Removing Fake Spywares Manually

Fake anti-viruses are the most important and dangerous infections from which we need to be cautious about. They keep pestering us with pop-ups showing many risks and show us to purchase a full version of it when we click on clean infections. This includes spy wares that take access of most of the system processes and disable most of the trouble shooting tool in windows. Since they take spy on computers after getting installed they are called Spy wares. These fake anti-viruses are created by hackers trying to steal your money using the tactics: fake alerts, wrong scan results and Interfaces that look similar to popular anti-virus software. They will make PC run slow. This can infect operating systems XP, Vista and win-7 

 

Read More

Fake Anti-Viruses

Anti virus is a basic security tool that protects us from any kind of  viruses. There are more than 145 different anti- virus companies in the market that helps us protect our conputers.


Taking an advantage of these, many people are trying to create fake versions of those that are there in the market which is actually a risk that no one can find so easily and even the anti-virus companies are facing a uphill task to update their definitions for the newly created fake anti-viruses.

Read More

Facebook: Risky Communication!

A group of scientists has demonstrated the possibility of stripping away the anonymity from significant numbers of users of popular social networking sites. Any technology allowing the identification of users of social networking sites, the collection of data about their habits and the prediction of their behavior can be used to cause harm. For example, such data can reveal a user’s sexual habits, or render somebody open to blackmail. But despite the fact that this threat is well known, very little has been done to prevent it.

The researchers demonstrated the possibility of this type of attack by identifying a user who was simply browsing the web. An attacker can probe the victim’s browser history for any URLs that may reveal membership of any social networking groups. By combining this information with previously collected data it is possible to identify any user of a social network who happens to visit the attacker’s website. In many cases, this allows the attacker running the malicious website to uniquely identify his visitors by the names which they use in their corresponding social networking profiles.

 

This type of attack requires very little effort to carry out and has the potential to affect many millions of registered social networking users who have group memberships.

Ref: iseclab.org/papers/sonda-TR.pdf

Read More

Using Shortened URLs: Security Risks

URL shortening services such as TinyURL.com and Bit.ly are becoming trendy attack methods. We all share website links with each other through emails, blogs, social media sites, book marking websites and word of mouth and we rarely, if ever, think about the potential security risk this simple act can raise. You may not want to automatically click on the shortened URL after you read this.

What is URL Shortening?

The compacted URLs produced by services such as TinyURL.com, bit.ly, is fine, and many others are convenient and save space, but they can also be used to hide the identity of malicious sites. The idea behind URL shortening or link shortening is very simple, take a long URL and encrypt it to produce a shorter URL. This is what URL shortening services do.

Security Risks

• Allow spammers to override spam filters as domain names like TinyURL are automatically trusted.
• Prevent users from checking for suspect URLs by obfuscating the actual Web-site URL.
• Redirect users to phishing websites in order to get sensitive personal information.
• Redirect users to malicious websites, just waiting to download malware.

Fortunately, there are several ways to look behind a shortened URL to see exactly where the link will take you - before you click it! Every URL-shortening service I'm aware of offers one or more ways to preview the real destination of a shortened link.

For example, here's a typical bit.ly URL that I created. All it does is take you to the http://www.techsupp247.com/ home page, but there's no way to know that in advance - it's a blind link:

bit.ly/tsp247

So you want to see where the link really goes before you click it.  It's easy: all you have to do is copy the link, paste it into the address bar of any browser window or tab, and add a plus sign to the end, like this:

bit.ly/tsp247+

Adding a plus sign to the end of any bit.ly URL brings you to a special bit.ly page that shows you information about the link, including the full, expanded URL. Using the information on that bit.ly page, you can decide whether the link is safe and worth following.

TinyURL has a similar option. But instead of adding a plus sign at the end of a link, you prepend the word preview. For example, here's a regular TinyURL link to the Windows Secrets home page:

http://tinyurl.com/TS247

Copy that link into the address bar of your browser and add the word preview:

http://preview.tinyurl.com/TS247

Now the link will bring you to a preview page that displays the full, expanded URL. Like all the other major URL-shortening services, TinyURL offers an easy way (circled in green) to preview the true destination of a shortened link.

All the major URL-shortening services have similar ways of letting you preview what's behind their URLs.
If you're checking lots of links, it can be tedious process to manually copy, paste, and edit URLs. Several sites offer automated scripts to make things a bit easier. For example, when you encounter a suspicious short URL, you can try Longurl.org, ExpandMyURL.com, or LongURLPlease.com

Firefox users can install the bit.ly preview add-on to allow previewing of short URLs without needing to leave the page you're on. Despite the name, the add-on works for many URL-shorteners - not just bit.ly. Chrome users can also download a similar extension for that browser. There is no fully automated preview tool for Internet Explorer, although several URL-shortening apps are available in the Microsoft IE Add-ons Gallery. Just type url into the search bar.

Conclusion

URL shortening is a useful and convenient service; just make sure you exercise some common sense and an ounce of caution to avoid being exploited by a shortened URL. Many industry experts say that we shouldn’t click on active links, whether they’re in e-mail messages, IM messages, or tweets. That’s an unrealistic expectation; so just make sure to approach links with caution. If possible, use one of the preview features to check out the link first.

Read More

Businesses - corporate under attack!

It is interesting to note that malware specifically designed to target corporate information systems does not exist. The tools of the hackers’ trade remain the same regardless of whether the target is a private individual or a company, the only real difference is the scale of damage, so companies have to pay particular attention to their own protective measures. The cybercriminals are far more interested in attacking companies than private individuals as the potential rewards from such attacks are considerably higher. It is very rare indeed for a hacker or virus writer to work for nothing. Usually when they feel the need to put their professional abilities to the test they try to ensure that their efforts are duly remunerated. Hackers that attack companies generally do so for the following reasons:

• To steal confidential information, including financial, with a view to profiting from its usage or resale,  for example, databases belonging to financial organizations 
• To disable a company’s IT infrastructure with a view to extorting money from that company for returning its IT infrastructure to operational condition. Additionally, a hacker may want to do damage to a company’s reputation or interrupt their business processes by the use of DDOS attacks
• To use the IT resources of one company for the purpose of attacking other companies.

“Cybercriminals do not have to attack a whole organization to get their hands on financial or confidential information. It is much simpler to carry out an attack by targeting an individual victim in an administration or HR department where the level of computer literacy is usually fairly low”

Methods of attack

How do cybercriminals gain access to corporate information? What vectors of attack do they choose?

The Structure of a typical corporate network
is usually much more complex than the one
displayed in the picture

Networks belonging to large enterprises with geographically diverse subdivisions have equipment located in different towns and sometimes even different countries, as well as hundreds of kilometers of communications cables. All this makes it very difficult to prevent unauthorized network access or the interception of confidential information transmitted over the network.

Hacking can occur on both private and publicly accessible sections of a network – usually the Internet. In such a case, the cybercriminal does not need to be physically near the hacked channel, using hackers tools and methods available on the Internet it is possible to hack a network remotely.

A hacker does not usually need
direct access to the target
computer within an organization:
these days attacks are carried out
remotely via the Internet

Probably the most popular method for infecting computers is via the use of programs called Trojans which infiltrate a target machine through malware links in spam, instant messaging, and the exploitation of vulnerabilities in different software applications.

Of all of the abovementioned methods of infection, it is the vulnerabilities in software that is one of the biggest problems within the corporate environment. Large corporate networks are made up of a huge number of component parts: workstations, servers, laptops, smartphones, all of which may operate under the control of a different operating system.

Another loophole used by the criminals is the multiplicity of staff and the resulting multiplicity of computer network users and access points. The larger the numbers of end-users and nodes, the more chance there is of an accidental oversight in security procedures or an intentional violation of security policy. Unfortunately, companies rarely do have all-encompassing security policies in place, thus the cybercriminals continue to actively abuse the situation and commit targeted attacks.

Education

One of the keys to successfully minimizing corporate attacks is to educate staff on a constant basis, and not just technical staff, but administrative staff too. Obviously, when a user has no real knowledge of the basic rules of computer security there can be no guarantee that hackers won’t be able to enter the corporate network. It is imperative to teach the staff to think twice and remain cautious.

Read More

Dangerous Clouds!

The non-profit Cloud Security Alliance has published a report defining the foremost cloud security threats.

Cloud computing is a kind of distributed system whereby all computer resources are provided to the users in the form of Internet services. As the technology becomes more and more popular, criminals use it to improve their reach, avoid detection and increase the effectiveness of their activities. Enterprise and home users need to better understand the risks associated with the adoption of cloud computing.

The authors of the report identified the following seven threats:

1. Abuse and nefarious use of cloud computing

Providers of infrastructure as a service offer their customers the illusion of unlimited compute, network and storage capacity, often coupled with a frictionless registration process where anyone with a valid credit card can register and immediately begin using cloud services. Some providers even offer free limited trial periods. By abusing the relative anonymity behind these registration and usage models, spammers, malicious code authors and other criminals have been able to conduct their activities with relative impunity.

2. Insecure Application Programming Interfaces

Cloud computing providers expose a set of APIs that customers use to manage and interact with cloud services. Provisioning, management, orchestration and monitoring are all performed using these interfaces. The security and availability of general cloud services is dependent upon the security of these basic APIs.

3.Malicious insiders

This threat is amplified for consumers of cloud services by the convergence of IT services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure.

4. Shared technology vulnerabilities

Cloud computing vendors deliver their services in a scalable way by sharing infrastructure. Often, the underlying components that make up this infrastructure were not designed to offer strong isolation properties for a multi-tenant architecture. To address this gap, a virtualization hypervisor mediates access between guest operating systems and the physical compute resources. Still, even hypervisors have exhibited flaws that have enabled guest operating systems to gain inappropriate levels of control or influence on the underlying platform.

5. Data loss/leakage

The threat of data compromise increases in the cloud. Examples include insufficient authentication, authorization or audit controls, operational failures and data center reliability.

6. Account, service & traffic hijacking

Cloud solutions add a new threat to the landscape. If an attacker gains access to your credentials in the cloud, they can manipulate data, eavesdrop on your activities and transactions, return falsified information and redirect your clients to illegitimate sites. Your account or service instances may become a new base for the attacker. From here, they may leverage the power of your reputation to launch subsequent attacks

7. Unknown risk profile

One of the ideas of Cloud Computing is the reduction of hardware and software ownership and maintenance to allow companies to focus on their core business. This has clear financial and operational benefits, which must be weighed carefully against the contradictory security concerns — complicated by the fact that cloud deployments are driven by groups who may lose track of the security ramifications.

These threats described are not listed in order of severity.

Read More

CLOUD COMPUTING: AntiVirus in the CLOUD?

             Practically all of the major antivirus companies have started using in-the-cloud technologies or are planning to use them in the nearest future. Despite the undoubted advantage with regard to the struggle against attacks, in-the-cloud technologies are themselves sure to be a prime target for the cybercriminals.

The eternal conflict between virus and antivirus has, up to the present moment, been largely going on at the level of files and processes on the end users’ machines. Malware programs have been trying to destroy the antivirus system by different means or attempting to persuade the user to switch it off themselves.

With the beginning of cloud- technology detection and categorization, a new front has opened up in this war. Malware programs, or to be more precise – their authors, will have to solve the problem of attacking the cloud. Although technologically it is practically impossible to destroy the cloud, direct mass DDoS attacks aside, it is quite vulnerable in terms of its own functionality - receiving, processing and sending information to and from the end users.

Problems within the very architecture of the majority of antivirus clouds will be actively used by the cybercriminals, and the first examples of such actions can be seen already. The most widespread and simple method of disabling cloud technologies is to block computer access to the cloud. More complex methods include the substitution of data –with the aim of ‘trashing’ the cloud with false information, as well as modification of the data received from the cloud.

Such ‘trashing’ is probably the most dangerous threat. Blocking access to the cloud or the modification of responses from the cloud specifically affects only infected users, but inputting false data into the cloud
will influence every single user. This would bring with it not only an absence of detection, but also to a more serious problem – false positives, which would lead to a general decline in the level of trust in cloud-based technologies and to the necessity to revise or alter their performance algorithms.

With the increase in the number of antivirus technologies that operate using in-the-cloud technologies, there will be a constant quantified and qualified growth in the number of attacks upon them from malware programs on clients’ computers, and additionally with the help of special services, supported by the cybercriminals.

Read More