Check our security forum,we have a nice FakeAV discussion going on about attacks from these domains.
I'm finding that with the machines i'm seeing that are compromised, they have older versions of Java installed. Even if the latest is installed, the older version is there and that is what is being compromised. The old versions need uninstalling.
tech_guy (31st March 2011)
Just today sent out a email to all staff regarding these fake virus result, smt asked why the firewall (im sure they think its an actual wall of fire..) isnt stopping them..
and a staff member dropped in their personal laptop earlier which had a hijacker on it, which looked like a pretty kosher MS program, which would also run in safemode! had to do a system restore in the end to get rid.
Got to say it guy's but where we run behind Sonicwalls with IPS we never have a problem, so much so I have dumped the Draytek and installed an NSA240 now at home...
Without a decent IPS system nowadays your firewall is about as much use as a chocolate fireguard, with home users running their PC's with full adminstrator rights it's only a matter of time before they will come across a website or social networking page that has a malware infected jpeg or iframe exploit.
There is a lot to be said for running a walled garden nowadays (all outbound ports are blocked apart from those approved by the administrator)
There are currently 1 users browsing this thread. (0 members and 1 guests)