Archive for the ‘Information Security’ Category
Description of ‘Information Security’ Category: Posts about computer information security, which is protecting information and information systems from unauthorized: access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Friday, November 18th, 2011
The security of your business’s website should be one of your highest priorities. A secure website is one of the best ways that you can establish trust with your customers. The security of your website will directly impact your number of visitors and has the potential to hinder or boost your sales. With the massive number of website intrusions this year alone, hacking has become a major concern for most online shoppers. Whether it is to protect your website or your customers personal or financial data, a secure website is a must have. The following are some tips for creating a strong and secure website environment for your consumers. 
Use a Strong Administrative and Database Password:
Creating a strong administrative and database password will prevent hackers from accessing the admin interface and from taking over your entire online business. If a hacker does gain entry to your website’s administration panel they can pretty much do whatever they please from defacing your website to committing fraud by pretending to be you or your company. To learn more about creating strong passwords visit Elements of a Strong Password.
Secure Admin Email Address
An admin email address is used to login to your web server, CMS, database. It should be kept private and different from the one that you have on your contact page.
Make sure you have Firewalls Implemented:
Configuring a firewall will help prevent unauthorized access to your site and acts as a filter for the information that is sent to and from your website. You should configure your firewall to the highest security preferences so that it will deter hackers from attempting to gain entry to your site.
Update Your Antivirus Program Regularly:
New malicious programs are created and discovered every day so it is important that you not only have Antivirus software but that you also keep it up to date. Antivirus programs scan, track, and remove any problems from your hard drive. Like Antivirus software a spyware program can detect and eliminate any spyware that has made a home on your hard drive.
Read the Latest Information on Tech Blogs:
Reading tech blogs regularly will keep you up to date on the most recent vulnerabilities and will help you stay one step ahead of hackers.
Use robots.txt to Keep Certain Things Hidden from Search Engines:
Add a robots.txt folder for the documents, images, and information that you do not want to be indexed by search engines.
Use a Secured FTP Access and Restrict Root Access
SFTP access prevents others from being able to view what you are uploading or downloading to & from the webserver. Restrict the access to certain non-system folders to prevent FTP uploads by people other than the system administrator.
Check Your Software and Third Party Scripts:
Ensure that any software you use is kept up to date with the latest security fixes. (Blogging software like WordPress, third party scripts, etc.) Also remove any scripts, services, or other software that you are no longer using.
Perform Security Testing:
It is important that once you have the previous security items in place that you perform security testing. Search your website and source code for any security flaws that may allow unauthorized access. You can check your source code for free with Source Code Analysis Tools. Using security plugins like WordPress Security Scan are also a great way to analyze the security of your site.
Keeping your website secure is a never ending job, there will always be new threats and hackers will continue to find new ways to gain unauthorized access. Implementing these suggestions in addition to doing your own research will help you to stay as far ahead of these types of individuals as possible
Thanks for Reading!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: business website, Firewall, Information Security, protection, secure, secure website, website
Posted in Firewall, Information Security, Web Development | 1 Comment »
Friday, October 14th, 2011
Back in 2005 the FBI reported that the losses due to laptop theft were estimated around $3.5 million. They also identified that the average cost associated with a lost company laptop was around $32,000. Since 2005 the number of laptop users has dramatically increased and it has been assessed that one in ten laptops have or will be stolen. Laptop protection has become a major concern for many laptop users. The threat that laptop thieves pose is more than just concern for our expensive devices, it triggers our fear that someone could have access to our stolen and vital personal information.
 - From http://www.kensington.com/kensington/us/us/s/1386/clicksafe%c2%ae-laptop-locks.aspx , Oct 2011
Laptop theft is a significant and serious threat. Thieves will often target laptops because they are small, easy to grab, easy to conceal, there is a market for them, and they are a quick way to get cash. Most of these criminals target laptops because they know that a property theft charge is a better alternative to a personal robbery charge. Once stolen, a laptop can then be sold to a used computer store or pawn shops for as much as half the original retail costs.
What can you do to secure your laptop? There are two components to laptop security, the physical side and the virtual. Physical protection refers to instinctual protection like keeping your laptop with you, keeping it out of sight as well as purchasing protection devices such as cable locks, laptop safes, and motion detector alarms. Virtual security on the other hand implies defenses such as software protection programs, passwords, and tracking safeguards.
The following guide is intended to identify security techniques and tools to protect you from being a victim of a laptop theft. The tips will cover practical security methods, virtual defense techniques, and physical protection devices. For the best protection it is recommended that you use a combination of each.
Practical Security Tips:
- Never leave your laptop unattended or in plain sight.
- Keep your laptop in a secure, or hidden place
- Lock your doors and windows when you’re not in your room.
- Never leave your laptop in an unlocked vehicle.
- If you leave it in your vehicle make sure that it the car is locked and the laptop is out of sight. The best place is in a locked trunk or covered in the back seat.
- Write down your laptop’s serial number.
- Don’t store sensitive content on your laptop.
- Don’t share your passwords and make sure that they are sufficient.
- Don’t store your passwords. A lot of programs now have the option to remember passwords. It may make it easier for you to access your information but if stolen it will also make it that much easier for criminals to gain access to your accounts.
- Personalize the look of your laptop with clear identifiable marks.
- Carry your laptop in a nondescript carrying case, briefcase, or bag. Placing it in a case designed for computers is an immediate alert to thieves that you have a laptop.
- Lock the laptop in your office during off-hours.
- Back up your information on disks and store the disks at home or the office.
- Pay attention to where you use your laptop. Be aware that someone behind or next to you can see your computer screen.
- At airport checkpoints, be observant. Don’t place the laptop on a conveyor belt until you are ready to walk through the checkpoint.
Physical Protection Tips:
- Sometimes just having some type of security device attached to your laptop is a good enough deterrent for thieves.
- When you have to leave your laptop unattended you can store it in a Laptop Locker. These safes secure your device whether it’s in your office, car, or home.
- When out in public or in a shared office you can use a laptop Cable Lock. Using a laptop security cable is one of the easiest methods of laptop security and protects against theft. Click on the link to see some cable lock options.
- Another option for securing your laptop is to have a secured bracket or a docking station. A security bracket or dock bolts your laptop in a stationary location either in its open or closed position.
- If there isn’t a structure to attach your cable lock then you could always use a Motion Sensor Alarm.
- A STOP Security Plate will also prevent criminals from stealing your device. These stickers have a unique barcode for each laptop and user. If the sticker is removed it reveals a permanent “Stolen Property” mark and provides a number to report the theft.
- Check out devices with Biometrics like finger print or retina scanners.
- You can also use a Privacy screen to ensure you are the only viewer able to see your information. Privacy screens limit the angle at which the computer screen is visible.
Virtual Defense Tips:
- Although user passwords are not nearly as effective as they once were, it doesn’t hurt to still use them.
- Encrypt your sensitive documents.
- Use Full or Whole Disk encryption. This is software that encrypts the data on the entire disk including the Bootable Operating System partitions. Disk encryption software does not encrypt the Master boot Record. However certain Disk encryption hardware will encrypt everything including the MBR.
- Purchase Remote Laptop Security software so that you can deny access rights to someone trying to access your stolen device.
- See if your device is eligible for laptop insurance from Safeware.com.
- Use a Theft Recovery Software.
- Set up a BIOS password. The BIOS software is built into the PC, and it is the first code that a computer runs when powered on. Establishing a password in the BIOS will ensure that a laptop thief will be unable to load the Operating System unless they acquire the correct credentials. This Pre-Boot Authentication guarantees a secure environment that is external to the operating system. Pre-Boot Authentication is confirmed with something you know (username or password), something you have (smart card or other token), or something you are (biometric data).
How to establish a password in BIOS:
1. Start or restart your computer. When the BIOS screen comes on, press the Delete key to enter BIOS setup. (Some computers used “F12? or “F2”, or other keys)
2. Use the arrow keys to choose “Security” and press Enter. You will then see “Supervisor Password” and “User Password” on your screen.
3. Use the arrow keys to move down and highlight “Set User Password”, Press Enter. Enter the password in the password field and enter the password again in the confirm password field when it appears. Press Enter to set the password.
4. Use the arrow key to move down and highlight “Set Password Check”, press Enter. The options to invoke the password during “Setup” or “Always” will then appear. Choosing “Setup” requires a password to enter the BIOS. Choosing “Always” requires a password every time you start your computer. Highlight your choice and press Enter.
5. Press Esc one time, use the arrow key to select “Exit”, press Enter. Save your changes and exit. Your computer will then exit the BIOS screen and reboot.
When a laptop is stolen the actual loss can be huge. The replacement cost of a stolen laptop includes the cost of the new laptop, any stolen peripheral devices (network cards, modems), replacement software, time to configure the new device, and time to install new software. Not to mention any work material, photos, purchased media, memories, and personal information are now history. Any stored information on your computer is vulnerable and even if laptop thieves can’t benefit from the sale of your computer they could potentially gain access to personal information or your online accounts. If you aren’t already utilizing some of these suggestions or devices we strongly urge you to do so immediately, overlooking the importance of laptop security could be huge mistake.
Check out companies like Kensington, Targus, and Lenovo for the latest in laptop security.
Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: computer, Information Security, Laptop, laptop protection, laptop security, password, theft protection
Posted in Information Security | No Comments »
Friday, September 23rd, 2011
Identity theft is when a criminal illegally obtains and uses an individual’s personal information such as their social security number and driver’s license number, for fraudulent purposes. Once Identity theft criminals gain access to this private information they will pose as that person usually to acquire credit, merchandise, or services.
There are two main types of identity theft, account takeover and true name ID theft. Account takeover identify theft is when a thief uses the stolen personal data to gain access to existing bank accounts. True name identity theft they will use the personal information to open new accounts, credit cards, and services.
The Internet provides these types of criminal with a perfect hunting ground. It’s extremely easy to target Internet users because of the vast accumulation of information as well as the effortlessness of performing a transaction without verification. Although recently the number of database hacking attacks has dramatically increased, most identity thieves still obtain our information from spying over our shoulders or digging through our trash.
According to a recent survey from Javelin Research and Strategy
“In 2010, identity theft and fraud claimed fewer victims than in any other period since Javelin began conducting surveys in 2003. Driving that decrease was the reduced rate of existing account fraud, although incidents of all types of fraud dropped from 2009. Meanwhile, consumer costs, the average out?of?pocket dollar amount victims pay, increased, reversing a downward trend in recent years. This increase can be attributed to new account fraud, which showed longer periods of misuse and detection and therefore more dollar losses associated with it than any other type of fraud.”
The survey also identified account takeover, friendly fraud, and improper use of privacy settings on social media networks to be the growing problems. Several other issues include people not shredding important documents, using weak online passwords, and neglecting to use anti-malware software. The survey found that 48% of the reported identity theft cases were initially identified by the consumers. This statistic clearly expresses the dire need for individuals to routinely monitor their accounts and financial statements.
Everyone should also protect themselves by requesting their credit reports. You can obtain your free credit report three times a year from Annual Credit Report.com. Consumers can request to view their credit report up to three times a year because there are three different Nationwide Credit Reporting Agencies Equifax, Experian, and Trans Union.
How Identity theft can occur Online:
On the Internet, we are made of a digital identity. This identity groups information like our IP address, physical address, usernames, passwords, personal identification numbers, social security numbers, birth dates, account numbers and other personal information. Hackers and identity thieves’ main goals are to obtain this information. The Internet makes it extremely easy for these criminals to trick people into unwittingly handing over their information rather than having to dig through their trash. Some of the techniques that hackers use to obtain out information are
Phishing is when emails or websites falsely claim to be an existing organization that you do business with. These emails redirect users to websites that are created to look like the legitimate site. Users are then typically asked to update their personal information. Meanwhile the real company has no need to ask for updated information and you just supplied it all to a criminal. Be cautious of emails expressing urgency and avoid links or submission forms asking for financial information. Sensitive information like this should only be communicated using a secure webpage. (Learn more about protecting yourself against phishing!)
Pharming is a more sophisticated version of phishing. With pharming a cyber-criminal creates a vulnerable spot in an Internet Service Provider’s DNS server and then hijacks the domain name of a commercial site. When people visit the legitimate website they are immediately redirected without knowing. Unsuspecting users will enter their login information as usual, only this time they will be providing it to the pharmers. The personal information gained can be used at the website to purchase merchandise, clean out bank accounts, or open new ones.
Spyware is used to gather information like user ID’s or passwords. Once gathered it is then sent back to the intruder. Spyware can collect this information by logging keystrokes and using malware like Trojans. New malicious programs are created and discovered every day so it is important that you not only have Antivirus software but that you keep it up to date as well. Antivirus programs scan, track, and remove any problems from your hard drive. Anti-spyware programs can detect and eliminate any spyware that has made a home on your hard drive. Many Antivirus programs are bundled with an anti-Spyware.
Tips To Protect You From Identity Theft:
- Use your common sense.
- Check your credit reports.
- Check your bank statements.
- Compare your credit card charges against your receipts.
- Shred documents that contain personal information.
- Don’t carry unnecessary identification documents.
- Deposit outgoing mail at the post office on in a secure mailbox.
- Resist providing personal information unless you know that it is necessary.
- Watch out for phishing sites.
- Use an Anti-virus and Anti-malware software.
- Create strong and unique passwords for each website.
- Only shop at reputable websites.
- Only download software from reputable sources.
- Secure your wireless network.
What to do if you Suspect Identity Theft:
- Contact your credit card companies to notify them and request new account numbers.
- Contact your bank and request that an alert be placed on your account.
- Contact one of the three credit reporting bureaus and request that a fraud alert be placed on your file.
- Request a free credit report.
- Continuously monitor all of your accounts and credit reports.
- File an identity theft report with the local police or a State and Federal agency.
For more information visit The Effects of Identity Theft and The History Of Identity Theft!
Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support to Businesses in Maryland
Tags: account protection, computer security, credit report, identity, identity theft, online identity theft, theft
Posted in Information Security, Internet | No Comments »
Wednesday, July 13th, 2011
Scams, viruses, and Facebook Frauds that prey on the curiosity of unsuspecting users are nothing new for the popular social network. Facebook and social networking sites alike create a perfect environment for spammers to instantly reach millions and rapidly spread their lucrative scams. Although the majority of users have learned how to Spot and Avoid Facebook Scams, there are some creative and devious scams that continue to attract the attention of many users. These scams are extremely misleading and publicize something that is either too good to be true or reel users in by taking advantage of the recent headlines.
from http://www.facebook.com/group.php?gid=9874388706&v=wall, July 2011
These scams are usually created to generate some kind of financial gain for spammers and to further spread their spam. Often the fraudulent posting will advertise one thing and then direct a user to a completely unrelated page. Previous Facebook scam such as the “Free iPad scam” and the “See who is viewing your profile scam” have been used as a spamming technique called ClickJacking.
ClickJacking presents a page to the user with a seemingly harmless action button, unbeknownst to the user there is usually a transparent layer with an alternative button positioned directly on top. In other words, when the user thinks that they are clicking the one button they are really clicking the hidden button. The hidden button is usually something that a user would probably avoid if given prior knowledge. For example the button could initiate an unauthorized purchase, an adjustment to your social profile, a twitter follow, or the spamming of your Facebook contacts.
New spam scams are created each day, this week alone we have already seen three new Facebook scams that draw in users by exploiting popular news headlines. Among the scams that appeared this week are posts proclaiming the “Death of Charlie Sheen”, the “Casey Anthony murder confession video”, and the “Google+ invite”. Each of these attractive headlines is completely bogus and only serves the purpose of luring in victims.
The high demand for Google+ invites has made eager users a perfect target for spammers. For this scam a user receives a request to access their basic information. Once the user accepts that request the scam bombards them with emails, submits posts on your friends’ walls, and accesses their personal information while they are offline. In addition to these abrasive actions the scam is also thought to be accumulating email accounts for future spam attacks.
The second scam is one that involves the court case of Casey Anthony, who was exonerated and found not guilty of the murder of her daughter due to lack of evidence. The hype surrounding the court case and public outrage regarding the jury’s verdict has generated a lot of attention for Casey Anthony. In this scam a user receives a message offering a chance to watch the video of Casey Anthony confessing to murder. Upon clicking, users are redirected to a site that presents them with a survey that must be completed before watching the video. Following the completion of the survey the users do not gain access to a video but instead encounters more surveys. Similar to the first scam, both the walls of the users as well as their friend’s walls are blasted with Casey Anthony Spam postings.
Like the previous scams the “Charlie Sheen Found Dead Scam” also capitalizes on the public interest for Charlie Sheen ever since his termination from “Two and a Half Men” and whacky behavior. This scam again obtains user information and redirects them either to a dead page or one that requires them to participate in an online survey.
Again these claims are completely bogus and are only used so that spammers can benefit from susceptible users. If you have had the misfortune of coming across these scams or ones like them, perform the following tips to cleanse and secure your Facebook profile.
If something sounds too good to be true or is too shocking, then it’s probably a scam. When it comes to social networking sites, try stay up to date with the latest scams and be cautious and suspicious of all content that appears shady.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: casey anthony scam, charlie sheen scam, Facebook, google+ scam, scam, social network, spam, spammer, spamming
Posted in Information Security, Social Networking | 1 Comment »
Tuesday, June 21st, 2011
Earlier this month Apple held its annual Worldwide Developers Conference, during the event Apple unveiled the new features of iOS 5 which is set to arrive later this fall . Although the much anticipated release of the iPad2 had come and gone back in March, the news of the newest iOS has seemed to spur iPad2 sales. At a price range set from $499-$829, these devices are definitely an investment that is worth protecting. The following are ten tips to help ensure the safety and protection of iPad devices. The list covers both physical and virtual security so that customers can hopefully prolong the life of their device and be able to take full advantage of the upcoming iOS improvements.
from http://www.apple.com/ipad/features/, June 2011
The iPad Smart Cover isn’t a customer’s only choice however it seems to offer the most protection along with usability. In addition to providing protection, the Smart Cover can also be transformed into an iPad stand with various positions, activate the sleep mode when covered, wake the device when uncovered, grip the iPad using built in magnets, comes in a number of colors and is available in two different materials. Users can also choose to use full shell cases for heavy duty protection or portfolio and envelope cases for the professional environment.
A case or cover doesn’t necessarily mean the screen is fully protected. Screen or scratch protectors are well worth the purchase and not only do they prevent scratches but they have also been known to prevent the screen from shattering on impact. Prior to the release of the iPad2, Apple had stopped selling all anti-glare and screen protection film as what was thought to be a way to advertise the iPads screen durability. However screen protectors are still available through other companies, the trick is finding one that provides durability and is easily adhered to the iPad without causing damage.
It may seem like common sense but some people still leave their iPad unattended or believe it to be safe in their car. A car is not a safe place to leave expensive devices, leaving your device in sight and unattended will only entice someone to break in and steal it. In addition to passwords, iPad owners can also use security locks and security cables to provide extra protection when not in their possession.
At the very least all users should utilize the password option to protect their information and data. To configure the password settings go to Settings, General, and Passcode Lock. Once the password option is activated the passcode will be required when restarting the device, waking the device, and unlocking the screen. Users can also specify how many times the screen must be locked before activating the password prompt. A typical passcode has four digits however they can be changed to a longer alphanumeric code by disabling the simple passcode option.
- Auto-Lock, iPad tracking and other Security Preferences:
The iPad2 comes with a find my iPad app that lets the user locate a stolen or lost iPad as long as it’s still operational. Users can also determine how many password attempts are acceptable before disabling the device or remotely erasing the data from the device. Try to avoid using the common passcodes like 1234 or 0000. The auto – lock will activate the lock automatically after the iPad is inactive for the amount of time specified by the user. If someone does happen to acquire your device then these appropriate security settings along with an adequate password will at least protect your information.
When surfing the Internet from your mobile device there are several options that provide extra protection. For example turning off the Auto-Fill option in the Safari Browser settings will disable the iPad from remember passwords or other critical information. You should also check to make sure that your pop-up blocker is turned on as well as the fraud warning feature. When it comes to accessing websites and email attachments be sure to practice good judgment. Users can also clear browsing history, cookies, and cache so that no information is stored.
It is extremely important that you perform all available updates not only for the iOS but for your iPad applications as well. Updates are often released to resolve vulnerabilities and to protect users against newly discovered malware like viruses and spyware. Updates for Apps can be performed by accessing the app store and selecting update all under the update menu.
- Backup Information on iTunes:
Performing routine backups in iTunes can help protect your information and prevent data loss. In the event that your data or device is lost, corrupted, or stolen, users will still have access to it on their PC’s. The upcoming iCloud can also be used to store backup information.
- Disable Bluetooth when not in use:
While not using Bluetooth it is recommended that you turn off the feature. Allowing Bluetooth channel to remain open can potentially create a vulnerability that is susceptible to intrusion.
- Extra Apps For Extra Security:
Consider purchasing apps that provide enhanced security. Here’s a list of 50 Security Apps that perform functions like storing passwords, activating alarms, monitoring business transactions, and safe web browsing.
Hope these tips help keep your device safe and your information protected. For more details check out Apple.com and keep an eye out for Apple iOS 5 this fall!
These security tips are not limited to only the iPad2, many of them can also be applied to the iPad, iPhone and iPod touch devices.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: Apple, device, Information Security, Ipad, iPad security, iPad2, password, protect, protection
Posted in Information Security, Mac, iPad | 1 Comment »
Wednesday, June 15th, 2011
It’s hard to miss all of the news headlines about hacker groups and security intrusions. These attacks now seem to be unavoidable even for Government agencies. For weeks now the public has been following the Sony Incident, which now appears to have been only the tip of the iceberg. Even the State Senate computers have fallen victim to a group of hackers known as Lulze Security.
Anonymous
In the past week both the Lulze Security group as well as the cyber group “Anonymous” have taken responsibility for several attacks. Lulze Security have claimed responsibility for the attacks on the Sony Picture’s website, PBS.com, Fox.com, and the DDoS attacks on game company Bethesda. According to thier LulzSec Twitter Page they are now apparently taking hacking request through a messaging hotline. As for Anonymous they have claimed to be responsible for the Bank of America attack, the Spanish Police Department attack, and are thought to be behind the Sony PSN disaster. To prove their infiltration on the Senate network Lulze Security has posted a list of files online along side their other postings. However, it was said that none of the data taken from the Senate’s network contained sensitive information. Although it’s not completely clear whether or not sensitive files were actually obtained, the intrusion itself displays the group’s capabilities and malicious intent.
Compared to last couple months, it seems that these types of attacks have changed direction moving from the acquisition of personal information to the infiltration of high powered and influential organizations. Besides gaining access to personal or financial information, perhaps these attacks are based on retaliation, display of power, or reputation. Speculation aside what’s truly concerning is the lack of security or the effectiveness of our current security.
Where is the security? Granted, these hackers are extremely clever and well versed when it comes to bypassing security measures but shouldn’t the current security for most organizations be able to slow them down at the very least?
Traditionally hackers or crackers are people who illegally obtain access to computers or computer networks to gain a profit, to protest, to expose security flaws, to challenge themselves, or to become infamous through their actions. As the hacking community continues to outperform one another as well as the security protocols of major businesses it is often the innocent consumers that pay the price.
There are different types of hackers along with different level of hackers. Not all hackers have the same attributes, some are good, some are bad, and some operate in the shades of gray. The following are the categories and characteristics commonly used to classify hackers.
White Hat: Also known as an ethical hacker this type performs intrusions for non-malicious purposes either contractually or to test their own personal security. They perform penetration/vulnerability tests to access the level of security and to improve it.
Black Hat: Represents the complete extreme to white hat hackers, they use their knowledge and ability to illegally infiltrate systems with malicious intent or for personal gain. These computer criminals identify a target, research their target, find security gaps, and then access it illegally. They perform hacks to destroy data, collect data for monetary value, or to build their reputation amongst the hacking community.
Gray Hat: As the name implies, a gray hat hacker is a combination of black and white hat tactics. A gray hat hacker may use black hat techniques to infiltrate a network for the purpose of identifying security flaws. Once identified, some hackers will offer a service fee to fix the vulnerabilities. This type of hacker acts under white hat motives but operates with black hat methods. Although these attacks occur without malicious intent they are still violating the organizations and individual privacy which can cause a lot of problems.
Black, white, and gray hat hackers are only the most basic breakdown, hackers can also be further identified by skill level, reputation, and intent. The following are different terms associated with these hackers.
Blue hat: Like a white hat hacker the blue hat hacker typically works with security consulting firms and is contacted to perform operational and system security testing.
Neophyte: Neophyte is used to describe someone that is a beginner to hacking and possesses very little knowledge or skills required for hacking.
Script kiddie: This category is made up of hackers who are more experienced than Neophytes but is still unable to devise their own methods of gaining access. They often rely on pre-packaged automated tools that are created by other hackers.
Elite Hacker: Is a name reserved for the most skillful and recognized hackers. These individuals or groups have built a reputation among the community. They continue to gain credibility by gaining access to harder targets, causing devastation, and being publicized by the news following their attacks.
Hacktivist: Also known as a cyber terrorist, with these hackers there are clear and present goals in mind to express a social, ideological, religious, or political point of view.
A typical system or network hack occurs in three steps, network enumerating, vulnerability scanning, and exploitation. Network enumeration is where information and the vulnerabilities are obtained using network scanners or enumerators. These are programs that report back information like user names, networked services, and shared resources. White hat hackers will use these reports to resolve the discovered security gaps whereas a black hat hacker would use them to gain deeper access. Vulnerability Analysis is when an attacker seeks out system flaws. To be vulnerable a system has to meet three conditions, it must have a flaw, the hacker has to have access to that flaw, and the hacker must be skillful enough to exploit that flaw. Lastly exploitation occurs by attempting to compromise the system through the flaws found in the vulnerability scan.
Some of the techniques hackers frequently use to gain access to a computer system or network are vulnerability scanning tools, password cracking, packet sniffing, spoofing or phishing, rootkit, social engineering, intimidation, helpfulness, name-dropping, Trojan horses, viruses, worms and key loggers.
Although the recent attacks have caused a lot of disruption and concern, hopefully something good will come from them like stronger security. Companies and organizations should view these attacks as a warning and take the time to strengthen their protection and conduct their own vulnerability testing while they still can. Not only is it important for major companies and Government agencies to be prepared but the individual users should be prepared as well. Computer users should make sure that they have sufficient computer security and keep up to date with the latest security news.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: anonymous, cyber attack, hack, hacker, Hackers, Information Security, lulze security, network access, system vulnerabilites
Posted in Information Security | No Comments »
Thursday, June 2nd, 2011
It has been over a month since Sony announced that the reason for the shutdown of their PlayStation Network service on April 20, 2011 was due to an external intrusion. On May 4, 2011 Sony had confirmed that the PSN Attack was able to obtain the personal information from over 100 million users. Following the hack, Sony remained confident and projected a short downtime for the network. Although Sony initially stated that they would fully restore their services by the end of the week, the recovery process experienced unforeseen problems.
from http://us.playstation.com/psn/, June 2011
After being disabled for approximately 23 days, on May 15, 2011 the Sony PlayStation Network began restoring parts of their service country by country. At this time the sign-in for the PSN/Qriocity services, online gameplay, rental content, third party services, friends list, and chat functionality were all restored. Missing from the services that were brought back online was the PlayStation Store. Once back online the network again faced an issue concerning the password reset page. It was discovered that the password reset process was enabling unauthorized users to change the passwords of other users provided that they had knowledge of their email address and date of birth. After the discovery of this exploit the network disabled the password reset pages and resumed working to restore the PlayStation Store.
Sony announced that they will be offering customers free content as a part of a “Welcome Back Program”. The free customer appreciation content will be available sometime shortly after full restoration. Sony has also stated that the cost of the network outages and restoration was $171 million which includes the costs of security enhancements, customer reimbursements, and loss of content sales.
Yesterday afternoon (June 1, 2011) the PlayStation Network posted on the PSN Blog that that the PlayStation Store was once again up and running. The PS Store is now offering new updates, downloadable games, demos, add-ons, themes, avatars, and videos. For now, Sony is still in the testing process for the welcome back program download and expects it to be available for users shortly. Another PSN update is currently scheduled for Friday June 3, 2011.
Sony executives have stated “no system is 100 percent secure”, having learned from this occurrence Sony has made several security improvements and created a new Chief Information Security Officer position. The PlayStation Network is not the only Sony service to suffer intrusion, in a separate incident Sony Ericsson was also hit. The Sony Ericsson Hack was said to have affected over 2,000 customers. According to The Huffington Post the servers at SonyPictures.com were also attacked on Thursday June 1, 2011. This hack obtain the the information of 1 million users which was later posted on a website by hacker group LulzSecurity. Other recent security breaches include the Lockheed Martin Cyber Attack, Google Gmail hack and the PBS hack, these hacks present a clear picture of how technology can be used to do harm and provide an even greater reason for companies to implement as many proactive security measures as possible.
Although Sony projected an $860 million profit in a February report the company is now projecting a $3.2 billion net loss for the year. The loss is a combined result of several network hacks, security upgrades, customer remuneration, tax credit write offs from the previous quarter, and disruption in production caused by the earthquake and tsunami in Japan.
Taking into consideration the hard times faced by Sony recently, will you continue to be a customer or have you lost all faith in them? Share your thoughts below.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: hack, Information Security, PlayStation, PlayStation Network, PlayStation Store, PSN, Sony, Sony PlayStation, Sony PSN
Posted in Information Security | No Comments »
Friday, May 27th, 2011
Recently the MacDefender Malware has created a lot of concerns for Mac users all around the world. Quickly spreading, the MacDefender Malware is a phishing scheme that presents a message that informs users that their system has been corrupted. The ploy goes on to tell Mac user that the only way to remove the viruses is to utilize the MacDefender app. The MacDefender malware can also appear as MacProtector and MacSecurity. The malware does not infect a user’s machines with viruses or monitor keystrokes. Their sole purpose is to frighten and persuade users to purchase the MacDefender application thus gaining access to the customer’s credit card information.
from http://www.Apple.com, May 2011
Mac has estimated that between 60,000 and 125,000 Mac users have already been exposed to this malware. Most users have encountered this problem through poisoned Google images. When users access a poisoned link, a page will launch and display a virus scan. After being transferred to the infected webpage the software begins to download and informs users of an infection. Previously the malware required permission to install but despite the efforts made by Mac a newer version of the malware has been created, which no longer needs the user’s permission. This MacDefender version automatically installs on a machine during the fake scan process.
Mac has yet to take action against the initial malware but has stated they will have a resolution with their next OS X Update. Mac states that they will “deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. Mac however has not addressed the new version of the malware and has also informed their support staff Not to assist users with MacDefender removal. Although the support staff has been instructed not to assist with its removal, Mac has provided the following on how to prevent the malware from installing and how to remove once installed.
Avoiding Installation:
- If users experience any notification concerning the mentioned security software, immediately exit the browser.
- If the browser fails to quit, perform a Forced Quit. To perform a force quit go to the Apple menu and choose force quit. Alternatively you can Force Quit by pressing Command+Option+Esc, and then choose unresponsive program followed by clicking force quit.
Removing the Application:
- In the event that the malware was automatically downloaded and launched, do not enter your administrator password.
- Do not provide your credit card information.
- Access your download folder and delete the application.
- Once the application is deleted make sure that you also permanently delete is in your trash folder.
- Close the Scan Window.
- Go to the Utilities folder in the Applications folder and launch Activity Monitor.
- Choose All Processes from the popup menu in the upper right corner of the window.
- Under the Process Name column, look for the name of the app and click to select it.
- Click the Quit Process button in the upper left corner of the window and select Quit.
- Quit the Activity Monitor application.
- Open the Applications folder, locate the app again, drag it to the trash, and permanently empty the Trash
In addition to the MacDefender app a login item is also placed in the user’s system preferences which can be removed by opening system preferences, selecting accounts, clicking login items, selecting remove and then clicking the minus button. Although it is not necessary it is advised that users to remove this login item.
Check back later as more details develop to learn more about the MacDefender malware and possible solutions.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: Information Security, mac, MacDefender, MacDefender Malware, malicious software, Malware, malware removal, phishing, virus removal
Posted in Information Security, Internet, Mac | No Comments »
Friday, May 20th, 2011
 In case it wasn’t bad enough that Facebook was discovered to be behind the recent Google smear campaign they now have to also deal with looming government regulations. Although it has only been a couple of days since it was announced that Facebook hired PR firm Burson-Marstellar to smear Google’s name, both companies have teamed up to take on the Social Networking Privacy Act (SB 242). Along with Google and Facebook, Twitter and Skype were also mentioned to have cosigned a letter strongly opposing the new bill.
This isn’t the first time that we have heard of the bill that was introduced by California Senate Majority Leader Ellen M. Corbett. The bill previously addressed the privacy and security for users under 13 but has since been amended to incorporate all users after initially facing heavy opposition. The motivation behind the legislation was to protect underage users, it’s estimated that although the Facebook age limit is set at 13, over 7.5 million users are under that age and 5 million of those users are even under the age of 10. The Polly Klaas Foundation found that over 42% of teens post personal identifiable information on social media sites which provides a solid foundation to Corbett’s concerns.
The Social Networking Privacy Act would require users to select and acknowledge their privacy settings before submitting their user registration. The default privacy setting would list only a user name and city of residence until that user decides to adjust their user settings. In Senate Majority Leader Corbett’s words “you shouldn’t have to sign in and give up your personal information before you get to the part where you say ‘please don’t share my personal information.”
Facebook CEO Mark Zuckerberg states that “making personal data public is the new social norm”. Currently Facebook requires users to provide their personal information prior to registering and once registered, users can then customize their privacy settings. Until adjusted the current default setting is to share the provided information with all other users. Since the option not to share your personal information is only available once the information is already out there, there is a strong argument for user privacy being at risk but does it warrant government regulation?
In addition to the legislation’s main goal of requiring social networking sites to provide a detailed privacy policy prior to registration the legislation also aims to provide parents with the ability to request the removal of their child’s personal information. The bill states that if these sites fail to comply within 48 hours of the request it will cost them $10,000 for each occurrence.
Given the Recent Headlines concerning Google and Facebook it is clear that the proposed legislation takes priority. Both companies feel that the bill is unnecessary and that government micro-management will likely cause more harm than good. Bills like this will suffocate the age of social networking and will often hinder the innovation of future technologies or businesses.
It’s understandable for government to feel the need to step in if there is a possibility of harm or danger but in this case there would seem to be better options. After all, users can still select the privacy option that they feel is adequate after they provide that information. As for the underage use aspect, if Facebook was to enact a default sharing option with only a user name and city, what is to stop the underage users from changing their privacy option to shared once they create the account?
Currently the Social Networking Privacy Act has passed a senate committee and is seeking a majority vote in the full senate. If passed there it will become full legislation and require final approval from the governor’s office.
How do you feel about government regulations on Facebook? Do Senator Majority Leader Corbett’s arguments justify these regulations?
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: Facebook, government, government regulation, Networking, privacy, privacy policy, regulation, social networking
Posted in Information Security, Social Networking | 1 Comment »
Friday, May 13th, 2011
Online security threats and system vulnerabilities will always be an issue on the Internet regardless of the amount of security we implement. As the security for major online companies gets smarter the hackers and computer viruses get more inventive as well. This balance is unlikely to disappear because there will always some kind of benefit for people who perform these destructive actions. Whether it is for notoriety, money, or information the effects of these actions require companies to be forward thinking and remain focused on the protection of their users.
Following the largely publicized PlayStation Network Hack a couple weeks ago, two other major websites experienced their own misfortune. For Google it was discovered that their images were replaced with malware and Facebook was also notified that their applications were unintentionally leaking information to third parties. Although these two incidents are completely different with one being pure mischief and the other being an oversight the two cases highlight severe vulnerabilities for major websites.
After weeks of user complaints Google identified that some of their Google Images search results were pointing users to webpages that forced misleading anti-virus scans and security alerts. The attackers apparently infiltrated high trending Google Image search results and planted their own PHP scripts to generate their own malicious content. Once their own PHP scripts were implemented the Google bots crawled and eventually displayed thumbnails for their bogus web pages. When clicked on, the image redirected users to a bad page. Google is currently working hard to remove all of the bad links. For more specific details on how and what was affected visit More on Google Image Poisoning.
Shortly after Google realized their security flaw, Facebook was notified by Symantec regarding their security issue. On Tuesday May 10, 2011 Symantec published that Facebook applications have been unintentionally leaking user information to third parties. Although it is impossible to pinpoint the exact number of affected users it is estimated that the information of hundreds of thousands of users could have been exposed. However Symantec and Facebook state that it is also possible that most of the third parties didn’t even realize the leaks.
The leaks occurred through access tokens which are basically authorization codes that are assigned once a user accepts or grants permission to a Facebook application. Once Facebook was notified of the leaks they implemented the necessary changes which are described in the Facebook Developers Blog. Concerned users can take their own actions to nullify any current access tokens by changing their account password. As mentioned although these leaks were accidental this incident provides a perfect example for the vulnerabilities that websites like Facebook still have even with good security.
Sometimes the bigger the company, the bigger the target. Security should always be a crucial aspect and top priority for any business. It is not only up to the major websites to try to stay head of the relentless security threats and system vulnerabilities, the individual users should do their part as well by being educated about online risks and by taking the appropriate precautions to remain safe.
Thanks for Reading and Have a Great Day!
Dustin
ComputerFitness.com
Providing Tech Support for Businesses in Maryland
Tags: Facebook, google, google images, Information Security, Malware, security threats, users, vulnerabilities, website
Posted in Information Security | No Comments »
|
