update

I also wanted to send this update that was published on US-CERT that was released a day AFTER I sent my email. One of the IS administrators sent out the email to us about this article.  Link:
https://www.us-cert.gov/ncas/alerts/TA13-309A

On the bottom of this article is some links to more information about CryptoLocker.  It seems that you need to purchase BitCoins to get key to decrypt your files.  Even experts cannot crack the encryption! Link:
http://www.bleepingcomputer.com/virus-removal/CryptoLocker-ransomware-information

This is some real scary  stuff and I hope no one ever has to see this windows appear in real life.  So backup and backup often!

Have a good weekend

Red Alert: 10 Computer Security Blogs You Should Follow Today

Security is an absolute crucial part of computing, and whether it’s a strength of yours or not, you should strive to educate yourself and stay current — I believe anyone who uses a computer should understand and do what they can to prevent security risks. However, if security isn’t a primary interest of yours, this can be difficult to do. Thankfully, there are many experts in this field who do this for us and share their knowledge online. Dave Parrack already covered many security experts to follow on Twitter, if that’s where you prefer to get your information. If you prefer to follow blogs directly, then you’ll want to check out these ten security blogs.

Naked Security

Naked Security is a blog containing security news, opinions, advice, and research from Sophos, a widely recognized security company. Here you can find a wide range of categories from privacy to security threats to operating systems, including mobile, to cryptography and even specific organizations, among the many other categories.

Krebs on Security

If you want to stay updated on the most recent security news, Brian Krebs – the guy behind Krebs on Security – is the guy to follow. An informative blog is far more than even a knowledgeable writer behind the posts – it’s also about the community, which Krebs on Security most definitely has.

Troy Hunt

This is a personal/professional blog of software architect and Microsoft MVP (Most Valuable Professional), Troy Hunt. His blog primarily focuses on improving software development and application security, but it could consist of anything technology related. He has an excellent insight when it comes to security, but writes in an easily comprehensible style, which is a rare trait among security writers.

ThreatTrack Security Labs Blog

ThreatTrack Security specializes in helping organizations and consumers identify and prevent targeted attacks and sophisticated malware from breaking through their security parameters. Their mission is to “provide [their] customers with the best technology solutions to discover and eliminate unknown threats on their IT networks.” Their blog covers everything from current security news to security tips.

Veracode Security Blog

Veracode is a security company specialized in application security. Their blog focuses on application security research (of course), and security trends and opinions. Whether you’re a security expert or someone just trying to find some helpful information, Veracode’s blog will be of great assistance to you.

Security Bistro

Although blogs need a community to thrive, they’re still primarily focused on what one or a handful of writers say about a particular topic. And the good bloggers interact with their readers. Security Bistro strives to end that “one-sided” type of blog. They say “it’s more than some journalists and analysts in need for a way of expressing themselves.” Security Bistro is set up like any other blog, but it’s their purpose that is intriguing. Although their readership seems a little low at this point, they’re still fairly new and as long as they continue publishing great content, the readers will come. Their topics cover news and analysis of the latest security threats, cyber attacks, network security, mobile security, data protection and much more.

Facecrooks.com

Because Facebook has become such a significant part of most of our online habits, it makes sense to stay educated with the present security news and risks tied to Facebook. It’d be nice if we didn’t have to worry about them in the first place, but unfortunately Facebook is not free of potential security threats. In addition to protecting yourself from your friends, it would be a good idea to educate yourself on the latest Facebook scams and malicious hoaxes by following Facecrooks.

Darknet

“Don’t learn to hack – hack to learn” – that’s the motto and fundamental mindset of Darknet, a blog that focuses on ethical hacking, penetration testing and computer security. Darknet is an awarded security blog that has been around for quite some time and has generated a loyal reader base. Their content is in depth, interesting, and easy to follow, all of which are practically a must when it comes to trying to understand a new topic.

Microsoft Malware Protection Center

Microsoft isn’t a stranger to security blogs – TechNet has been around for quite some time. However, their Malware Protection Center blog is quite helpful and current on the most recent threats and news. Of course, there are other blogs – security and otherwise – but I found this one to be the most useful and comprehensive security-wise.

Security Bloggers Network

Security Bloggers Network seems to be a slightly lesser-known security blog, but its content is superb. The benefit of having a network of like-minded bloggers who focus on one specific topic is an overload of exceptional information from various backgrounds and expertise. So how does it work? Security Bloggers Network collects information security focused blog posts and podcasts from all over the world and consolidates them in a single feed, with the authors’ permission of course. Readers like you can then subscribe to their blog, and receive useful information far quicker than going out and finding each individual blog. It is also an excellent way to find new blogs and security experts to follow.

Gmail Stays Up as Google Rejects Microsoft DMCA Takedown Notice

While Google receives millions of DMCA notices for its search service every week, that’s not the only part of its system to be targeted by rightsholders. Working on behalf of entertainment companies, over the past year several anti-piracy companies. Microsoft included, have regularly identified and reported URLs used by Google’s Gmail service as infringing copyright. Fortunately, the system hasn’t come crashing down.

As thousands of news reports, articles and research papers agree, today’s Internet is absolutely awash with infringing content. As a result, dozens of companies have appeared to try and stem the tide by sending out DMCA takedown notices on behalf of rightsholders.

The number of notices being sent out is nothing short of incredible. During the last full week of September, Google reported that it had processed a record breaking 5.3 million URL takedowns, that’s around eight every second. But yet again the record was short lived.

During the first full week of October, Google processed very close to 6.5 million notices in a single week, that’s an incredible 10.7 notices every single second of every single day.

Faced with a monumental task it’s no surprise that rightsholders make mistakes, everyone is prone to them of course, but some have the potential to cause real havoc.

In an effort to keep an eye on the situation TorrentFreak regularly scours Google’s Transparency Report and the archives on Chilling Effects, and every now and again we find some classics. Yesterday was one of those days.

On the front page of Google’s report the company now lists a few takedown notices that it received but decided not to take action against. As can be seen from the image below listing four instances, the final one targets Gmail.

The notice, which can be found here, was sent by a company called Piracy Patrol. It clearly lists https://mail.google.com/mail/u/1/ as an infringing URL. Of course, that cannot sensibly be the case, and Google spotted the mistake on this occasion and on several others (1,2,3).

“I can only say it was human error – and a rather silly one at that,” Piracy Patrol’s Michael Ward told TorrentFreak.

Of course we all make mistakes, but this incident piqued our interest – do other companies also try to take down parts of Gmail in error? It turns out they do.

In an effort to protect its products from piracy, Microsoft Russia has been sending Google DMCA takedown notices over the past year, around 61,400 in total. One of the products it targets is Windows 8 but as can be seen from this DMCA notice and the accompanying image below, Microsoft can make pretty big errors.

Strangely enough, there are even more instances. UK-based anti-piracy company RipBlock has targeted Gmail on many occasions over the past year, the image below illustrates just one.

Speaking with TorrentFreak, RipBlock said that the submissions were a genuine mistake.

“It’s a simple case of human error. We are not in any way trying to have parts of Google mail taken down,” operations director Lee explained.

“All URLs we submit to Google for removal are checked by our staff, who do their best to avoid submitting incorrect URLs – but we are human and we occasionally make mistakes. Embarrassing for us, for sure, but that’s all.”

Other companies targeting Gmail during the past year include Czech takedown outfit Netlook (notice).

We’re not sure what would’ve happened if Microsoft or the others had been successful in taking down https://mail.google.com/mail/, but we can’t imagine it would help the operation of Gmail. Fortunately Google appears to be staying sharp.