch of ESET for Mac platform

      Do you think that Macs does not need an antivirus?
      Here is the scenario:
      You are happily using your Mac and a friend requested a powerpoint presentation which you have created. Now since it is about 20MB in size and is cumbersome to be sent via email, you conveniently pops his USB pendrive and copies it over. Now, he plugs it into his PC and he gets infected by a virus. Can he blame you?

      tagline: When using a Mac, it comes with great responsibility....

      What is the responsibility? To not infect others by being a host to the tens of thousands of different malware which does not operate in Macs but is out to infect and recruit new Windows bot machines.

      Do you seriously think that Macs are immune to malwares? Check again!
      Here is a link to David Harley's blog on Mac malware. Read about it.

      ESET has just launched its protection for Mac protecting any Mac OSX machine running version 10.5 and above. Based on the proven NOD32 Antivirus engine for Windows platform, it has been ported to the Mac platform offering real time protection against Mac based malware and Windows too. Some of the key features including removable drive management is included to increase security. 
      Simply to say, if you have used NOD32 Antivirus on a Windows platform, the Mac version feels right at home.

      There are 2 licensing types. 
      • For Business who are purchasing any of ESET's Business Edition licenses will  be able to enjoy the additional protection at no extra charge. 
      • For home users, ESET Cybersecurity for Mac will be available for purchase from the retail shops or from our online store by 20th of November 2010. 
      Some plus point worth considering.
      1. If you run bootcamp which features both Mac OSX as the base OS with Microsoft Windows running on emulation, You only pay for 1 license. 
      2. Upgrading to a newer version of the same product is free is free as usual so as long as you have a valid license.
      3. You may opt to port the license to a Windows Operating System should you for some reason dis-own your Mac.
      4. For users of the Business Edition license, the inclusion is free and users using the Mac version will be able to report to the ESET Remote Administrator console and be manged by the console.
      For more product information, please see this Want to give it a try? Click here Ready to purchase? write to us at ask-us@basicgateway.com

      This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.
      Posted by at No comments:
      Labels: , , , , , , , ,

      Thursday, November 11, 2010

      Rootkits and idiotic comments

      Going through an F-secure web blog post, i found this of interest to talk about.

      It has been 5 years since the security industry was first introduced to rootkits which was discovered by the folks at F-secure. Many people who read tech articles may remember that it was Sony who first introduced rootkits as a method to prevent people from copying the contents. In simple terms, they wanted to weed out piracy but gave the world a new malware form which is widely used today.

      Rootkits are designed to hide the programs from being viewable by the user. Its intelligent method even evaded most antivirus scanners back then as the files were not visible to the antivirus program.

      When the case was made public in 2005, Sony's management team was quoted the following "Most people don't even know what a rootkit is. why should they care about it."

      Of course, the whole saga went off on a bad footing and The U.S. Department of Homeland Security (DHS) criticized Sony BMG for releasing products that undermined antivirus software and exposed both government-owned and privately owned computers to hackers. Stewart Baker, DHS assistant secretary for policy, chastised media companies for its zealousness in protecting their intellectual property. "It's very important to remember that it's your intellectual property, [but] it's not your computer," Baker said.

      I can't find any point to disagree with Mr. Baker on this matter. And as we now know, rootkits are used by malware to hide their operating files so that stealth and secrecy can be maintained. Such technology serves as a double edge knife and will cut both ways. The good intentions and the evil ones. The computer security industry do not like such ideas either and thus it is reflected upon their ethics .This also reflect why they don't simply give out malware samples to anyone(creditable or not) who wants it. It is simply a double edge knife....

      Just so you know, both ESET NOD32 Antivirus and ESET Smart Security provides protection against rootkits.
       
      You can read more about the whole issue via boycott-riaa.com here 
      F-Secure's blogpost on this can be found here

      This blog is maintained by Basic Gateway as the distributor of ESET products in Malaysia since 2005.


      Posted by at No comments:
      Labels: , , , , , , ,

      Tuesday, November 9, 2010

      Bredolab bot server shutdown

      The Bredolab botnet was effectively shutdown when servers hosting the malware was shutdown and operators were nabbed by the Dutch national Crime Police as announced.

      Bredolab was considered a complicated malware spread via infected mail and had about 30million bots under its control. The dutch authorities announced that they have shutdown 143 servers hosting and spreading this malware.

      Interestingly, the authorities will be using the same bot network to redirect the infected PC to a service help page providing them the reason they have arrive to the webpage and how they can remove the malware from their PC.


      Our colleagues at ESET are debating if this act of selflessness constitutes a privacy breach. The commentary here. Other security operators are pondering over the same issue. It is indeed becoming a grey matter and the lines differentiating black and white will become tougher.

      BTW, Both ESET NOD32 Antivirus and ESET Smart Security protect users against this threat.

      Michael Jackson's song playing in the background.....(it's Black or white....Ooh, Ooh, Yea, Yea)

      This blog is maintained by Basic Gateway as the distributor of ESET products since 2005.
      Posted by at No comments:
      Labels: , , , , ,

      Tuesday, November 2, 2010

      Facebook and Firesheep....

      I read over several technical blogs about a plugin called Firesheep which plugs into Firefox browser enabling the user to actually scan any unencrypted network such as public WIFI for cookies to websites such as Facebook and Twitter and be able to use that cookie to access the Facebook and Twitter account.

      How you may ask? Cookies stores information about the session. This enables you to navigate away from Facebook and return without needing to login. Handy and useful but this is where Firesheep exploits that same feature.



      We begin to wonder if session encryption using HTTPS protocol should be a primary consideration given that Facebook have such a large pool of users and have been subject to several security problems in the past . My friends at ESET seem to think so. Read their blog on this here

      Of course there is the issue of unencrypted wireless transmission. Does anyone still leave their wireless open without some form of encryption? Most recent wireless routers are capable of doing WPA without performance impact. Aryeh Goretsky has some thoughts about this issue in light of the discovery of Firesheep. read more on that here

      SO be careful about accessing Facebook via public WIFI connections  while awaiting for this to be fixed. Those deploying wireless routers, take a look at your wireless configuration and ensure you use at least WPA encryption. Even if your wireless router does not support WPA based encryption, WEP will do and this helps prevent noobs (someone with very little or no knowledge) from sniffing your cookies...

      This blog is maintained by Basic Gateway as the distributor of ESET products since 2005.
      Posted by at No comments:
      Labels: , , , , , ,
      Subscribe to: Posts (Atom)