In case you missed the email, LastPass, one of the most popular password keeper on the planet has got there network security tested recently.
Many users of LastPass should be receiving similar emails as displayed.
Microsoft is making Windows 10 available as free upgrade for qualified Windows 7, Windows 8.1, and Windows Phone 8.1 devices . Must be running with latest updates/patches installed. If you never turned off windows updates for your computer you should be set.
Although this is a limited time offer, you have a while to get your things in order before you take the plunge as this free upgrade offer doesn’t end until July 29th, 2016.
Read More
It seems like whenever there is a major virus outbreak or vulnerability announced, such as the Heartbleed vulnerability, scammers and malicious hackers are not too far behind trying to cash in on the moment and innocent.
Here is a phishing email (http://en.wikipedia.org/wiki/Phishing) recently received in one of my not-so-important email accounts. One that is used mainly for signing up for things like demos of products or coupons and promo codes.
Usually those places end up re-selling your email account, thus increase spam/phishing emails directed to that account. So I never use any of my main/important email accounts in those situations and neither should you.
Below is the subject and body of the message, along with a screen capture of what it looked like.
SUBJECT OF SPAM MESSAGE: Heartbleed/OpenSSL vulnerability: password change recommended
BODY OF SPAM MESSAGE: (hyperlinks removed for precaution)
Although April Fools day recently passed, this is no April Fools joke. One of the most major security threats to the internet as a whole was on display for all to see. This vulnerability is listed as “zero-day” because the software developers have had zero days to fix them when the vulnerability was discovered.
On Monday, April 7th, 2014, a major bug in OpenSSL was revealed which allows attackers to read information from the memory from servers that had OpenSSL installed. Roughly 66% of the internet uses this application to secure your data. Northwoods Web Designs uses OpenSSL as well but was not using the version(s) that were vulnerable.
What is the Heartbleed bug?
This security bug takes advantage of a bug in OpenSSL (all programming applications have bugs, yes even Apple and Microsoft), which allows any normal user to read information that was stored in memory without any additional privileges on the server.
In the past month, several antivirus companies have discovered a new ransomware variant known as Cryptolocker. Ransomware is a type of malware on the rise that holds your precious files hostage for money.
It does that by searching your computer and shares for popular file extensions and encrypts them preventing you from accessing them ever again unless you pay up.
This type of ransomware does not spread to other PCs or replicate by itself. This program needs your interaction to do its evil work. Ransomware needs you to launch the program on your PC. Of course, like phishing scams, It does this by trying to trick you into opening up some random attachment from a random email.
This attachment (could be a picture, zip file or other) contains the simple script to get it started doing its havoc on your PC.
If your PC gets infected then your files will more then likely be encrypted shortly after and will not be able to access them. It is impossible to decrypt the files without the private key.
