The Anti-Virus industry has been rendered ineffective for quite sometime and this came into attention only with one industry expert speaking out of the crowd to say so “AS IS”. We have all been under the impression that the security of our PC’s, Laptops and other computers has been quite effective and robust with online active updates that allows them to deal with evolving threats. The problem is as the discussion states, how do you deal with today’s millions upon millions of viruses and other forms of threats without super-computing status? You can’t, that is the reality we have to face that there is no one solution to the problem and that it is going to stay that way.
Anti-virus software engineers do their jobs round the clock to prevent these malware form doing the most harm on the millions if not billions of computers around the world that connects to the internet daily. As one sector of the globe goes to sleep, another wakes up to a new day of infections and threats that is exaggerated more by the constant online status of some pc’s meaning they are always connected whatever time of day it is. Imagine scanning through a database that can give you the ability to determine a virus among the millions of known types, variants and mutations (even with a super-computer it takes time) every time you download a file or click on an internet link, that would be unfathomable. The best these guys can do and hope for is that they (the many anti-virus vendors) get to the problem early on when the virus or malware is still propagating when they can still reverse engineer it, then issue the proper identifiers along with the removal instructions that they send out to their respective clients hoping they are still not infected and spreading the virus themselves.
If they already are infected, it takes more time to formulate an approach on how to remove the problem form the computer system leaving it untouched and without the threat. This is almost next to impossible for any seasoned PC user knows that anything that is installed stays installed (even fragments of files and other programs) long after the known un-install procedure has been done. The only sure way to clear an infected system would be to re-format the hard drive and then re-install the whole myriad of software and drivers that came out with the PC (most of them are lost during the years necessitating an online search from manufacturer sites and other help sites which may also be infected), losing them is suicide for a PC without proper drivers is like a car without brakes that constantly breaks down and has to try to get itself to run to a level of its former self.
Even with Gates Leaving, Microsoft is still the prime target
He has ruled the computer industry for a long time with the introduction of Windows through Microsoft and has left his mark on the lives of most if not all those who have used their software, Bill Gates has finally stepped out (for real this time) of the Microsoft management for good. Even as the news was still warm and getting out into the wild, another attack on the software giant has been detected and reported by the security provider WebSense about a fake OS patch that is aimed to address some vulnerabilities in Microsoft software. The supposed patch redirects users to a malicious web page that installs malware on the unsuspecting user.
“It’s a deception attack, where it is made to look like a Microsoft update and the user has to take action, rather than an exploit where the user gets infected without saying yes to the download,” Hubbard said. (Hubbard is a Chief Technology Officer at Websense)
Most seasoned users of Microsoft products, know that the company does not send notification of software patches through email (which is done by their AutoUpdate system that automatically does all the work for you…. well, even without you for some updates are unstoppable if you have your system on automatic mode). Any unsuspecting user that clicks on the “Yes” button to get the said update gets a backdoor program installed instead without any warnings. The wide open door can then be used by hackers to obtain information about the user or even take over the victim computer as another minion in the never ending battle between malware and security experts. The hackers managed to go around spam filtering systems by using a redirection path that aims the browser to the web site of the US Secret Service which is a sure sign of more devious acts to come.
The complexity and knowledge of hackers on how to circumvent security is very much a threat to all internet users and still remains a real threat for all of us who use the internet each day.
Source : SC Magazine
Cyber Criminals Use Disaster relief for activities
Shame on you people who capitalize on any means just for that easy buck and depriving help to those who need it most. The US’s C.E.R.T. office that is part of the Department of Homeland Security has acknowledged the existence of fraudulent activities related to the recent disasters in China and Myanmar. These cyber criminals use the disasters as a front to get hold of financial information and other personal data which they use for further criminal activities. The problem has them recommending everybody who wishes to make donations to first check with the Federal Trade Commission’s charity checklist and through other online charity verification facilities such as the Charity Navigator which lists all accredited non-profit organizations that are currently engaged in disaster relief operations in the specified countries.
Many people have been victimized by these cyber criminals who commit identity theft through financial information gathered from fraudulent email and websites through phishing attacks. Once the information is taken, prompt action is needed to avoid the tons of potential problems that can arise from such illegal activities. Measures are in place to freeze bank accounts and other bank financial services once they are reported. The verification systems in place for charities have also provided a lot of help with regards to fraudulent charities and other scams that they have to some extent provided protection for the generous and big at heart who always try to donate for people in need.
Not much can be said of these criminals except for the fact that they exhibit the highest levels of cowardice in their use of the misfortune of others for personal gain. There are a lot of resources available on the internet for verifying the truth of claims and people are advised to take caution when dealing with solicitation letters and such information. Identity theft is continuing to be a pain in the neck for all of us but with proper discipline, the problems associated with such attacks can be avoided and minimized. Shame on You Guys!
That darned USB port!
USB has been around for quite sometime and was designed to replace the interface capabilities of the old legacy standard. Today, most PC’s, Laptops and other peripherals have USB ports or have the capability of connecting to one such as keyboards, mice, digitizing pads, digital camera’s, video camera’s, flash disks and the device types goes on and on. They have become so common that many security experts warnings on their danger have gone unheeded, till now that is. Recent security holes and other problems associated with malware and viruses that have been transmitted through the USB port have risen to the point security people had to listen. These interface ports are quite convenient and easy to use that even the most beginner can plug an infected device such as a flash disk loaded with malware or viruses that they easily get through standard security. They are so small that physically banning them can be next to impossible and I’m sure you’ve read the several articles regarding the iPod which was connected to the corporate network…etc. Expert’s advice that to minimize their use for no good, disable them on-board or do not bother connecting them at all at the hardware level. This would render them truly unusable for some people however innocent of the workings of a PC or other computer type can enable them in the control panel easily. Unbeknownst to many, most devices that have flash memory can be used to store files other than video or pictures for they can be formatted using the operating system’s format utility or the propriety software such as iPod’s iTunes which can have even the most basic iPod Shuffle function as a flash disk allowing transport of say documents and other such files.
It Security – Interpol
The threat of IT security has reached such a level that even Interpol has gotten involved in the action. Many crime syndicates operate beyond the normal bounds of borders and business organizations that the Policing Agency has information for all concerned regarding the security and intrusion prevention of computer systems.
The said Interpol IT Security document aimed for investigators of crimes related to IT security, highlights the need for an established set of rules that should be enforced for all people in business or other locations such as the home and elsewhere. In the said document, there is an extensive article that deals with information interception which is now becoming the most prevalent form of attack on networked computers. Firewalls are also not that effective if not configured properly and the addition of an internal and other security is needed to increase the level of protection that is needed. File deletion as may of us in the IT community knows deletes only the directory entry of the said file and not the file itself. It can be compared to deletion of a filing cabinet label without actual removal of the folder that contains the document itself. Utilities like Wiperaser Ultra for clearing deleted data are available on the market which routinely scans all tagged free-space on a hard drive and erases all the data contained within. There are also utilities available for the recovery of deleted files like software from Handy Recovery, a data recovery software which can prove valuable in security breach investigations checking for unauthorized files in an employee’s workstation. There are even recovery companies who specialize in recovery of data from tragically destroyed hardware such as those that have suffered fire damage and many more such as SalvageData whose specialty is to recover information from damaged hardware.
Credit Card Fraud Peak Season
True, the holiday’s is the hottest time when credit card fraud runs into the millions of dollars. There are many incidents of fraud out on the market and shopping is a very casual task many take for granted. A leading credit card company from the US reported losses in the millions of dollars that they do not readily publicize for it has an impact on their customers confidence in their systems.
There is no true protective measure for something as small and compact as a credit card which in the wrong hands can cost you a few hundred dollars or even max out your credit limit. Crime syndicates use the said tactic for their illegal activities where they have people who handle these fraudulent transactions. There is still a wide open gap when it comes to credit card which may be covered by newer fool-proof security. The addition of biometrics to the standard card swipe can provide an added level of security along with fingerprinting.
Simple steps can also be taken to prevent these actions towards you such as being careful where and when you use your credit cards. When paying, be sure to have in plain sight the reader or terminal where the card is swiped to be sure they are used only for the intended purchase a card fraud scheme wherein a separate card reader is used to record the information contained within the card has been going on for a long time where the captured information can be used for purchases. Before signing the print-out or receipt, be sure to check all details such as the purchase amount and other such vital information. If you do end up loosing a credit card or your whole wallet, immediately call your card company so the said card can be tagged as stolen so further purchases are not billed to you. If there happens to be any inaccuracies in your card’s statement, call information at once for there may be a problem with your card of worst somebody may have already copied the information from your original card. Vigilance and awareness is the key so be on the lookout for any dubious people around you. Keep safe people and a Merry Christmas to all.