Notes from the Field

MBorsick's picture

The McAfee brand is being phased out by Intel. A couple of years ago, Intel bought McAfee and has been incorporating McAfee into its different products. The McAfee products will be renamed “Intel Security”. Expect to see this change complete by the middle of the year.

Intel Security is going to offer free mobility tools for smartphones and tablets to customers running Android, iOS, and other operating Systems to its customers.

Belkin also in the last year bought Linksys from Cisco who had bought out Linksys some time ago wanting to gain entry into the home router and switch market. This didn’t work out as planned, so Cisco exited the home market. Belkin will continue to use the Linksys brand and maintain the familiar blue and black form of the Linksys product line. Belkin is still in the process of integrating the Linksys line into its own product line. If you do a search on the Belkin website, you will find that Linksys is not found anywhere. In fact, you still have to go back to the Cisco website to get support.

For those people who are interested in what Belkin will do with the Linksys line, Belkin has already announced some information and future products. The familiar WRT54G router will be resurrected using open source software from dd-wrt.com and is adding the latest Internet and Wi-Fi technology to the router. The price tag, however, will increase to the $300 price level.

It has been rumored that Microsoft will release an update to Windows 8.1 in the month of April. This update will be free. Rumors have just started regarding the next release of Windows which will be called version 9.

As much as I hate to add my voice to the doomsayers about the impending death of Windows XP, Microsoft is making it rather difficult for most users to continue using it. As you know, Windows XP will receive its last update on April 8th of this year. Office 2003 will also cease support as of April 15th of this year. To make matters worse, Microsoft will be stop providing security and malware updates to Microsoft Security Essentials for XP in addition to ending the MSE scanning software for XP on April 8th.

Microsoft’s first scheduled update for 2014 will only be four updates none of which are critical. The updates will fix problems with Word, SharePoint, and Dynamics AX. One bulletin will fix a problem that is present in to XP and 2003 Server which has been actively exploited since late last year.

Oracle is releasing 147 security updates for software it sells or provides free. Most of it is not user group material. However Java is. There are 36 patches to be released in this batch. From what I have read, these patches will be considered critical and will need to be installed quickly. Apparently there is an active exploit that the patches will plug.

The Target breech has now expanded.  In addition to the 40 million customers who used credit and debit cards during the November 27th to December 15th time period, another 30 million customers who have guest accounts were also affected.

The Adobe hacker breech that I mentioned several months has now widen. It is reported now that over 152 million customer account information was obtained.

The revelations regarding NSA spying continue to amaze. It is reported now that the NSA has the capability to drive all the way to individual components such as a hard drive on a PC connected to the Internet to gather information. That also means that any routers, switches, etc. can also be compromised.

One thing that I found Interesting is that the FBI has the capability now to activate a web camera without activating the activity light on the webcam which tells you it is operating. In effect, the FBI can watch you, using various techniques, to see you, people and things around you, and also what you are doing on the PC at the time the camera is turned on. If you have a lens cover for your camera, I’d start using it if you are not using your webcam. Of course, people will claim they have nothing to hide, but it has already been reported that different individuals have used this ability to spy on girlfriends, wives, etc.

One last note and this is what I am seeing here crossing into my own network. I am seeing a high number of email with attachments containing the Trojan.Zip.Bredozp.b (v). This is a banking Trojan consisting of a keylogger, a Trojan horse that allows the software to continue to affect connected computers and networks, and a backdoor which allows for remote access. What I am finding is that the Trojan is coming in via my Roadrunner email account. With regards to my company account, the appliance I have at the front of my network that scans incoming and outgoing traffic is catching the Trojan and not allowing it through. However my Roadrunner email is not routed through the scanner, so the infected attachment is caught by the Vipre security software component that scans all email loaded into Outlook which I use for a client. Here is a case where I and others in the security field have recommended that people use the approach of defense in depth, the depth being not only the main scanner at the edge of my network, but also on the mail server, and finally on the Outlook client itself. Even in this case, it does happen, though rarely, that something will come through, so the advice that I offered in my blog post should still be followed in any case.

Mailbag Summary

The Mailbag section contains copies of received messages from sponsors and affiliates. These can be: special offers, newsletters, web seminar notices, or any combination of the above. Please check out the Sponsorship Overview for details on how to become a sponsor if interested!

Subscribe to Mailbag Summary