Scam of the day – June 26, 2015 – Samsung disables Windows Updates

Samsung is not having a particular good week.  First, as I reported to you in June 21st’s Scam of the Day a long standing security flaw in millions of Samsung’s Galaxy smartphones was disclosed and, as of today, still remains unpatched and now, Microsoft engineer Patrick Barker has found a program with Samsung’s computer software that disables Windows Updates from running automatically.  This means that if you have a Samsung computer, it is necessary for you to manually update your computer with the latest Windows security patches each time they are issued.  Not only is this an inefficient way to install critical security updates that are necessary to protect you from hacking and other dangers, but most Samsung computer users probably did not even know that this Samsung disabling program even existed.  For regular readers of Scamicide, you are at least protected to some extent because whenever Microsoft issues a new Windows security update, we publish it with the links you need to download the necessary patches.  However, automatic updating of your computer’s software is always the better option.  Hackers and identity thieves consistently take advantage of people, companies and government agencies that fail to promptly update their software when security patches are released.

TIPS

If you have a Samsung computer, there is nothing you can do to turn off your computer’s software program that disables Windows Updates from running automatically because even if you turn Windows Updates back on, your computer will automatically disable it again the very next time your computer is rebooted.  Therefore it is incumbent upon you, if you have a Samsung computer to make sure that you update your Windows software with the latest security patches on your own as soon as they become available.  You can either monitor Microsoft’s website or just follow Scamicide each day and we will alert you when updates are issued.

Scam of the day – June 17, 2015 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.  Today’s updates include critical updates for Adobe Flash, Microsoft Windows 7 and Internet Explorer.

TIPS

Here are links to the latest security updates and patches from the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB15-166

https://www.us-cert.gov/ncas/current-activity/2015/06/16/Adobe-Releases-Security-Updates-Multiple-Products

Scam of the day – April 5, 2015 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Users of the affected programs should make sure that they update their software with these latest security patches as soon as possible.  Today’s updates include security patches for Adobe Flash which is always a target of identity thieves as well as updates for Google Chrome, Mozilla Firefox and others.

TIPS

Here are links to the latest security updates from the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB15-082

https://www.us-cert.gov/ncas/current-activity/2015/04/01/Google-Releases-Security-Update-Chrome

https://www.us-cert.gov/ncas/current-activity/2015/03/31/Mozilla-Releases-Security-Updates-Firefox-Firefox-ESR-and

https://www.us-cert.gov/ncas/current-activity/2015/03/26/Cisco-Releases-Semiannual-IOS-Software-Security-Advisory-Bundled

Scam of the day – February 24, 2015 – Celebrity Chef Jamie Oliver’s website hacked

Jamie Oliver is a popular celebrity chef whose website, jamieoliver.com was hacked by unknown hackers who infected his website with malware that enabled the hackers to take control of the computers of many of the ten million monthly visitors to his website since December until a few days ago when the problem was identified and fixed.  The hacking was discovered by the security firm Malware Bytes, the makers of excellent security software, which I use myself.  This particular hacking injected the malware into the website itself, so visitors did not even have to click on links within the website to risk becoming infected.  The particular malware enabled the hackers to take over the victims’ computers to utilize them for the sending of spam or phishing communications as well as to steal personal information from the victims’ computers to use to steal the identity of the victim.  It should be emphasized that the problem has been corrected, however this type of attack brings up many questions about how do we stay safe when surfing the Internet.

TIPS

The first thing to do if you have gone to the Jamie Oliver website since the beginning of December is to have a security scan of your computer or other electronic device done with updated anti-virus and anti-malware security software.  The hackers in this particular case exploited a vulnerability in the Adobe Flash Player which was patched in January of 2015.  You can find links to the patch in the Scamicide security updates found in some Scams of the Day for January.  Adobe Flash has long been a favorite of hackers and it is critical, as I have advised you many times, to keep the software you used up to date with the latest security patches which is why I provide you with links to those patches as they become available.  The hackers also exploited vulnerabilities in Java software and Microsoft’s Silverlight.   Java is another software program popular with not just the public, but also with hackers so you should always be sure to maintain your Java software up to date with the latest security patches.

Scam of the day – January 7, 2015 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates includes an important Facebook security update

TIPS

Here are the links to the latest Department of Homeland Security software updates and security patches: https://www.us-cert.gov/ncas/bulletins/SB15-005

Scam of the day – November 27, 2014 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates includes many important updates and security patches to prevent serious problems including important security updates for Google Chrome and Apple tv.

TIPS

Here are the links to the latest Department of Homeland Security software updates and security patches: https://www.us-cert.gov/ncas/bulletins/SB14-328

Scam of the day – November 15, 2014 – Indiana Department of Education hacked twice

Within the space of a single week, the Indiana Department of Education was recently hacked twice although a spokesman for the Department has indicated that the vulnerability that enabled the attacks has been patched.  The Department said that no personal information of Indiana students was compromised in the attacks, saying that this information was kept on different servers than the one that operated the Department’s website.  Both attacks were claimed to be the work of a group calling itself the Nigeria Cyber Army, which boasted of the hacking on the Department’s website.  What makes this particular hacking noteworthy is that the vulnerability exploited in order to achieve the hacking was a flaw in Drupal content management software used by a billion websites around the world.  I told you about the Drupal security flaw in my Scam of the day for November 3rd.  Drupal warned its customers in late October of the flaw and urged its users to download the necessary security patch.  It was estimated by Drupal that around twelve million websites failed to install the security patch in a timely fashion.  It appears that the Indiana Department of Homeland Security was one of them.

TIPS

So what does this mean to you and me?

First of all it is a reminder that our personal information is only as secure as the places holding our personal information with the worst security.  The second thing to remember is that when security flaws are discovered and security patches issued, companies and individuals should download and install the necessary security patches as soon as possible.  It is for this reason that I regularly provide you with the latest security patches as issued by the Department of Homeland Security.  Scammers and identity thieves count on companies, governments and individuals not promptly updating their software and take advantage of this delay to the detriment of all of us.

Scam of the day – November 5, 2014 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates includes many important updates and security patches to prevent serious problems including important security updates for the popular website design software WordPress.

TIPS

Here is the link to the latest Department of Homeland Security software updates and security patches https://www.us-cert.gov/ncas/bulletins/SB14-307

Scam of the day – October 23, 2014 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  That is why we provide links to the necessary patches and updates as provided by the Department of Homeland Security and the companies directly.  Today’s updates includes many important updates and security patches to prevent serious problems including important security updates for Microsoft Windows,  Internet Explorer, Mozilla Firefox, iPhones and Apple TV.

TIPS

Here are the links to the latest security updates as issued by the Department of Homeland Security:

https://www.us-cert.gov/ncas/current-activity/2014/10/22/Microsoft-Releases-Advisory-Unpatched-Windows-Vulnerability

https://www.us-cert.gov/ncas/bulletins/SB14-293

https://www.us-cert.gov/ncas/bulletins/SB14-286

https://www.us-cert.gov/ncas/current-activity/2014/10/20/Apple-Releases-Security-Updates-iOS-and-Apple-TV

Scam of the day – October 17, 2014 – Another Heartbleed-like security flaw discovered

We all remember the Heartbleed scare from last April where a security flaw in the Open SSL encryption technology used throughout the Internet was discovered and a rush to fix it was done before the flaw could be extensively exploited by hackers.  Now we learn about another flaw in encryption software which although not as serious as Heartbleed is still significant.  This one goes by the acronym of POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption.  A POODLE attack could enable a hacker to steal information from unwary victims.  Fortunately, patches have been created and are provided below.

TIPS

Here is a link from the Department of Homeland Security to security updates to resolve this problem.  https://www.us-cert.gov/ncas/current-activity/2014/10/16/OpenSSL-Patches-Four-Vulnerabilities

And while we are at it, here are the latest Department of Homeland Security links to security updates for Mozilla Firefox and Thunderbird.  https://mail.aol.com/38798-516/aol-6/en-us/Suite.aspx