Cyber Crime



Every time one jumps on to surf the wonderful World Wide Web they are susceptible to a cyber crime! Understanding the top five computer crimes is valuable information for the novice and even expert internet surfer reports(Cyber Crime)
1 Child Pornography(Cyber Crime)
 Sad but true, child pornography makes this list. Child pornography is among the fastest growing criminal segments on the Internet. Child pornography is publishing and transmitting obscene material of children in electronic form. In recent years child pornography has increased due to the easy access of the internet, & easily available videos on the internet. (Cyber Crime)Child pornography is a crime in India. Information Technology Act, 2000 & Indian Penal Code, 1860 provides protection from child pornography. (Cyber Crime)Child is the person who is below the age of 18 years reports indianchild.c0m(Cyber Crime), according to sources it is estimated that over 20,000 images of child pornography are posted online weekly.(Cyber Crime)
2 Software Piracy(Cyber Crime)
Software Piracy is amongst the most common cyber crime which can be defined as "copying and using commercial software purchased by someone else". (Cyber Crime)Software piracy is illegal and a big loss for the company producing the software as each pirated piece of software takes away from company profits. However it is legal to make backup copies after you purchase software but if you give one to a friend it is considered a crime.(Cyber Crime) (Selling a copy is also illegal)(Cyber Crime)
3 Malware(Cyber Crime)
Malicious Software (Malware) tops the list of computer crimes as it enables cyber crime on a massive scale. Malware(Cyber Crime) can be of different types like Trojans, viruses, worms and any other software that attaches to a computer without individuals being aware of its presence. Unlike the traditional malware(Cyber Crime) and viruses there are new category malwares(Cyber Crime) that infect your pc and you may not even realize it. Most of them are invisible and hard-to-spot malware (Cyber Crime)can also be extremely hard to remove.(Cyber Crime)
4.Identity Theft(Cyber Crime)
Identity theft while not always computer related is often committed through the use of computers.(Cyber Crime) Millions have been a victim of identity theft across the globe.(Cyber Crime) Identity theft is committed with an intention to acquire your personal information, without your knowledge and uses it in an offendable way to commit fraud.(Cyber Crime)
5 Cyberstalking(Cyber Crime)
Cyberstalking(Cyber Crime) can be defined as using the internet to harass. In most cases victims have very little information about the harassers, however don't start counting out that old flame yet!(Cyber Crime)
(Cyber Crime)taken from:-http://www.siliconindia.com/news/enterpriseit/5-Most-Dngerous-Computer-Crimes-nid-114463-cid-7.html(Cyber Crime)(Cyber Crime)

Computer Virus Infection indicators:


We want to install latest antivirus in our PC and after installation we think our computer became safe and secure but we have to know our computer is infected or not,for this there is no need of huge technical skill simply monitor your PC and find out is behave of your PC match  with following behave.

Virus Infection indicators:


  1. Your computer always stops responding when you try to use Microsoft Office products.
  2. You cannot start Windows Task Manager.
  3. Antivirus software indicates a virus is present.
  4. You received an e-mail message that has a strange attachment. When you open the attachment, dialog boxes appear or a sudden degradation in system performance occurs.
  5. There is a double extension on an attachment that you recently opened, such as .jpg.vbs or .gif.exe.
  6. An antivirus program is disabled for no reason and it cannot be restarted.
  7. An antivirus program cannot be installed on the computer or it will not run.
  8. Strange dialog boxes or message boxes appear on screen.
  9. Someone tells you that they have recently received e-mail messages from you containing attached files (especially with .exe, .bat, .scr , .vbs extensions), which you did not send.
  10. New icons appear on the Desktop that you did not place there, or are not associated with any recently installed programs.
  11. Strange sounds or music plays from the speakers unexpectedly.
  12. A program disappears from the computer, and it was not intentionally uninstalled.
  13. A virus infection could also cause the following symptoms, but these symptoms could also be the result of ordinary Windows functions, or problems within Windows that is not caused by a virus.
  14. Windows will not start at all, even though you have not made any system changes, or you have not installed or removed any programs.
  15. Windows will not start because certain critical system files are missing, and then you receive an error message that lists those files.
  16. There is a lot of modem activity. If you have an external modem, you may notice the lights blinking extensively when the modem is not being used. You may be unknowingly supplying pirated software.
  17. The computer starts as expected sometimes, but at other times it stops responding before the desktop icons and taskbar appear.
  18. The computer runs very slowly and it takes a long time to start.
  19. Out-of-memory error messages appear, even though your computer has plenty of RAM.
  20. New programs do not install properly.
  21. Windows spontaneously restarts unexpectedly.
  22. Programs that used to run now stop responding frequently. If you try to remove and reinstall the software, the issue continues to occur.

Wireless network security


Wireless-network security isn't a single issue. Businesses need to recognize that they are fighting attacks on several fronts. Many wireless-network threats are unique to the technology, including:
Threats:
Roaming Attackers: Attackers don't have to be physically located on a business's premises in order to access data on its wireless network. Criminals use network scanners, such as NetStumbler, with a laptop or other portable device to sniff out wireless networks from a moving vehicle — an activity called "wardriving." Performing the same task while walking down a street or through a business site is called "warwalking."
Rogue Access Points: A rouge access point is one that exists without the permission or knowledge of the wireless network's owner. Employees often install rogue access points to create hidden wireless networks that circumvent the installed security measures. Such stealth networks, while fundamentally innocuous, can create an unprotected gateway that serves as an open door to intruders.
The Evil Twin: Sometimes referred to as WiPhishing, an evil twin is a rogue access point that hides under a nearby network's name. The Evil Twin waits for an unsuspecting user to sign into the wrong access point and then steals the individual's network data or attacks the computer.
Network Resource Theft: Cheapskates like to get free Internet access from nearby wireless networks. Even if these individuals intend no direct harm, they still hijack network bandwidth to surf the Web and perform other online activities, draining network performance. More nefarious freeloaders will exploit the connection to send email from a company's domain or to download pirated content — exposing the host business to legal action.
Protection Methods
With wireless providing so many opportunities for attackers to enter and harm networks and business systems, it's no surprise that a wide array of security tools and techniques have arrived to help businesses secure their networks. Here are the top protection methods:
Firewalls: A strong network firewall can effectively block intruders trying to enter a business's network via a wireless device.
Security Standards: The first wireless-network security standard — WEP (Wired Equivalent Privacy) — was highly insecure and easily compromised. Newer specifications, such as WPA (Wifi Protected Access), WPA2 and IEEE 802.11i are much stronger security tools. Businesses with wireless networks should take full advantage of a least one of these technologies.
Encryption and Authentication: WPA, WPA2 and IEEE 802.11i supply built-in advanced encryption and authentication technologies. WPA2 and 802.11i both support AES (Advanced Encryption Standard), the specification used by many U.S. government agencies.
Vulnerability Scanning: Many attackers use network scanners that actively send messages to probe nearby access points for information, such as SSID (service set identifier) and MAC (machine access code) names and numbers. Businesses can use this same approach to uncover attacker-exploitable weaknesses in their wireless network, such as unsecured access points.
Lower the Power: Some wireless routers and access points allow users to lower the transmitter's power, reducing the device's coverage range. This is a useful way of limiting access to on-site users. Careful antenna positioning and placement can also help keep signals from "bleeding" into off-site locations.
Education: All employees should be trained in the proper use of wireless devices and instructed to report any unusual or suspicious activities they detect.
taken from:-http://www.itsecurity.com/features/essential-guide-wireless-security-071708/

Cyber Crime Police Stations in India

1. Mumbai

Assistant Commissioner of Police
Cyber Crime Investigation Cell
Office of Commissioner of Police office,
Annex -3 Building, 1st floor,
Near Crawford Market, Mumbai-01.

+91-22-22630829
+91-22-22641261

Web site: http://www.cybercellmumbai.com
E-mail id: officer@cybercellmumbai.com
----------------------------------------------------------------------------
2. Chennai

Assistant Commissioner of Police
Cyber Crime Cell
Commissioner office Campus
Egmore, Chennai- 600008

+91-40-5549 8211
E-mail id: s.balu@nic.in

For Rest of Tamil Nadu,
Address: Cyber Crime Cell, CB, CID, Chennai

E-mail id: cbcyber@tn.nic.in
----------------------------------------------------------------------------
3. Bangalore

Cyber Crime Police Station
C.O.D Headquarters,
Carlton House,
# 1, Palace Road,
Bangalore – 560 001

+91-80-2220 1026
+91-80-2294 3050
+91-80-2238 7611 (FAX)

Web site: http://www.cyberpolicebangalore.nic.in/
Email-id: ccps@blr.vsnl.net.in, ccps@kar.nic.in
----------------------------------------------------------------------------
4. Hyderabad

Cyber Crime Police Station
Crime Investigation Department,
3rd Floor, D.G.P. Pffice, Lakdikapool,
Hyderabad – 500004

+91-40-2324 0663
+91-40-2785 2274
+91-40-2329 7474 (Fax)



Web site: http://www.cidap.gov.in/cybercrimes.aspx
E-mail id: cidap@cidap.gov.in, info@cidap.gov.in
----------------------------------------------------------------------------
5. Delhi

CBI Cyber Crime Cell:
Superintendent of Police,
Cyber Crime Investigation Cell
Central Bureau of Investigation,
5th Floor, Block No.3, CGO Complex,
Lodhi Road, New Delhi – 3

+91-11-4362203
+91-11-4392424

Web site: http://cbi.nic.in/
E-Mail: cbiccic@bol.net.in
----------------------------------------------------------------------------
6. Thane

3rd Floor, Police Commissioner Office
Near Court Naka, Thane West,
Thane 400601.

+91-22-25424444

Web site: www.thanepolice.org
E-Mail: police@thanepolice.org

7. Pune
Assistant Commissioner of Police
Cyber Crime Investigation Cell
Police Commissioner Office of Pune
2, Sadhu Vaswani Road, Camp,
Pune 411001

+91-20-2612 7277
+91-20-2616 5396
+91-20-2612 8105 (Fax)

Web site: http://punepolice.com/crime branch.html
E-Mail: punepolice@vsnl.com
----------------------------------------------------------------------------
8. Gujarat
DIG, CID, Crime and Railways
Fifth Floor
Police Bhavan
Sector 18, Gandhinagar 382 018

+91-79-2325 4384
+91-79-2325 3917 (FAX)

Flame virus warning

Microsoft issues Flame virus warning
Microsoft warned that a bug in Windows allowed PCs across the Middle East to become infected with the Flame virus and released a software fix to fight the espionage tool that surfaced last week.
Security experts said they were both surprised and impressed by the approach that the attackers had used, which was to disguise Flame as a legitimate program built by Microsoft. Kaspersky Lab, one of the researchers who helped to discover the Flame virus.
The creators of the virus obtained that certificate by manipulating a component of the Windows operating system known as terminal services licensing, or TS licensing, that is designed to authorize business customers to use advanced features of Windows. 
A bug in TS licensing allowed the hackers to use it to create fake certificates that identified Flame as being from Microsoft, Mike Reavey, a senior director with Microsoft's Security Response Center, said in a blog post. 
He feared that other hackers might be able to copy the technique to launch more widespread attacks with other types of viruses, Reavey said. 
"We continue to investigate this issue and will take any appropriate actions to help protect customers," Reavey said in the blog post. 
News of the Flame virus, which surfaced a week ago, generated headlines around the world as researchers said that technical evidence suggests it was built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010. Researchers are still gathering information about the virus. 
Microsoft's warning is available at blogs.technet.com/b/msrc/

Change passwords on LinkedIn Now


If you have a LinkedIn account, now's a good time to change your password. Up to 6.5 million user accounts and encrypted passwords have reportedly been leaked and posted to a Russian hacker site.
LinkedIn hasn't confirmed the passwords have been stolen, but did confirm on its Twitter account they're looking into it. The leak comes off the news that LinkedIn's mobile apps transmit personal data, including meeting notes and calendar info in plain text. Regardless of whether the leak is confirmed or not, it's a good time to change your password. To do so, go straight to the LinkedIn Change Password page (you'll need to be logged in), enter a new, secure password, and click Change Password.
   LinkedIn has confirmed that some of the compromised passwords are LinkedIn accounts. If your password was compromised your account password has already been made invalid and you'll receive an email with instructions for how to reset your password (you can also double-check here: LeakedIn). If you use the same password and email address for other websites as you did with LinkedIn make sure you change those as well.

COMPUTER VIRUS


Every day as internet user we open lot of website and download many file like game,application software,songs,movie with this hope we are safe and secure.but my friends this is not true huge number of virus program gets download and install our pc and make us unsecure.Trojen virus is one of them.Lets gather some information about Trojen------
 Viruses work in many different ways. They are harmful to your computer and may even work to steal passwords and personal information. If you have a virus on your computer, make sure you get it taken care of immediately before it ruins your operating system and everything in it.
Trojan viruses steal passwords and other personal information. Trojans can also disable your current anti-virus or anti-spyware software, which makes it easier for other viruses to infect your computer along with the Trojan virus.
A remote access Trojan virus is often hidden in games or other small programs. Through remote access, a hacker will be able to get your personal information off of your computer just by doing a simple search, because they will have total control of your computer through a remote location.
Data sending Trojans work to gain your information through emails, credit card information, or even through your chat contact lists. A key logger can also be installed so that your every keystroke is recorded, which makes it easier for them to determine your credit card number, social security number, or any other number that you type into your computer.
A destructive Trojan is hard to detect, but it will work to destroy the files on your computer. Once this Trojan is installed, it will work to delete all of your information and files, where it will eventually work to delete your operating system. This type of Trojan is very hard to remove, and is often not even detected through normal anti-virus software.
If you suspect you may have a Trojan virus remove at as soon possible and disconnect internet connection.Install highly secured or updated antivirus and scan whole pc.If you found more than 50 file is infected then formate your pc and install new Os but remeber before doing any thing install antivirus first.
Good Luck !!!

Remote access Trojan


A remote access computer Trojan (RAT) designed to steal credit card details from hotel point-of-sale (PoS) applications is being sold on the underground forums, according to researchers from security firm Trusteer.
The researchers found an advertisement on a black market forum for a custom RAT designed to infect hotel front desk computers and steal customer credit card and billing information.
The seller was offering the computer Trojan, together with instructions on how to trick hotel front desk managers into installing it on their computers, for $280 (£175). The seller also claimed that the malware won't be detected by any antivirus program when it's delivered to the buyer.
Malware writers often repackage their malicious installers with new algorithms in order to evade signature-based antivirus detection, said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDefender.
The repackaged samples can then be delivered via email or instant messaging without being stopped at the network perimeter. However, if an antivirus product with strong heuristic and behavioural detection capabilities is running on the targeted systems, the malware should be blocked at execution time, Botezatu said.
The hotel RAT's seller specified in the ad that the malware doesn't collect card security numbers, also known as CVV or CID, but this doesn't necessarily make the rest of the stolen information less useful to cybercriminals.
Some merchants are allowed to charge cards without the CVV details, especially in the US, Botezatu said. However, even if that wasn't the case, the data can still be used to phish the security codes from the card owners themselves or to search for the codes in existing data dumps that resulted from older phishing attacks, he said.
Most remote access computer Trojans have the capability to take screenshots, record keystrokes, download/upload files and execute arbitrary code, which makes them suitable for many types of cybercriminal operations.
The hotel RAT advertisement included screenshots of a particular PoS application, but its functionality might not be restricted to that specific program.
"The strength of RATs is their generic nature - they can be used to attack many different applications in use by many industries,"
The fact that the RAT's creator decided to target the hospitality industry is consistent with a recently observed change in the focus of cybercriminals - an expansion from online banking attacks to attacks against PoS systems.
RAT,RAT,RAT,RAT,RAT
taken from http://news.techworld.com/security/3352279/computer-trojan-horse-steals-credit-card-details-from-hotel-reception-software/

Credit Card Transaction Processing and Security

  1. Cardholder. Cardholder is an authorized user of a credit or debit card.
  2. Card issuer. Card issuers are financial institutions that are members of Visa and MasterCard, which issue payment cards on behalf of the two Credit Card Associations and contract with their cardholders for the terms of the repayment of transactions.
  3. Acquiring bank. Acquiring banks (also called acquirers, processing banks or merchant banks) are financial institutions, members of Visa and MasterCard, that contract with merchants to enable them to accept debit and credit card payments for their products and services. They can also, and that is the case most of the time, contract with third parties to provide some of these services.
  4. Payment processor. Payment processor is an organization that has contracted with an acquiring bank to provide merchants with card payment processing services on behalf of the acquirer. Payment processors must be registered with Visa and MasterCard and must identify on all of their marketing materials, including their websites, the name of their bank partner.
  5. Merchant. Merchant is a business or a non-profit organization that has contracted with an acquiring bank or a merchant processor to accept card payments.
  6. Credit Card Associations. The Credit Card Associations of Visa and MasterCard are member-owned associations of banks that govern the issuing of Visa and MasterCard cards and the acquiring of Visa and MasterCard card transactions. Both organizations have developed payment systems to facilitate the processing of transactions between member banks.
  7. Service provider. A service provider can be any third party that provides a service used in the card payment transaction process: point-of-sale (POS) terminals, payment gateways, web hosting, SSL certificates, shopping carts, etc.



Login Security for Credit Card


Fraud and identity theft are not only a risk to your privacy, but a risk to your finances, so knowing what to look for can help prevent you from becoming a victim.
Fraudsters use ‘phishing’ or ‘spoofing’ tactics to get sensitive information from you. The deception usually involves a counterfeit website or email which looks similar to one you’d normally trust. Information you give on a phishing site could be used by criminals to access your account or use your identity fraudulently.

Login Userid and Password
After entering your username, you’ll be presented with the SiteKey™ image and phrase you selected when setting up your Online Card Services account - giving you reassurance that it’s really us.
SiteKey™ adds another layer of security, helping to prevent unauthorized access to your account and protecting your information from those who would use your identity for fraudulent purposes.
Address of Website
The address used by a counterfeit site may be very similar to our genuine website addresses. Look closely for spelling differences or the use of symbols, e.g. www.xyz.com, www.pqr@xyz.com or www.verify-xyz.com.
Hidden addresses - rest your cursor over a link in an email (but don't click on it) and a box will pop up showing you the link destination - do you recognize it as a legitimate address? If not it could suggest that the sender has something to hide.
credit crard Security

Credit card

A credit card scam can come in many forms. For example, scammers may use spyware or some other scam to obtain your credit card details. A scammer might steal or trick you into telling them your security code (the three or four digit code on your card) and then make purchases over the internet or the telephone. If they know your PIN, they could get cash advances from an ATM using a ‘cloned’ credit card (where your details have been copied onto the magnetic strip of another card). credit card scam 
Of course, there is also a danger of someone using your credit card if it has been physically lost or stolen
Protect yourself from credit card scams
  1. NEVER send money, or give credit card or online account details to anyone you do not know and trust.
  2. Check your bank account and credit card statements when you get them. If you see a transaction you cannot explain, report it to your credit union or bank. credit card scam
  3. Keep your credit card and ATM cards safe. Do not share your personal identity number (PIN) with anyone. Do not keep any written copy of your PIN with the card.  credit card scam
  4. Choose passwords that would be difficult for anyone else to guess. credit card scam
  5. Try to avoid using public computers (at libraries or internet cafes) to do your internet banking. credit card scam
  6. Do not use software on your computer that auto-completes online forms. This can give internet scammers easy access to your personal and credit card details. credit card scam
  7. Do not give out your personal, credit card or online account details over the phone unless you made the call and the phone number came from a trusted source. credit card scam
  8. Never send your personal, credit card or online account details through an email. credit card scam


Credit Card online Scam

Online Scam
As more and more people are using online tools to pay for their monthly utility bills, scammers have found a way to take advantage of the convenience, according to the Internet Crime Complaint Center.
Victims are sent emails from a scammer claiming to be from a utility company asking for the recipient to pay an outstanding bill, according to a release from IC3. When the victim clicks on the attachment, they are actually opening up their computers to a virus.
Authorities warn people to always be suspicious of any unsolicited emails, even those from companies which appear to be legitimate.
Those who do receive an email from a source claiming to be a utility company asking for payment, are advised to go straight to the company’s website instead of opening the email, IC3 officials suggest. They also recommend deleting the email immediately.
But it’s not just individuals scammers are targeting, officials said. Businesses have recently been receive phony emails from fraudsters claiming to be with the Better Business Bureau.
So many businesses have fallen victim to the online crooks, that the BBB issued a statement warning businesses and consumers to the scam.
The subject line in the phony email usually says “Complaint from your customers,” according to the BBB website. When an unsuspecting business owner clicks on a link, he or she could be downloading a virus.
In one particular complaint received by the IC3, a business owner reported he lost nearly $100,000 when criminals successfully wired money from the company’s bank account after the virus enabled them to capture passwords and other important banking information.
Credit Card online Scam.

Virus Security


 To keep secure computer and personal data we have to know how virus can affect  ours computer as well as how antivirus work to save our PC.
An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).Anti-virus software typically uses two different techniques to accomplish this:
Examining files to look for known viruses by means of a virus dictionary
Identifying suspicious behavior from any computer program which might indicate infection
Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Virus dictionary approachIn the virus dictionary approach, when the anti-virus software examines a file, it refers to a dictionary of known viruses that have been identified by the author of the anti-virus software. If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can then either delete the file, quarantine it so that the file is inaccessible to other programs and its virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.
To be successful in the medium and long term, the virus dictionary approach requires periodic online downloads of updated virus dictionary entries. As new viruses are identified "in the wild", civically minded and technically inclined users can send their infected files to the authors of anti-virus software, who then include information about the new viruses in their dictionaries.
Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed. In this way, a known virus can be detected immediately upon receipt. The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.
Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.
Suspicious behavior approachThe suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.
Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user. This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue. Thus, most modern anti virus software uses this technique less and less.
Other ways to detect virusesSome antivirus-software will try to emulate the beginning of the code of each new executable that is being executed before transferring control to the executable. If the program seems to be using self-modifying code or otherwise appears as a virus (it immeadeatly tries to find other executables), one could assume that the executable has been infected with a virus. However, this method results in a lot of false positives.
Yet another detection method is using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, the sandbox is analysed for changes which might indicate a virus. Because of performance issues this type of detection is normally only performed during on-demand scans.
Issues of concernMacro viruses, arguably the most destructive and widespread computer viruses, could be prevented far more inexpensively and effectively, and without the need of all users to buy anti-virus software, if Microsoft would fix security flaws in Microsoft Outlook and Microsoft Office related to the execution of downloaded code and to the ability of document macros to spread and wreak havoc.
User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.

Top Ten Antivirus Top Ten Antivirus


Top Ten Antivirus
1 BitDefender Antivirus
Advanced Features:
The BitDefender Antivirus offers these advanced proactive protection features:
Antivirus software protects against known and new viruses and other malware using industry-leading technology.
The real-time scanning feature constantly scans web, email and instant messenger activity to keep your computer safe.
Protects against harmful spyware by blocking spyware software that try to track your surfing habits.
Guard your instant messaging conversations by providing real-time scanning while you are chating with your friends.
The new version has improved speed and shorter scans, without affecting system performance.
Free email, chat, phone and forum support. Specialized tech support over the phone for free.
2 Vipre Antivirus 
Vipre Antivirus advanced features:
High speed scanning performance with NEW enhanced virus scanner.
Powerful Malware Detector that keeps scanning computer and web pages and informs you of the potential risks before you click a bad link.
Malware Detector applies safety ratings to your Google, Bing/MSN and Yahoo search results
Constant updates to ensure that your Vipre antivirus software is updated with latest virus definitions.
Silent, quick updates in the background, without disturbing you and without getting in your way.
VIPRE's all-new anti-rootkit technology finds and disables malicious hidden processes, threats, modules, services, files, Alternate Data Streams (ADS), or registry keys on a user's system.
3 Perfect Antivirus
Perfect Antivirus advanced features:
Free PerfectDisk Home Premium included!
Protects against viruses and spyware.
Stops phishing attempts at identity theft.
Screens and filters Facebook and Twitter links.
Warns you of malicious websites.
Won't interrupt full-speed PC performance.
Operates hassle-free with Autopilot.
Free technical phone and email support.
4 Kaspersky Antivirus
Advanced Features:
Kaspersky Antivirus offers the following key technologies:
Real-time scanning of internet activity, emails, instant messaging and any other activity.
Improved identity theft protection system that protects you from spyware that can track your activities.
Constantly scanning web pages you visit and disabling links that lead to malicious websites.
Self-protection from malware and protection hijacking of your computer.
Next generation proactive protection from zero-day attacks and unknown threats
Free email, phone and chat support from Kaspersky's skilled tech team.
5 Norton Antivirus
Advanced Features:
One year subscription of Norton Antivirus includes:
Antivirus and antispyware protection for your computer.
Protection against dangerous bots while surfing the web.
Top features like anti-rootkit, Norton pulse updates and more.
New Norton download insight to keep you safe from downloading infected files.
New Norton file insight gives you information about origination files on your computer.
New Norton threat insight tells you all about how successfully Norton controlled threats present on your computer.
New Norton system insight tells you all about whats happening on your computer.
Norton Antivirus is a power packed software to keep your computer completely safe against old and new threats
Free email and phone support. Free online antivirus guides and information about latest threats.
6 ESET Nod32 Antivirus 5
Advanced Features:
The latest version ESET Nod32 Antivirus 5 offers:
ESET offers the world's fastest and most effective proactive antivirus and antispyware protection for your computer.
Fast, light and unobtrusive software protects your Internet experience without annoying system slowdowns.
ESET's smart scanner scans SSL-encrypted communication channels like HTTPS and POP3S and finds hidden threats.
It scans in real-time the internet activity, email and instant messaging communication, mobile device communication and provides robust removable media security.
ESET SysInspector and ESET SysRescue simplify diagnosing and cleaning of infected systems by allowing deep scans of system processes.
The most efficient antivirus, fast updates, fast scanning and best antivirus for gamers and gaming computers
Free online antivirus guides. Free email, chat and phone support.
7 F-Secure Antivirus
Advanced Features:
F-Secure Antivirus features:
Protects your computer against viruses, worms and other malware.
Detects and removes spyware, trojans, malware and malicious codes from your computer.
DeepGuard cloud computing technology ensures that none of the new or unknown threats can harm your computer.
Easy to install and very easy to configure. You can even configure it in your own language.
Real-time scanning and monitoring of usage activity and blocking of viruses, spyware and other malware in real-time.
8 TrendMicro Titanium Antivirus
Advanced Features:
TrendMicro Titanium Antivirus features:
Prevent unauthorized changes to your applications, helps reducing virus infections.
Stops malicious downloads from internet and mobile devices attached to your computer system.
Blocks your access to harmful, infected and phishing websites that may harm your computer.
Protect your children from accessing objectionable websites and limit internet usage time.
Protect your personal information from identity theft with encryption, shop safely over the internet without risking your sensitive information.
Complete protection from malicious links and downloads on instant messenger.
Free 2GB online storage to store your critical data on TrendMicro's secure online website.
Specialized technical support staff ready to support through email, chat and phone.
9 Zonealarm Antivirus
Advanced Features:
Zonealarm Antivirus features:
Advanced download protection to minimize the chances of virus infection through downloads from the internet or attached media.
Unified scan engine that offers superior detection and removes harmful viruses, spyware, trojans and more.
Two-way Firewall to monitor all the incoming and outgoing activity on your computer system.
OSFirewall to monitor changes within the system files on your computer, minimizing changes due to infection.
Anti-phishing and site status engine to block harmful and fraudulent websites that steal information.
Advanced auto-learn system that configures the antivirus software to work according to your behavior.
10 McAfee Antivirus Plus
Advanced Features:
The McAfee Antivirus offers:
McAfee Active Protection technology analyzes and blocks new and emerging threats in milliseconds.
Completely re-engineered fast antivirus software that does not slow down your computer system.
Remarkable growth in performance, the new 2012 version is 8 times faster than its older versions.
Easier installation, configuration and better screens to give you all the information in just a glance.
Refined alerts and shorter scans to protect your PC without any delay from harmful viruses and malicious codes on the internet.
Better protection against phishing, infected and dangerous websites that may harm your computer.
11 CA Antivirus
Advanced Features:
CA Antivirus features:
CA keeps your PC safe from harmful viruses and spyware that can slow down your system or damage system files.
CA antivirus actively monitors and stops spyware from tracking your activity and personal data.
Stay on top of the security with the latest virus definitions and daily, automatic updates to fortify your defenses.
Strong antivirus algorithms protect your computer in real-time from even the newest unknown virus and spyware.
Excellent phone support, email support and support forums on CA website to find answers to your questions.





Andhra government websites hacked


As many as 27 websites of various departments of Andhra Pradesh (India)were Thursday hacked, exposing the chinks in the state's cyber security.The cyber criminals broke into one of the government servers and hacked the websites.
The websites which were hacked include those of departments of commercial taxes, general administration department, horticulture, factories, gazette notifications and government orders.
The officials said the hackers did not deface the pages or steal the information but only added additional pages with their message.
State Information Technology Minister Ponnala Lakshmaiah said there was no loss of data. He told reporters that one of the 50 government servers was hacked and 27 websites supported by the server were affected.
The government denied reports that the data relating to the state budget was stolen. The officials said none of the websites had data relating to 2012-13 budget, which is to be presented in the state legislature Friday.
Finance Minister Anam Ramnarayan Reddy denied that the website of finance department was hacked. He denied that the budget was leaked. The minister said the budget would be posted on the website only after it was presented in the budget.
The IT minister said cyber crime branch of the police and Indian Computer Emergency Response team were informed about the hacking.
After the chief secretary lodged a complaint, the officials of cyber crime branch visited the state secretariat and began probe into the hacking.
Some Bangladeshi hacking groups are suspected to be behind the incident.
Two days ago Black HAT Hackers, a Bangladesh based group, hacked into several Indian websites including that of Indian Border Security Force. The group said their action was in response to the killings by BSF personnel in the border.
Taken from:-http://gadgets.ndtv.com/shownews.aspx?id=GADEN20120194675
Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,Andhra government websites hacked,


One or Hacking

An Israeli hacker calling himself Hannibal stole and exposed the Facebook login credentials of 85,000 Arabs earlier this week. It's the latest retaliatory strike in a politically motivated battle between Israeli and Arab hackers that's been going strong since the beginning of the month.Hannibal posted 20,000 Facebook users' email addresses and passwords of what he called "helpless Arabs" on Sunday (Jan. 15); the next day, he posted 30,000, followed by 10,000 on Tuesday and 25,000 on Wednesday, ZDNet reported. Hannibal posted the credentials on Pastebin, but his post has since been taken down.
 In the post, Hannibal boasted of having 30 million emails, and said he would post 2,000 to 100,000 every day, depending "on my mood."

In keeping with the theme of the ongoing hacker battle, which began Jan. 3 when a Saudi Arabian hacker named 0xOmar posted 15,000 Israelis' credit card numbers, Hannibal announced the latest tactical strike with a political message."A warning to the State of Iran and Saudi Arabia," Hannibal wrote. "I have 10 million bank accounts of the countries of Iran and Saudi Arab . If Iran continues to threaten Israel and already this week I will publish the private bank accounts and thus make them billions of dollars in damages estimated."A post on the following day, Jan. 16, read, "State of Israel, not to worry, you're in the hands of the world's best hacker that I am. I will continue to support the government of Israel will continue to attack the Arab countries.  In addition, I received thousands of emails helpless Arabs, who are begging me to stop publishing the Facebook accounts because it violates their browsing experience."Facebook sprung into action, automatically locking accounts that were exposed and forcing users to reset their passwords.Hannibal's handiwork comes amidst a turf war of sorts between Arab and Israeli hackers that, following 0xOmar's initial action, escalated quickly, with Arab hackers hitting the Tel Aviv Stock Exchange and El Al Airlines websites, and another Israeli hacking group, IDF-Team, knocking the Saudi Stock Exchange and the Abu Dhabi Securities Exchange offline.
 All Tag: antyvirus bhaskar bhaskar.com hacked bluetooth breach bluetooth security child virus children computer computer and data security computer security Cyber espionage cyber law danik bhaskar danik bhaskar hacked Enterprise ERP ethical hacking ethical hacking fundamental facebook virus free ativirus guardian hacked hackers HACKING hacking security hacking stuff internet security internet security solutions Israeli hackers malware mobile blutooth security mobile physical security mobile security network network security open source orkut orkut accounthacked orkut scrap virus orkut security orkut virus pakistan hacked bhaskar Phishing robot hack robot hack wi-fi problems Saudi Saudi hackers scrap virus security Security Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield Virus sintuhack smart card trojans us cyber security virus virus protection virus security viruses wi-fi wi-fi problems wi-fi security

10 Computer Threats You


Strong anti-virus software and firewalls do a great job of protecting our computer systems. But even when virus definitions are fully updated and firewalls properly configured, there are still insidious threats that can worm their ways in, stealing your data or hijacking your PC and leaving you none the wiser.
Fake Tech-Support Calls
That job isn't fixing your computer. In fact, he's really just after your personal information.
If you receive a call like this, hang up, call the company the bogus technician claimed to be from, and report the incident to a legitimate representative. If there really is a problem, they'll be able to tell you; if not, you just thwarted a data thief.
DNS Redirection
Internet service providers (ISPs) such as Time Warner Cable and Optimum Online claim they're trying to help with DNS redirection, but the reality seems to come down to money. Domain Name System (DNS) redirection overrides your browser's normal behavior when you can't reach a webpage. Instead of displaying the normal 404 "File Not Found" error, the ISP sends you to a page of the ISP's choosing — usually a page full of paid advertising and links.
Innocent though that practice may be, computer viruses can do the same thing, redirecting your browser to a hostile page the first time you misspell a domain. With ISPs, you can opt out of their DNS redirection (you'll find links below all the ads); with viruses, stay on your toes. Make sure you know what your browser's default 404 page looks like, and take action if you see anything different.
Open DNS Resolvers
Another danger lies in the way some DNS servers are configured. An "open resolver" can offer information it isn't authorized to provide. Not only are open resolvers exploited in distributed denial-of-service (DDoS) attacks, but an attacker can "poison" the DNS cache, providing false information and incorrect resolutions that must be detected to be corrected.
If your browser trips over a case of cache poisoning, the agents in charge of a hostile server can glean detailed information about your system — especially if you're in the middle of an important transaction. How can typical users solve this dilemma? The chilling answer: They can't. It's up to Internet service providers to address the problem.
Fraudulent SSL Certificates
A Secure Sockets Layer (SSL) certificate reassures your browser that the site you've connected to is what it says it is. If you're looking at "HTTPS" instead of plain old "HTTP," you know there's security involved, such as when you log in to your bank account or pay your phone bill. The most trusted SSL certificates are issued by designated Certification Authorities worldwide.
But what happens if that trust between browser and website is exploited? Acquiring or creating fake SSL certificates is unlawful, but happens often enough that we need to be aware of it. On multiple occasions in 2011, the discovery of false certificates suggested an attempt to spy on Iranian citizens as they used Gmail and Google Docs. According to the website of computer security firm F-Secure, "It's likely the government of Iran is using these techniques to monitor local dissidents."
Session Hijacking
If you spend afternoons using your laptop in a café with an open Wi-Fi network, you might not be the only person logged into your Facebook or eBay account. Firesheep, an add-on for Mozilla's Firefox browser, lets its users sneak a peek at other people's browser activity if they're all on the same wireless network.
While the illicit observers can't get a glimpse of secured pages, many sites secure only their login pages; once you're logged in, your presence is maintained purely through cookies, packets of data that your browser stores to keep track of your browsing needs. But Firesheep lets its users copy your cookies, and after that happens the site you're logged into can't tell the difference between you and them.
Though it can be used for darker purposes, Firesheep should serve more as a warning to websites with private user accounts: They need to take security seriously. Guarding the main gate isn't the limit of their responsibilities; attackers don't need to storm the castle when a guest leaves the door open.
Man-in-the-Middle Attacks
While you're still sipping your latte on that unsecured network, even your encrypted messages may not be all that safe. A Man-in-the-Middle (MTM) attack occurs when an attacker intercepts communications and proceeds to "relay" messages back and forth between the lawful parties.
While the messaging parties believe their two-way conversation is private, and might even use a private encryption key, every message is re-routed through the attacker, who can alter the content before sending it on to the intended recipient. The encryption key itself can be swapped out for one the attacker controls, and the original parties remain unaware of the eavesdropper the entire time.
SQL Injection
Databases using structured query language (SQL) rely on specially formatted queries to locate and return requested data. Human or automated attackers can send requests that exploit the database's internal codes to alter the query as it's processed. This year alone, SQL injection was the culprit behind a number of notorious security breaches, such as hacker group LulzSec's alleged theft of data from the Sony Pictures server.
Once again, the solution to this problem isn't in the user's hands.
"Well-designed software avoids the problem by weeding out any queries that don't meet strict standards," said Beth Paley, a software training consultant and co-founder of Acrotrex Medical Business Systems in northern New Jersey.
Paley advises those who create and maintain database apps to "use whitelisting, not blacklisting," letting only specific data through instead of keeping only specific data out. That way previously unseen SQL injections won't get through.
Disguised Filenames
Modern operating systems accommodate speakers of languages such as Arabic and Hebrew by featuring codes which can reverse the direction of type to display such languages correctly: written right-to-left instead of left-to-right.
Unfortunately, these "RTL" and "LTR" commands are special Unicode characters that can be included in any text, including filenames and extensions. Exploiting this fact, a malware purveyor can disguise ".exe" files as other files with different extensions. Your operating system will display the "disguised" name, though it still treats the file as an executable — launching it will run the program and infect your computer. Practice caution with any and all files from unknown sources.
Banking Trojans
A Trojan is malicious software that disguises itself as innocent program, counting on you to download or install it into your system so it can secretly accomplish its malicious tasks. The infamous ZeuS Trojan and its rival SpyEye take advantage of security holes in your Internet browser to "piggyback" on your session when you log in to your bank's website.
These monsters are in the Ivy League of computer malware; they avoid fraud detection using caution, calculating inconspicuous amounts of money to transfer out of your account based on your balance and transaction history.
While financial institutions continue to increase the layers of security involved in large transactions, such as requiring confirmation through "out-of-band" communications — such as your mobile device — digital crooks have lost no time adapting to the changes, with banking Trojans able to change the mobile number tied to your account and intercept that confirmation request. If you're a tempting target, fear is an understandable response. It's just another part of a digital arms race that shows no signs of slowing down.
Facebook Everywhere
It's hard to find an individual who or a corporation that isn't on Facebook. The social networking site has become an ever-present hub for everything online. For some less savvy users, Facebook is the Internet.
With developments like Facebook Connect and Open Graph, Facebook is virtually opening its doors to any third party that wants in on the action. You may have already noticed that Facebook displays ads targeting your specific demographic information, based on the personal information you've posted and activities you've participated in.
What you might not have noticed is that other sites have started targeting your Facebook demographics as well. Any time you browse the Web without first logging out of Facebook, other sites can get access to any profile information you've marked as fit for public consumption.
Don't want every site on the Internet to see you coming a mile away? Just remember to log out of Facebook every time.
This story was provided by SecurityNewsDaily, a sister site to LiveScience.
facebook virus, orkut virus, virus, virus protection, virus security

Wi-Fi networks under virus risk


Indian computer security analysts have detected and alerted Wi-Fi users in the country against a possible virus attack that could lead to crashing and hacking of secure networks.


The Indian Computer Emergency Response Team (CERT-In), country’s national agency to respond to computer security incidents, has found that the “Wi-Fi Protected Setup (WPS) contains a design error that could allow a weaker-than-expected defence against brute-force attacks, which could allow an attacker to gain unauthorised access to the affected system.”
A brute-force attack, in computer terminology, is a programme that is used to crack and stealthily enter into an encrypted and password protected system while WPS is a popular method for setting up a new wireless router for a home network.
“The virus is streaming in the Indian Internet networks with a high severity. The combat mechanisms are being deployed,” a computer security analyst with a government agency said.
“An un-authenticated, remote attacker within range of the wireless access point could use the PIN (password) to gain unauthorised access to the device to retrieve the password for the wireless network or change the configuration of the device.
“Failed attempts to exploit the vulnerability could lead to a denial of service condition,” the CERT-In said in its alert to Wi-Fi users.
The agency also said that reports (with the agency) indicate that some WPS devices “do not implement any kind of lockout policy for brute-force attempts, which greatly reduces the time to perform a successful attack.”
Searching Tag:-virus,wi-fi security,hackers,virus security,computer security,

Hackers break into Rancho Mirage's website


Rancho Mirage — The home page of the city of Rancho Mirage website was hacked late Monday by a group calling itself “Team ShadowSec” — which left a message in support of the Occupy movement and against a proposed federal anti-piracy law.
“Your security is inferior. Your website has been seized, because we come with an important message,” the statement began.
“I don't suppose it's a sign of super strength, but if they can break into the Department of Defense website, I guess we're all vulnerable to some extent,” Mayor Dana Hobart said of the breach.
Sarah Steepleton, information services manager for Rancho Mirage, said she was alerted first thing Tuesday morning, and the normal home page was restored by 8:05 a.m.
The message left by the hacker or hackers says the group will “defend Occupy by defacing sites with our message, releasing information of cops, hacking all number of .gov sites, taking down police infrastructure, and most dangerous of all, telling the truth.”
The statement went on to threaten similar actions against the Stop Online Piracy Act, which critics say could limit access to such sites.The message was signed by “Agent_Anon, for Team ShadowSec,” alongside a Guy Fawkes mask.A few scattered references to Team ShadowSec were found via a Google search Tuesday.One hacked page, on the website for Crown Parts and Machine Inc., had the same signature and Guy Fawkes mask, but no other text.Steepleton said no other pages on the city's site, www.ranchomirageca.gov, were hacked.
The website is hosted by Rancho Mirage-based firm e-work media. An employee said Tuesday that the company could not comment.Steepleton said Tuesday there had been no discussion of changing Web hosts.
“No, no talk of that, probably just reviewing our security and making sure it's up to date.”
http://www.mydesert.com/article/20120118/NEWS0801/201180318/Hackers-break-into-Rancho-Mirage-s-website

After Zappos hack, how to protect yourself online


Another week, another computer security breach. Hackers broke into a Zappos server in Kentucky Sunday night, giving them access to personal records of 24 million Zappos customers -- which means if you've ever used the site, you're probably a victim too.
Actually, if you've ever been online, the chances are pretty good that some malevolent person has captured personal information about you and tried to break into your personal computer or credit card account.malware security.malware 
Although the criminals were after more than your shoe size, they apparently did not get full credit card numbers, but an investigation is underway. More disturbing, Zappos is owned by Amazon, which demonstrates that even the biggest online players are vulnerable to attack.malware .malware 
So what can you do to protect yourself? Here are some important reminders:
Use a Tough Password: Yes, we're always being reminded not to use the name of our pet snake or favorite fast food as a password, but who can remember 50 different passwords for all those Web sites that require registration? The best advice is to rotate through a series of passwords, changing them on a regular basis. But most important of all is to create one really difficult password and use it only for your e-mail account. malware .malware 
The reason is that many sites check password changes or send account access confirmations to e-mail accounts. If a hacker has access to your e-mail, he'll basically have access to everything from your bank account to your Amazon shopping cart. To make your e-mail password tough to crack use a mix of letters and numbers that's at least 8 characters long. And, no, combining Fluffy's name with your birthday does not count.malware .malware 
Get a Credit Report: You're entitled to get at least one free credit report a year, which will tell you if someone has opened a spurious credit card or loan in your name.[security]. You can also get a free report in many states if you've recently been turned down for a job (and who hasn't been rejected in this economy?[security].).[security]. These reports are absolutely free, so don't fall for that ad campaign that offers "free" reports but actually makes you pay. Just contact one of the three reporting companies--Equifax, Experian, or TransUnion -- yourself and get a truly free report. Better yet, put an annual reminder in your calendar so you don't forget next year.malware 
Update Your Software: Several recent online security studies report that over 90 percent of successful malware and hacking attacks are the result of consumers using old software. You don't have to buy new software to stem the threat. All you have to do is install the free updates. The reason is that most of these updates include security patches for known holes that hackers use to access systems. Patching all your programs can be about as much fun as white-knuckling it through a snow storm. Fortunately, hackers mainly target four popular programs, which you should update regularly: Java, Adobe Acrobat, Adobe Flash, and Microsoft's Internet Explorer.malware [security].
Get An Anti-virus Shot: It's true that if you're really careful, never use a social networking site, and never open a video or e-mail online, you can avoid viruses. The rest of us should use some sort of anti-virus software. There are free programs from reputable firms such as Avast and Bitdefender. Use one of their offerings.[security].
Don't Click That E-mail: Zappos is sending every one of its affected customers a warning e-mail. However, more often than not such "official" e-mails are from hackers (for example, "We've had a security problem. Please change your password.[security]."). These fraudulent e-mails can be virtually indistinguishable from legitimate missives, including identical graphics, logos, and authentic looking return e-mail addresses.[security]. I recommend never clicking on links in such e-mails. Instead, open a separate browser window and go directly to, say, your bank's official site. If there's a important notice, you'll find it there.malware security.[security].
shttp://www.foxnews.com/scitech/2012/01/16/zappos-zapped-hackers-steal-info-from-24-millionusers/?intcmp=related

Hackers attack two Israeli websites

STORY HIGHLIGHTS
  • Saudi hackers say in an e-mail they attacked the sites
  • Earlier Saudi hackers had exposed thousands of Israeli credit card numbers
  • Deputy foreign minister has his website hacked
Jerusalem (CNN) -- The websites of the Tel Aviv Stock Exchange and of El Al, the Israeli airline, were brought down Monday morning by an apparent hacking attack. An internet hacker who calls himself Ox Omar sent an e-mail to the Jerusalem Post Monday in which he claims that together with a hacking group calling themselves "Nightmare" that the websites of the Tel Aviv Stock Exchange and that of El Al would be brought down.
Idit Yaaron, the spokeswoman for the Tel Aviv Stock Exchange, told CNN that the main site of the stock exchange where the trading takes place was not harmed and operates on a very high level of Internet security. Trading has continued unaffected, she said. A secondary internet web site was affected for a short period of time.
El Al spokesman, Ran Rahav, released a statement saying, "El Al is aware that for the past two weeks a cyber war is raging against Israel. The company is closely monitoring the Saudi hacker activity. El Al is taking precautions regarding its website and as a result there may be disruptions in the activity of the website."
The "cyber war" started at the beginning of the month when a group claiming to be Saudi Arabian hackers posted the credit card information and other identifying data of thousands of Israelis on line, prompting an international investigation.
"Hi, It's Ox Omar from the group xp, largest Wahhabi group of Saudi Arabia" read a statement posted on an Israeli sports web site the group hacked into. "We are anonymous Saudi Arabian hackers. We decided to release (the) first part of our data about Israel." Wahhabism is an Islamic religious movement.
The Bank of Israel released a statement last Tuesday saying that, based on information from credit card companies, only around 15,000 credit card numbers were exposed and those credit cards were blocked for use in Internet and phone purchases.
Yoram Hacohen, who heads the Israeli Law, Information and Technology Authority at the Israeli Ministry of Justice, told CNN in a phone interview on Friday that he is more concerned about the private information that was released than the actual credit card numbers; he fears that the publishing of e-mail addresses, phone numbers and home addresses could lead to identification theft.
Hacohen said that hacking is a criminal act against citizens and the Israeli authorities have begun a criminal investigation, including a computer forensic probe to search for electronic evidence in an attempt to locate the group. The theft of personal information is a criminal act under Israel's Privacy Protection law.
Hacohen acknowledged that in the digital world, offenders are difficult to track and authorities are asking for international help in the matter.
Israeli Deputy Foreign Minister Danny Ayalon, speaking at a public event, called the Saudi hackers attack "a breach of sovereignty comparable to a terrorist operation and (it) must be treated as such." A few days later his own website was targeted in a cyber attack. In a statement on his Facebook page, Ayalon wrote that "Muslim extremists" hacked into his website "to try and prevent me from continuing to do my work on behalf of the State of Israel, especially my online public diplomacy.
Prime Minister Benjamin Netanyahu created a National Cyber Directorate in 2011, noting the emergence of cyber attacks that could "potentially paralyze life systems -- electricity, communications, credit cards, water, transportation, traffic lights."
He said in December that the new agency -- along with a rocket defense system and a physical fence -- would help protect Israel against its enemies.
http://edition.cnn.com/2012/01/16/world/meast/israel-hacking-attack/?hpt=wo_bn8

Virus writers target children


Virus writers target children with cartoon gaming websites that secretly infect their parents' PCs

  • Sites offering cute games secretly infect PCs
  • Sites with 'game' or 'arcade' in title pose danger
  • Infections remain until when parents log in
  • One site infected 12,600 users last month 
Children are the latest target for writers of computer viruses - seen as an easy 'way in' to their parents PCs.Hackers are targeting children with sites that install malicious software on PCs, disguised as innocent-looking cartoon gaming websites. But the sites quietly load programs onto the PCs which lurk in the background, which can steal information from adults, long after the children have logged off. 

Youngsters are seen as easy targets, because they  will not stop and think before clicking on a link, whereas adults tend to be slightly more cautious.Children are targeted using sites that offer free games - with one.

'Games like these require clicking and children don’t think much about what they are clicking on,' said Ondrej Vlcek, CTO of AVAST Software. 'This makes them – or their parents’ computer – quite susceptible to malicous software.'
'Games like these require clicking and children don’t think much about what they are clicking on. This makes them – or their parents’ computer – quite susceptible to malicous software,' says Avast's CTO.Within the last month, the security firm identified 60 sites with the word 'Game' or 'Arcade' in the title which were infected with malicious software - either through the sites themselves, or infected adverts. The 'driveby downloads' infect the computer with trojan software that direct the PC towards sites which infect it with further malicious software.The way children browse the web - impulsively hopping between different sites - makes them easy targets, says Avast. 'If there is something dangerous, a child will find it,' said Mr. Vlcek.Most of the infected sites seem legitimate, although some may have been created specifically to distribute malware. There is no way to visually spot the danger.As ever, the solution is to ensure you are using an up-to-date browser and have security features such as warnings activated. Antivirus programs such as Norton can be set up to give warnings that a site may be infected, or even that individual adverts may pose a risk.'At a minimum, people need an antivirus program that looks for various kinds of malware and scans websites for infections.
s:-http://www.dailymail.co.uk/sciencetech/article-2087257/Hackers-target-children--gaming-websites-secretly-infect-parents-PCs.html


Chinese 'attack US DoD Smart Cards' with Sykipot Malware


A new strain of the Sykipot malware is being used by Chinese cyber criminals to compromise US Department of Defense (DoD) smart cards, a new report has revealed.
The malware has been designed to take advantage of smart card readers running ActivClient - the client application of ActivIdentity - according to unified security information and event management (SIEM) company AlienVault.
ActivIdentity's smart cards are standardised at the DoD and a number of other US government agencies. The cards are used to identify active duty military staff, selected reserve personnel, civilian employees, and eligible contractor staff.
As with previous Sykipot strains, the attackers use an email campaign to get specific targets to click on a link and deposit the Sykipot malware onto their machines. After identifying the computers that have card readers, the attackers install keystroke logging software to steal the PIN number that is used in concert with the smart card.
"When a card is inserted into the reader, the malware acts as the authenticated user and can access sensitive information," explained AlienVault's lab manager Jaime Blasco. "The malware is then controlled by the attackers and then told what - and when - to steal the appropriate data."
So far, AlienVault has seen attacks that compromise smart card readers running Windows Native x509 software, which is reportedly in commonplace use amongst a number of US government and allied agencies.
This new strain is thought to have originated from the same Chinese authors that created a version of Sykipot in 2011, which distributed a variety of spam messages claiming to contain information on the next-generation unmanned "drones", developed by the United States Air Force.
s:-http://www.networkworld.com/news/2012/011412-chinese-attack-us-dod-smart-254927.html