Showing posts with label cyber security. Show all posts
Showing posts with label cyber security. Show all posts

Tuesday, November 26, 2013

Yes! You are HACKED! (PART-3)

Yes! We are back with the PART 3 of the series 'Yes! You are Hacked!'
In case you missed the earlier posts. you reach both PART-1 and PART-2 here.

So after having posted the 4 signs of your system being compromised, here comes the fifth and the sixth!

Sure sign of system compromise No. 5: Your friends receive fake emails from your email account
This is the one scenario where you might be OK. It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

Sunday, November 17, 2013

Yes! you are HACKED! (PART-2)

Missed PART-1? Read it HERE!
So, here comes PART-2 of 'Yes! You are HACKED!' series. Read on, it may be possible that you may be a victim and you don't know!

Sure sign of system compromise No. 3: Redirected Internet searches
Many hackers make their living by redirecting your browser somewhere other than where you want to go. A hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from a malicious redirection.

You can often spot this type of malware by typing a few related, very common words (for example, "puppy" or "goldfish") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.

Saturday, November 09, 2013

Yes! you are HACKED! (PART-1)

Here are 11 sure signs you've been hacked and what to do in the event of compromise. Note that in all cases, the No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a Restore button. Either way, a compromised computer can never be fully trusted again. The recovery steps listed in each category below are the recommendations to follow if you don't want to do a full restore -- but again, a full restore is always a better option, risk-wise.

Wednesday, May 15, 2013

Computer attacked?

!!..Signs That Your Home Computer Is Infected By Spyware or Adware..!!

There are a number of indicators you can watch for which will suggest that your computer has been infected by spyware or adware. Please note that some of the symptoms listed below are not unique to just a spyware or an adware infection.

1) PC Performance – Both Spyware and adware consume your PC's resource like computer memory. Abad spyware infection could dramatically slow your computer'sperformance including causing your system's to become increasingly unstable. Spyware also can affect your internet connection speed as it takes up bandwidth to communicate information back to its creator.

2) Pop up Ads – It is highly likely thatyour computer is infected by Adware if you notice more pop upads appearing than usual. In some cases pop ads start appearing on the desktop even if you have not opened a web browser. Alternatively, search results may appear in a pop up or another browser window relative to the website you are visiting or keyword term you have typed intoa search engine.

3) Browser Toolbars – These programs are commonly bundled with free software which the publisher often describes as "advertiser supported." The toolbar then feeds adverts based on the website you visit. They are usually very difficult to uninstall. "180 Search Assistant" and "Huntbar" are example programs.

4) Browser Settings – Your internet favourites or bookmarks and startpage are two main settings whichare targeted by spyware authors. Web sites are inserted into your list of internet favourites in the hope that you will visit them. Browser hijackers change the start page which is visited when the browser loads. Any unexpected change to your start page is a sign of infection.

5) StartUp Programs – Some spyware variants will try to add themselves to your Windows start up program list. If you boot up time becomes noticeably slower then review your program start up list to check for applications you are not familiar with and remove them. This program list can be review using the " MS Config" option from the Windows XP Run command.

6) Software Failure – A spyware infection can cause someof your programs to crash or stopworking. In particular watch if your Internet Explorer browser refuses to work all of a sudden.

7)Hosts File Changes – The Hosts Fileis a Windows file that maps the numerical IP Address to the Host Name very much like the address book on your cell phone "maps" your friend's name to their telephone number. Some spywareprograms can change these setting so that when you type in"www." for example you are re- directed the spyware author's website.

Monday, March 04, 2013

Tips to make your Password Hack-proof

Rarely does a week go by without news of another hacking incident, whether it's Chinese hackers accused of breaking in to The New York Times' computer systems or Burger King finding its Twitter account taken over by pranksters. More serious are the hacking incidents that involve money thefts.

Security threats aren't new and have long been part of online life. But the increased attention on them makes now a good time to review ways you can protect yourself. If nothing here feels new, that's good, as it means you've been doing the things you need to do to keep your accounts safe from hackers. 

One of the best things you can do is to make sure your password is strong.
  • Make your password long. The recommended minimum is eight characters, but 14 is better and 25 is even better than that. Some services have character limits on passwords, though.
  •  Use combinations of letters and numbers, upper and lower case and symbols such as the exclamation mark. Some services won't let you do all of that, but try to vary it as much as you can. "PaSsWoRd!43" is far better than "password43."
  • Avoid words that are in dictionaries, even if you add numbers and symbols. There are programs that can crack passwords by going through databases of known words. One trick is to add numbers in the middle of a word - as in "pas123swor456d" instead of "password123456." Another is to think of a sentence and use just the first letter of each word - as in "tqbfjotld" for "the quick brown fox jumps over the lazy dog."
  • Substitute characters. For instance, use the number zero instead of the letter O, or replace the S with a dollar sign. Although do not keep your password as "Pa$$w0rd". That's the most common password and the hackers tend to crack these kind of word combinations easily. Use complex words instead.
  • Avoid easy-to-guess words, even if they aren't in the dictionary.

Passwords- You should never keep

  • You shouldn't use your name, company name or hometown, for instance. 
  • Avoid pets and relatives' names, too. 
  • Avoid things that can be looked up, such as your birthday or ZIP code.
  • As a reminder, you should also avoid "password" as the password, or consecutive keys on the keyboard, such as "1234" or "qwerty."
  • Never reuse passwords on other accounts - with two exceptions. Over the years, I've managed to create hundreds of accounts. Many are for one-time use, such as when a newspaper website requires me to register to read the full story. It's OK to use simple passwords and repeat them in those types of situations, as long as the password isn't unlocking features that involve credit cards or posting on a message board. That will let you focus on keeping passwords to the more essential accounts strong.
Store your passwords digitally. Learn how.

Sunday, March 03, 2013

Threat: Android Vulnerability

While Android comes in with the flexibility of installing apps from "Unknown Sources"  mobile users are actively searching for software from suspicious sources and taking no precautions when launching an unknown programme - all of which makes it easier for cyber criminals to infect the devices.

According to a survey, Over 99% of new threats found in 2012 targeted Android-based smartphones and tablets, with less than 1% aimed at devices running Symbian and BlackBerry operating systems or supporting the mobile version of Java.

 The most widespread Android threats can be divided into three major groups

  • SMS trojans
  • stealing money by sending premium texts, adware, and exploits to gain root access that give full access to the device and any data stored on it
  • Android malware- mobile Botnet nicknamed Foncy that enables the cyber criminals to gain control of mobile devices.

How to prevent such attacks?

  1. Remove all the applications from the Android device that are not downloaded from the Google Play store
  2. Disable "unknown sources" installations.
  3. Always remember to read all the "Permissions" before installing any application.

Disabling installations from unknown sources


Uncheck the "Unknown Sources" option.

Saturday, February 02, 2013

Evil Twin Attacks

The risks of the Evil Twin network

*       The owner of the rogue connection network possessing the same SSID can launch man-in-the-middle (MITM) attacks to intercept any data that is exchanged to and from the device.

*     Free programs over the Internet give the attacker the ability to decode web access packets to reveal login IDs and passwords in clear text.

*    The attacker can gain control over email accounts and social networks, scan the contacts list, view text messages and more.

*    An attacker can also send a spoof SMS that claims to be from someone on the contacts list of the device.

*    The attacker can trick the user into visiting a page that looks genuine, but is actually a page that phishes for personal and financial information.

*    The attacker can install key-loggers on your device, that will send him whatever keys you press on your keyboard, including your passwords and credit card information.

Friday, February 01, 2013

Turn your Wifi-Off

Wifi Rogue Connection

Many users are under the misconception that leaving their smartphone WiFi switched ON only leads to a persistent battery drain. While this is not inaccurate, the truth is that there is another threat to be aware of. This is the threat of the ‘evil twin’.
Anyone who has used WiFi on a smartphone knows that once a network SSID (the name of the network itself) and other details have been entered, the device automatically connects to this network whenever it is in range. This makes one wonder what happens when there is no visible network in range when the WiFi is turned ON.

The smartphone sends and receives probing requests
Once the WiFi has been enabled on a device, it scans the airwaves for all available networks in the vicinity in two simultaneous ways. Passive scanning occurs when the device listens for networks that broadcast themselves and Active scanning occurs when the device actively probes for all networks that it has connected to in the past. This discovery process is carried out constantly until the device finds a network to connect to.

The dangers of probing requests
While this in itself is not a threatening scenario for users, the real issue here is that when the device probes for networks it actively broadcasts the various network SSIDs it prefers. An attacker can obtain this information easily and this reveals the unaware users’ preferred networks and other location sensitive data.

Wifi rogue connection
WiFi Evil Twin wherein your device can be connect to a network without informing you, or without your permission.

Advanced attackers can take this a step further and create a rogue connection, or an evil twin, which possesses the exact same SSID that the device is scanning for. Thus he can force the device to connect to his network and this enables him to intercept and transfer information with consummate ease. If you think this is extremely complex to achieve then you will be surprised to learn that all an attacker needs is a functional router and some freely available software to accomplish this.

Continue Reading...

Friday, January 25, 2013

Generations Of Anti-virus Softwares

The key characteristics of the generation of anti-virus software are as follows:

  • 1st Generation   These anti-virus software programs were called as simple scanners. They needed a virus signature to identify a virus. A variation of such programs kept a watch on the length of programs and looked for changes so as to possibly identify a virus attack.

  • 2nd Generation   These antivirus software programs did not rely on simple virus signatures. Rather, they used some rules to look for possible virus attacks. The basic idea was to look for code blocks that were commonly associated with viruses. For example, such programs can look for encryption key used by a virus, decrypt it, and remove the virus and clean the code. Another variation of these anti-virus programs used to store some identification about the file to detect changes in the contents of the file.

  • 3rd Generation    These anti-virus software programs were memory resident. They watched for viruses based on their actions, rather than their structure. Thus, it is not necessary to maintain a large database of virus signatures. Instead, focus on keeping a watch on a small number of suspect actions.

  • 4th Generation These anti-virus software programs package many anti-virus techniques together(example scanning, monitoring, filtering). They also contain access control features, thus defeating the attempts of a virus to infect the files.

Friday, January 18, 2013

Different Types of Virus

Virus can be classified into the following categories:
  • Boot Sector Virus: This type of virus infects the master boot record of the disk and spreads onto the disk, when the operating system is loaded into the memory of the computer, that is, when the OS starts booting the computer.
  • Parasitic Virus: This is the most common form of virus which attaches itself to executable(.exe) files and keeps replicating. It can also search for more executable files to attach itself to and infect them.
  • Memory-resident Virus: It first attaches itself inside the main memory(or RAM) and then infects every executable file that is inside the memory and being currently executed.
  • Stealth Virus: The most intelligent virus-it can protect itself by anti-virus software detecting them.
  • Polymorphic Virus: A virus that keeps changing its identity(also called signature) every time it is executed, making it difficult to detect.
  • Metaphoric Virus: In addition to what Polymorphic Virus does, this virus keeps rewriting itself, making it even harder to detect.
You may also like Different Phases of a Virus!