Be careful out there: Conduit Search spyware is annoying the Internet

UPDATE: In early 2014 a more aggressive version of Conduit Search started showing up. If the below instructions are not effective, we would suggest using Malwarebytes to remove the infection. You can download a free version of Malwarebytes here. (During installation, you may want to uncheck the “Enable free trial of Malwarebytes Anti-malware Premium” box if you don’t want a 30 day trial of the premium software to install.) Once installed, simply click “Scan Now” and Conduit Search (as well as any other infections) should be cleared up pretty quickly. Business professionals may want to consider TOAST.net’s Managed Antivirus product instead, which will block and clean infections as well as send you a regular security report to help you manage your network.

_______________________________________________________________________

Original Article:

We’re seeing a lot of reports of something called Conduit Search showing up on customer computers over the last few weeks, causing problems ranging from an inability to get to certain websites to getting completely locked out of your Internet connection. Conduit Search is essentially a
browser hijacker: a program or an add-on that attaches to your web browser and changes settings in ways you did not authorize.  In this case, browsers that are infected with Conduit will have their home page changed to search.conduit.com, and any searches performed will go through Conduit’s search engine rather than Google, Bing, Yahoo, or whatever search engine you are used to using. This search information is collected by Conduit for marketing and ads, then search results are displayed that make the business money with each click. Continue reading “Be careful out there: Conduit Search spyware is annoying the Internet”
Advertisements

Security Firms Recommend Disabling Java Due To New Exploit

Security researchers are recommending users disable Java on their computers after an exploit has been discovered that could possibly allow a malicious website to take control of your computer.

Java, a set of software tools that allows advanced features to run on websites, currently has a vulnerability that can allow an attacker to run unauthorized applications on a vulnerable computer. Being a zero-day vulnerability, antivirus firms and Oracle (the manufacturers of Java), have not had time to implement a fix, leaving both PC’s and Macs unprotected until a patch becomes available. Security firm Alien Vault as reported websites using this exploit are already showing up in the wild. Continue reading “Security Firms Recommend Disabling Java Due To New Exploit”

Keeping your computer safe

Keeping your computer safe and secure is easy. Cleaning up the results of not having the proper protection is difficult. Follow these tips to keep your computer…and your information…safe on the Internet:

 
  • Stay Updated: I hear some people saying “There are too many updates! Updates always mess things up! I skip/turn off updates!” This is a BAD idea. The reason Windows, antivirus software, or any other piece of software updates itself is usually because flaws have been found that hackers can take advantage of. If you put yourself in the right situation with an unpatched security hole in place, you’ve become a victim. Always run updates to any software as soon as it is available. If the updates will not install properly, seek out technical support or professional assistance. 
  • Watch for Fake Pop-up Windows: The #1 way of contracting a virus today is through pop-up windows designed to look like Windows error messages. You may see something that suddenly appears that says “Warning! Virus detected! Click here to download the cleaner tool!” Once you install this “tool” the software essentially holds your computer hostage — constantly popping up more windows bullying you into paying a fee for the “full version” of the fake software (known as “rogue antivirus”). Avoid this trap by verifying any virus detection directing from your antivirus software…not from a popup window. 
  • Watch Those Apps!: Social media sites like Facebook and Twitter are very popular, making them prime targets for scams. You may be sent invitations to play games, get free items, join clubs or lists, or even get added to a new game. These app requests often collect your information, and sometimes even end up sending themselves to people you know without your knowledge. They can also force things like pornographic advertisements, automatic postings, and spam emails. It is best to avoid installing any social application unless you know exactly what it is for and what it does. You can often do a quick Google search for the name of the app to see what people are saying about it.

Security Alert for Internet Explorer Users

Microsoft URGES everyone to install security tool

UPDATE: Microsoft has released a patch to fix this security issue as of 9/22/12. Please run Windows Update to make sure you are patched.

 

This week, Microsoft is urging Windows users to install a security tool to protect against a newly discovered bug in Internet Explorer.

This security issue may allow hackers to take control of infected PCs and affects all versions Internet Explorer browsers. Microsoft is currently working to patch the flaw, but their security tool should protect users in the meantime.

The free security tool, called the Enhanced Mitigation Experience Toolkit,  is available from Microsoft.

The malicious software,  known as Poison Ivy, was discovered last Friday and has the capability of stealing data and assuming remote control of infected PC’s. Being a “zero-day” infection, there are not any effective patches or protections available against it as of yet. Antivirus manufacturers are working on updates to protect against Poison Ivy, and are expected to have them available later this week.

In the meantime, be sure to install any Windows updates as soon as they are available. Check for the latest updates from Windows Update.

For free antivirus software, visit TOAST.net’s Software Page.

Update 9/20/12:

Microsoft has announced a patch for this vulnerability will be made available on Friday, Sept. 21st via Windows Update.

Google’s Privacy Change: Not Such a Bad Thing

There have been many questions and concerns about Google’s new updated privacy policy. Last week, the Big G started posting notifications that it is going to change the way it handles customer information. Here is exactly what is happening:

Google runs a LOT of popular services. Gmail, Google Docs, Picasa, YouTube…all of these have millions (even billions!) of users. The problem is each service requires a separate account. You needed to sign up every time you wanted to use a different service, meaning each service required its own username, password, and set of terms and privacy conditions. Continue reading “Google’s Privacy Change: Not Such a Bad Thing”