Protect your email from viruses with Virus Eraser (Mac & Windows)

Viruses can take down both Macs and PCs.  They can be downloaded from the web and sent by email.  Sometimes this is by nefarious people, but sometimes it’s unintentionally by friends and work colleagues.

Virus Eraser is a new antivirus product that works on all versions of Windows and on Macs too.  On top of the real-time protection and massive database of viruses, it also stops you being that person distributing the viruses unintentionally (and, of course, scans your incoming mail to protect you too).

Virus Eraser is said to scan your mail and attachments, and work with all mail clients on a Mac.

We’ve not had a chance to put the software through its paces yet, but the company is an Intel Software Product Partner, which gives them some good credibility.

Check them out here Virus Eraser

Is this malware? Chromium browser update needed…

I can’t work this one out.  I’ve Googled around the web, but not found anything.  Periodically, I get the following image pop up on my Windows 10 PC:

Update Required

It reads:

Update Required

Your version of Yahoo search is out of date.

There is a newer and improved version available with the fresh and intuitive Chromium browser.  By clicking “OK” you agree to Install Chromium browser as your default browser, install our Desktop search bar, set Yahoo provided search as your default search, homepage and new tab on all of your compatible browsers.

I don’t want any of that! I also don’t use Yahoo search (so I don’t really think this is from Yahoo), which is why I wonder if it is malware.  Windows Defender does not seem to pick anything up.




The World’s Most Secure Phone

Blackberry is not over, and security is a big thing.  These are the critical messages that are coming with Blackberry’s latest phone, the Blackberry DTEK50 which they are marketing as The World’s Most Secure Phone.

It will not appeal to all users, it’s not flashy and it’s not bling.  What it is though is a solid and secure device for those that want things to work, and work is a secure fashion.

Unlike Blackberry’s long history of phones, the DTEK50 runs on a modified version of Android 6.0, loaded up with Blackberry’s secure apps and software.  This means that you can access all the usual Android apps through the Google Play store, but you can also use all of Blackberry’s secure services.  This is a clear play to Enterprise users here.

The DTEK50 won’t break the bank either, you can pick it up on Amazon for just $333.27 (direct link here).

The hardware is good, although inline with other Android phones:

  • 16gb Storage with Micro SD Slot
  • 3GB RAM
  • Snapdragon 617 Octa-Core, 64 bit
  • 5.2 inch/ 1080p screen

If you are buying this phone, you won’t be buying it for the flashy specs – there are others out there such as the OnePlus 3 (see it here) that would be a better deal – you’d be buying it because you believe that Blackberry has the history of, and capability to deliver, a secure mobile environment that others can’t.



Block WordPress XMLRPC attack

Our site is a standard WordPress install.  It has recently been subjected to a Denial of Service (probably distributed) which makes many many calls to xmlrpc.php using HTTP POST.  This simply overwhelms the server.

We found this out by looking at the access log.  You will see lines like this:

    igbreviews.com:80 176.31.39.108 – – [08/Aug/2016:08:03:04 +0000] “POST /xmlrpc.php HTTP/1.1” 200 790 “-” “Googlebot/2.1 (+http://www.google.com/bot.html)”

This is not actually the Googlebot, but a rather nefarious attacker.  You can tell this by running

    host 176.31.39.108

If this returns a Google domain you are fine, if not you are being attacked.

We first started by adding each malicious IP address to apache’s .htaccess file (found in our site root).  This worked well, but the attackers kept changing IP address.

Instead we’ve blocked all access to xmlrpc.php and only allow our specific IP addresses access this with the following code:

    <Files xmlrpc.php>
        order deny,allow
        deny from all
        allow from 1.2.3.4
    </Files>