Computer Security Threats--Backdoor Trojan

A backdoor Trojan(security threat) allows someone to take control of another user’s
computer via the internet without their permission.
A backdoor Trojan(security threat) may pose as legitimate software, just as other Trojan horse programs
do, so that users run it. Alternatively – as is now increasingly common – users may
allow Trojans onto their computer by following a link in spam mail.
Once the Trojan is run, it adds itself to the computer’s startup routine. It can then
monitor the computer until the user is connected to the internet. When the computer
goes online, the person who sent the Trojan can perform many actions – for example,
run programs on the infected computer, access personal files, modify and upload files,
track the user’s keystrokes, or send out spam mail.
Well-known backdoor Trojans include Subseven, BackOrifice and, more recently,
Graybird, which was disguised as a fix for the notorious Blaster worm.
To avoid backdoor Trojans, you should keep your computers up to date with the latest
patches (to close down vulnerabilities in the operating system), and run anti-spam
and anti-virus software. You should also run a firewall, which can prevent Trojans from
accessing the internet to make contact with the hacker.Backdoor trojan computer security threat is one of
danger security attack.so be aware about this security threat.

Read More

Computer Security Threats

We are living in a digital world, were computers are not just an ordinary thing anymore but a “necessity” to our everyday lives. Most of us only knew a little about computer security threats, the most common were “virus” and “worm”. But did you know that there are 34 different types of Computer Security Threats? A lot huh? You’ll know more about them below, so keep reading and i hope that you’ll be more cautious and knowledgeable in using your computer.

1. Adware

Adware is software that displays advertisements on your computer.

Adware, or advertising-supported software, displays advertising banners or pop-ups on
your computer when you use the application. This is not necessarily a bad thing. Such
advertising can fund the development of useful software, which is then distributed free
(for example, the Opera web browser).

However, adware becomes a problem if it:

• installs itself on your computer without your consent
• installs itself in applications other than the one it came with and displays advertising
  when you use those applications
• hijacks your web browser in order to display more ads (see Browser hijackers)
• gathers data on your web browsing without your consent and sends it to others via
  the internet (see Spyware)
• is designed to be difficult to uninstall.

Adware can slow down your PC. It can also slow down your internet connection by
downloading advertisements. Sometimes programming flaws in the adware can make
your computer unstable.

Advertising pop-ups can also distract you and waste your time if they have to be closed
before you can continue using your PC.

Some anti-virus programs detect adware and report it as “potentially unwanted
applications”. You can then either authorize the adware program or remove it from the
computer. There are also dedicated programs for detecting adware.

THIS IS FIRST COMUTER SECURITY THREAT,I WILL POST ALL 34 COMUTER SECURITY THREAT ONE BY ONE,DUE TO CRISIS OF TIME I CANT POST ALL AT ONCE SO KEEP TOUCH WITH THIS BLOG,THIS IS MY PROMISE TO ALL OF YOU,I WILL COLLECT ALL RELEVANT INFORMATION ABOUT COMPUTER SECURITY THREAT FOR YOU.

UP COMING POST ON--- Backdoor Trojans.SECURITY THREAT.WITH BEST WAY TO SAVE YOUR COMPUTER

Read More

Types of Computer Viruses

Computer Virus is a kind of malicious software written intentionally to enter a computer without the user’s permission or knowledge, with an ability to replicate itself, thus continuing to spread. Some viruses do little but replicate others can cause severe harm or adversely effect program and performance of the system. A virus should never be assumed harmless and left on a system. Most common types of viruses are mentioned below:

Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.

Examples include: Randex, CMJ, Meve, and MrKlunky.

Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.

Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.

The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.

Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.

Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.

The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.

Examples of boot viruses include: Polyboot.B, AntiEXE.

Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.

Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.

Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running the virus program, while the original file and program have been previously moved by the virus.

Once infected it becomes impossible to locate the original files.

Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.

This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.

Examples include: Elkern, Marburg, Satan Bug, and Tuareg.

File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.

Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).

Some examples include: Stator, Asimov.1539, and Terrax.1069

FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

Worms
A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.

Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.

Trojans or Trojan Horses
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms.

Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.

Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.

Read More

Best Antivirus Software----KBSMP CHOICE

3>>>>> Norton Antivirus 2009

Main Features:

• Advanced antivirus with anti-spyware
• Best proactive protection
• Rapid pulse updates every 5 to 15 minutes
• Rootkit detection, two way firewall
• Defends against Web-based attacks
• Automatic Virus Pattern Updates

Read More

Hardware Security

Security should be intertwined with every part of system; the hardware is no exception. The interaction between hardware and software must be carefully planned. In doing so, the security of the entire system is strengthened.

Trusted Computing

Systems rely on Operating Systems and hardware. This collection of components comprises the core of the Trusted Computing Base (TCB). Systems fundamentally trust all actions that take place within the TCB. As Operating Systems become increasingly more complex, they are prone to faults and vulnerabilities. Hence, researchers seek to shrink the TCB.
Recently, a consortium gathered to create an open trusted framework. The Trusted Computing Group'sTrusted Platform Module (TPM) has received much attention. While vendors such as Dell have announced the deployment of TPMs, privacy concerns remain. Such concerns must be addressed before wide-spread acceptance occurs. (TCG)
Our current research efforts aim to discover novel uses for the TPM while maintaining the privacy of users.

Securing Non-Volatile Main Memory

We propose a Memory Encryption Control Unit (MECU) to address the vulnerabilities introduced by non-volatile memories. The MECU encrypts all memory transfers between the level 2 cache and main memory. The keys used to encrypt memory blocks are derived from secret information present on removable authentication tokens, e.g., smart card, or other similar secure storage devices. This provides protection against physical attacks in absence of the token.
We evaluated a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. The performance analysis shows that we can secure non-volatile memories with minimal overhead---the majority of memory accesses are delayed by less than 1 ns, with limited degradation subsiding within 67 us of a system resume. In effect, we provide zero-cost steady state confidentiality for main memory

Read More

uAndroid's Security Framework

                            uAndroid's Security Framework

The Google Android mobile phone platform is one of the most anticipated smartphone operating systems. Android defines a new component-based framework for developing mobile applications, where each application is comprised of different numbers and types of components. Activity components form the basis of the user interface; each screen presented to the user is a different Activity. Service components provide background processing that continues even after its application loses focus. Services also define arbitrary interfaces for communicating with other applications. Content Provider components share information in relational database form. For instance, the system includes an application with a Content Provider devoted to sharing the user's address book upon which other applications can query. Finally, Broadcast Receiver components act as an asynchronous mailbox for messages from the system and other applications. As a whole, this application framework supports a flexible degree of collaboration between applications, where dependencies can be as simple or complex as a situation requires.

Read More

How to secure network

                      NETWORK SECURITY
1. Perform regular network security testing.
2. Don’t provide more or unwanted access to any network user.
3. Must have an updated antivirus program.
4. Operating system should be regularly updated. If you have windows based operating system you can update it from the Microsoft website.
5. Keep inventory of your network resources such as devices and software applications.
6. Regularly scan TCP/IP services
7. Turn off your computer when you are away and don’t leave your computer unattended.
8. Put a strong network and system administrator password.
9. Implement a strong security policy.
10. Use a switched network, so that you can identify the problem very quickly.

Read More

Computer And Internet

Have you seen any coin without head or without tell----NO.Same situation in computer and internet.In 1940 computer came in picture and In 1969 internet came into picture and after this both them became most important part society.
     NOW The question come how computer and internet are related,how they work.before describing  these two i want to define some terminology related computer and internet
What is internet-----The Internet, sometime known as Net"  itis a worldwide system of computer networks -that is it is a network of networks in which users at any one computer can, if they have permission, get information from any other computer.so when a computers connected to each other and when they allow to pass information or message to each other world wide known as internet.now a day internet spread in all section of world.computer and internet pool whole world in one field.
Today, the Internet is a public, cooperative, and self-sustaining facility accessible to hundreds of millions of people worldwide. Physically, the Internet uses a portion of the total resources of the currently existing public telecommunication networks.
       The most widely used part of the Internet is the World Wide Web(WWW).NO doubt computer and internet made our easy,and gave us lot of opportunity to earn money.
But as we know every good effect has some bad effect.internet and computer arised on crime known as CYBER CRIME.One interesting thing i want to tell in this crime,in cyber crime computer and internet used as weapon as well as victim.In whole world lacks of hacker hacks the website ,credit card number by using computer and internet,so we should know some tips to secure own data.For this there is no need to go any where computer and internet makes available lot of information for you.search it read it.and apply it for secure your data.and use computer and internet to make life easy

Read More

CBI website hacked by 'Pakistani Cyber Army'

In a major embarrassment, the website of premier investigating agency CBI was hacked on Friday night by programmers identifying themselves as "Pakistani Cyber Army". 
 
Intelligence agencies have been often warning the government that proper cyber security was not being ensured in government offices and that no security audit was being carried out.
The Pakistani Cyber Army has also warned that it would carry out "mass defacement" of other websites.
      "CBI is aware that its official website has beden hacked and defaced. An inquiry has been launched and necessary remedial measures are underway to restore it," CBI PRO RK Gaur said.

In addition to the CBI website, the self-proclaimed Pakistan Cyber army claims to have hacked another 270 websites.

I READ THIS NEWS  IN NEWSPAPER.AFTER THIS I SEARCH ED ON INTERNET AND I FOUND IT IS TRUE.WHAT THEY WANT TO SHOW AND WHAT PAKISTANI HACKER WANT .WHY THEY ARE DOING CHEAP TYPE BEHAVE,I THINK THEY ARE CONFUSE PEOPLE AND THEY DONT KNOW WHAT HE IS DOING.HACKING TO ANY WEBSITE  IS NOT TOUGH TASK.ALL RELEVANT CONTENT WHICH IS SUFFICIENT TO HACK ANY WEBSITE IS AVAILABLE ON INTERNET  IF YOU READ THESE MATERIAL AND HACK ANY SITE THIS IS NOT GREAT ACHIEVEMENT.SO I WANT TO TELL THEM YOU ARE NOT BEST,IF YOU WERE BEST THEN YOU MUST UTILIZE YOUR KNOWLEDGE TO SAVE THE CYBER WORLD AND TRY TO MAKE GOOD RELATION BETWEEN INDIA AND PAKISTAN.AND LAST I WANT TO TELL ALL MY READERS HATE AND IGNORE  THESE PEOPLE WHICH MISUSE HIS KNOWLEDGE.AND TRY TO DISTURB PEACE BETWEEN ANY COUNTRY.

  

Read More

Internet Security

                        Tips for browsing internet safely
The concern for internet safety is a global phenomenon, mostly for those who are new-fangled to internet. While the prevalence of social networking websites, online communities and internet-enabled processes should be great news for individual, corporate and government users, the concern for safety remains a major source of concern. The 21st century is the age of computers and World Wide Web. Everyone starting from child to old is accustomed with web browsing. But the question arises how much we are safe on the internet? Hackers and malicious software is a great threat to our individual online privacy. So we need to protect our self from these dangerous aspects of internet. Following are some steps that can ensure a safe browsing practice. 
 1–Use Common Sense 
 To browse the internet safely, it’s best if you do so by using common sense. Do not click on advertisements that may harm your computer, and stay away from sites that promise “free” items, cash or other services simply by entering your personal information. Just because a website looks official, this does not mean that it can’t harm your computer.
2 – Use a Firewall 
 To improve the safety of your internet browsing, it’s highly recommended that you install some high-quality firewall software. Having a firewall can help prevent programs from infiltrating your computer, and may also protect against some hackers or internet criminals.
3- Use Strong Passwords
 Ensure data security by using strong passwords for your online accounts and your system files. Do not use your name or birth date as a password since they are easy to crack. Instead, use a password that contains alphanumeric characters and is at least eight characters long. Also, do not store passwords on your system. If remembering all your passwords is difficult, use a password manager program to organize and manage your passwords.
 4- Install Antivirus and Antispyware Tools 
 Use an antivirus and an antispyware tool to keep your system protected from malicious programs, such as viruses, worms, adware, and spyware. Configure these tools to perform regular full system scans on your computer.
5 – Be Aware 
When other people are using your computer, it’s best if you supervise their activities. Even if a friend asks to check their email, its best if you have them login under a other account that you have created for others to use. Having a Guest account on your computer enables you to allow others to use your computer without having to worry about them installing potentially malicious software. When creating a Guest account, disable sharing of important files on your computer. In addition to this, you should always make sure that any sensitive files are password-protected. Don’t load non-essential programs off the Internet, especially things like toolbars, screensavers, or video programs. These programs normally install extra, malicious software that causes problems and often requires a repair to remove effectively. Don’t click on anything in a pop-up and unsolicited links received in email, instant messages, or chat rooms, as it might install malware.
6- Do Not Open Attachments from Unsolicited Emails
Attachments that come with unwanted emails can contain malicious programs, such as viruses and worms. These malicious programs often cause severe damage to your system. Therefore, it is best that you straight away delete any unwanted emails you receive. You must also scan the attachments that you obtain from known sources before opening them.
7- Lock icon in the browser doesn’t means it’s secure
When the lock icon appears in the browser, many of us believe we are opening a secure site. This is because the lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the personal sensitive information. However, it does not present any security from malware. In fact, it’s the reverse because most Web security products are totally blind to encrypted connections: it’s the perfect vehicle for malware to penetrate a machine. There have been many cases where hackers emulate bank, credit card sites complete with spoofed SSL certificates that are difficult for a user to identify as deceptive. So keep away from the unknown site which shows lock icon.
8- Keep your Operating System, Software, and Drivers Up-To-Date     

Read More

LATEST VIRUS NAME..

    1.     Virus Name:     Virus:W32/Sality
   A malicious program that secretly integrates itself into program or datafiles.It spreads by integrating itself into more files each time the host program is run.
              
    2.     Virus Name:           Trojan-Downloader:W32/Hiloti
                   This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
              
    3.     Virus Name:  Trojan-Downloader:W32/Fakerean.gen!A

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

              
    4.     Virus Name:  Trojan-Downloader:W32/Wimad.gen!A
     A trojan that secretly downloads malicious files from a remote server, then installs and executes the files.
              
    5.     Virus Name:           Trojan-Downloader:W32/Oficla

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

              

    6.     Virus Name:           Trojan:AndroidOS/Tapsnake
 Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
              
    7.     Virus Name:           Email-Worm:W32/Bagle.GE

  This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.

              
    8.     Virus Name:           Virus:W32/Bursted

A malicious program that secretly integrates itself into program or data files. It spreads by integrating itself into  more files each time the host program is run.

              
    9.     Virus Name:           Trojan:W32/Qhost
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
              
    10.     Virus Name:           Trojan:W32/Agent.DKJC
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.  

Read More

Email Security...some Basic point

In today’s electronic world, email is critical to any business being competitive. In most cases it now forms the backbone of most organisations’ day-to-day activities, and its use will continue to grow. According to the The Radicati Group’s study, “Microsoft Exchange and Outlook Analysis, 2005-2009,” the worldwide email market will grow from 1.2 billion mailboxes in 2005 to 1.8 billion mailboxes in 2009.[sintuhack]
As email becomes more prevalent in the market, the importance of email security becomes more significant. In particular, the security implications associated with the management of email storage, policy enforcement, auditing, archiving and data recovery. Managing large, active stores of information takes time and effort in order to avoid failures – failures that will impact the users and therefore the business, undoubtedly leading to lost productivity. For secure and effective storage management, organisations must take a proactive approach and invest wisely in a comprehensive solution.When considering a secure email storage management solution, a layered approach, combining both business processes and applications makes sense. By considering the service email provides to the business, email management can be broken down into a number of components: mail flow, storage, and user access – both at the server and user levels. Whilst each one of these components should be addressed separately, they must be viewed as part of a total security agenda.[sintuhack]
Mail flow can encompass many aspects of an email system. However, the security of mail flow is for the large part focused around the auditing and tracking of mails into and out of the organisation. Monitoring the content and ensuring that any email that has been sent and received complies with business policy is fundamental.[sintuhack].Proving who has sent or received email is a lawful requirement for many industries and email can often be used as evidence in fraud and human resource court cases.[sintuhack],Another key aspect of the management of mail flow security is the protection of the business from malicious or unlawful attacks. It is at the gateway into the mail system where a business must protect itself via a variety of methods including hardware and software protection systems, such as spam filters and virus scanner[sintuhack].

Read More

Secure Sockets Layer(SSL) versus Transport Layer Security(TLS)

               SSL AND TLS -What’s the difference and which one is more secure...
BEFORE WE DECIDE WHICH ONE IS MORE SECURE ,WE MUST KNOW WHAT IS THESE?---Simply these are protocols that provide data encryption and authentication between applications in scenarios where that data is being sent across an insecure network, such as checking your email.[sintuhack]
Now which one is more secure?[sintuhack]
While SSL and TLS differ in ways that make them inoperable with each other, they are generally considered equal in terms of security. The main difference is that, while SSL connections begin with security and proceed directly to secured communications, TLS connections first begin with an insecure “hello” to the server and only switch to secured communications after the handshake between the client and the server is successful. If the TLS handshake fails for any reason, the connection is never created.[sintuhack]
Both Internet security protocols ensure that your data is encrypted as it is transmitted across the Internet.  They also both enable you to be sure that the server that you are communication with is the server you intend to contact and not some “middle man eavesdropper”.  This is possible because servers that support SSL and TLS must have certificates issued to them by a trusted third party, like Verisign or Thawte.[sintuhack].  These certificates verify that the domain name they are issued for really belongs to the server. [sintuhack]. Your computer will issue warnings to you if you try to connect to a server and the certificate that it gets back is not trusted or doesn’t match the site you are trying to connect to.[sintuhack]
If you are mostly concerned about your level of security, you can’t really go wrong choosing either SSL or TLS.[sintuhack]
 The main benefit in opting for TLS over SSL is that TLS was incepted as an open-community standard, meaning TLS is more extensible and will likely be more widely supported in the future with other Internet standards. TLS is even backwards compatible, possessing the ability to “scale down” to SSL if necessary to support secure client-side connections that only understand SSL.[sintuhack]
Another more immediate benefit, however, is that TLS allows both secure and insecure connections over the same port, whereas SSL requires a designated secure-only port. For users connecting to an email server via POP or IMAP, this means that using TLS will allow you to opt for secure connections but easily switch to insecure connections if necessary without needing to change ports. This is not possible with SSL.[sintuhack]

Read More

Internet Surfing Security

 we people cant leave without internet,our life is completely depend on GOOGLE.This is not bad thing,but we must know some important security tips.how to keep save your data,as well as PC.Yesterday my friends PC is hacked during net surfing,and he lost all data.I am adding some security solution hope you people will adopt it  during net surfing and during downloading.

                            Internet Surfing Security calls for surfing the global net in a secured manner so as to avoid any undesirable circumstance. Internet Surfing Security is an important requirement of secured Internet Surfing.

   Necessity of Internet Surfing Security

The importance of Internet Surfing Security cannot be underestimated. It is a well known fact that in today's fast life where Internet plays a dominant role, the possibility of falling prey to Phishing or any other type of Cyber crimes is high, if proper precautious measures are not taken while accessing the net. All these dreadful possibilities make one realize the essence of Internet Surfing Security .

Important Steps to be Taken

There are several important measures which can surely ensure Internet Surfing Security . Most importantly, it is important to install to anti-virus soft wares in the computer systems because it safeguards the computer systems against harmful viruses, worms, and spy wares. It is also necessary to check the security systems regularly. You should also be aware about the sites you are surfing through. Accessing any undesirable site can leave viruses in the computer set thereby affecting surfing speed and ability. Firewall is another important way of protecting the personal computer systems. It is also necessary to have a clear idea about an e-mail before opening it. Sometimes just clicking on an e-mail can affect a computer system with virus and worms. You should also avoid disclosing any personal information through a mail or message even. For this may lead to identity theft.

Read More

Shopping Safely Online

Why do online shoppers have to take special precautions?

The Internet offers a convenience that is not available from any other shopping outlet. From the comfort of your home, you can search for items from countless vendors, compare prices with a few simple mouse clicks, and make purchases without waiting in line. However, the Internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers. Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else.

How do attackers target online shoppers?

There are three common ways that attackers can take advantage of online shoppers:

• Targeting vulnerable computers - If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases.
• Creating fraudulent sites and email messages - Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious web sites that mimic legitimate ones or create email messages that appear to have been sent from a legitimate source. Charities may also be misrepresented in this way, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.
• Intercepting insecure transactions - If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted.

Read More

Understanding Your Computer: Web Browsers

How do web browsers work?

A web browser is an application that finds and displays web pages. It coordinates communication between your computer and the web server where a particular website "lives."
When you open your browser and type in a web address (URL) for a website, the browser submits a request to the server, or servers, that provide the content for that page. The browser then processes the code from the server (written in a language such as HTML, JavaScript, or XML) and loads any other elements (such as Flash, Java, or ActiveX) that are necessary to generate content for the page. After the browser has gathered and processed all of the components, it displays the complete, formatted web page. Every time you perform an action on the page, such as clicking buttons and following links, the browser continues the process of requesting, processing, and presenting content.

How many browsers are there?

There are many different browsers. Most users are familiar with graphical browsers, which display both text and graphics and may also display multimedia elements such as sound or video clips. However, there are also text-based browsers. The following are some well-known browsers:

• Internet Explorer
• Firefox
• AOL
• Opera
• Safari - a browser specifically designed for Macintosh computers
• Lynx - a text-based browser desirable for vision-impaired users because of the availability of special devices that read the text

How do you choose a browser?

A browser is usually included with the installation of your operating system, but you are not restricted to that choice. Some of the factors to consider when deciding which browser best suits your needs include

• compatibility - Does the browser work with your operating system?
• security - Do you feel that your browser offers you the level of security you want?
• ease of use - Are the menus and options easy to understand and use?
• functionality - Does the browser interpret web content correctly? If you need to install other plug-ins or devices to translate certain types of content, do they work?
• appeal - Do you find the interface and way the browser interprets web content visually appealing?

Can you have more than one browser installed at the same time?

If you decide to change your browser or add another one, you don't have to uninstall the browser that's currently on your computer—you can have more than one browser on your computer at once. However, you will be prompted to choose one as your default browser. Anytime you follow a link in an email message or document, or you double-click a shortcut to a web page on your desktop, the page will open using your default browser. You can manually open the page in another browser.
Most vendors give you the option to download their browsers directly from their websites. Make sure to verify the authenticity of the site before downloading any files. To further minimize risk, follow other good security practices, like using a firewall and keeping anti-virus software up to date

Read More

What risks are associated with free email services?

Although free email services have many benefits, you should not use them to send sensitive information. Because you are not paying for the account, the organization may not have a strong commitment to protecting you from various threats or to offering you the best service. Some of the elements you risk are

    * security - If your login, password, or messages are sent in plain text, they may easily be intercepted. If a service provider offers SSL encryption, you should use it. You can find out whether this is available by looking for a "secure mode" or by replacing the "http:" in the URL with "https:"

    * privacy - You aren't paying for your email account, but the service provider has to find some way to recover the costs of providing the service. One way of generating revenue is to sell advertising space, but another is to sell or trade information. Make sure to read the service provider's privacy policy or terms of use to see if your name, your email address, the email addresses in your address book, or any of the information in your profile has the potential of being given to other organizations. If you are considering forwarding your work email to a free email account, check with your employer first. You do not want to violate any established security policies.

    * reliability - Although you may be able to access your account from any computer, you need to make sure that the account is going to be available when you want to access it. Familiarize yourself with the service provider's terms of service so that you know exactly what they have committed to providing you. For example, if the service ends or your account disappears, can you retrieve your messages? Does the service provider give you the ability to download messages that you want to archive onto your machine? Also, if you happen to be in a different time zone than the provider, you may find that their server maintenance interferes with your normal email routine.

Read More

Understanding Hidden Threats: Rootkits and Botnets

What are rootkits and botnets?

A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge. It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it . Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected.

Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. In the context of botnets, bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access. Your computer may be part of a botnet even though it appears to be operating normally. Botnets are often used to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks .

Read More

Cyber Security Tip ST05-006

How do you know your computer is infected?

Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer's normal operations. Be aware of any unusual or unexpected behaviors. If you are running anti-virus software, it may alert you that it has found malicious code on your computer. The anti-virus software may be able to clean the malicious code automatically, but if it can't, you will need to take additional steps.
What can you do if you are infected?

   1. Minimize the damage - If you are at work and have access to an IT department, contact them immediately. The sooner they can investigate and clean your computer, the less damage to your computer and other computers on the network. If you are on your home computer or a laptop, disconnect your computer from the internet. By removing the internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your computer to attack other computers.

   2. Remove the malicious code - If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. If you do not have anti-virus software, you can purchase it at a local computer store . If the software can't locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities
How can you reduce the risk of another infection?
Dealing with the presence of malicious code on your computer can be a frustrating experience that can cost you time, money, and data. The following recommendations will build your defense against future infections:

    * use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current
    * change your passwords - Your original passwords may have been compromised during the infection, so you should change them. This includes passwords for web sites that may have been cached in your browser. Make the passwords difficult for attackers to guess
    * keep software up to date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should enable it.

    * install or enable a firewall - Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer . Some operating systems actually include a firewall, but you need to make sure it is enabled.

    * use anti-spyware tools - Spyware is a common source of viruses, but you can minimize the number of infections by using a legitimate program that identifies and removes spyware
    * follow good security practices - Take appropriate precautions when using email and web browsers so that you reduce the risk that your actions will trigger an infection

Read More

China Set to Fight Against Cybercrime by Issuing New Laws Against Hackers

ccording to Gu Jian, Deputy Director of the Network Security Protection Bureau of the Ministry of Public Security (MPS), China is all set to fight against the hacking attacks as the government is drafting law governing the punishment of hackers and other cyber offences, as reported by ShanghaiDaily on November 11, 2010.

He further highlighted that presently, lawmakers are working on the judicial interpretations of the new law, which will be released by the end of 2010.
Gu stated that nearly 80% of the machines in China are facing the problem of botnet attacks, whereby hackers use malicious software to attack and compromise machines.
Remarkably, botnet can be defined as a network of systems that have had malware installed into them and are managed by cybercrooks, while the users are not aware of the computer hacking.
Disturbingly, according to a report released in earlier 2010 by the China National Computer Network Emergency Response Technical Team (CNCERT) revealed that 71% of the global botnets are placed in China. Of which, majority are administered by hackers of foreign origin.
Commenting on the finding, Gu stated that, China, a land of around 440 Million netizens is the key victim of cyber criminals, as reported by the web portal China on November 11, 2010. Gu also said that over 80% of the online attacks targeting China's government agencies official websites come from foreign locations.
Gu further highlighted that, to fight against overseas criminals, China has been making remarkable attempts to co-operate with overseas government agencies. Since 2004, China's public security departments have offered assistance to around 41 countries in 721 online criminal instances.
Until now, Chinese police have set up bilateral cooperation agreements with 30 nations including the United States, Germany, and the UK.
However, according to Gu, existing collaborations between various governments are far away from fighting against overseas cybercrimes.
Conclusively, Gu stated that late response is one of the major problems. Since 2009, China's police agents have asked for investigation assistance for 13 cybercrimes to the U.S. FBI (Federal Bureau of Investigation), including instances concerning fake bank website and child pornography. But, the Chinese police have not got any response till now.

Read More

Cyber Laws in India

                         Cyber Laws in India
In May 2000, both the houses of the Indian Parliament passed the information bill. The Bill received the assent of the President in August 2000 and came to be known as the Information Technology Act, 2000. Cyber laws are contained in the IT Act, 2000.

This Act aims to provide the legal infrastructure for e-commerce in India. And the cyber laws have a major impact for e-businesses and the new economy in India. So, it is important to understand what are the various perspectives of the IT Act, 2000 and what it offers.

The Information Technology Act, 2000 also aims to provide for the legal framework so that legal sanctity is accorded to all electronic records and other activities carried out by electronic means. The Act states that unless otherwise agreed, an acceptance of contract may be expressed by electronic means of communication and the same shall have legal validity and enforceability. Some highlights of the Act are listed below:

	Chapter-II of the Act specifically stipulates that any subscriber may authenticate an electronic record by affixing his digital signature. It further states that any person can verify an electronic record by use of a public key of the subscriber.
	Chapter-III of the Act details about Electronic Governance and provides inter alia amongst others that where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is -   rendered or made available in an electronic form; and accessible so as to be usable for a subsequent reference The said chapter also details the legal recognition of Digital Signatures.
	Chapter-IV of the said Act gives a scheme for Regulation of Certifying Authorities. The Act envisages a Controller of Certifying Authorities who shall perform the function of exercising supervision over the activities of the Certifying Authorities as also laying down standards and conditions governing the Certifying Authorities as also specifying the various forms and content of Digital Signature Certificates. The Act recognizes the need for recognizing foreign Certifying Authorities and it further details the various provisions for the issue of license to issue Digital Signature Certificates.
	Chapter-VII of the Act details about the scheme of things relating to Digital Signature Certificates. The duties of subscribers are also enshrined in the said Act.
	Chapter-IX of the said Act talks about penalties and adjudication for various offences. The penalties for damage to computer, computer systems etc. has been fixed as damages by way of compensation not exceeding Rs. 1,00,00,000 to affected persons. The Act talks of appointment of any officers not below the rank of a Director to the Government of India or an equivalent officer of state government as an Adjudicating Officer who shall adjudicate whether any person has made a contravention of any of the provisions of the said Act or rules framed there under. The said Adjudicating Officer has been given the powers of a Civil Court.
	Chapter-X of the Act talks of the establishment of the Cyber Regulations Appellate Tribunal, which shall be an appellate body where appeals against the orders passed by the Adjudicating Officers, shall be preferred.
	Chapter-XI of the Act talks about various offences and the said offences shall be investigated only by a Police Officer not below the rank of the Deputy Superintendent of Police. These offences include tampering with computer source documents, publishing of information, which is obscene in electronic form, and hacking.
	The Act also provides for the constitution of the Cyber Regulations Advisory Committee, which shall advice the government as regards any rules, or for any other purpose connected with the said act. The said Act also proposes to amend the Indian Penal Code, 1860, the Indian Evidence Act, 1872, The Bankers' Books Evidence Act, 1891, The Reserve Bank of India Act, 1934 to make them in tune with the provisions of the IT Act.

             Advantages of Cyber Laws
The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber crimes. We need such laws so that people can perform purchase transactions over the Net through credit cards without fear of misuse. The Act offers the much-needed legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is in the form of electronic records.

In view of the growth in transactions and communications carried out through electronic records, the Act seeks to empower government departments to accept filing, creating and retention of official documents in the digital format. The Act has also proposed a legal framework for the authentication and origin of electronic records / communications through digital signature.

	From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain many positive aspects. Firstly, the implications of these provisions for the e-businesses would be that email would now be a valid and legal form of communication in our country that can be duly produced and approved in a court of law.
	Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act.
	Digital signatures have been given legal validity and sanction in the Act.
	The Act throws open the doors for the entry of corporate companies in the business of being Certifying Authorities for issuing Digital Signatures Certificates.
	The Act now allows Government to issue notification on the web thus heralding e-governance.
	The Act enables the companies to file any form, application or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in electronic form by means of such electronic form as may be prescribed by the appropriate Government.
	The IT Act also addresses the important issues of security, which are so critical to the success of electronic transactions. The Act has given a legal definition to the concept of secure digital signatures that would be required to have been passed through a system of a security procedure, as stipulated by the Government at a later date.
	Under the IT Act, 2000, it shall now be possible for corporates to have a statutory remedy in case if anyone breaks into their computer systems or network and causes damages or copies data. The remedy provided by the Act is in the form of monetary damages, not exceeding Rs. 1 crore.

Read More

Cyber Law Cases in India and World

MYSPACE CATCHES A MURDERER

MySpace has played an important role in helping Oakland police apprehend a 19-year old man accused of shooting a San Leandro High School football player Greg "Doody" Ballard, Jr.

Oakland police had a street name of a suspect and were able to identify Dwayne Stancill, 19 of Oakland from a picture they found on a gang's MySpace page. Police brought the suspect to their headquarters where detectives say he confessed. What was most troubling to investigators was the lack of motive for the killing.

OFFICIAL WEBSITE OF MAHARASTRA GOVERNMENT HACKED

MUMBAI, 20 September 2007 — IT experts were trying yesterday to restore the official website of the government of Maharashtra, which was hacked in the early hours of Tuesday.

Rakesh Maria, joint commissioner of police, said that the state’s IT officials lodged a formal complaint with the Cyber Crime Branch police on Tuesday. He added that the hackers would be tracked down. Yesterday the website, http://www.maharashtragovernment.in, remained blocked.

Deputy Chief Minister and Home Minister R.R. Patil confirmed that the Maharashtra government website had been hacked. He added that the state government would seek the help of IT and the Cyber Crime Branch to investigate the hacking.

“We have taken a serious view of this hacking, and if need be the government would even go further and seek the help of private IT experts. Discussions are in progress between the officials of the IT Department and experts,” Patil added.

The state government website contains detailed information about government departments, circulars, reports, and several other topics. IT experts working on restoring the website told Arab News that they fear that the hackers may have destroyed all of the website’s contents.

According to sources, the hackers may be from Washington. IT experts said that the hackers had identified themselves as “Hackers Cool Al-Jazeera” and claimed they were based in Saudi Arabia. They added that this might be a red herring to throw investigators off their trail.

According to a senior official from the state government’s IT department, the official website has been affected by viruses on several occasions in the past, but was never hacked. The official added that the website had no firewall.

Three people held guilty in on line credit card scam

Customers credit card details were misused through online means for booking air-tickets. These culprits were caught by the city Cyber Crime Investigation Cell in pune. It is found that details misused were belonging to 100 people.

Mr. Parvesh Chauhan, ICICI Prudential Life Insurance officer had complained on behalf of one of his customer. In this regard Mr. Sanjeet Mahavir Singh Lukkad, Dharmendra Bhika Kale and Ahmead Sikandar Shaikh were arrested. Lukkad being employeed at a private institution, Kale was his friend. Shaiklh was employed in one of the branches of State Bank of India .

According to the information provided by the police, one of the customer received a SMS based alert for purchasing of the ticket even when the credit card was being held by him. Customer was alert and came to know something was fishy; he enquired and came to know about the misuse. He contacted the Bank in this regards. Police observed involvement of many Bank's in this reference.

The tickets were book through online means. Police requested for the log details and got the information of the Private Institution. Investigation revealed that the details were obtained from State Bank of India . Shaikh was working in the credit card department; due to this he had access to credit card details of some customers. He gave that information to Kale. Kale in return passed this information to his friend Lukkad. Using the information obtained from Kale Lukkad booked tickets. He used to sell these tickets to customers and get money for the same. He had given few tickets to various other institutions.

Cyber Cell head DCP Sunil Pulhari and PI Mohan Mohadikar A.P.I Kate were involved in eight days of investigation and finally caught the culprits.

In this regards various Banks have been contacted; also four air-line industries were contacted.
DCP Sunil Pulhari has requested customers who have fallen in to this trap to inform police authorities on 2612-4452 or 2612-3346 if they have any problems.

How cyber crime operations work – and why they make money

Hackers are no longer motivated by notoriety – it's now all about the money. Guillaume Lovet, Threat Response Team Leader at security firm Fortinet, identifies the players, their roles and the returns they enjoy on their investments.
Cybercrime which is regulated by Internet Law  (Cyber Law) or IT Act has become a profession and the demographic of your typical cybercriminal is changing rapidly, from bedroom-bound geek to the type of organised gangster more traditionally associated with drug-trafficking, extortion and money laundering.
It has become possible for people with comparatively low technical skills to steal thousands of pounds a day without leaving their homes. In fact, to make more money than can be made selling heroin (and with far less risk), the only time the criminal need leave his PC is to collect his cash. Sometimes they don't even need to do that.
In all industries, efficient business models depend upon horizontal separation of production processes, professional services, sales channels etc. (each requiring specialised skills and resources), as well as a good deal of trade at prices set by the market forces of supply and demand. Cybercrime is no different: it boasts a buoyant international market for skills, tools and finished product. It even has its own currency.
The rise of cybercrime is inextricably linked to the ubiquity of credit card transactions and online bank accounts. Get hold of this financial data and not only can you steal silently, but also – through a process of virus-driven automation – with ruthlessly efficient and hypothetically infinite frequency.
The question of how to obtain credit card/bank account data can be answered by a selection of methods each involving their own relative combinations of risk, expense and skill.
The most straightforward is to buy the ‘finished product’. In this case we’ll use the example of an online bank account. The product takes the form of information necessary to gain authorised control over a bank account with a six-figure balance. The cost to obtain this information is $400 (cybercriminals always deal in dollars). It seems like a small figure, but for the work involved and the risk incurred it’s very easy money for the criminal who can provide it. Also remember that this is an international trade; many cyber-criminals of this ilk are from poor countries in Eastern Europe, South America or South-East Asia.
The probable marketplace for this transaction will be a hidden IRC (Internet Relay Chat) chatroom. The $400 fee will most likely be exchanged in some form of virtual currency such as e-gold.
Not all cyber-criminals operate at the coalface, and certainly don’t work exclusively of one another; different protagonists in the crime community perform a range of important, specialised functions. These broadly encompass:
Coders – comparative veterans of the hacking community. With a few years' experience at the art and a list of established contacts, ‘coders’ produce ready-to-use tools (i.e. Trojans, mailers, custom bots) or services (such as making a binary code undetectable to AV engines) to the cybercrime labour force – the ‘kids’. Coders can make a few hundred dollars for every criminal activity they engage in.
Kids – so-called because of their tender age: most are under 18. They buy, trade and resell the elementary building blocks of effective cyber-scams such as spam lists, php mailers, proxies, credit card numbers, hacked hosts, scam pages etc. ‘Kids’ will make less than $100 a month, largely because of the frequency of being ‘ripped off’ by one another.
Drops – the individuals who convert the ‘virtual money’ obtained in cybercrime into real cash. Usually located in countries with lax e-crime laws (Bolivia, Indonesia and Malaysia are currently very popular), they represent ‘safe’ addresses for goods purchased with stolen financial details to be sent, or else ‘safe’ legitimate bank accounts for money to be transferred into illegally, and paid out of legitimately.
Mobs – professionally operating criminal organisations combining or utilising all of the functions covered by the above. Organised crime makes particularly good use of safe ‘drops’, as well as recruiting accomplished ‘coders’ onto their payrolls.
Gaining control of a bank account is increasingly accomplished through phishing. There are other cybercrime techniques, but space does not allow their full explanation.
All of the following phishing tools can be acquired very cheaply: a scam letter and scam page in your chosen language, a fresh spam list, a selection of php mailers to spam-out 100,000 mails for six hours, a hacked website for hosting the scam page for a few days, and finally a stolen but valid credit card with which to register a domain name. With all this taken care of, the total costs for sending out 100,000 phishing emails can be as little as $60. This kind of ‘phishing trip’ will uncover at least 20 bank accounts of varying cash balances, giving a ‘market value’ of $200 – $2,000 in e-gold if the details were simply sold to another cybercriminal. The worst-case scenario is a 300% return on the investment, but it could be ten times that.
Better returns can be accomplished by using ‘drops’ to cash the money. The risks are high, though: drops may take as much as 50% of the value of the account as commission, and instances of ‘ripping off’ or ‘grassing up’ to the police are not uncommon. Cautious phishers often separate themselves from the physical cashing of their spoils via a series of ‘drops’ that do not know one another. However, even taking into account the 50% commission, and a 50% ‘rip-off’ rate, if we assume a single stolen balance of $10,000 – $100,000, then the phisher is still looking at a return of between 40 and 400 times the meagre outlay of his/her phishing trip.
In large operations, offshore accounts are invariably used to accumulate the criminal spoils. This is more complicated and far more expensive, but ultimately safer.
The alarming efficiency of cybercrime can be illustrated starkly by comparing it to the illegal narcotics business. One is faster, less detectable, more profitable (generating a return around 400 times higher than the outlay) and primarily non-violent. The other takes months or years to set-up or realise an investment, is cracked down upon by all almost all governments internationally, fraught with expensive overheads, and extremely dangerous.
Add phishing to the other cyber-criminal activities driven by hacking and virus technologies – such as carding, adware/spyware planting, online extortion, industrial spying and mobile phone dialers – and you’ll find a healthy community of cottage industries and international organisations working together productively and trading for impressive profits. Of course these people are threatening businesses and individuals with devastating loss, financial hardship and troubling uncertainty – and must be stopped.
On top of viruses, worms, bots and Trojan attacks, organisations in particular are contending with social engineering deception and traffic masquerading as legitimate applications on the network. In a reactive approach to this onslaught, companies have been layering their networks with stand alone firewalls, intrusion prevention devices, anti-virus and anti-spyware solutions in a desperate attempt to plug holes in the armoury. They're beginning to recognise it's a failed strategy. After all, billions of pounds are being spent on security technology, and yet security breaches continue to rise.
To fight cybercrime there needs to be a tightening of international digital legislation and of cross-border law enforcement co-ordination. But there also needs to be a more creative and inventive response from the organisations under threat. Piecemeal, reactive security solutions are giving way to strategically deployed multi-threat security systems. Instead of having to install, manage and maintain disparate devices, organisations can consolidate their security capabilities into a commonly managed appliance. These measures combined, in addition to greater user education are the best safeguard against the deviousness and pure innovation of cyber-criminal activities.

Read More