Microsoft has released an out-of-band critical update...

Microsoft has released an out-of-band update, designated MS14-068, to address a critical vulnerability in server versions of Windows, including Server Core.

The update is also being provided to desktop versions of Windows (including the Windows Technical Preview) for what Microsoft calls "...additional defense-in-depth hardening that does not fix any known vulnerability."

Please ensure that you run updates on your Windows computers, full details here.

Cryptolocker Malware

Cryptolocker is ransomware, software which holds your files to ransom.

The software is usually spread through infected attachments to emails. Once a computer is infected, it begins encrypting files on the infected computer and the attached network. Once all the files are encrypted, it posts a message asking for payment to decrypt the files and threatens to destroy the information if it doesn't get paid. The payments are made by untraceable Weston Union transfer.

That means you'll have to rely on any backups of your data to get it back but in most case the backups also get encrypted. So there is no real option left to but to pay. 

The computers that control cryptolocker on the Internet are being shutdown but it is a game of “whack-a-mole” as one gets shutdown, another one pops up. Which leads to the second problem, if the computer that has encrypted your system is shutdown then the criminals may not be able to return the data, even if the ransom has been paid.

So please follow these steps to help prevent this problem:

  • Do not open attachments that you are not expecting even if they appear to be from a legitimate source.
  • Ensure that Windows updates are applied.
  • Run good anti-virus software
  • Consider moving more data to cloud services offered by Google and others.
  • Use a cloud backup service such as Carbonite or Mozy

Windows XP & Office 2003 Ended April 8th, 2014

End-of-support means no more patches, no more security updates, no more technical support from Microsoft itself. 

The discontinuation of security patches is the most damaging part of the ending of support for Windows XP. New attacks are constantly developed but Windows XP will no longer be receiving patches to counteract security exploits. The operating system’s security will degrade very quickly.
 
Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP but they will continue to push the Malicious Software Removal Tool to XP machines until July 2015.

To keep using Windows XP for now, please install either Google’s Chrome browser or Mozilla’s Firefox both are continuing to be updated for Windows XP. Please install an anti-virus system, such as Avast or AVG and make sure these are kept up to date.

Microsoft are advising upgrading Windows XP systems to later versions of Windows details can be found here.

The school’s web portal will no longer function correctly with Windows XP running Internet Explorer. 

How to focus in the age of distraction

http://learningfundamentals.com.au/blog/developing-razor-sharp-focus-with-zen-habits-blogger-leo-babauta/

This is an interesting exploration into coping in an age when there is so much communication and information available. The article is worth a read but the mindmap is a really nice visual summary and could be worth exploring with your daughter / son - it gives some nice tips about being organised at exam times!

Password Haystacks

Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered.

Developed by security expert Steve Gibson, president of California-based Gibson Research, growing the haystack takes advantage of the ways hackers crack passwords. 

To foil that part of the process, Steve Gibson suggests starting with a phrase that’s short but not a common word. That forces the hacker to resort to the slower brute-force approach by trying every combination in existence, which is like looking for a needle in a haystack. Once you’ve accomplished that, “the length of the password matters more than its absolute complexity,” Gibson says. In other words, make the haystack larger by padding the password with numerous easy-to-remember symbols.

Visit GRC.com for full details