Jump to content

Interesting Article from The Register

catscomputer

By catscomputer
in General Chat

 Share

Recommended Posts

catscomputer

catscomputer

Posted
  • Author
Posted
Yup, this is the way of things, and one of the key reasons MBAM exists :rolleyes: . Heuristics is a powerful tool, and helps MBAM to stay on top of many of these 0-day variants of new malware :D .

Yes, thank goodness for MBAM! I think I'd be too paranoid to plug in my ethernet at all if it wasn't for this programme!

OK, I'm about to show my ignorance, but is that what "Zero-day" refers to - variants of new malware that last less than 24hrs? I always wondered what that term meant.... I learn so much from reading this forum.

I'm also not sure what "drive-by" attacks mean.

Link to post
Share on other sites
exile360

exile360

Posted
Posted
0 day virus. Drive by refers to an attack that automatically infects a vulnerable computer simply by browsing to an infected website, meaning no clicking or download is necessary. This is usually accomplished through some sort of malicious script that exploits a vulnerable point in the browser or an active x control installed on the user's system.
Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
0 day virus. Drive by refers to an attack that automatically infects a vulnerable computer simply by browsing to an infected website, meaning no clicking or download is necessary. This is usually accomplished through some sort of malicious script that exploits a vulnerable point in the browser or an active x control installed on the user's system.

Thank-you for the link, exile360. It explains the term really well. I also now appreciate what you mean by zero-day attacks being one of the reasons for MBAM existing. :rolleyes: Malware-writers must hate MBAM!! Thanks also for explaining about drive-by attacks. Hopefully AVG SurfShield and NoScript in FF will prevent me falling victim to those. *touches wood*

Link to post
Share on other sites
exile360

exile360

Posted
Posted

You're welcome :D . Yes, they LOATHE MBAM because of its ability to kill their new malwares, often even without a definitions update "Curse you Malwarebytes' !!!" :rolleyes: .

NoScript is the big one that will help you avoid those types of attacks, also, always keeping any plugins (such as Flash and Java) up to date, along with your operating system and browser(s) as vulnerabilities are always being discovered and being patched.

Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
... always keeping any plugins (such as Flash and Java) up to date, along with your operating system and browser(s) as vulnerabilities are always being discovered and being patched.

*nods*. That's another thing I've learned in this forum. I'm pretty meticulous about updating everything as soon as updates are released. It amazes me how many people never update their software though! Even at my work (which has several IT staff on site). They are running IE6 & Adobe Reader 7.0 (on XP). I hate to think what version of Flash! Needless to say I don't put any non-work related paswords into my work computer! :rolleyes:

Link to post
Share on other sites
MysteryFCM

MysteryFCM

Posted
Posted

If the IT staff are allowing IE6 and AR7, and they don't have an intranet or other company application that requires this (another issue I can't get into here as it would take too long), then the IT staff need to be fired ASAP. Indeed, just the fact they've not forced an upgrade for Adobe itself, would be enough for me to fire them.

Link to post
Share on other sites
chimpy

chimpy

Posted
Posted

Our IT are just like that too, I checked a few weeks ago and java,adobe,IE, ect are all out of date by atleast a years worth of updates.

I asked the IT guy who came to fix a work mates BSOD if he knew this and he said "yup probably are out of date but they have not been told to update anything and so will not do so!"

They are paid to fix things not to keep stuff up to date.

Even though during the break the 100's of us that work there surf the net and all we have is macfee to protect us :rolleyes:

No wonder we see the IT guys down here atleast 3 times a week!

Link to post
Share on other sites
  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted

Most 'IT' guys are more or less clueless when it comes to securing the network and client machines against Net born attacks. All they usually know is the hardware stuff. You can't be an effective IT guy tho these days without know all those threats tho these days.

That role has changed. I still occasionally run into someone in support or on my site who claim to have years and years of experience in IT, yet have absolutely no idea where to even begin to look for system threats beyond running resident av. After I clean 'em up, they think I'm a genius. Jokes on them. :rolleyes:

Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
If the IT staff are allowing IE6 and AR7, and they don't have an intranet or other company application that requires this (another issue I can't get into here as it would take too long), then the IT staff need to be fired ASAP. Indeed, just the fact they've not forced an upgrade for Adobe itself, would be enough for me to fire them.

That's a point, we do have a company intranet, so perhaps this is why they never seem to update software. They also have staff dialling in to the server from remote locations.

I must admit cringe when I have to open a PDF file at work.

Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
Our IT are just like that too, I checked a few weeks ago and java,adobe,IE, ect are all out of date by atleast a years worth of updates.

I asked the IT guy who came to fix a work mates BSOD if he knew this and he said "yup probably are out of date but they have not been told to update anything and so will not do so!"

They are paid to fix things not to keep stuff up to date.

Even though during the break the 100's of us that work there surf the net and all we have is macfee to protect us :rolleyes:

No wonder we see the IT guys down here atleast 3 times a week!

That sounds familiar. I informed the head of IT about a nasty vulnerability being actively exploited in Adobe Reader several months ago (and there have been at least 2 more since then), after noticing that we were using version 7.0. He just said he'd take a look at the Adobe website and not to worry because Symantec would catch anything that needs catching. Okaaaay.

Their Java is an ancient version too.

Link to post
Share on other sites
  • 2 weeks later...
catscomputer

catscomputer

Posted
  • Author
Posted
@ catscomputer

are you able to do any updates yourself, at least on the computer that you use?

No. Unless you are in our IT department, downloading software (which includes updating) is against our company's "Computer Code of Conduct" (which is a 95 page document). The only settings we are allowed to tweak are the mouse buttons, the display size, and the brightness. Ironically that rule about downloading is to prevent malware (lol), but also to stop any of the machines getting mucked up by staff who dont know what they're doing.

I only use the work computers for work stuff, so I'm not worried about my personal passwords or personal information being stolen. :)

Link to post
Share on other sites
YoKenny1

YoKenny1

Posted
Posted

Its probably because the technical staff are afraid that the users know more than them and do not want to have the management know how incompetent they are.

Its job security as well so no infected systems would tend to have management believe they don't need the high priced technical staff.

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ catscomputer

Ah, I see. Might you be able to speak with someone about you possibly being able to update Adobe etc (at least on the computer that you use at work) or would this be a big no no?

That's good that you only use it for work stuff. :)

@ YoKenny1

You have an excellent point there. It's too bad though, they (IT staff) should KNOW that certain things need updating... :/

Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
@ catscomputer

Ah, I see. Might you be able to speak with someone about you possibly being able to update Adobe etc (at least on the computer that you use at work) or would this be a big no no?

That's good that you only use it for work stuff. :)

I already have, ages ago (see comment 13 in this thread). Flash, Java, Adobe Reader, IE and a heaps of other stuff is all more than two years out of date. MysteryFCM made a point about how having an intranet and company-specific applications (of which we have both) might have something to do with why they don't update software.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Yes, many companies refuse to roll out any updates out of fear that it will cost them in down time due to potential crashes and incompatibilities with the programs and sites they are required to use for their business. This is especially true with intranets and when the company in question uses proprietary software or very outdated business applications that they can't afford to migrate from and replace with newer technology.

Such businesses often rely on strict Group Policy management and keep a backup image for the machines so if something does get infected, they just nuke it and restore the image from the backup so everything goes back to the way it was.

Link to post
Share on other sites
catscomputer

catscomputer

Posted
  • Author
Posted
Yes, many companies refuse to roll out any updates out of fear that it will cost them in down time due to potential crashes and incompatibilities with the programs and sites they are required to use for their business. This is especially true with intranets and when the company in question uses proprietary software or very outdated business applications that they can't afford to migrate from and replace with newer technology.

Such businesses often rely on strict Group Policy management and keep a backup image for the machines so if something does get infected, they just nuke it and restore the image from the backup so everything goes back to the way it was.

*nods* This is especially so for us - our business runs a 24hr/365 day a year service and there aint any down time!

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ Exile

Yes, many companies refuse to roll out any updates out of fear that it will cost them in down time due to...

This is all really too bad, but I kinda understand it better now.

I wouldn't think that updating Java, Adobe, and other similar, simpler programs would cause these problems though.

It's a shame. I hope that this train of thought and the ability to be able to update will be changeable at some point in the future.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

I think it will be, but part of the issue is that many companies either are afraid of bugs in the updates (usually the reason Windows seldom gets updated) or use web based applications, which sometimes depend on some of these plugins (we use one @work based on Java), and they know it works with version x.x of a software but aren't sure about newer versions. If they'd keep one box around, identical to the other PC's for testing by some member of the IT staff with updates etc it might help as they could run it through its paces with new updates to see if there are any issues, but finding the time and manpower to do it is another issue, and it seems most businesses figure that as long as they have AV installed they'll be safe.

I keep the computer here @work up to date though, and thankfully haven't had any issues whatsoever. I did keep it on IE7 instead of 8 though, as many of my coworkers aren't very familiar with computers and the last thing they need is an interface change on the browser they use every day for work. Of course, there aren't any security vulnerabilities that have been patched in IE8 that have not also been patched in 7.

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ Exile

Ah, that's true. That makes a lot of sense. I think that's a good idea to have one computer to test on, although you're right, finding the time and people to do it could be a whole other issue. AV's certainly help in being safe but they aren't 100% of course, unfortunately.

That's good that you keep the computer up to date there. I'm glad that you haven't had any issues to date either! :( That's good to know that there aren't any security vulnerabilities in 8 that haven't been patched in 7. 8 comes through on auto updates though, so what if you accidentally install it that way, or you even installed it but then realized you shouldn't have, what would a user do? Just uninstall it from the control panel maybe and it would go back to 7?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.