Internet Explorer Is Not Safe (AGAIN!)

Here we go again.  Microsoft’s Internet Explorer (IE) browser is on the hit list once again.  The Department of Homeland Security has warned computer users not to use Internet Explorer until Microsoft patches the vulnerability.  A timeline for the patch is not yet available.

If you want a faster, more stable and more secure browser, install and use Google Chrome.  Other options include Mozilla Firefox, Apple Safari and the little-known Opera browser.  Don’t know which to choose?  Download them all and see which one you like.  I have used Chrome exclusively for years and find it to be fast, stable and secure.  Plus, it’s built by Google so naturally works well with all of my Gmail and Google services.

If you absolutely must use Internet Explorer, due to company security policy or proprietary web-based databases such as Yardi or NetDocuments, disable the Adobe Flash plug-in since that is how the problem is exploited in IE.  You can also download a patch from Microsoft called the Enhanced Mitigation Experience Toolkit 4.1 which hardens systems against malicious attacks.

If you’re still hanging on with Windows XP, you’re stuck.  Microsoft is feverishly working on a patch for this vulnerability for Windows Vista and Windows 7 users.  However, following XP’s support sunset on April 8, 2014, there’s no relief in the future for XP holdouts.

Your best bet is to dump Internet Explorer for good and move on to a “big boy” browser!

Be safe out there.

 

HeartBleed Bug

By now you have heard news about the Heartbleed / OpenSSL vulnerability that is sweeping the internet. Since getting wind of the problem many programmers, website owners, and other security professionals have been working around the clock to secure their websites.

It’s still very early in the process and as of 4/10/2014 many operators have not yet addressed publically whether their sites were safe or affected. Lists are popping up that show safe and vulnerable websites.  However, the status of the website is as of a snapshot in time.  Thus, if a website operator was vulnerable but patched their website on Wednesday morning and the test was run on Wednesday afternoon, they may give you a false sense of security. Thus, it is not safe to rely on these lists to assess whether or not your accounts were affected since this vulnerability has been present for 2 years.

What is the issue?

This is not a virus or a hack.  This is a vulnerability in the programming code that allows intruders to get through the security “wall” that protects many websites.  This hole allows hackers to compromise the digital keys used to identify websites and encrypt the info.  It also provides a look at unencrypted data as it passes over the internet onto web servers.

Think of it this way:  You moved into a new house 2 years ago. You always lock your doors whether you’re home or away and have 24/7 alarm system. However, while you were painting your front door, you noticed a secret latch on the outside that releases the locks and allows strangers to walk in your front door. While in, they can grab your wallet, social security numbers, usernames, passwords, etc. as if they have a key to the house.  There’s no way to tell if anyone has accessed the house, but the opportunity has always been there.  Thus, the problem is not “backdoor” access to secure websites… hackers can waltz right in the front door.

I have told people for years never to log into a website, provide credit card numbers or any other sensitive information unless the URL address is preceded by https://. The https://, the padlock and the green color indicate that several things have happened behind the curtains, including:

  1. Verification that the website is really who they say they are – your browser verifies digital certificates to confirm that www.gmail.com is really Gmail.
  2. Encrypts the data as it passes across the internet – thus, if someone intercepts your username, password and credit card as it passes across the internet to a web server, it’s scrambled and completely useless to a hacker.

Unfortunately, this vulnerability compromised that security, leaving your passwords, usernames & credit card numbers vulnerable on affected web servers. With that said, you should still follow these rules going forward. They just have not provided the security that we all expected for the last 2 years.

Am I affected?

At this point, it’s not entirely clear which sites are affected – the development is so new that many web site owners are still scrambling to assess and apply patches.  While you can check the lists referenced above, they are as of a point in time. Your best approach is to either check in with your online providers (banks, shopping sites, email providers, etc) to find out whether they were affected, whether they have corrected the problems and what course of action you should take to protect yourself.

Is this a virus?

NO. Despite the subtitle of an Associated Press news article I read Wednesday morning, this is not a virus, but a security hole. According to a Google search

 Virus:  a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.

 

Thus, running antivirus software or active scans will not detect or remove the problem.

What should I do? 

The first step in securing your accounts is to change passwords for all of your online accounts. But don’t jump out there and do it yet.  As of this writing (7AM EST on 4/10/2014) many websites have not applied the patches to OpenSSL so your changes would be made in vain.

You should already be in the habit of changing your passwords to critical sites every 3-6 months.  You’re not?  Neither is the rest of the world.  As such, use this as a wake-up call to freshen up your passwords.  Be sure they’re complex and use the following guidelines as minimum:

  1. Do not use your name, your user name, family names or familiar numbers, like your birthdate or home address.
  2. Avoid dictionary words.
  3. Use a passphrase instead of a password.
  4. Passwords should be at least 8 characters long.
  5. Employ characters from at least 3 of the 4 following groups:
    1. Uppercase letters;
    2. Lowercase letters;
    3. Numbers;
    4. Symbols;

A brief list of the internet’s most popular sites and whether or not they were affected is available here.

As always, feel free to contact me if you have questions about this problem.  If you want additional information on the bug, check out these articles:

Associated Press

The Register

CNET

DigitalTrends

Business Insider

Be safe out there!

CryptoLocker

If you saw me right now, you would probably ask if I had just seen a ghost.  After reading several articles about a new extremely dangerous and destructive form of ransomware, I feel like I’m facing Freddy Krueger!

This is the kind of attack that keeps IT professionals up at night.

Most viruses, rootkits, and malware are annoyances and can be removed by tools that are readily available on the internet.  While some can be removed pretty quickly with killer apps like MalwareBytes, others may be more tenacious and require a recovery of your files and reinstallation of your operating system, a process that will take hours or days and cost a pretty penny. However, at the end of the day, all of your files can be safely restored either from your hard drive or a recent backup (you ARE backing up right?)  

This one is different.  It’s called CryptoLocker and it will ruin your day.  Here’s what it does:

CryptoLocker is a ransomware program that was released around the beginning of September 2013. This infection will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted. (thanks to Lawrence Abrams on BleepingComputer.com for this summary)

How do you become infected with CrptoLocker:

Currently, the infection is spread through emails pretending to be customer support notices from Fedex, UPS, DHL, etc. and the attachment is typically named Form_102213.pdf or Form_102213.pdf.exe (or some variant of these), but might also be disguised as a ZIP or other file type.

What if you get infected:

The first thing to do is disconnect your computer from the internet – this will prevent encryption of additional files.  If you’re working wirelessly, disable wireless on your PC.  If connected via Ethernet cable, pull the plug. Next call your IT pro and start deciding how important your encrypted files are to you. Also, figure out where your most recent backup is and how recently it was completed.  Most cloud-based backup services provide file versioning for a period of time.  For example, Carbonite saves previous versions of files for 3 months which could be your saving grace.

Removal of the malware seems to be straightforward according to the articles.  However, without the decryption keys it is absolutely impossible to decrypt your files. Thus, if you cannot recover the files from a recent backup and need them restored, your only option is to act quickly and send the ransom money. There is currently no tool available (or IT Pro) that can decrypt your files.

How to protect yourself:

1.      Be vigilant about opening email attachments – never open an attachment originating from unknown/unexpected sources (i.e. if you’re not traveling anywhere, don’t open a travel itinerary from Delta!).  Also, be careful when opening unusual attachments from trusted sources as their email may have been hacked.

2.      Be very careful about free software you download from the internet.

3.      Backup to an external hard drive ($85 for 1TB) and disconnect it from your computer or use an online service that provides versioning.

4.      Keep all programs updated and Windows Updates applied.

5.      Make sure you’re running System Restore on your PC.  This can help recover previous versions of files that have been encrypted.

6.      Apply the Software Restriction Policies outlined in this article using Local Security Policy or Group Policy (domain computers) to disable the malware’s ability to execute on your system.  This is fairly advanced, so please let me know if you want assistance applying these policies to your PC.  Also, keep in mind that these policies will block the malware in its current form. If the hackers modify the code to install from another location on your computer, these policies will not protect you.

The above tips can help mitigate the risk but the best tip is not to open suspicious files.  Tip #6 is the best available protection in the event that you accidentally open a file and obtain the infection in its current form.

One last comment on updates:  Don’t forget that Microsoft is ending support for Windows XP in April, 2014.  Expect threats like this on XP machines to heat up following the support sunset.

If you want to geek out on more technical details about the threat, take a look at these articles posted on BleepingComputer.com, MalwareBytes and Microsoft.

Stay safe out there!

 

Shop Safely This Holiday Season!

BREAKING NEWS FLASH:  Microsoft’s Internet Explorer Has a Security Flaw! 

As Yogi Berra famously said, “It’s déjà vu all over again”.

This is not the first time and certainly will not be the last that Microsoft issues critical security bulletins and patches. This warning is particularly timely in light of the upcoming holiday shopping season.  According to comScore, online purchases during the 2011 holiday season topped $37 billion, a 15% increase over the previous year.  Forecasters are projecting growth of 12% or more in 2012.

One of the security bulletins released on November’s Patch Tuesday addressed multiple vulnerabilities in Internet Explorer (IE). For those of you who have not followed my recommendation to dump IE in favor of Google’s Chrome browser, it is absolutely critical to apply this update as soon as possible.   This is even more urgent if you plan to shop online next week and enter your credit card information.

To make sure that Windows (and IE) is completely up to date, take a look at my September post.  It outlines the steps to verify whether Windows Updates are current and how to ensure they are installed automatically going forward.

While you’re at it, take a look at my March 2012 blog post about staying safe online. There I touch on public wireless networks, antivirus software, applying Windows Updates and utilizing strong passwords.  I also discuss the importance of ensuring that a website is secure (https://) before entering credit card information.

If you want more details on the current batch of Microsoft Updates (or simply need help sleeping), take a look at the article in PC World or Microsoft’s Security Bulletins.

Stay safe out there.  Please contact me if you need assistance securing your system.

The Problems with Free Email

You finally made the jump from DSL to your cable internet service provider (ISP) and they offered a pile of “free” email addresses.  Awesome, right? Not so fast!

Before changing your address to billybob@coyotecable.com, there are a few things you should consider.

I work and communicate with a lot of people who took advantage of free email addresses provided by their ISP.  I always wonder what they will do when they decide to switch ISPs again to save a few bucks, improve their TV channel line up or escape a bad customer service situation.

Most of the free addresses in my area are with Time Warner Cable (TWC) or Bellsouth / AT&T.  In the last few years, AT&T’s U-Verse (TV/Internet/phone) has made a big splash in our market and lured away many long time cable and DSL customers.  So what happens with your Roadrunner email address when you jump ship?  I called the cable company to find out.  Unfortunately for cable customers, the email address goes away when you cancel cable.  Suddenly those free email addresses don’t look so free anymore!

Here are a few good reasons that using your provider’s free addresses is a bad idea:

  1. Portablility – as mentioned above, you frequently cannot take your email address with you when you leave the cable company for a new ISP.  A buddy of mine has moved from Chicago to New Orleans to California.  Each time he moves, his email address changes to the local cable company. I never know where to find him.
  2. POP – most cable companies offer very basic POP3 services.  In its most basic setup, any messages downloaded to Outlook or Outlook Express are removed from the email server.  Thus, if you want to look at your messages from another computer (at work) then you’re out of luck.
  3. Lack of features – many cable services offer email only.  While they have limited contact management features on their webmail portal, contacts don’t sync up well with Outlook or other mail clients. In the unlikely event that an online calendar is offered, it’s not very robust.
  4. SPAM – keep your email address long enough and you will eventually get so much spam that it’s tempting to abandon the account.
  5. Capacity – while some ISPs now offer larger email boxes, they have traditionally not provided a whole lot of capacity.  I recently looked at a business-class client whose ISP only allocated 100 MB to each mailbox.  That’s only about 20-25 photos of your newborn niece.
  6. Cost – “free” addresses are included in your monthly internet service bill.  However, if you jump ship to another company, be prepared to pay a monthly fee to maintain your old email address so friends, family and online retailers can find you. This, of course, assumes that you can keep your address at all. This happened to me when I left Mindspring a few years back.  I was able to keep the address for a monthly fee.
  7. Relay – Have you ever taken your laptop to a coffee shop or hotel and tried using Outlook or Windows Live Mail to answer your emails?  Incoming messages work fine. However, outgoing messages get stuck in your outbox and cannot send until you’re back at home.  This is because many POP3 accounts require authentication when a user is connected to a network outside of their home network.  This can be fixed with the right configuration.  Good luck setting it up so that it works right every time.

Back in the early days of the internet and email, I signed up for new dial up services every few months depending on who sent me floppy disks and a free trial.  I jumped from AOL to Prodigy to Infinet to CompuServe to WorldCom… It wasn’t a big deal because no one used email for important correspondence – just for forwarding jokes.

Changing your email address is not so easy today.  When you change your address, you not only have to notify friends and family, but also your customer accounts with Amazon, iTunes, ABC Bank, etc.  Changing addresses and logins tied to an email address can be a monumental hassle. As such, plan to transition to a new address over the course of several months.

What to use?

There are a variety of web-based email providers that are not tied to your physical connection.  Players include Gmail, Hotmail (now Outlook.com), Yahoo!, Netscape, AOL, Netzero, MSN, etc., etc., etc.  These are all free and will not change when you jump internet providers.

 Folks that know me and my love for all things Google will not be surprised to hear me recommend Gmail. There are a variety of reasons that I recommend Gmail including:

  1. Portability – since Gmail is web-based and not tied to your physical connection, there’s no need to change if you move your internet service.
  2. Web/cloud based – while it is possible to use an email client such as Outlook or Outlook Express, there’s no compelling reason to install anything onto your PC. Simply launch your browser and navigate to Gmail.com. If your hard drive crashes, there’s no need to worry about losing years of email, hundreds of contacts or your calendar. All of this information is stored safely in the cloud.
  3. Features – Gmail includes your email platform (complete with folder capabilities), a robust calendar system (allows multiple calendars and shared calendars) and a good contact manager. Additionally, Google Docs provides a web-based alternative to costly MS Office applications (Word & Excel).
  4. SPAM Filters – Google’s SPAM filters are phenomenal.  I have seen Yahoo accounts that receive SPAM 5:1 over legitimate messages.  On the rare occasion that SPAM gets through Google’s filters, I can flag it as SPAM and Google learns and prevents it in the future.
  5. Large capacity – the standard free account now offers 10GB of space – FREE.  That’s tremendous capacity.  I have used my Gmail account for almost 5 years and have only filled 31% of their generous allocation.  If that’s not enough space, purchase Google Apps for $50/year. They give you 25GB of space and a few other bells & whistles.
  6. FREE – yes, that’s correct.  It costs nothing.
  7. Relay – since Gmail is web-based you never have to worry about outgoing messages getting stuck in your outbox when you’re away from your home network.
  8. Mobile Sync – if you’re using an Android phone or tablet, simply link your device to your Google account and your email, calendar, contacts, cloud documents, etc. all seamlessly sync between Google’s cloud and your device. Apple’s devices sync well with your Google account too, once you configure the account properly.  Plus, when you delete or file messages on your portable device, they are synced with your inbox back at the computer and vice versa.  Blackberry?  Maybe.  Google has cooled to the BB platform, so support may be lean going forward.
One last thing to consider: Several free providers, including Yahoo and AOL, are tired of losing accounts to Gmail and have made it difficult to walk away from your account.  The most notable methods they use is to disable forwarding to another address and disable POP3 access.  This removes your safety net, since many people would simply keep the old account and forward it to the new account indefinitely. Yahoo will enable forwarding and POP3 if you pay them $20/year for a Premium account.

If you have an existing ISP email address and are thinking about jumping to another internet provider, it’s probably a good time to begin the process of closing your existing account and migrating to a new online account. I usually advise 3 months.

If your business is seeking branded email, we can help set that up as well.

Ready to make the jump but unsure where to start? Contact PartnerTechs for guidance and we will launch you painlessly into the 21st century.

 

6.5 Million LinkedIn Passwords Breached

This just in:  6.5 Million LinkedIn Passwords Were Breached

You may be thinking “what’s the risk?”  Big deal if some Russian hacker adds a Ph.D. to my name or a NASA internship to my resume.

But there might just be a big risk. If you’re one of those people that uses the same password for everything from online banking to your email account, then now is a great time to change your LinkedIn passwords.  If you haven’t changed passwords for other accounts containing sensitive data, there’s no time like the present to do so.

Take a look at the following article for details on the breach as well as some best practices for creating and managing passwords.

http://bits.blogs.nytimes.com/2012/06/06/linkedin-was-breached-now-what/

For more information on passwords, you can also take a look at my article on the topic.

http://partnertechs.com/2012/03/15/whats-the-password/

 

 

Flame Malware Spreading Via Bogus Windows Updates

I frequently chastise people for ignoring Windows Update messages and prompts to apply patches to other applications such as Adobe products and Java. The response I frequently hear is “How do I know if the updates are real?” or “Yeah, I keep putting that off”.

I’ve always assumed that when Windows Update pops up in the system tray (the bottom right corner of your screen) that the messages are legitimate and safe since digital certificates are used by the operating system to verify authenticity.

You may not have heard about the newly publicized Flame malware since it has not made a splash in the U.S… yet.  However it’s all the rage in tech articles and blogs lately.  The Flame malware has created counterfeit security certificates that fool Microsoft Windows into thinking that bogus updates are real.  If these “updates” are applied, your computer is infected.

Fortunately, security companies and Microsoft have jumped up and issued (or will issue) updates to protect against these attacks.  However, they’re fearful that the malware may have other exploits that they have not yet discovered.

What to do? Unplug your computers from the internet!

HA! That’s not really an option.  However, it’s now more important than ever to make sure all operating system updates and patches are applied, that your antivirus software and definitions are updated, you’re running approved firewall software, and that you apply all updates and security patches to applications such as Microsoft Office, Adobe products and Java.  If you’re not running antivirus software, find one.  There are plenty of free (and very effective) options out there. 

For more information, take a look at this article from PCWorld:

http://www.pcworld.com/article/256862/flame_malware_spreading_itself_via_bogus_windows_updates.html#tk.nl_dnx_h_crawl

Stay safe out there!

Ken

P.S. If you want to “geek out” and read more, take a look at the next articles.  While security firms are still wrestling with the code, so far they have found that Flame can monitor email inboxes, take screen shots of what you’re working on and even record conversations you’re having near your computer. It also exploits BlueTooth to spread to other devices. What’s really interesting is that this malware does not appear to be the work of bored teen geeks or crime syndicates from the former Soviet Union.  Instead, because it has to date targeted computers in Iran, security experts believe it was created as a cyber weapon by a nation-state.  Enjoy!

http://security.blogs.cnn.com/2012/06/05/decoding-the-flame-virus/?iref=allsearch

http://www.pcworld.com/article/256644/flame_cyberweapon_lurked_for_years.html

The Loitering Theory: How Facebook Generates B2B Leads

Are businesses really making money on Facebook or is it simply a platform for keeping up with friends and family? Matt Ferraguto discusses the staggering amount of time that we spend on Facebook and suggests that it is a powerful tool for generating business.

http://www.eandvgroup.com/2012/04/the-loitering-theory-how-facebook-generates-b2b-leads/

 

 

 

Somebody’s Watching Me

Somebody’s Watching Me

If you listen to the 80s station on Sirius/XM, you’re undoubtedly getting tired of Rockwell’s sole hit, Somebody’s Watching Me.  Since Al Gore was still working out the kinks of the internet, I imagine that Rockwell was not singing about online security. Instead, he was probably more worried about paying off Michael Jackson for backup vocals on the song’s chorus, since there were no other hits on his debut album. 

On a completely different note, I recently attended a very informative presentation on social media in which the speaker discussed the risks and rewards of social media.  Since the audience consisted of parents of middle- and high school students, he focused on the risks facing children and teens and how to keep them safe online.

I walked away comforted that everyone in the room knew a little more about online risks and were better prepared to watch over their kids as they navigated the world of social media. However, I couldn’t help wondering who might be watching over the parents and their technology.  In other words, are folks taking appropriate precautions to protect their computers and networks?  So, I compiled a quick and dirty list of a few things you can do to stay safe on the world wide web.  Rather than going into detail on how to configure all of these options, I have tried to keep it brief. Feel free to post follow-up questions if you need further guidance. Look for follow-up articles in the future that address some of these options.

Secure your wireless network:

Without a secure wireless network, anyone within shouting distance of your house can access the internet using your connection to download whatever they want on *your* network IP address.  Further, with the right tools (which are widely available on the internet) they can “listen” in on your connection, and may even be able to access files on your computer(s).

Securing your wireless network is much easier than it used to be. Where it once required careful review of the Owners Manual, newer wireless routers can have you surfing securely with the push of a button. Always select the highest security offered by your router.  WEP can be quickly cracked by a determined intruder, so use WPA or WPA2 if your wireless router supports it.

Avoid Using Public Computers to Login to Your Secure Accounts:

Sure, we’ve all been in a pinch before and logged into email on a public computer. However, that was before I knew what I know now. There’s absolutely no way to tell if a public computer is infected with malware, has keyloggers installed or other methods which can steal your credentials.  Malware can grab user names & passwords and beam your information to the mother ship.  Likewise, keyloggers can track every keystroke you make and report back to a hacker. Thus, browse online news and weather on the hotel’s business center computer.  Save online shopping, banking, and even email until you get back to a safe connection.

Use Antivirus Software and Keep it Updated

This one is a no-brainer. If you have not been affected by viruses/malware in the past, you will eventually.  Fortunately, you don’t have to pull out your wallet to stay safe, as discussed in my post on free antivirus options. Use one of the packages that I recommend or choose one you like by reviewing AV-Test’s ratings.

Online Banking, Shopping and Secure Sites:

Ever notice how your address bar turns green, shows a padlock and/or the address changes from http:// to https:// when you login to your bank or shopping site?  This assures you that your connection is encrypted, that the identity of the website has been verified by a third party and that it’s safe to send sensitive information such as your username, password and credit card information over the internet.  In fact, if you click on the green portion in the address bar or the padlock, you will see that the website’s identity has been verified by VeriSign, Thawte or another certificate authority (“CA”).  So while it seems like you’re just connecting to a remote website, there’s actually a lot of stuff going on in the background to verify to your browser that the website is authentic, that your transmissions across the internet are encrypted and that it’s safe to do business.

But what if you attempt to log into a shopping or banking site that should be secure and it is not, in fact, safe?  If you don’t get the https://, the green bar/padlock or you receive warnings that the site’s certificate has problems, check the address that you typed.  If it’s correct, get out and try again later. It may be a temporary glitch with the site’s certificate or the CA.  It’s not worth compromising your security and identity to buy ABBA’s Greatest Hits on an unsafe connection.

Be Careful Using Public Wireless Networks

Free wireless offered by coffee shops and other retailers helps offset Starbucks’ exorbitant coffee prices, but be cautious with your browsing on public networks. This may seem a bit paranoid, but I never do online banking or shopping on a public wireless network, even from my own laptop. Yeah, I know that the connection to the bank or Amazon is encrypted, but I have no control over the coffee shop’s wireless security so I would rather be safe than sorry.

The kid in the corner booth with the AlienWare laptop may be listening in on your connection using a packet sniffer, which is freely available on the internet. Further, if your firewall is turned off, you have shared folders turned on, or your operating system has not been patched, a determined hacker can easily access the files on your PC.

Windows 7 and Vista both make it easier to stay safe on public networks than XP. When you connect to a new wireless network, the Set Network Location provides 3 choices of network location types:  Home, Work and Public.  Always choose Public when out and about.  This sets your firewall at its highest security settings, turns off Network Discovery and file sharing options, providing higher security when on a public network.  

As a follow-up, make sure your mail connection is encrypted (see https:// discussion above).  Many webmail systems are not encrypted by default, but offer this option.  If your email provider offers secure browser connections (thanks, Gmail!) always turn it on.  If you trust the network you’re using, it may be safe to disable.

Windows Updates:

This one is extremely important and super easy to do.  Probably 75% of the computers I sit down with have pending security updates for Windows, Adobe, Java, etc.  Hackers are constantly identifying and exploiting security vulnerabilities in a variety of popular applications. In some cases, they are able to exploit these holes and take control of your computer.  Make sure that Windows Update is enabled and that you’re applying the critical and important updates on a regular basis.  Also, be sure to apply updates to other programs that notify you in the system tray.  Adobe and Java have been particularly susceptible to security issues over the last few years, so make sure you’re keeping the patches applied.

Use Strong Passwords

This one warrants its own post, so take a look at my discussion on passwords.

Other Stuff:

There are plenty of other precautions you can take to stay safe, such as demoting your user account to Standard instead of Administrator, avoiding suspicious links in emails and Facebook, and periodically backing up your data.  However, all this talk about security is making me hungry.  Think I’ll grab a double latte and a scone.  Can someone watch my laptop while I wash up?

Stay safe out there!