Installing Anti-Virus

Different Anti-Virus companies Compatible with Win7

An anti-virus will have a set-up file that will install the program. Before we install it we will have to check many things that need to be unchecked, disabled or enabled. Even uninstalling have to be done using some tools else it will not be removed completely and it will be there in registry which creates some problems in future.

Read More

Things to look for in selecting an Anti-virus Program

Features of a Good Anti-Virus:

Things we need to look for,when we purchase an anti-virus are: 

• Good scanning engine
• Behavioral Scanning feature 
• Resource friendly
• Install and uninstall without any problems
• No conflicts with other software
• Boot level Scanning
• Last but not least, User friendly and Operating system flexible

We need to look for its scanning engine; how deep it scans the computer, whether it scans the system files, compressed files etc.. Also different scanning options, like Quick scan, Full Scan, Custom scan.

Now a days we are getting scanning options like root-kit scanning malware scanning built in to the original scanning module. This avoids purchasing an additional protection software for that infections.

This is another point we need to look for. Internet security is one other thing that has led to the concept of Firewall. Firewall is a tool that monitors that network traffic. We can have some ports blocked or allowed using a firewall. It helps us protect our computer from hackers

Browser and Email protection:  Companies have doubled their ideas and came up with concept of Email Client and browser protection. Browser protection comes with different names like site advisor, safe search, Identity protection etc.. Email protection helps us in preventing unwanted junk files to be filtered and deleted including spam.

However, it is our duty not to open any mails that are from unknown senders and that has links that lead to infiltration of different infections. Spammers always try to send spam mails that will always attract our attention.

Internet Security comes with parental control as well. It is a good tool to monitor kids and help them use the Internet safely. 

End of the day, though we use any good anti virus it is our responsibility to be careful in opening sites that are risky and protecting our programs, network and files with a password. Last but not least look for compatibility with your operating system. For instance if we purchase a security program that is compatible with XP computer it is not compatible with vista. So please take some time in looking for these things in an anti-virus program and go for it.

Read More

Removing Fake Spywares Manually

Fake anti-viruses are the most important and dangerous infections from which we need to be cautious about. They keep pestering us with pop-ups showing many risks and show us to purchase a full version of it when we click on clean infections. This includes spy wares that take access of most of the system processes and disable most of the trouble shooting tool in windows. Since they take spy on computers after getting installed they are called Spy wares. These fake anti-viruses are created by hackers trying to steal your money using the tactics: fake alerts, wrong scan results and Interfaces that look similar to popular anti-virus software. They will make PC run slow. This can infect operating systems XP, Vista and win-7 

 

Read More

Fake Anti-Viruses

Anti virus is a basic security tool that protects us from any kind of  viruses. There are more than 145 different anti- virus companies in the market that helps us protect our conputers.


Taking an advantage of these, many people are trying to create fake versions of those that are there in the market which is actually a risk that no one can find so easily and even the anti-virus companies are facing a uphill task to update their definitions for the newly created fake anti-viruses.

Read More

Facebook: Risky Communication!

A group of scientists has demonstrated the possibility of stripping away the anonymity from significant numbers of users of popular social networking sites. Any technology allowing the identification of users of social networking sites, the collection of data about their habits and the prediction of their behavior can be used to cause harm. For example, such data can reveal a user’s sexual habits, or render somebody open to blackmail. But despite the fact that this threat is well known, very little has been done to prevent it.

The researchers demonstrated the possibility of this type of attack by identifying a user who was simply browsing the web. An attacker can probe the victim’s browser history for any URLs that may reveal membership of any social networking groups. By combining this information with previously collected data it is possible to identify any user of a social network who happens to visit the attacker’s website. In many cases, this allows the attacker running the malicious website to uniquely identify his visitors by the names which they use in their corresponding social networking profiles.

 

This type of attack requires very little effort to carry out and has the potential to affect many millions of registered social networking users who have group memberships.

Ref: iseclab.org/papers/sonda-TR.pdf

Read More

Using Shortened URLs: Security Risks

URL shortening services such as TinyURL.com and Bit.ly are becoming trendy attack methods. We all share website links with each other through emails, blogs, social media sites, book marking websites and word of mouth and we rarely, if ever, think about the potential security risk this simple act can raise. You may not want to automatically click on the shortened URL after you read this.

What is URL Shortening?

The compacted URLs produced by services such as TinyURL.com, bit.ly, is fine, and many others are convenient and save space, but they can also be used to hide the identity of malicious sites. The idea behind URL shortening or link shortening is very simple, take a long URL and encrypt it to produce a shorter URL. This is what URL shortening services do.

Security Risks

• Allow spammers to override spam filters as domain names like TinyURL are automatically trusted.
• Prevent users from checking for suspect URLs by obfuscating the actual Web-site URL.
• Redirect users to phishing websites in order to get sensitive personal information.
• Redirect users to malicious websites, just waiting to download malware.

Fortunately, there are several ways to look behind a shortened URL to see exactly where the link will take you - before you click it! Every URL-shortening service I'm aware of offers one or more ways to preview the real destination of a shortened link.

For example, here's a typical bit.ly URL that I created. All it does is take you to the http://www.techsupp247.com/ home page, but there's no way to know that in advance - it's a blind link:

bit.ly/tsp247

So you want to see where the link really goes before you click it.  It's easy: all you have to do is copy the link, paste it into the address bar of any browser window or tab, and add a plus sign to the end, like this:

bit.ly/tsp247+

Adding a plus sign to the end of any bit.ly URL brings you to a special bit.ly page that shows you information about the link, including the full, expanded URL. Using the information on that bit.ly page, you can decide whether the link is safe and worth following.

TinyURL has a similar option. But instead of adding a plus sign at the end of a link, you prepend the word preview. For example, here's a regular TinyURL link to the Windows Secrets home page:

http://tinyurl.com/TS247

Copy that link into the address bar of your browser and add the word preview:

http://preview.tinyurl.com/TS247

Now the link will bring you to a preview page that displays the full, expanded URL. Like all the other major URL-shortening services, TinyURL offers an easy way (circled in green) to preview the true destination of a shortened link.

All the major URL-shortening services have similar ways of letting you preview what's behind their URLs.
If you're checking lots of links, it can be tedious process to manually copy, paste, and edit URLs. Several sites offer automated scripts to make things a bit easier. For example, when you encounter a suspicious short URL, you can try Longurl.org, ExpandMyURL.com, or LongURLPlease.com

Firefox users can install the bit.ly preview add-on to allow previewing of short URLs without needing to leave the page you're on. Despite the name, the add-on works for many URL-shorteners - not just bit.ly. Chrome users can also download a similar extension for that browser. There is no fully automated preview tool for Internet Explorer, although several URL-shortening apps are available in the Microsoft IE Add-ons Gallery. Just type url into the search bar.

Conclusion

URL shortening is a useful and convenient service; just make sure you exercise some common sense and an ounce of caution to avoid being exploited by a shortened URL. Many industry experts say that we shouldn’t click on active links, whether they’re in e-mail messages, IM messages, or tweets. That’s an unrealistic expectation; so just make sure to approach links with caution. If possible, use one of the preview features to check out the link first.

Read More

Businesses - corporate under attack!

It is interesting to note that malware specifically designed to target corporate information systems does not exist. The tools of the hackers’ trade remain the same regardless of whether the target is a private individual or a company, the only real difference is the scale of damage, so companies have to pay particular attention to their own protective measures. The cybercriminals are far more interested in attacking companies than private individuals as the potential rewards from such attacks are considerably higher. It is very rare indeed for a hacker or virus writer to work for nothing. Usually when they feel the need to put their professional abilities to the test they try to ensure that their efforts are duly remunerated. Hackers that attack companies generally do so for the following reasons:

• To steal confidential information, including financial, with a view to profiting from its usage or resale,  for example, databases belonging to financial organizations 
• To disable a company’s IT infrastructure with a view to extorting money from that company for returning its IT infrastructure to operational condition. Additionally, a hacker may want to do damage to a company’s reputation or interrupt their business processes by the use of DDOS attacks
• To use the IT resources of one company for the purpose of attacking other companies.

“Cybercriminals do not have to attack a whole organization to get their hands on financial or confidential information. It is much simpler to carry out an attack by targeting an individual victim in an administration or HR department where the level of computer literacy is usually fairly low”

Methods of attack

How do cybercriminals gain access to corporate information? What vectors of attack do they choose?

The Structure of a typical corporate network
is usually much more complex than the one
displayed in the picture

Networks belonging to large enterprises with geographically diverse subdivisions have equipment located in different towns and sometimes even different countries, as well as hundreds of kilometers of communications cables. All this makes it very difficult to prevent unauthorized network access or the interception of confidential information transmitted over the network.

Hacking can occur on both private and publicly accessible sections of a network – usually the Internet. In such a case, the cybercriminal does not need to be physically near the hacked channel, using hackers tools and methods available on the Internet it is possible to hack a network remotely.

A hacker does not usually need
direct access to the target
computer within an organization:
these days attacks are carried out
remotely via the Internet

Probably the most popular method for infecting computers is via the use of programs called Trojans which infiltrate a target machine through malware links in spam, instant messaging, and the exploitation of vulnerabilities in different software applications.

Of all of the abovementioned methods of infection, it is the vulnerabilities in software that is one of the biggest problems within the corporate environment. Large corporate networks are made up of a huge number of component parts: workstations, servers, laptops, smartphones, all of which may operate under the control of a different operating system.

Another loophole used by the criminals is the multiplicity of staff and the resulting multiplicity of computer network users and access points. The larger the numbers of end-users and nodes, the more chance there is of an accidental oversight in security procedures or an intentional violation of security policy. Unfortunately, companies rarely do have all-encompassing security policies in place, thus the cybercriminals continue to actively abuse the situation and commit targeted attacks.

Education

One of the keys to successfully minimizing corporate attacks is to educate staff on a constant basis, and not just technical staff, but administrative staff too. Obviously, when a user has no real knowledge of the basic rules of computer security there can be no guarantee that hackers won’t be able to enter the corporate network. It is imperative to teach the staff to think twice and remain cautious.

Read More