Archive for Security

RB | February 14, 2012
One comment

Schools Riskiest for Computer Theft

Computer theftAbsolute Software Corporation (ABT), is a Vancouver, Canada based  computer security and end-point management firm. The company founded in 1993 provides firmware-based, computer theft recovery, data protection and secure computer life-cycle management systems identified the top 10 target areas for the theft of mobile computers.

Absolute SoftwareThe maker of LoJack for Laptops told ITnewsLink that the top 10 list reveals that consumer computers are more likely to be stolen while at school or home. The list is based on theft reports filed to the Absolute Theft Recovery Team by Absolute customers over a one-year period. With the holidays approaching, Absolute is warning that the risk of computers being stolen from the home is higher than what many consumers perceive.

“The trends in this list may surprise some computer owners. They often think of security issues only when they are on the move,” said Mark Grace, vice president of consumer business at Absolute Software. “However, with schools and residences topping the list of places computers are stolen, owners need to be extra cautious, particularly around the holidays when home burglaries often increase.”

Top 10 Places Consumer Computers Are Stolen

Typing class1. K-12 Schools
2. Residential Properties
3. Automobiles
4. Businesses/Offices
5. Universities and Colleges
6. Hotels and Motels
7. Restaurants and Cafes
8. Stores and Shopping Malls
9. Public Transit (includes taxis, buses, trains, etc)
10. Airports (terminals, security checkpoints, storage areas and airport restaurants

rb-

The Absolute software offers several advantages. When a device is reported stolen a signal is sent that freezes the computer and display a custom message for whoever finds it. In order to prevent identity theft unauthorized users cannot access the content on the computer, and even delete files, including the operating system. If a computer is stolen, the Absolute Theft Recovery Team will work with local law enforcement to recover it.

Related articles
Enhanced by Zemanta
Category: PC, Security | Tags: , , , , , ,
RB | February 9, 2012
One comment

Social Networking Safety Tips

Social networkingIn case you have lived under a rock, social networks are very popular.  LinkedIn (LNKD) has over 100 million users; 1 billion tweets are posted on Twitter each week and Facebook is approaching 1 billion users.

Despite these numbers, they also open users up to more computer viruses and online threats according to a report from Webroot on Help Net Security.The article details a few of the threats social network users face include:

Phishing emailBogus e-mails from “friends”: The blog warns that hackers lure users into taking actions they shouldn’t by making it seem as if a friend within their social network has sent them an in-network e-mail – only the e-mail is from a hacker who’s hijacked the friend’s account.

Malicious links or bait: This type of scam involves personal messages to users that encourage them to click on a link. Doing so can do a number of things including sending users to a fake website, where they’re prompted to download and install an executable file that turns out to be a virus that infects the user’s PC explains the author.

Identity theftIdentity theft: Social network users who share personal information with their entire network of friends such as birth dates, addresses, pets’ names and other details leave themselves vulnerable to hackers who may guess their passwords and access their profiles based on the personal information they shared reports Help Net Security.

To help increase your PC protection, Webroot advises users to install updatable Internet security software and keep a few simple rules in mind, such as:

Be skeptical – E-mails, friend requests, Web site links and other items from sources you do not know could be malware.

Social networking privacyUse privacy settingsSocial Networking sites, such as Facebook and Twitter, offer privacy settings that let you control who sees your posts and personal information. Use them to control who access to your page, contact information, etc.

Protect your password – Choose your passwords wisely, incorporate numbers, letters and special characters, and never use the same password at more than one site.

For those who may need new internet security software, you should select a program that has a multi-level security program to:

Social networking malware* Block viruses, spyware, spam, Trojans, worms, rootkits and keyloggers
* Make your PC invisible to hackers
* Encrypt passwords and remember them for you
* Offer multi-layer identity protection
* Provide firewall security.

Related articles
Enhanced by Zemanta
Category: Security | Tags: , , , , , , , , ,
RB | January 19, 2012
No comments

Don’t Fear the iPad

Network security Dark Reading reports that as workers bring their consumer devices to the workplace and expect to use them, many IT teams have raised concerns over the impact of mobile devices on a business’ security.

Tablet computersThe first reaction to the trend of consumerization of IT has typically been to ban smartphones and tablets. Slowly, companies are opening up Bring Your Own Technology (BYOT) programs and attempting to better manage the devices. Yet Josh Corman, director of security intelligence for Akamai (AKAM) told DarkReading firms should speed things up at least in the case of iPads.

He says firms that switch employees from general-purpose computers to more limited devices, such as the Apple (AAPL) iPad, could reap significant security benefits. “When new IT comes out, it is not ipso facto secure, consumer devices typically lag,” Mr. Corman told DarkReading. “But in this particular case, the adoption is of something that is inherently more defensible and inherently less complex.”

Apple ComputersMr. Corman looks at the more tightly controlled software ecosystem for iPads and sees fewer avenues for attackers to compromise corporate networks. The devices are simpler than general-purpose computer workstations, and that’s a benefit for security, he told DarkReading. “We know that complexity is the enemy of security, but we accept very high levels of complexity in our compute environments,” Mr. Corman says.

The article reports that the reasoning parallels that used by Microsoft (MSFT) when the company embarked on its mission to harden its Windows operating system. A measure of its progress was the reduction of the operating system’s attack surface area, a measure of the ease of which attackers could get access to and exploit critical functions. By reducing the ability for attackers to inject code into the system, Microsoft reduced the attack surface area and increased security. Similarly, simpler software systems, such as the iPad, used as part of a comprehensive attempt to reduce complexity in a company’s computational environment could have a similar effect.

Android logoAs long as the tablets can satisfy worker requirements, then a company could garner security benefits, agrees Frank Andrus, CTO for Bradford Networks, a network security provider. Not all tablets are created equal the more open Android platform might not offer as many security benefits as Apple’s more controlled product, “They can more easily be taken advantage of by an attacker,” he told DarkReading.

The mobile devices, however, pose a greater hazard to sensitive company data, he says. Because employees carry smartphones and tablets to places they would not bring a laptop, companies do run a greater risk of exposing data on lost and stolen devices, he says.

Weak linkIn addition, unless a company completely converts its employees to tablets for work, they will just be adding another attack surface to its IT systems, not subtracting a more complex system, Tim Matthews, a director of data-loss prevention products for Symantec told DarkReading. “The problem is that you don’t necessarily reduce the attack surface because you are not replacing your laptop yet,” he says.

To protect against the loss or theft of devices, and the resulting data leakage, companies should employee mobile device management (MDM), Mr. Matthews says. MDM software can also limit the applications installed on an employee-owned device and enforce role-based security on devices that attempt to connect to a corporate network.

In the end, allowing employees to use locked-down tablets, such as the iPad, can increase security, but only if the company pays attention to how employees are using the devices, he says.

Steve Ballmer

Where's my tablet?

“These guys are working on the plane or working at home, adding to a company’s productivity, but they are doing so in an unprotected way,” Matthews says. “And that’s a problem.”

rb-

Mobile devices bring a different set of threats, but more employees on hard-to-hack tablets means better security.

Related articles
Category: Security | Tags: , , , , , , , , , , , ,
RB | January 17, 2012
One comment

QR Codes Can Put Users at Risk

QR malware-Updated 01-26-12- It was just a matter of time and now the Websense (WBSN) ThreatSeeker Network has started spotting spam messages that lead to URLs that use embedded QR codes. According to a report at Help Net Security this is a clear evolution of traditional spammers towards targeting mobile technology. The spam email messages look like traditional pharmaceutical spam emails and contain a link to the Web site 2tag.nl. Once the 2tag.nl URL from the mail message is loaded in the browser, a QR code is displayed, along with the full URL. When the QR code is read by a QR reader, it automatically loads the spam URL.

Quick Response codes (QR codes) are a “new” type of barcode that can be used for a variety of purposes tracking, ticketing, labeling of products, etc. They can be put anywhere, in magazines, buses, websites, TV, tickets, and on almost any object which they might want to learn more about.

 Help Net Security writes that when used for legitimate purposes, they make life easier for users. “All you need to ‘visualize such a code is a smartphone with a camera and a QR reader application to scan it – the code can direct you to websites or online videos, send text messages and e-mails, or launch apps,” point out BullGuard’s researchers.

Unfortunately, QR codes can just as easily be used to compromise users’ mobile devices. “Much like URL shortening services can be and are used maliciously because of the fact that they obscure the real target URL, QR codes can also be used for such deception,” Joe Levy, CTO of Solera Networks told DarkReading. “QR codes … provide a direct link to other smart phone capabilities such as email, SMS, and application installation. So potential attack vectors extend beyond obscured URLs and browser exploits very nearly to the full suite of device capabilities.”

Mobile malwareThere are several ways attackers are already using malicious QR codes to perpetrate their scams. A recent attack via QR code “Attaging” took place in Russia and involved a Trojan disguised as a mobile app called Jimm. Once installed, “Jimm” sent a series of expensive text messages ($6 each), racking up unwanted charges.

On Apple (AAPL) iOS devices, hackers are sending users to websites that will jailbreak the device and install more malicious malware. Tomer Teller, security evangelist at Check Point Software Technologies, told DarkReading, “a user scans a barcode and is redirected to an unknown website … the user phone will be jail broken and additional malware could be deployed (such as key loggers and GPS trackers).”

Android malware“On the Google (GOOG) Android  … Criminals are redirecting users to download malicious applications. All a user needs to do is scan a barcode and it will redirect to a website that will download the Android Application” according to the article.

In addition attackers are using QR codes to redirect users to fake websites for phishing. “A QR code will redirect to a fake Bank that will look exactly like your bank. Since most smart phone screens are small, a normal user may not see the difference and will type in his or her (information) and hand it to the attackers,” Teller says. According to Mobile Commerce News some apps, like the NeoReader from Neomedia, that collect personal identifiable information (PII). This information is then sent to third parties who mine the data and possibly resell it.

Mobile paymentsThe trend to mobile QR based payment systems from firms like LevelUp, Kuapay, and Paypal are developing will drive QR code malware forward Mr. Levy says. “As our mobile devices and our wallets continue to converge through such technologies as near field communications (NFC), Bump and QR, malware authors are bound to prefer these very direct paths to the money. After all, these devices and apps are well on the road to becoming our new currency.”

So how do you protect yourself and the data on your mobile?

  • Download an app that scans QR codes and barcodes and shows the URL to which the codes want to take you. “Only use QR code reader software that allows the user to confirm the action to be taken i.e. visit a website link,” Paul Henry, security and forensic analyst at Lumension told DarkReading. “If you do not know and trust the link, cancel the action.
  • Do not scan QR codes from random stickers on walls and similar surfaces. Help Net Security says scammers are counting on people to do that because they can’t curb their curiosity.
  • Consider installing a mobile security app on your device, especially if it runs the Android OS. “Android is an open platform, which means that its source code can be examined by criminals and exploited easily when they find a weakness in, say, the Android browser,” according to the article. “That’s why most malicious apps transmitted via QR codes target the Android-based smartphones.”

rb-

I am not a fan of QR codes they seem to take you to an advertisement. Most of the destinations are fluff at best and dangerous at worst. Now that they have become nearly ubiquitous, they present more risk than necessary. Avoid QR codes.

Related articles

 

Category: Security | Tags: , , , , , , , , , ,
RB | January 10, 2012
No comments

Are You on the Pwnedlist?

Malware Pwnedlist.com lets you see if your email has compromised by checking it against a collection of nearly 5 million possibly compromised accounts. Brian Krebs at Krebs on Security reports that a user can enter a username or email address into Pwnedlist.com’s search box, and it will check to see if the information was found in any suspicious public data dumps.

PwnedlistPwnedlist.com was created by Alen Puzic and Jasiel Spelman, two security researchers from DVLabs, a division of HP/TippingPoint.Mr. Puzic said. “… I could create a site that would help the everyday user find if they were compromised.”

Pwnedlist.com currently allows users to search through nearly five million emails and usernames found online at sites like sites like Pastebin. The site also often receives large caches of account data that people directly submit to its database. Mr. Puzic told Krebs on Security it is growing at a rate of about 40,000 new compromised accounts each week.

EncryptionMr. Puzic said information contained in these data donations often make it simple to learn which organization lost the information. “Usually, somewhere in the dump files there’s a readme.txt file or there’s some type of header made by hacker who caused the breach, and there’s an advertisement about who did the hack and which company was compromised,” Mr. Puzic in the article. “Other times it’s really obvious because all of the emails come from the same domain.”

Mr. Puzic said in the article that Pwnedlist.com doesn’t store the username, email address and password data itself; instead, it records a cryptographic hash of the information and then discards the plaintext data. According to the blog. a “hit” on any searched email or username only produces a binary “yes” or “no” answer about whether any hashes matching that data were found. It won’t return the associated password, nor does it offer any clues about from where the data was leaked.

If Pwnedlist says you email or user ID is in their database, they offer the following advice:

Shocked woman

  1. “Don’t panic! Just because your email was found in an account dump we collected does not mean it has been compromised.
  2. Immediately change any passwords that might be associated with this email account.
  3. It is probably a wise idea to go through all your accounts and create new passwords for each of them, just in case. “Better safe than sorry.”

The two researchers plan to begin publishing regular updates to their Twitter account (@pwnedlist) when new data dumps are discovered. Longer term, Mr. Puzic told Krebs that he has multiple goals for the site, including a longitudinal study on password security.

rb-

I have several emails, professional and personal which thankfully Pwnedlist does not have in their databases. I follow password best practices and use an 8 character or longer password with a at least one letter, number and special character. I also change my passwords regularly.

End user password best practices:

  1. Passwords should be something you can remember but difficult for others to guess.  That means avoid information anyone can pick up from Facebook.
  2. Use at least 8 characters.  Some authentication systems will ask for more, but 8 well-chosen characters is usually enough.
  3. Mix letters, numbers, uppercase, lowercase, and even symbols when possible.  1GrdDC@82 is stronger than letter22
  4. Avoid dictionary words because many brute force attacks are designed to guess them. ”password” is not a good password.
  5. Use a unique password for each account.  Your password at work should be different from your Facebook password.
  6. Do not share your password.
Related articles
Category: Security | Tags: , , , , ,
« Older Entries   Recent Entries »

Switch to our mobile site