He has ruled the computer industry for a long time with the introduction of Windows through Microsoft and has left his mark on the lives of most if not all those who have used their software, Bill Gates has finally stepped out (for real this time) of the Microsoft management for good. Even as the news was still warm and getting out into the wild, another attack on the software giant has been detected and reported by the security provider WebSense about a fake OS patch that is aimed to address some vulnerabilities in Microsoft software. The supposed patch redirects users to a malicious web page that installs malware on the unsuspecting user.
“It’s a deception attack, where it is made to look like a Microsoft update and the user has to take action, rather than an exploit where the user gets infected without saying yes to the download,” Hubbard said. (Hubbard is a Chief Technology Officer at Websense)
Most seasoned users of Microsoft products, know that the company does not send notification of software patches through email (which is done by their AutoUpdate system that automatically does all the work for you…. well, even without you for some updates are unstoppable if you have your system on automatic mode). Any unsuspecting user that clicks on the “Yes” button to get the said update gets a backdoor program installed instead without any warnings. The wide open door can then be used by hackers to obtain information about the user or even take over the victim computer as another minion in the never ending battle between malware and security experts. The hackers managed to go around spam filtering systems by using a redirection path that aims the browser to the web site of the US Secret Service which is a sure sign of more devious acts to come.
The complexity and knowledge of hackers on how to circumvent security is very much a threat to all internet users and still remains a real threat for all of us who use the internet each day.
Source : SC Magazine
Tags: Backdoor, Malware, Redirected Sites
Categories: General, IT Security Basics, Malware, Network Security, News, Operating Systems, Privacy & Anonymity, Real-World Issues, Security Policies, Tips
Came across the incident on InfoWorld and it seems quite interesting for it involves spam messages on your mobile. That might seem a long way from the world of IT but as more and more of us turn to the mobile workforce that may present a big problem that can rival spam in your email inbox. The incident has a user from a certain location who moves to a different location that didn’t have the best of service availability when it came to his mobile carrier. He was contacted by AT&T and was informed that due to some technical constraints that cannot guarantee their full range of services. So in the end he was forced to sign up with an alternate mobile provider (Sprint) from which he began receiving marketing mail and text messages that were on the same level as phishing scams out for your personal information.
Unsolicited marketing is banned (which led to the downfall of most off-site call centers) in the US and almost anywhere else if I got it right, so why does a leading provider allow such things to happen? Well, the marketing industry for one is one of the most aggressive when it comes to the utilization of new technologies to further their reach and mobile phones being almost part of everyday life (except for some far reaches of the Amazon or Africa) it is a ripe and well established area to focus on for marketing drives.
Communications is the key and mobile workforces being very dependent on it makes them prime targets as prey for such marketing drives. The poor fellow isn’t alone for millions of us do get unsolicited voice mail or text messages from time to time (some more than others) and there should be something done to correct such menacing and disrupting activities.
Source : InfoWorld
Tags: Marketing, New Arena, spam, Spam Menace
Categories: General, IM, IT Security Basics, Instant Messaging, Malware, Privacy & Anonymity, Real-World Issues
In a new twist in the online world we know as the internet, hackers have begun to target websites themselves in what seems to be the newest round for the battle over the control of the internet. There is no single owner of the internet as we all know it but there needs to be some form of regulating body or organization that must keep order to make sense of all the information out on the net. Turkish hackers have targeted two sites who just happened to be the ones responsible for keeping order on the net. Both the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Assigned Numbers Authority (IANA) have been hijacked by hackers, redirecting users to other sites whilst downloading a nasty payload of malware in their wake. The deregulation of the internet naming conventions and other technical restrictions is set to go into full swing this coming 2009.
Incidentally, these two internet governing bodies have agreed to announce that they are going to announce a relaxation of rules and regulations that governs the naming and apportioning of resources of the internet making it more user friendly in terms of naming conventions. The country designators might remain but you might be surprised to get web sites named; BankofAmerica.bank instead of BankofAmerica.com.
The hackers have been contacted and they have admitted ownership of the acts but they have kept their hijacking methods out of sight, true to the hacker tradition. This incident raises the risks of the upcoming unleashing of the naming convention methods about the validity of the web sites and the true aim of their owners. The hackers goal was to again reiterate that there is no one owner of the internet and that they (hackers) can do whatever they wish with it and with the knowledge they possess that is a very likely scenario.
Source : CRN News
Tags: hacking, Hacking Stunt, IANA, ICANN, Redircted Web Sites
Categories: General, IT Security Basics, Network Security, News, Real-World Issues
Citibank an arm of Citi Corp, has suffered a data breach in the form of 7-11 Store installed ATM machines which were broken into by hackers who got away with millions according to the report on Yahoo News. The three hackers have been found, arrested and are currently under custody as the case is further studied and discussed in the courtroom.
The problem happened when these hackers got through third-party computers who handled debit card account transactions taking all the information they needed that was enough for them to engage in online transactions without the need for physical contact with any ATM machine.
The problem is another case of lax data security which in terms of ATM pins are said to be the most secure of all bank information systems for the potential is horrendous in terms of loss.
“PINs were supposed be sacrosanct — what this shows is that PINs aren’t always encrypted like they’re supposed to be,” said Avivah Litan, a security analyst with the Gartner research firm. “The banks need much better fraud detection systems and much better authentication.”
This shows that even with the repetitive problems and incidents of identity theft not everybody is listening and taking action to protect their information, as in the case of Citi Corp., their third party providers should have had ample measures such as encryption, and redundant security measures to prevent such incidents from even happening. Citi Corp., being one of the biggest multi-national banks with accounts all over the world should have check and balance systems that ensures customer information is safeguarded from such intrusions which in this case is going to cost them millions of dollars. The company has relied so heavily on systems based on Microsoft Software technology which has received continuous attacks and this is just another addition to the types of attacks they suffer from hackers.
Tags: ATM's Hacked, ATM-Fraud, Citi Corp., Citibank
Categories: Backups, Cryptography, General, IT Security Basics, Network Security, News, Physical Security, Real-World Issues, Security Policies
If you happen to be a small or medium scale company that cannot afford multiple data stores and infinite numbers of mirrored hard drives, that becomes a problem. An encrypted hard disk in a laptop that gets banged up damaging the hard disk may still have some of the information intact enough for recovery but damage some of the vital keys and software and you are left hanging by a thread or down in the gutters. Data recovery is possible but only through expensive methods with the hard disks being opened up, the platters extracted and installed into another similar hard disk for data extraction. Only the military and federal government would have enough cash to burn in terms of data recovery at that level for the price is computed in the amount of megabytes recovered and on a per hard disk basis, and imagine a 1 terabyte drive at say $50/MB then you’d be scratching your head by now, and that’s just for a single drive.
The risks of identity theft and information leakage is real but the technology is still quite prone to failure even with today’s quad-core which is why we didn’t discuss the performance issue in the discussion. Today’s multi-core processors are capable of handling complex tasks such as real time encryption and decryption as if there was nothing happening on the background. The performance issue has been addressed by more powerful microprocessors but the reliability of the hard disks which stores the information and even the CD’s are still quite weak. Till there is more definite proof that all parts of the computer has reached such a reliable level that failure is a less of a factor more people would still retain their own proprietary security measures (birthday passwords, flash thumb drives that always get lost and physically carrying their discs with them).
Tags: encryption, Security Policies
Categories: Backups, Cryptography, General, IT Security Basics, Malware, Network Security, Operating Systems, Physical Security, Real-World Issues, Storage, Wireless Security
Encryption used to be the mainstay of military and other government agencies who need to secure the information they handled preventing anybody who may get access rendering the information useless. Everybody knows about it yet not many use it for the protection of their vital information stores, why? Well there are a hundred reasons why people mistrusts such an extreme measure as encrypting data and one is reliability of technology on which it is used on. Computers as we know have become cheaper and cheaper that has been good on one side but it also raises the risk of failure due to cheaper parts and higher risk for data loss due to failure. I know a lot of people would be going against me on this one but if you have experienced a hard disk crash during my many years of computer use and association with them in my previous line of work as a technical support supervisor, you’d know what I mean.
The technology we have today is of the highest level of quality and technological complexity of the computers I started to work with (386’s and 486’s) but the robustness of these gadgets and gizmos we call peripherals are still quite low except for the extreme types that are too expensive for the ordinary user to afford. Imagine a failed motherboard that has fried circuits, no problem for the hard disks are seldom affected by such incidents. Get the board out and swap it out and you connect the hard disk and you have your data available. Imagine you have a failure in the hard drive itself; you get some software and try to recover that information hoping you get enough of the sensitive files your boss needs in the morning. Now, imagine having a hard disk that was encrypted and had some of its sectors rendered useless, now that’s a nightmare for the encrypted data is useless with the key and the code stored into the hard disk itself.
Tags: data-recovery, data-security, encryption, Hard Disk Failure, hardware-failure, Risks
Categories: Cryptography, General, IT Security Basics, Real-World Issues, Storage
Due to the recent problems associated with the loss of government laptops and security breaches such as the incident where the laptop of a Federal Trade Official was reported to have been compromised by reportedly Chinese operatives while on a trip overseas, the US Federal government has begun to encrypt their laptops in hopes of bolstering their security to prevent such security risks in the future. Let us just hope that they do it fast enough for no one wants to get their personal and financial information released online or obtained by enemies of the state (terrorists in layman’s terms). Of the estimated 2 million laptops the US government and the many agencies have, only 800,000 have had the encryption system developed by the Department of Defense and the General Services Administration.
Encryption is one of the most secure way pf keeping data safe from unauthorized access which renders them useless without the proper software or security keys. Comparable to the dial combination on a bank vault, the encryption process turns files onto a useless bundle of information that cannot be read or used for other purposes.
All this effort to boost security of information that is gathered and collated by the various agencies and even private businesses that have ties with the government though contracts have had their computers encrypted to ensure the information they handle and use stays secure and out of the hands of criminals who aim to use them against the government.
Tags: data-encryption, data-security, encryption, Federal Government
Categories: Cryptography, General, IT Security Basics, Real-World Issues, Security Policies, Storage
Shame on you people who capitalize on any means just for that easy buck and depriving help to those who need it most. The US’s C.E.R.T. office that is part of the Department of Homeland Security has acknowledged the existence of fraudulent activities related to the recent disasters in China and Myanmar. These cyber criminals use the disasters as a front to get hold of financial information and other personal data which they use for further criminal activities. The problem has them recommending everybody who wishes to make donations to first check with the Federal Trade Commission’s charity checklist and through other online charity verification facilities such as the Charity Navigator which lists all accredited non-profit organizations that are currently engaged in disaster relief operations in the specified countries.
Many people have been victimized by these cyber criminals who commit identity theft through financial information gathered from fraudulent email and websites through phishing attacks. Once the information is taken, prompt action is needed to avoid the tons of potential problems that can arise from such illegal activities. Measures are in place to freeze bank accounts and other bank financial services once they are reported. The verification systems in place for charities have also provided a lot of help with regards to fraudulent charities and other scams that they have to some extent provided protection for the generous and big at heart who always try to donate for people in need.
Not much can be said of these criminals except for the fact that they exhibit the highest levels of cowardice in their use of the misfortune of others for personal gain. There are a lot of resources available on the internet for verifying the truth of claims and people are advised to take caution when dealing with solicitation letters and such information. Identity theft is continuing to be a pain in the neck for all of us but with proper discipline, the problems associated with such attacks can be avoided and minimized. Shame on You Guys!
Tags: Charity Fraud, China Quake, identity-theft, Myanmar Cyclone
Categories: General, News, Tips
A startup firm named iSekurity has former agents from the various US Federal agencies in their roster is to begin offering Identity theft protection service which may become the start of a new chapter or rather business in the world of industrial espionage and identity theft. These former agents are no strangers to the growing problems associated with identity theft and it is costing money for many US businesses and the people who work for them. From petty credit card fraud to more serious crimes, they’ll tackle them all and they would do it with the same precision and tenacity as they have learned in the service. The President and founder of the company promises to get people who steal identities or give their clients a sum of $11,000 as remuneration for any cases they fail to resolve.
This is in response to growing frustration among people with crimes that have resulted from identity thefts and the company’s crews of over 100 former agents are well versed in the art of surveillance and apprehension.
Private businesses like these, hope to fill in the gap between law enforcement and the public where they can do little to stifle these crimes that often have links to organized crime syndicates. From drug running to many other gang related activities, these guys have done it all. The president of the company was a former Presidential detail to former presidents and has taken the role of leading the Secret Service’s elite CAT or Counter Assault Team. With impeccable records in their former federal duties, criminals have one more group of people to overcome in their endless pursuit of identity theft.
Tags: Identy theft, iSecurity, Startup
Categories: General, IT Security Basics, Malware, Physical Security, Privacy & Anonymity, Real-World Issues, Spyware
Panda software, a developer of security systems and anti-virus software has raised the alarm regarding a massive cyber attack on vulnerable IIS Server based web pages. The malware once it gets in re-directs users to malicious sites from totally legitimate web sites. The infection grew from less than half a million infected servers to almost double that which is quite fast for a specific type of malware. Most developers who employ “code scrubbing”, which is removing information as it is saved into an SQL database are easy prey and are the intended target of the massive attack that is still taking place. An I frame is inserted to redirect users to malicious sites that can lead to identity thefts even with the users not knowing about it.
The attack is centered on Microsoft’s IIS web Server in particular ASP pages that have very strong ties to SQL databases. Panda and Fsecure have both identified the hidden code (“) that can be deep in their web pages and advises them to look for the string that re-directs people to other sites. Users and Site Administrators are advised to get all updates from Microsoft to remedy the problem and to halt the spread of this attack once and for all.
All this to bug people who use the web all over the world, in the never ending battle between hackers and those who are up to take them head on.
Tags: ASP Web Pages, Malware, Microsoft IIS, SQL Databases
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies, Spyware
