Skip to content
Frontier9 – Web and Security
  • My Services
  • Admin Guides
  • Hacking Defenses
  • DIY Audio
Uncategorized

Do you need antivirus in 2020 anymore?

  • April 12, 2020
  • by Michael

The truth is, after working all year for clients who are getting hacked by malware and let down by antivirus that can’t work I wanted to search for this title. Then I found articles like https://www.windowscentral.com/do-you-need-pc-antivirus and it basically talks about Microsoft’s built in software as well as a beefed up “Windows Defender Offline” tool you can boot from. Does that find the malware I’ve been fighting? Nope.

One of my work friends was recommending, and rightly so, “Bitdefender” which had worked for years. However, the truth is Bitdefender, like the leading antivirus programs before it is used for “testing” malware to ensure it is not detectable. They know you’ll use all this, and their “payload” will be tested. It will consequently not necessarily flag a warning. A client of mine recently got reinfected by a link from his Banks domain – but very odd – like secure5.thebankdomain.com (not actual domain name) with a long link after it. That provided some strange text message but … a day later his computer has excuted macros and downloaded the payload and installed a whole ton of fake replacement MicrosoftApps that are replacing the built in apps. So … yes we need antivirus software but right now its not working. The strategies for detecting compromised files are not working and this article is quite decent for explaining how, why and where.

https://www.cimcor.com/blog/5-places-ransomware-and-malware-can-hide-that-you-may-never-check

Cimcor_Places-Ransomware-and-Malware-Can-Hide.jpg

I do have my way of finding malware but it is based on familiarity with the places it hides and software in general. I have tools which I can’t publish here because, they will just become part of the arsenal of testing for the “malware industry”. Which is a literal industry growing exponentially by using weak operating systems, weak security software.

Bitdefender was literally turned itself into malware, disabled from preventing anything – a zombie. I’ve seen this before with McAffee and Norton AV in previous years going back over 10 years. Removing Bitdefender the next attack decided to turn my clients Microsoft Office also into it’s malware shelter. The software is not even that secretive about its intentions once you start to locate it.

Why my client hired me? Well he had used a series of professionals to repair his computer and it remained infected. Not only that but the people came to not believe it had even happened as they “couldn’t find anything”. Instead, knowing this is why he hired me, I took every report very seriously. I’ve got experience of people “not believing victims” in many other contexts from sexual abuse, cult abuse, financial abuse – blaming the victim and saying they are crazy or imaging it. So I believed him and as such I eventually did the work, much of it on my own time as a research to expose the techniques.

I found png, pointed out by my client, which I believe are installer/executables. They even look like real graphics and are small – but there is no reason for them to appear magically other than via hacking/malware delivery systems saving them to locations. Temp directories, the desktop, the web cache – where-ever browser or email stores a file so you can “read it” is likely to call some function that has a vulnerability. Next thing it has executed and you are infiltrated … again. Often the files are dormant until you run into a secondary or third attack that somehow makes use of what has been saved into your system previously.

Uncategorized

Halloween – IT and Photography – getting a life…

  • October 31, 2019December 4, 2019
  • by Michael

Horror Stories – remember that time you tried to set up fibre-channel storage card. Technical horror stories, fighting with your website design, your database or recovering saves you thought you made but lost? Scary … but actually, tonight I’m heading out to Bangkok to look around at their version of celebrating Halloween.

I have other websites related to my photography, my interests and a Patreon that I capture interesting events to feed. I just revamped the site. Changed the parameters – I am going public. It has been a fairly private site but now I’m changing tack.

https://www.patreon.com/openmindphotography

One of the ways of reaching out for my services is to become a Patreon subscriber. You’ll see I’m a writer, photographer, vlogger as well as a very experience IT worker. So if you want guidance or help with your own social media projects – web services or troubleshooting, hand holding or other forms of support. Reach out – because going it alone can be horrific. I’m very open to give you a free consult to see if I can resolve your problem fast and give you an affordable rate. If you become a Patreon subscriber then it goes without saying I’ll deduct that from any bills.

Uncategorized

Frontier9

  • October 16, 2019December 4, 2019
  • by Michael

This is the blog of the admin of this humble Ubuntu server. He lives in the cloud of PheonixNAP – a US hosting company that has baremetal and cloud elastic virtual servers. Frontier9 is one of those servers.

He started with my mate T telling me, eh this is pretty affordable and I know the guy running the company. So i go there, but there is no obvious landing page – or at least I find it weird that he sends me to an admin subdomain to sign up. Eventually I sign up

Frontier9 started his time as a Ubuntu 14.04 LTS – now at end of support life. He wanted to stay there to be a lean fast machine but the evils of updates, security and bloatware pulled him into now. After all to use latest wordpress you can’t be on PHP5.5.9.

So during his set up he got upgrade script into the Xenial world 16.04. He is a LAMP server sometimes written as LAMPP – not sure what the second P is. I’m a very old timey computer user – started when I was 10. I’ve always liked to do things and programming was a way to get there. However, if someone already wrote the program and many exist I just let go programming so I could use applications and do things. These days I’m back to more admin, network, security to help my friends and customers.

This blog is the story of Frontier9 because the internet remains a frontier – it will extend way into the future unless the whole planet dies. I am inspired by an old gamer Day[9] who I used to enjoy the vlogging of and so I added a 9 – seems fun. I also live in Thailand as a nomad, expat or whatever you want to stay after getting free of organized Buddhism that took over my life for a time. In Thailand the number 9 is associated with moving forward which is what Frontier9 is built to help me with.

Here is another blog where I found explanation of the lucky number 9 in Thai culture. https://www.thaizer.com/culture-shock/lucky-number-9/

Sites and Thoughts

  • Synthesizers and Keyboard DIY August 5, 2021
  • Headphone Amplifier April 23, 2021
  • DIY Audio April 7, 2021
  • Docker on the RPi May 8, 2020
  • Learn admin on an RPi? Part2 – Reverse Proxy May 4, 2020

Someone actually commented

  • Michael on An Awesome work environment improvement – setting the lights for success
  • Michael on An Awesome work environment improvement – setting the lights for success
  • Michael on An Awesome work environment improvement – setting the lights for success
  • anthony on An Awesome work environment improvement – setting the lights for success
  • Johno on So, you want a mail server

Previous Posts by Months

  • August 2021
  • April 2021
  • May 2020
  • April 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019

Categories

  • Admin Guides
  • DIY Audio
  • Hacking Defenses
  • Health and Wellbeing
  • Increase Earnings
  • Uncategorized

Wordpressy bits

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Good staff are difficult to find

Contact me
Theme by Colorlib Powered by WordPress
  • My Services
  • Admin Guides
  • Hacking Defenses
  • DIY Audio