SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

security

« Older Entries
Newer Entries »

Keep your cell phone secureHou jou selfoon veilig

Friday, February 22nd, 2013

These days your smartphone is just as powerful as your laptop or pc a few years back. You store more personal and work information on your device and it’s always connected to the internet.

It’s exactly this convenience that puts you as a smartphone user at risk. Cooltech, iAfrica’s tech section, has a few ideas to minimise risk and ensure your personal information stays, well, personal and safe from malware and cybercriminals and other security risks.

Set up a password

Your first line of defense is to simply set up a password on your phone. Most cellphone providers allow you to type in a pin number each time you switch on your phone or after a period on inactivity.

Install security software

Since smart phones are no longer just for storing phone numbers and sms’s, but also bankdetails, they’re also an easy and perfect target for cybercriminals.

Consider installing anti virus software to protect your device against malware. F-Secure, Norton and other large security software vendors each have their own version for the main smartphone platforms.

Activate the remote wipe function

The biggest risk is the the theft or loss of your device. Rather than worry about a stranger snooping through your information, activate the remore wipe function.

This function will allow you, by means of an internet connection, to delete your photos, business contacts and e-mails when you suspect you might not be able to recover your phone.

Some manufacturers like BlackBerry and Apple offer the remote wipe function and location applications for their latest devices, while third party applications are available for other platforms.

Download safe and approved applications

The temptation to download a free, unofficial application on your iPhone or Android instead of purchasing one through iStore, is big, but do you really want to take the risk and expose your phone to malware.  Rather stick legitimate sources where proper quality control is done and applications don’t come with added nasty surprises.

Backup your data

As we’ve already established, a substantial amount of your life is on your smart phone – e-mail, phone contacts, documents, photos and much more. Just as you back up your computer (hopefully!), do the same with your cell phone so you won’t lose everything if you lose your phone.  Many smartphones allow you to make a thorough backup from your device to your pc or at least sync the most important data and settings to an online service.  Many smartphones allow you to make a comprehensive backup of your device to a computer, or to sync your most critical data and settings to an online service.

Jou slimfoon is deesdae net so kragtig soos jou skoot- of tafelrekenaar van`n paar jaar gelede. Jy stoor ook meer kosbare persoonlike en werksinligting daarop en is feitlik altyd verbind aan die internet. Dit is egter ook juis hierdie gerieflikheid wat vereis dat jy net soveel sekuriteit toe pas op jou selfoon as wat jy op jou rekenaar sou gebruik.  

Cooltech, iAfrica se tegnologiese afdeling, het `n paar idees om seker te maak dat die inligting op jou foon veilig bewaar word van “malware”, kuberkriminele, toestelfoute en ander sekuriteitsrisikos.

Stel `n wagwoord op 

Die eenvoudigste en eerste stap is om doodeenvoudig `n wagwoord op jou foon te sit. Meeste slimfoonvervaardigers laat jou toe om `n pinnommer of wagwoord in te sleutel elke keer as jy jou toestel aansit of weer gebruik na `n tydperk van onbruik. 

Installeer sekuriteitsagteware

Aangesien slimfone nie meer net telefoonnommers en sms’e stoor nie, maar ook, onder andere, bankinligting, is hulle ook `n maklike en perfekte teiken vir kuberskelms. 

Oorweeg dit om antivirus-sagteware te installeer om jou toestel te beskerm teen “malware”. F-Secure, Norton, en ander groot sekuriteitsagteware-verskaffers bied elk hul eie weergawe vir die hoof slimfoon platforms. 

Aktiveer die afstanduitvee-funksie

Die grootste risiko vir jou as slimfoongebruiker is as jou toestel gesteel of verlore raak. Eerder as jou bekommer oor iemand wat deur jou belangrike inligting snuffel, aktiveer die uitveefunksie wat van `n afstand gedoen kan word. 

Hierdie funksie sal jou toelaat om jou fotos, besigheidskontakte en e-posse uit te vee met die hulp van enige internetverbinding as jou foon weg is en jy vermoed jy gaan dit nie weer terugkry nie. As jy nog nie jou foon wil opgee nie, kan sekere posisiebepalingsfunksies jou help om `n idee te kry van waar jou telefoon hom bevind. 

Sommige vervaardigers soos BlackBerry en Apple bied die afstanduitvee-funksie en opspoortoepassing vir hul nuutste toestelle, terwyl derdeparty toepassings beskikbaar is vir ander platforms.  

Laai veilige, goedgekeurde toepassings af

Die versoeking om gratis, nie-amptelike toepassings op jou iPhone of Android te probeer laai i.p.v. om dit te koop deur die iStore, is nou wel baie groot, maar jy neem `n groot risiko en stel jou foon bloot aan “malware”. Hou eerder by gemagtigde bronne wat streng kwaliteitskontrole toepas op die toepassings wat hulle verskaf en nie met nare ekstras kom nie.

Rugsteun jou data

`n Groot deel van jou lewe is op jou slimfoon – e-pos, telefoonkontakte, dokumente, fotos en baie meer. Net soos jy jou rekenaar (hopelik!) rugsteun, doen dieselfde met jou selfoon sodat alles nie verlore is as jou foon wegraak, gesteel word of beskadig word nie. Baie slimfone laat jou toe om `n deeglike rugsteun te maak na jou rekenaar of ten minste net die belangrikste data en opstellings aanlyn te stoor.

Email

Tags: ,
Posted in Communication, Connectivity, Security | 2 Comments »

Tygerberg users victim of phone scamTygerberg loop deur onder foonswendelary

Friday, February 22nd, 2013

A new phone scam on Tygerberg attracted our attention this week and the possibility exists that it might spread other campusses. Please be aware of this scam that has left some victims hundreds of rands out of pocket.

Scammers are using several well-known brands, including Microsoft, to fool people into believing that something is wrong with their computers, and now they seem to be phoning university numbers.

The scam typically works as follows:

Somebody, claiming to be a representative of Microsoft, one of its brands or a third party contracted by Microsoft, tells the victim they are checking into a computer problem, infection or virus that has been detected by Microsoft. They will trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge them for the removal of this software.

The victim is directed to help and connect their computer  to a website that then allows the scammers to take control of the computer remotely, adjusting the settings and leaving the computer vulnerable.

These callers claim to be from Windows Helpdesk, Windows Service Centre, Microsoft Tech Support, Microsoft Support, Windows Technical Department Support Group and even Microsoft’s Research and Development Team.

(INFORMATION BY DAVID WILES)

Foonswendelary het onlangs die rooi ligte laat aangaan op Tygerberg en die res van kampus mag dalk ook onder dié slim bedrieërs deurloop. Wees asseblief bewus van hierdie foonswendelary wat sommige slagoffers reeds honderde rande gekos het.

Bedriëers gebruik verskeie bekende handelsmerke, byvoorbeeld Microsoft, as ‘n front om mense te oortuig dat iets verkeerd is met hulle rekenaars. Hulle beweer dat hulle werknemers is van die Windows Hulptoonbank, Windows Dienssentrum, Microsoft Tegniese Ondersteuning Microsoft Ondersteuning, Windows Tegniese Afdeling Ondersteuningsgroep en selfs Microsoft se Navorsing- en Ontwikkelingspan. 

Die plan werk as volg: 

Iemand, wat voorgee om ‘n verteenwoordiger van Microsoft, een van sy handelmerke of ‘n derde party gekontrakteer deur Microsoft, te wees, deel die gebruiker mee dat hulle ‘n rekenaarprobleem of virus ondersoek wat Microsoft opgespoor het. Om die “virus” te verwyder word daar sagteware deur die sogenaamde tegnikus installeer en die kwaadwillige sagteware vang sensitiewe data, soos gebruikersname en wagwoorde van jou aanlynbankdienste vas. Jy sal waarskynlik ook later ‘n fooi gevra word om die sagteware te verwyder. 

As die slagoffer die “tegnikus” se instruksies volg, kry sy rekenaar `n verbinding met `n webwerf wat die krimineel toelaat om beheer oor die rekenaar te neem, verstellings te maak en die rekenaar dan juis blootgestel te laat. 

(INLIGTING VERSKAF DEUR DAVID WILES)

Email

Tags:
Posted in Security | Comments Off on Tygerberg users victim of phone scamTygerberg loop deur onder foonswendelary

Twitter targeted by cybercriminalsTwitter geteiken deur kuberkrakers

Friday, February 22nd, 2013

As no doubt some of you are aware, within the last few weeks, the New York Times and Wall Street Journal in the United States have had breaches of their systems by Chinese-based hackers. Also recently Twitter reported that approximately 250 000 Twitter accounts were compromised by the same attackers. 

The attackers may have gained access to some user information, including usernames, email addresses, and encrypted passwords.

As a precautionary security measure, Twitter has reset passwords for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from Twitter at the address associated with your Twitter account, notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter. 

No doubt, Facebook will also be the target of this new Chinese-based attack next, as users often use the same password for both Twitter and Facebook. 

This attack was not the work of amateurs, and experts not believe this was an isolated incident. The attack is extremely sophisticated, and it is possible that other companies and organizations have also been recently similarly attacked. 

However it is very important that you do NOT access Twitter by clicking on ANY links contained in ANY e-mail sent to you Twitter (or by an e-mail looking like it comes from Twitter), as often hackers forge e-mail to make it look like it is from Twitter to trick you into divulging your password to the hackers. 

Instead it is always best, if you get such a mail from Twitter, to go directly to your Internet Browser and to type in the Twitter address directly to reset your password.

(INFORMATION SUPPLIED BY DAVID WILES)

* Zendesk also announced today that they have been hacked and three of their social clients, Pinterest, Twitter and Tumblr were affected. More on this.

Kuberkrakers gebaseer in China het onlangs toegang tot beide die New York Times en Wall Street Journal se sekuriteitstelsels verkry. Terselfdertyd het Twitter ook aangekondig dat ongeveer 250 000 Twitterrekeninge blootgestel is deur dieselfde krakers. 

Die kuberkrakers kon toegang verkry het tot gebruikersinligting, insluitende gebruikersname, e-posadresse en enkripteerde wagwoorde. 

As voorsorgmaatreël het Twitter die wagwoorde vir die rekeninge verander. Indien joune een van hulle was, sou jy onlangs `n e-pos ontvang het wat versoek het dat jy `n nuwe wagwoord moet kies. Die ou wagwoord sou outomaties nie meer werk nie. Die moontlikheid dat `n groot sosiale platform soos Facebook ook `n slagoffer van `n suksesvolle kuberkraakpoging sal wees, is moontlik, omdat Twitter- en Facebook-gebruikers dikwels dieselfde wagwoorde het. 

Die insident was nie die van amateurs nie en die deskundiges glo dit was nie `n uitsonderlike geval nie. Die aanval was geweldig ingewikkeld en dis moontlik dat ander maatskappye en organisasies ook onlangs op so `n wyse geteiken is.  

Dis egter baie belangrik dat jy nie toegang tot Twitter verkry deur te kliek op enige skakels in enige e-pos wat aan jou gestuur is van Twitter (of wat lyk of dit van Twitter gestuur is) nie, aangesien die kuberkrakers dikwels e-posse opstel sodat dit ooreenstem met die van Twitter, om jou wagwoord te kry. Indien jy so `n e-pos kry, gaan eerder direk na jou webblaaier,  tik die Twitter-adres direk in en verander jou wagwoord. 

(INLIGTING VERSKAF DEUR DAVID WILES)

*  Zendesk het ook vandag aangekondig dat hulle `n slagoffer was van kodebrekers en dat drie van hulle kliënte, Pinterest, Twitter en Tumblr daardeur beinvloed is. Meer hieroor.

 

Email

Tags: ,
Posted in Security | Comments Off on Twitter targeted by cybercriminalsTwitter geteiken deur kuberkrakers

New phishing e-mail causes confusionNuwe “phishing” e-pos veroorsaak verwarring

Tuesday, February 19th, 2013

If you receive an email claiming to be from the SU IT department (see example below), do not open it or click on any of the links or reply to the e-mail. The e-mail attempts to gain access to the university accounts using the sun.ac.za details that looks initially genuine.

This is a phishing email attempting to acquire your passwords and other information. Immediately delete the email and do not reply to it.

There are just a few of the obvious signs that this is a phishing e-mail designed to steal personal information from you. You should never respond to mail like this both at work and at home, and you should never reveal any personal details especially your username and password in an e-mail form or on a webpage that you access via an e-mail link.

IT will never request your username, password or other personal information by means of an e-mail.

  1. If it were a genuine message from Information Technology, there would be branding, and it would be in English and Afrikaans. This one has nothing like that in this e-mail.
  2. The grammar is particularly bad. (what is a “strong virus”?)
  3. We are university personnel and students or “users” we are not “subscribers”.
  4. Why would you have to enter your password in readable form in an insecure e-mail?
  5. There is no support@sun.ac.za e-mail address.
  6. If you do reply, you’ll see the default reply address is an unknown one and not a sun address.
  7. The links and the actual sender/server originate in Korea.

More information on phishing.

 

EXAMPLE OF “PHISHING” E-MAIL:

Dear sun.ac.za subscriber,

We are currently carrying out an upgrade on our system due to the fact that it has come to our notice that one or more of our subscribers are introducing a very strong virus into our system and it is affecting our network.We are trying to find out the specific person.

For this reason all subscribers are to provide their USER NAME AND PASSWORD for us to verify and have them cleared against this virus. Failure to comply will lead to the termination of your Account in the next 48 hours.

Information Required:
* User name: (…………….. )(Compulsory)
* Password: (……………………..)(Compulsory)
* Date of Birth: (……………………..) (optional)
* Country Or Territory: (………………) (optional)

http://webmail.sun.ac.za/owa/auth/logon.aspx

Hoping to serve you better.
Sincerely, Universiteit Stellenbosch University
********************************************************
This is an Administrative Message from sun.ac.za server. It is not spam.
From time to time, sun.ac.za server will send you such messages in
order to communicate important information about your subscription. *********************************************************

 

 

 

 

 

Indien u `n e-pos ontvang met onderstaande inhoud wat lyk of dit deur die US IT-afdeling gestuur is, moet onder geen omstandighede op die skakels kliek of daarop antwoord nie.

Hierdie is `n “phishing” e-pos wat poog om u wagwoord en ander inligting te oes. Verwyder dadelik die e-pos en moenie daarop reageer nie.

IT sal nooit gebruikers vra om hulle gebruikersname, wagwoorde of persoonlike inligting te verskaf deur middel van `n e-pos boodskap nie. Daar is ook `n paar ander tekens dat dit `n “phishing” e-pos is.

  1. As dit `n boodskap van IT was, sou dit sekere identifiseerbare kenmerke gehad het en dit sou in Engels en Afrikaans gewees het.
  2. Die grammatika is buitengewoon sleg. 
  3. Universiteitspersoneel is “users”, nie “subscribers” nie.
  4. Dis e-pos is `n leesbare, onsekure, maklik toeganklike formaat – hoekom sou IT vra dat jy jou wagwoord op so `n onsekure wyse verskaf? 
  5. Daar bestaan geen support@sun.ac.za e-pos adres nie.
  6. As jy wel op die “default reply” adres kliek, sal jy dadelik sien dis eintlik `n vreemde adres.
  7. Die skakels en die versender/bediener se oorsprong is in Korea. 

Meer inligting oor “phishing”.

 

 VOORBEELD VAN “PHISHING” E-POS:

Dear sun.ac.za subscriber,

We are currently carrying out an upgrade on our system due to the fact that it has come to our notice that one or more of our subscribers are introducing a very strong virus into our system and it is affecting our network.We are trying to find out the specific person.

For this reason all subscribers are to provide their USER NAME AND PASSWORD for us to verify and have them cleared against this virus. Failure to comply will lead to the termination of your Account in the next 48 hours.

Information Required:
* User name: (…………….. )(Compulsory)
* Password: (……………………..)(Compulsory)
* Date of Birth: (……………………..) (optional)
* Country Or Territory: (………………) (optional)

http://webmail.sun.ac.za/owa/auth/logon.aspx

Hoping to serve you better. 
Sincerely, Universiteit Stellenbosch University 
********************************************************
This is an Administrative Message from sun.ac.za server. It is not spam. 
From time to time, sun.ac.za server will send you such messages in 
order to communicate important information about your subscription. *********************************************************

 

 

 

 

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on New phishing e-mail causes confusionNuwe “phishing” e-pos veroorsaak verwarring

[:en]Vaccinate your pc[:af]Tyd vir jou rekenaar se kuber-inenting![:]

Friday, November 9th, 2012

[:en]

Every year you have to go to your doctor to get an anti-flu injection. You have to get one every year because the influenza virus mutates and adapts every year into a new strain. Computer viruses are exactly the same! Here are a few handy tips and hints to ensure the whole process is as painless as possible. But first things first –

  • Use an AntiVirus Software – It is very important that your computer has an antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and therefore infect yourself.

See this link for a listing of some online/stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software –  There is no point running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. Then if a new infection appears in your computer, the antivirus program will not know that it is bad, and not alert you when you run it and become infected. Therefore it is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats. If you are lucky then you will have an anti-virus product that will update itself automatically via the internet, but never blindly trust this. A large number of the more virulent viruses and trojans can deactivate your anti-virus software’s updating functions.
  • Install an Anti-Spyware Program – Just as you installed and use an antivirus program, it is essential these days to use a Spyware protection and removal program. These programs can be used to scan your computer for spyware, dialers, browser hijackers, and other programs that are malicious in nature. The 4 program that I recommend are SuperAnti-SpywareSpybot – Search and Destroy, andLavasoft’s Ad-Aware, and Windows Defender.A tutorial on using some of these programs can be found below:

Using Spybot – Search & Destroy to remove Spyware , Malware, and Hijackers

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Commercial Spyware Removal/Protection Programs – If you feel more comfortable installing a commercial Spyware removal program then I recommend WebRoot’s Spysweeper or Lavasoft’s Ad-Aware Professional. Both are fair products and a worthy addition to the arsenal of software protecting your computer.

Spysweeper Product Information

  • Occasionally Run Online Virus Scans – Unfortunately not all antivirus programs are created equal. Each program may find infections that other antivirus programs do not and vice-versa. It is therefore recommended that you occasionally run some free online antivirus scanners to make sure that you are not infected with items that your particular antivirus program does not know how to find. Three online scanners that we recommend are:

Every once in a while, maybe once every 2 weeks, run one or both of these scanners to see if they find anything that may have been missed by your locally installed antivirus software. Believe me, you will not regret it!

ARTICLE BY David Wiles, GERGA

For regular updates on the latest spam, malware and ransomware threats, please check or blog regularly.

[:af]

Elke jaar gaan jy dokter toe om `n griepinspuiting te kry. Jy moet jaarliks gaan omdat die virus verander en nuwe mutasies ontwikkel. Rekenaarvirusse werk presies dieselfde!

Hier is `n paar handige idees om seker te maak dat die proses so pynloos moontlik verloop. Maar eers vir die belangrikste en mees voor-die-hand-liggendste deel  –

  • Gebruik Anti-virus sagteware – Dis noodsaaklik dat al jou rekenaars een of ander vorm van anti-virus sagteware installeer het. Die sagteware sal alle programme op die rekenaar, leêrs, sowel as e-posse nagaan vir potensiële virusse. Indien die program `n virus ontdek in `n program wat jy besig is om te gebruik, sal dit onmiddellik jou toegang daarheen blok om te voorkom dat die virus versprei.

Vir `n lys van aanlyn, sowel as losstaande anti-virus programme, kyk gerus hier.

  • Dateer jou Anti-virus sagteware op  –  Jou anti-virus sagteware is heeltemal nutteloos as jy dit nie gereeld opdateer en sekermaak dat die nuutste weergawes gelaai en op datum is nie. As jy nie die sagteware opdateer nie, sal dit nie weet van die nuutste virusse, wurms en trojaanse bedreigings wat op gereelde basis in die kuberwêreld vrygestel word nie. As `n nuwe infeksie dus te voorskyn kom, sal die sagteware nie weet dat dit kwaadwillig is nie en jou nie waarsku wanneer dit op jou rekenaar installeer en dit besmet nie.
     
    Dit is dus nodig dat jy ten minste eenmaal `n week jou anti-virus sagteware opdateer (selfs meer as jy verkies) sodat jy beskerm is teen die nuutste bedreigings.  As jy gelukkig is, sal jou anti-virus produk self outomaties opdateer vanaf die internet, maar dis nie wys om dit net blindelings te vertrou nie. Maak eerder self seker dat jou sagteware op datum is. Baie van die gevaarliker virusse en “trojans” kan selfs jou anti-virus sagteware se opdateringsfunksie deaktiveer.
     
  • Installeer `n Anti-Spyware program – Net soos dit nodig is dat jy `n anti-virus program installeer, is dit ook nodig om `n anti-“spyware” program te installeer.
    Hierdie tipe programme word gebruik om jou rekenaar te beskerm teen “spyware”, “dialers”, sagteware wat jou webblaaier oorneem, sowel as enige ander kwaadaardige sagteware.
     
    Die vier aanbevole programme is SuperAnti-SpywareSpybot – Search and DestroyLavasoft se Ad-Aware, en Windows Defender. Tutoriale vir sommige van hierdie programme kan hier onder gevind word:

Hoe om Spybot te gebruik – Search & Destroy vir die verwydering van Spyware , Malware, en Hijackers

 Hoe om Ad-aware te gebruik om Spyware, Malware, & Hijackers van jou rekenaar te verwyder

  • Kommersiële Spyware verwydering- en beskermingsprogramme – As jy meer gemaklik is met `n kommersiële Spyware verwyderingsprogram, gebruik WebRoot se Spysweeper of Lavasoft se  Ad-Aware Professional. Beide is goeie produkte wat waardige toevoegings is tot die arsenaal vir die beskerming van jou rekenaar. (Spysweeper-inligting)
  • Loop af en toe aanlyn `n virusskandering – Ongelukkig is nie alle anti-virusprogramme ewe goed nie. Elke program mag ander infeksies optel wat die ander moontlik nie kan nie. Daarom is dit wenslik dat jy sporadies ook gratis aanlyn anti-virus skandeerders gebruik om seker te maak jou rekenaar is nie besmet met iets wat jou eie anti-virus sagteware nie kan optel nie.  Die drie handigste programme hiervoor is:

Gebruik so elke twee weke een of albei hierdie programme om te sien of jou anti-virus sagteware iets gemis het. Jy sal nie spyt wees nie!

ARTIKEL deur David Wiles, GERGA

Vir gereelde nuus oor die nuutste spam, malware en ransomware, kyk gerus op ons blog.

[:]

Email

Tags: , , , ,
Posted in General, Security | Comments Off on [:en]Vaccinate your pc[:af]Tyd vir jou rekenaar se kuber-inenting![:]

« Older Entries
Newer Entries »