In a security advisory, Adobe said: “There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat”. Whilst it works to fix the problem, the company suggests upgrading to the latest versions of their software, which appear to be less vulnerable”.

Alternatively, the company said that advanced Reader and Acrobat users could delete or rename the “authplay.dll” file on their system but that doing so means users will experience a non-exploitable crash or error message when opening a PDF file that contains Flash content. Keeping anti-virus software up to date will also help to avoid problems.

If you feel that your network is at risk or that your PCs may have been affected by this vulnerability, call Responza at (206) 762-5100 for advice and support.

Software deemed useless by the suite include Scan & Repair, Antivirus 2009, MalwareCore, WinDefender, XPDefender and WinSpywareProtec.

“We recently became aware of a phishing scheme through which hackers gained user credentials for web-based mail accounts including a small number of Gmail accounts. As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts if we become aware of them,” the Google spokesperson wrote.

Identity theft is a real problem, and this report is just the tip of the iceberg. So how can you make sure your personal information is safe?

Here are a few tips:

1. Never click through any warnings about certificates. That’s a red flag– one you should not ignore.
2. Be very careful when opening unsoliticed attachments and links from any source.
3. Install and regularly update your anti-virus software.

Option #1 – Using a CD/DVD

If your data doesn’t change a lot, you can use a CD/DVD recorder to backup your updated files.

Benefits:
• Backups are fairly fast
• Media is compact
• More affordable than tape backups
• Anyone with a CD/DVD drive can access the files

Drawbacks:
• Most people can’t fit a complete backup on a DVD
• It’s difficult to automate backups

Option #2 – External hard drive

Quite possibly the best backup solution. You will, however, need at least two drives so you can cycle one off site.

Benefits:
• Costs as little as 10 cents per GB
• Fast
• Reliable
• Easy to recover

Drawback:
• If you use an external hard drive with USB, the maximum transfer rate for the interface is determined by the other USB devices in use. We recommend using Firewire, since it is faster.

Option #3: Online backup

This is a quick, easy way to backup important data off-site.

Benefits:
• Convenient
• Costs less to setup and run
• Great option if you travel frequently
• No need to purchase or maintain backup hardware

Drawbacks:
• Requires high-speed internet connection.
• Possible cost and speed issues if you need to backup large amounts of data

Of course, this is just a basic overview of your backup options. The best backup solution depends on your business environment and the priorities you set. If you’re not sure what those are, just ask the experts.

What’s wrong with tape backup?

There are several reasons why this old industry standard needs to be buried:

• Buying and maintaining a tape backup requires a significant investment, especially if your business grows.
• A lot of administrative work is required, and that time could be better spent on core business functions.
• Every time you run backup, your computers have to go down. This downtime makes backup inconvenient.
• Tape backup limits your recovery point objective (RPO). For example, if disaster strikes in the afternoon, you lose the entire day’s work.

Even after all this investment and effort, your company data remains vulnerable to disaster. A SearchSecurity survey of 500 IT departments reported that up to 20% of all nightly backups fail to capture all data. Another survey found nearly 40% of IT managers were unable to recover data from a tape when they needed it. One incident alone can cost your company thousands of dollars in downtime and lost data.

Ok, so maybe tape backup isn’t the best solution. Then what is? Well, I’ll leave that for another post…

Alberto Gonzales and three other men were indicted on Monday for stealing over 130 million credit card numbers from several Fortune 500 companies. So how did he do it? Simple. Gonzalez and his team was able to exploit end users that didn’t know how poor their security was by launching “hacking platforms” on each of their point-of-sale systems, along with the classic SQL-injection attacks. He then used malware to extract credit and debit card numbers.

The companies hit hardest were ones who had taken their security systems for granted. Makes you think twice about your network security, doesn’t it? Just think of all the money and classified information at stake…

To read the full story of this harrowing identity theft, click here.

“Our experience with the FVS318G on the network has been very positive,” said Johnny Chin, president and chief executive officer at Onesimus Enterprises, whose company participated in the beta test program. “For the price, we were impressed with the level of features offered along with enhanced security measures against outside attackers. Best of all, it’s fast enough to keep up with our high-speed broadband Internet connection, so we’re both protected and running at top speed.”

_{How it works:}

Scene: Joe S. from Accounting takes his work laptop to a nearby café. His computer automatically picks up a public wireless signal, so he sits in the corner with his cup of coffee and browses the web. He searches for an e-book on the mating habits of Parakeets, and what luck- finds one and downloads it to his PC. Then he decides to check his personal e-mail. There’s one new message. The subject line says “Mothers Day Confirmation Order”. Funny. He doesn’t remember buying his mom a present. He opens the link anyway.
The next day, Joe brings his laptop back to work and tries to power it up. No such luck. That seemingly innocent e-mail was actually a virus- the “Love” bug. The pain didn’t end there, though- oh no. When Joe S. opened the attachment in that e-mail, the virus went straight to work, sending a similar e-mail to everyone in his contact list. Many of those people were co-workers, a few of which used their work computer to open the e-mail. Within hours, the virus spread not only to Joe, but through his work.

Names have been changed to protect the ignorant, but the reality of viruses remains. It seems like no matter how hard you try, there’s always the lingering threat of a computer attack. Is your data safe? Do you know how to protect yourself from future attacks?
There are several ways you can defend yourself against future threats. Simply scanning your computers once every fiscal year is not enough. To feel truly bulletproof, you’ll need to scan every day using a good anti-virus like AVG, run updates 4 times a day, and don’t forget to scan your servers too. Responza does all this for you, and it employs a deep packet inspection that kills viruses before they hit your business. With these practices in place, you’ll never get bit by the “Love” bug again.

For all its efforts, Windows is still prone to spyware, adware and anti-virus attacks. Mac users love to boast about this difference- but hey, any operating system that supports so many different applications is bound to be vulnerable. So what do you do?
Anti-virus programs aren’t enough anymore. Make sure your anti-virus software has real time protection. This will prevent adware and spyware from getting unto your system in the first place. Also, use a good adware/spyware remover to scan your computer on a regular basis. Last but not least, use common sense. Don’t click on links in spam emails or download questionable material online- especially on your work computer!

Security firms are warning of a big increase in attacks that target instant messaging systems.

Security Center researchers uncovered 21 new malicious code attacks traveling over IM networks in April. Worms that topped the list include ArcServe, IMspread, QVOD, IRCBot and Tiotua. Most, if not all, of these worms target the public IM networks such as AIM, Yahoo, and GoogleTalk. For businesses that have deployed closed instant messaging systems, the risk is minimal. Most of these threats travel like e-mail worms and users have to click  a link to get infected.

Responza’s rule of thumb – don’t accept messages from screen names you’re not familiar with and never, never, never accept links from strangers.