How to Travel Safely with Your Laptop this Thanksgiving

By Doctor Security

 

 

Travel and Thanksgiving go together like turkey and stuffing. So if you’re like millions of others and going to be on the road or in the air this holiday season, we suggest you take some precautions to prevent the loss or theft of your laptop.

 

Just so you know why you need to be diligent, here’s the skinny on laptop theft:

1 in 10 are lost or stolen and 97% are never recovered. A recent study found that 12,000 laptops go missing in U.S. airports every week!

 

Now, you can bet that during the Thanksgiving week when there’s a ton more people hopping on flights, there’s going to be a lot more criminal activity among the crowds, especially in these challenging economic times.

 

Here are some tips to consider to help you protect yourself against laptop loss/theft as well as what to do if you become the victim:

 

1)    Don’t use a traditional laptop bag that tells a thief exactly where it is (a quality backpack is a good alternative)

 

2)    If you don’t have to access your laptop in a large public place, don’t

 

3)    Don’t pack your laptop with your baggage because you can’t trust that  your baggage won’t be tampered with or always arrive at the same time and  place you do

 

4)    Stow your computer at your feet, not in an overhead bin where it can easily be taken (often by mistake)

 

Most of these tips are common sense, but during the rush and stress associated with holiday travel, you might not be on top of your game, especially if traveling with children. So try to be diligent and stay calm. The harried travelers might as well paint targets on their backs.

 

You should also be smart about what you need to do and have if your mobile computer is lost, stolen or damaged:

 

1)    Back up, back up, back up your important files!! (Leave a back up copy of your important files at home or the office and carry a disk or a thumb drive with you, if you’re going to need to access files while you’re away)

 

2)    Have strong password (8 characters at least and a combo of letter, numbers and special characters like #%*)

 

3)    Encryption software like ZoneAlarm’s Hard Drive Encryption that “makes everything on your computer’s hard drive unreadable to unauthorized eyes”

 

4)    Have your laptop make, model number and serial number so you can identify your property if it’s recovered or turned into lost and found

 

5)    Stickers or unique identifiers on your laptop so you can quickly ascertain your own and make it harder for a thief to fence a stolen one

 

Happy holidays and safe traveling!

 

 

 

Posted by ZoneAlarm on November 05, 2009 at 08:38 AM in PC Security, Security Industry, Technology, ZoneAlarm |

|

For Two Days Only: Follow ZoneAlarm or Check Point on Twitter for a Chance to Win a Copy of ZoneAlarm Extreme Security

By Dameon Welch Abernathy

 

As the popularity of social media sites such as Twitter has increased, so has the number of hackers who prey on the unsuspecting public to launch various attacks designed to gain access to confidential information. You can find more details on how to protect yourself against these Web-based attacks by reading one of our recent blogs. When you follow Check Point or ZoneAlarm on Twitter, you’ll automatically have the chance to win a ZoneAlarm Extreme Security suite. ZoneAlarm Extreme Security combines computer security and browser security into one, using patent-pending technology for powerful protection. 

 

Here are a few eligibility rules:

 

  1. Follow ZoneAlarm or Check Point Software Technologies on Twitter by July 9, 2009 at 19:00 GMT. Two lucky winners will be randomly selected.

  1. Employees of Check Point Software Technologies and their immediate families are not eligible to participate in this giveaway.

  1. Only one winner per Twitter account will be awarded.

  1. Winner must provide a shipping address where the prize can be mailed.

  1. All decisions regarding a qualified winner will be made solely by ZoneAlarm and are final.

  1. ZoneAlarm reserves the right to terminate or modify the above terms at any time without notice.

  1. Good Luck!

Posted by ZoneAlarm on July 07, 2009 at 08:45 AM in ZoneAlarm |

|

Tinyurl.com Blocked, Might Distribute Spyware

By John Gable, Director of Consumer Products

 

ZoneAlarm blocks a web site that you want to visit.  For example, some users have noted that ZoneAlarm blocks them when they go to TinyURL.com.  Why would ZoneAlarm do this, and what do I do if that happens?

 

Spyware has occasionally been downloaded from TinyURL.com or a partner site (TinyURL often redirects users to other sites).  To protect you from this threat, ZoneAlarm warns you about it and blocks that specific Web site.  But people might still want to use TinyURL.com anyway – after all it’s a useful tool for posting short urls on TwitterWell, you still can.

 

Go to www.tinyURL.com.  If the site is blocked, you should see a balloon pop up in the lower right corner of your screen.  If you click on it, you will go to an interface where you can add tinyURL.com as an exception which allows you to access the site.  You can also manually get to that interface within the product by doing the following:

 

1)       Right click or double click the ZoneAlarm icon in your system tray.

1     

2)       In the ZoneAlarm control screen, click Anti-virus/spyware, and then click “Spy Site Blocking”.  If it has blocked you from a website, it will show you the name of the web site with an X showing that it was blocked.

 

Untitled

 

3)       If you want to go to that web site, click on top of the web site access and change it from Block to Allow.

 

Untitled 2

 

That’s it.  This way ZoneAlarm can protect you from potentially dangerous downloads but still let you go where you want.

Posted by ZoneAlarm on May 21, 2009 at 11:15 AM in ZoneAlarm |

|

Controversial DNSSEC could solve pernicious Internet security issues

by Albert Sweigart, Consumer Security Development

The well-known security researcher Dan Kaminsky pushed for the adoption of DNSSEC (Domain Name System Security Extensions) in his recent presentation at the Black Hat DC conference. Kaminsky is famous for a critical flaw he found in the Domain Name Service protocol last summer. DNS is the protocol that translates domain names (such as zonealarm.com) to the numeric Internet Protocol address (such as 209.87.209.206). By exploiting the flaw, Kaminsky discovered a DNS server can be tricked into resolving the domain name to a different IP address. This would allow the attacker to trick someone visiting YourOnlineBank.com to a fake replica of the website that they control. The user would unwittingly give their online bank password to the attacker’s fake website.

That vulnerability has been patched since, but the DNS protocol itself in many ways remains fundamentally insecure:

  • DNS is not a secure protocol by itself, and software applications do not rely on it for security. The use of cryptography imposes some computational expense on the server and cause scalability issues. Secure Sockets Layer, the technology that most consumers interact with by seeing the tiny lock icon next to the URL bar in their web browser, mitigates this problem somewhat. A fake website would not be able to reproduce the proper SSL certificate, and web browsers display warnings about accessing web sites with invalid SSL credentials. However, users are amazingly resistant to such warnings, and the “click the button to make the message box go away” mentality causes many users to ignore these warnings.

  • Unfortunately, a more common attack would just be not employing SSL at all. Redirecting a user from YourOnlineBank.com (which uses SSL) to the fake replica website (which does not use SSL) would not produce any browser warnings. The cannier user may notice the lack of the “https” in the URL before entering their password, but most would not.

  • With the domain name system vulnerable, a website’s “forgotten password” feature also becomes an easy targets to hackers. By hijacking the YourOnlineEmail.com, an attacker could then go to Facebook, Ebay, or any number of online web services and request a new password sent to a user’s email address (such as BObama@YourOnlineEmail.com). This password would then be intercepted by the attacker when it is sent not to the real YourOnlineEmail.com, but the fake one in the control of the attacker. The real user is never involved or aware of the attack at any point.

DNSSEC is a proposed protocol (introduced in RFC 2065) that would secure the DNS protocol using public key encryption, but its adoption has been slow due to many factors. It is notoriously complicated to implement and maintain. Without a demand from applications, there is little incentive to add DNSSEC.

DNSSEC also has a political problem with the international community and more libertarian proponents of the Internet. The DNSSEC protocol would place the root authority to authenticate the entire domain name system with the U.S. Department of Commerce, including the domain name system of 187 different countries. This centralization of authority would also give the government the power to disable domain names, or perform DNS hijacks themselves.

Kaminsky has always been lukewarm to the idea of DNSSEC, but despite its problems and complexity Kaminsky is for securing the DNS protocol. A fix at this level of the Internet could potentially solve an entire class of security problems. The pressure placed on networks and DNS servers by business and consumer interests provide too large of an incentive to ignore this issue forever. And while the work to simplify the administration of DNSSEC is still far in length, Kaminsky has pointed that the implementations of proposed alternatives to DNSSEC (such as DNSCurve) are far behind.

Posted by ZoneAlarm on March 05, 2009 at 08:52 AM in PC Security, Security Industry, Technology, ZoneAlarm | | Comments (1)

|

Real World Internet Safety Tips for Using Public Wi-Fi

By James Grant, Team Lead and Senior Developer

I was recently traveling and wanted to keep in touch with both work and the world. I packed my laptop and was off. On arrival, the hotel clerk proudly told me that the hotel offered free Internet over Wi-Fi, no encryption to worry about. Great! I guess...

Confession: I get a little paranoid about security so I'm thinking through all the ways this could go wrong: the person in the next room is going to see all my Internet traffic because it is going over the airwaves like a cell phone call; the person in the next room will try to hack into my computer; the person in the next room will see my email address and I will get more spam. I need a new room! But wait, everyone in the hotel can see my traffic-- as well as anyone driving by! Well, the good news is that not everything you do on the Internet puts you at risk.

Using email

The first thing I wanted to do was check email at work. My company uses a VPN to support email access, so I can do that safely. I am free to use a public Wi-Fi link because a snoop will not try to decrypt my VPN traffic to read the emails. The VPN is the strongest link in the chain, not the weakest link.

The next thing I wanted to do was check my personal email at Gmail. There I have to be a bit more careful. I deliberately go to https://gmail.google.com (instead of http://...)because then Gmail gives me an encrypted connection (safe). If I just typed gmail.google.com, my login would be encrypted, but the emails I read and wrote would be unencrypted and any snooper could see them! Remember: whenever you see "https" at the start of the link in your browser, it means you're a lot safer than "http".

Checking online news

With that done, I wanted to check the news. Now I personally don't care who knows what news articles I read, so I freely went to my favorites:

www.news.google.com, www.theregister.co.uk.

Using Facebook

Then I wanted to check what was happening at Facebook. Darn. That's where I caught myself and chose to wait. Facebook encrypts the actual login, but after that it isn't as safe. Snoopers could learn the email address I use to log in as well as my profile ID (every Facebook member has a unique profile ID).

They also might be able to get my "session token": information that lets them connect to Facebook as if they were me. I could be wrong, like I said, I get a little paranoid. So I did not connect to Facebook over the unencrypted Wi-Fi.

Banking and other private activities

What else would I not recommend in a public setting?

- banking - even if the connection is encrypted, I reveal what bank I use

- online investments - same as banking, only more money at stake

- private activities: IM, political activities, porn (no, I'm

not confessing anything here. It's you, Dear Reader, I am thinking of!)

Avoid all of these things on unencrypted Wi-Fi, unless you use a service like Anonymizer Anonymous Surfing. With a service like Anonymizer, everything works the same but your network traffic gets routed through their server using an encrypted connection. Snoopers can't tell where you're going or what you're sending.

What about public computers?

A final note about using a public computer (library, conference, hotel, etc.) I would not log on to any account of mine on a public computer, even if it were an encrypted https: website. The computer might have a virus or other tool for logging everything you type. Think of a public computer as having the public looking over your shoulder.

Posted by ZoneAlarm on March 03, 2009 at 09:35 AM in Facebook Security, ID Theft, Phishing & Spam, Security Industry, Technology, ZoneAlarm | | Comments (1)

|

Adobe Acrobat PDF vulnerability is more of the same

By Jordy Berson, Group Product Manager, Check Point Software

A vulnerability in Adobe Acrobat is being used to steal business and government secrets.   This exploit entices its victims to open a PDF document, upon which a Trojan is transferred invisibly to the victim's PC.  The Trojan secretly records the keystrokes and allows hackers remote access to the victim's computer. This vulnerability has so far been targeted at business executives and government officials.  I don't know what's scarier - the attacks that target people like you and me directly to steal our identity, or knowing that our goverment and business officials are being spied on. 

The general idea is this: You're surfing the Internet, you land on a Web site, and BAM! Malicious software secretly downloads to your PC.  Most of the time you don't even have to click on anything or even stay on the site for more than a moment.  But when you leave the site, you take an invisible threat away with you that steals your identity and your privacy.

The Adobe attack is just the latest chapter in a dramatic but predictable story. Nearly every week for the past year, it seems a new drive-by exploit is discovered.  Web surfers fall victim.  Identities are stolen.  Secrets are passed.  Virus companies catch up...too late as usual. 

Any Web site will do.  These types of exploits have been hosted on compromised mainstream sites such as Miami Dolphins and Tom's Hardware and on popular banking sites where you'd never expect them, as well as on riskier sites such as free download sites.  The point is that these threats can affect you no matter where you surf and no matter how careful you are.  

How likely are you to hit a drive-by? A study by Google concluded that over 1% of all Web searches contain at least one malicious URL which could be a drive-by.  So out of 100 Web searches, you'll hit at least one of these.  And that's just one of the methods to get you. Phishing sites and other social engineering tactics can land you on a malicious Web site too. And if you do stuff like downloading free screensavers and music and you spend a lot of time social networking, your risks are higher.

So what do you do?  Hide your love away...

Hackers love people who run old versions of their software.  And you don't want to be loved by hackers! When you run outdated software on your PC, you make it dead easy to get hacked.  You're almost asking for it.  So please update all your software now...right now.  And especially if anybody is using an older version of IE or Firefox (or whatever browser you run)...upgrade immediately!  You should be on IE 7 and Firefox 3.  

...and get a good traffic cop.  The traffic cop is one of the few technologies out there that can stop drive-by downloads.  And this one is *the* only one at this time that works automatically (the others require you to change the way you download files and manage your file system). It's our own ZoneAlarm ForceField.  In the time its been out, its stopped 100% of drive-by downloads that we've been able to test - theoretical and actual. It does a lot of other stuff too. Try it for free and please tell me what you think of it.  Love it or hate it, I'd love to know. It's less than 5MB.

Thanks!

http://www.zonealarm.com/security/en-us/trial-download-zonealarm-forcefield-browser-security.htm

Read the Adobe Security Bulletin here.

Posted by ZoneAlarm on February 26, 2009 at 11:28 AM in PC Security, Phishing & Spam, Security Industry, Technology, ZoneAlarm | | Comments (7)

|

The Conspiracy of Silence around Web Attacks

By John Gable

ZoneAlarm Director of Product Management

 

Hardly anyone knew about it.

 

The Los Angeles Angels website was recently hacked overnight with a drive-by download. It tried to download “AntiVirus 2009”, a well known fake security program that actually installs malware, onto visitors' systems. The Angels fixed the problem the next day, but damage was done.

 

I don’t mean to pick on the American League West Champions. This happens much too often, not just in major league baseball, but also the National Football League (Miami Dolphins), job sites (Monster.com), financial institutions (Bank of India) and plenty more.

 

What else don’t you know about?  Did you know about …

I suggest there are 3 good reasons most people don't hear about such incidents.

  1. Hackers want to be invisible.  Gone are the “good ole days” when a hacker wanted to become famous. The "I Love You" virus was a big problem, but at least you knew if you were infected. Now hackers go to great lengths to make sure you don’t know anything is happening as they take over your PC.

  2. Web sites that have been hacked don’t exactly spend marketing funds to tell the world what happened. Responsible sites, like Check Free, quickly contact any potential victims to help them. But the last thing most sites want is to scare you away.

  3. Same logic applies to software vendors, even security companies. Plus, sometimes they don’t want to advertise vulnerabilities because they don’t want to educate hackers how to break in.

Special kudos to the companies that do a good job at communicating threats. Adobe just issued a security bulletin about a buffer overflow issue with Adobe Reader 9 and Acrobat 9.

 

I’m happy to report that our new ZoneAlarm Extreme Security, which integrates our latest PC security suite with our web browser security and more, is the only security suite that blocked any of the threats I listed above from the very first moment they hit the Web (someone else might have stopped the LA Angeles attack - but I can verify that others missed all the other attacks).

 

In fact, ZoneAlarm Extreme Security blocks all of them. See our Stops Attacks Others Miss page for more details.

 

Do you think people need to know about these Web attacks or is ignorance bliss?

Posted by ZoneAlarm on February 23, 2009 at 06:15 AM in Malware, Spyware, Worms, PC Security, Security Industry, ZoneAlarm | | Comments (1)

|

Waledac Valentine's Day attack stopped by ZoneAlarm ForceField. Are we the only ones?

by John Gable

 

Another Valentine's Day special.

 

You may have been reading how the Waledac botnet, a successor to the Storm botnet, has come to haunt your Valentine's Day.

 

This botnet is running a Valentine’s Day "campaign" soliciting people with phony Valentine’s themed e-mails and greeting cards. When users click through to a Web site to receive their messages, malicious software is silently and automatically downloaded to their computer. The malicious software can do any number of nasty things such as logging and transmitting everything a user types, stealing their credit card numbers and online passwords, and turning their computer into a launch pad to attack others.

 

With over 1000 variants in just one day, this is very hard to stop.  Perhaps impossible to stop for typical antivirus software that relies on lists of known threats.

 

This is yet another example of how important browser security has become.  We need to stop attacks like these at the point of entry - the web browser - and prevent that malware from getting onto the PC in the first place.

 

Thank you ZoneAlarm ForceField.  Just add ZoneAlarm ForceField to IE or Firefox, and you will be protected from attacks like this.  Our browser security prevents this and other attacks from hacking your PC by keeping the browser inside a "virtual sandbox" where malware can not access your system.  It also includes other powerful browser defenses like dual-engine anti-phishing (signatures and heuristics) and more.

 

Question:

 

So far, ZoneAlarm ForceField is the only mainstream consumer security product I can find that blocks this attack and the other Waledac botnet attacks starting on day one.  Anti-spam should block some or most of the spam that initiates this attack, but it is rarely 100% reliable.  Good internet sense may stop you from clicking on the link, but who knows, maybe you do have a Valentine somewhere that loves you.  There are some techy PC virtualization and sandbox software programs out there, but they are too cumbersome for most people. 

 

Is there a better way to block this attack?

 

PS.  If you want to learn more about the Waledac Valentine's Day attack, the Waledac botnet or Storm botnet, these are my favorite posts on the subject:

 

Malware Writers Use Multiple Botnets to Spread Valentine's Day Heartache

eWeek by Brian Prince

 

Another Waledac Valentine's Day Spam Run Has Started

MX Logic IT Security Blog

 

New And Improved Storm Botnet Morphing Valentine's Malware

Dark Reading by Kelly Jackson Higgins

Posted by ZoneAlarm on February 13, 2009 at 04:41 PM in ID Theft, Malware, Spyware, Worms, PC Security, Phishing & Spam, ZoneAlarm | | Comments (2)

|

Patch Tuesday and ZoneAlarm

by Laura Yecies

It’s now been 2 weeks since the Patch Tuesday mess that knocked many of you offline. Since ZoneAlarm updates have been released, Microsoft has released a revised security bulletin and knowledge base article, and things have largely returned to normal, I wanted to offer you an apology, plus an explanation of events and outline the steps we’re taking to reduce the risk of this happening again.

First, the apology. This should not have happened, and everyone here at Check Point is very sorry for your inconvenience.

What happened? As you probably now know, Microsoft issues new security patches on the second Tuesday of each month for its Windows operating system and Internet Explorer browser. This is called “Patch Tuesday.” Two weeks ago, one of the security updates wasn’t compatible with ZoneAlarm, causing many of our customers to lose Internet access.

(What’s particularly ironic is that we have long tried to tell all of you how important it is to patch your PC as soon as Microsoft releases these updates, and I always try to reiterate that point here in this blog. And I still will – these security updates are critical to your overall PC safety…please don’t allow this experience to change your patching habits.)

But I digress.

In this case, since it was a Windows patch and not an update issued by ZoneAlarm that instigated the crisis, we learned of the conflict from you – through our customer service line, forums etc. Immediately, our engineering team sprung into action, and in less than 24 hours released a new, tested and QA’ed version to resolve it. Our team posted a work-around to the Web site within hours, and our developers in San Francisco worked through the night to create a permanent solution. This is no easy feat, and while I’ve thanked them personally, I also wanted to acknowledge their outstanding commitment publicly.

So here’s what we’re going to do: We’ve assigned a team of top engineers to install any new updates on a new test bed currently being engineered specifically to catch compatibility issues between Windows or Internet Explorer and all ZoneAlarm products. This will happen in real-time on Patch Tuesdays.

In addition, we’re working with Microsoft to try to open up new communication avenues. While it’s not a panacea, more open and coordinated communication is a positive step forward.

Thank you for your understanding, and a special thank you to everyone in the ZoneAlarm user community who helped us spread the word once we had a workaround identified and posted. Your help was invaluable.

Safe surfing,

Laura

Posted by ZoneAlarm on July 25, 2008 at 03:08 PM in ZoneAlarm | | Comments (17)

|

Free VoIP, as long as they can listen in...

The recent story about "The Pudding" is notable:

http://www.dslreports.com/shownews/The-Pudding-Listens-In-On-VoIP-87838

A new startup named The Pudding is offering users free calls via broadband, if they allow the company's software to "listen" to the conversation and display ads related to what's being discussed. The company insists that their technology isn't much different than what Google does with Gmail, with the exception that speech recognition technology is often flaky.

Hmm. Just the thought alone of a computer out there trying to figure out what I'm saying gives me the creeps. And what legal obligations will follow? If the system thinks you said something criminal, does the Government have the right to demand to hear it? You can't object because you already agreed to allow your call to be listened to. You've sold your privacy for 3 cents/minute. In the U.S.A., laws were made to protect the privacy of telephone calls. In legal terms, there is an "expectation of privacy". Here, there is none. For 3 cents/minute.

Have you seen the bumper stickers that say "Freedom isn't Free"? It means we must be vigilent about protecting our rights or they will be taken from us. We must be prepared to make sacrifices so the next generation enjoys the rights we have. Even with Internet telephone calls, Freedom isn't free, but at 3 cents a minute, it's pretty affordable.

http://www.jajah.com/

Posted by jcgrant on October 15, 2007 at 05:36 PM in ZoneAlarm | | Comments (3)

|

Next »