Login Security for Credit Card

Fraud and identity theft are not only a risk to your privacy, but a risk to your finances, so knowing what to look for can help prevent you from becoming a victim.
Fraudsters use ‘phishing’ or ‘spoofing’ tactics to get sensitive information from you. The deception usually involves a counterfeit website or email which looks similar to one you’d normally trust. Information you give on a phishing site could be used by criminals to access your account or use your identity fraudulently.

Login Userid and Password
After entering your username, you’ll be presented with the SiteKey™ image and phrase you selected when setting up your Online Card Services account - giving you reassurance that it’s really us.
SiteKey™ adds another layer of security, helping to prevent unauthorized access to your account and protecting your information from those who would use your identity for fraudulent purposes.
Address of Website
The address used by a counterfeit site may be very similar to our genuine website addresses. Look closely for spelling differences or the use of symbols, e.g. www.xyz.com, www.pqr@xyz.com or www.verify-xyz.com.
Hidden addresses - rest your cursor over a link in an email (but don't click on it) and a box will pop up showing you the link destination - do you recognize it as a legitimate address? If not it could suggest that the sender has something to hide.
credit crard Security

Read More

One or Hacking

An Israeli hacker calling himself Hannibal stole and exposed the Facebook login credentials of 85,000 Arabs earlier this week. It's the latest retaliatory strike in a politically motivated battle between Israeli and Arab hackers that's been going strong since the beginning of the month.Hannibal posted 20,000 Facebook users' email addresses and passwords of what he called "helpless Arabs" on Sunday (Jan. 15); the next day, he posted 30,000, followed by 10,000 on Tuesday and 25,000 on Wednesday, ZDNet reported. Hannibal posted the credentials on Pastebin, but his post has since been taken down.
 In the post, Hannibal boasted of having 30 million emails, and said he would post 2,000 to 100,000 every day, depending "on my mood."
In keeping with the theme of the ongoing hacker battle, which began Jan. 3 when a Saudi Arabian hacker named 0xOmar posted 15,000 Israelis' credit card numbers, Hannibal announced the latest tactical strike with a political message."A warning to the State of Iran and Saudi Arabia," Hannibal wrote. "I have 10 million bank accounts of the countries of Iran and Saudi Arab . If Iran continues to threaten Israel and already this week I will publish the private bank accounts and thus make them billions of dollars in damages estimated."A post on the following day, Jan. 16, read, "State of Israel, not to worry, you're in the hands of the world's best hacker that I am. I will continue to support the government of Israel will continue to attack the Arab countries.  In addition, I received thousands of emails helpless Arabs, who are begging me to stop publishing the Facebook accounts because it violates their browsing experience."Facebook sprung into action, automatically locking accounts that were exposed and forcing users to reset their passwords.Hannibal's handiwork comes amidst a turf war of sorts between Arab and Israeli hackers that, following 0xOmar's initial action, escalated quickly, with Arab hackers hitting the Tel Aviv Stock Exchange and El Al Airlines websites, and another Israeli hacking group, IDF-Team, knocking the Saudi Stock Exchange and the Abu Dhabi Securities Exchange offline.
 All Tag: antyvirus bhaskar bhaskar.com hacked bluetooth breach bluetooth security child virus children computer computer and data security computer security Cyber espionage cyber law danik bhaskar danik bhaskar hacked Enterprise ERP ethical hacking ethical hacking fundamental facebook virus free ativirus guardian hacked hackers HACKING hacking security hacking stuff internet security internet security solutions Israeli hackers malware mobile blutooth security mobile physical security mobile security network network security open source orkut orkut accounthacked orkut scrap virus orkut security orkut virus pakistan hacked bhaskar Phishing robot hack robot hack wi-fi problems Saudi Saudi hackers scrap virus security Security Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield VirusSecurity Shield Virus sintuhack smart card trojans us cyber security virus virus protection virus security viruses wi-fi wi-fi problems wi-fi security

Read More

10 Computer Threats You

Strong anti-virus software and firewalls do a great job of protecting our computer systems. But even when virus definitions are fully updated and firewalls properly configured, there are still insidious threats that can worm their ways in, stealing your data or hijacking your PC and leaving you none the wiser.

Fake Tech-Support Calls

That job isn't fixing your computer. In fact, he's really just after your personal information.

If you receive a call like this, hang up, call the company the bogus technician claimed to be from, and report the incident to a legitimate representative. If there really is a problem, they'll be able to tell you; if not, you just thwarted a data thief.

DNS Redirection

Internet service providers (ISPs) such as Time Warner Cable and Optimum Online claim they're trying to help with DNS redirection, but the reality seems to come down to money. Domain Name System (DNS) redirection overrides your browser's normal behavior when you can't reach a webpage. Instead of displaying the normal 404 "File Not Found" error, the ISP sends you to a page of the ISP's choosing — usually a page full of paid advertising and links.

Innocent though that practice may be, computer viruses can do the same thing, redirecting your browser to a hostile page the first time you misspell a domain. With ISPs, you can opt out of their DNS redirection (you'll find links below all the ads); with viruses, stay on your toes. Make sure you know what your browser's default 404 page looks like, and take action if you see anything different.

Open DNS Resolvers

Another danger lies in the way some DNS servers are configured. An "open resolver" can offer information it isn't authorized to provide. Not only are open resolvers exploited in distributed denial-of-service (DDoS) attacks, but an attacker can "poison" the DNS cache, providing false information and incorrect resolutions that must be detected to be corrected.

If your browser trips over a case of cache poisoning, the agents in charge of a hostile server can glean detailed information about your system — especially if you're in the middle of an important transaction. How can typical users solve this dilemma? The chilling answer: They can't. It's up to Internet service providers to address the problem.

Fraudulent SSL Certificates

A Secure Sockets Layer (SSL) certificate reassures your browser that the site you've connected to is what it says it is. If you're looking at "HTTPS" instead of plain old "HTTP," you know there's security involved, such as when you log in to your bank account or pay your phone bill. The most trusted SSL certificates are issued by designated Certification Authorities worldwide.

But what happens if that trust between browser and website is exploited? Acquiring or creating fake SSL certificates is unlawful, but happens often enough that we need to be aware of it. On multiple occasions in 2011, the discovery of false certificates suggested an attempt to spy on Iranian citizens as they used Gmail and Google Docs. According to the website of computer security firm F-Secure, "It's likely the government of Iran is using these techniques to monitor local dissidents."

Session Hijacking

If you spend afternoons using your laptop in a café with an open Wi-Fi network, you might not be the only person logged into your Facebook or eBay account. Firesheep, an add-on for Mozilla's Firefox browser, lets its users sneak a peek at other people's browser activity if they're all on the same wireless network.

While the illicit observers can't get a glimpse of secured pages, many sites secure only their login pages; once you're logged in, your presence is maintained purely through cookies, packets of data that your browser stores to keep track of your browsing needs. But Firesheep lets its users copy your cookies, and after that happens the site you're logged into can't tell the difference between you and them.

Though it can be used for darker purposes, Firesheep should serve more as a warning to websites with private user accounts: They need to take security seriously. Guarding the main gate isn't the limit of their responsibilities; attackers don't need to storm the castle when a guest leaves the door open.

Man-in-the-Middle Attacks

While you're still sipping your latte on that unsecured network, even your encrypted messages may not be all that safe. A Man-in-the-Middle (MTM) attack occurs when an attacker intercepts communications and proceeds to "relay" messages back and forth between the lawful parties.

While the messaging parties believe their two-way conversation is private, and might even use a private encryption key, every message is re-routed through the attacker, who can alter the content before sending it on to the intended recipient. The encryption key itself can be swapped out for one the attacker controls, and the original parties remain unaware of the eavesdropper the entire time.

SQL Injection

Databases using structured query language (SQL) rely on specially formatted queries to locate and return requested data. Human or automated attackers can send requests that exploit the database's internal codes to alter the query as it's processed. This year alone, SQL injection was the culprit behind a number of notorious security breaches, such as hacker group LulzSec's alleged theft of data from the Sony Pictures server.

Once again, the solution to this problem isn't in the user's hands.

"Well-designed software avoids the problem by weeding out any queries that don't meet strict standards," said Beth Paley, a software training consultant and co-founder of Acrotrex Medical Business Systems in northern New Jersey.

Paley advises those who create and maintain database apps to "use whitelisting, not blacklisting," letting only specific data through instead of keeping only specific data out. That way previously unseen SQL injections won't get through.

Disguised Filenames

Modern operating systems accommodate speakers of languages such as Arabic and Hebrew by featuring codes which can reverse the direction of type to display such languages correctly: written right-to-left instead of left-to-right.

Unfortunately, these "RTL" and "LTR" commands are special Unicode characters that can be included in any text, including filenames and extensions. Exploiting this fact, a malware purveyor can disguise ".exe" files as other files with different extensions. Your operating system will display the "disguised" name, though it still treats the file as an executable — launching it will run the program and infect your computer. Practice caution with any and all files from unknown sources.

Banking Trojans

A Trojan is malicious software that disguises itself as innocent program, counting on you to download or install it into your system so it can secretly accomplish its malicious tasks. The infamous ZeuS Trojan and its rival SpyEye take advantage of security holes in your Internet browser to "piggyback" on your session when you log in to your bank's website.

These monsters are in the Ivy League of computer malware; they avoid fraud detection using caution, calculating inconspicuous amounts of money to transfer out of your account based on your balance and transaction history.

While financial institutions continue to increase the layers of security involved in large transactions, such as requiring confirmation through "out-of-band" communications — such as your mobile device — digital crooks have lost no time adapting to the changes, with banking Trojans able to change the mobile number tied to your account and intercept that confirmation request. If you're a tempting target, fear is an understandable response. It's just another part of a digital arms race that shows no signs of slowing down.

Facebook Everywhere

It's hard to find an individual who or a corporation that isn't on Facebook. The social networking site has become an ever-present hub for everything online. For some less savvy users, Facebook is the Internet.

With developments like Facebook Connect and Open Graph, Facebook is virtually opening its doors to any third party that wants in on the action. You may have already noticed that Facebook displays ads targeting your specific demographic information, based on the personal information you've posted and activities you've participated in.

What you might not have noticed is that other sites have started targeting your Facebook demographics as well. Any time you browse the Web without first logging out of Facebook, other sites can get access to any profile information you've marked as fit for public consumption.

Don't want every site on the Internet to see you coming a mile away? Just remember to log out of Facebook every time.

This story was provided by SecurityNewsDaily, a sister site to LiveScience.
facebook virus, orkut virus, virus, virus protection, virus security

Read More

Chinese 'attack US DoD Smart Cards' with Sykipot Malware

A new strain of the Sykipot malware is being used by Chinese cyber criminals to compromise US Department of Defense (DoD) smart cards, a new report has revealed.
The malware has been designed to take advantage of smart card readers running ActivClient - the client application of ActivIdentity - according to unified security information and event management (SIEM) company AlienVault.
ActivIdentity's smart cards are standardised at the DoD and a number of other US government agencies. The cards are used to identify active duty military staff, selected reserve personnel, civilian employees, and eligible contractor staff.
As with previous Sykipot strains, the attackers use an email campaign to get specific targets to click on a link and deposit the Sykipot malware onto their machines. After identifying the computers that have card readers, the attackers install keystroke logging software to steal the PIN number that is used in concert with the smart card.
"When a card is inserted into the reader, the malware acts as the authenticated user and can access sensitive information," explained AlienVault's lab manager Jaime Blasco. "The malware is then controlled by the attackers and then told what - and when - to steal the appropriate data."
So far, AlienVault has seen attacks that compromise smart card readers running Windows Native x509 software, which is reportedly in commonplace use amongst a number of US government and allied agencies.
This new strain is thought to have originated from the same Chinese authors that created a version of Sykipot in 2011, which distributed a variety of spam messages claiming to contain information on the next-generation unmanned "drones", developed by the United States Air Force.
s:-http://www.networkworld.com/news/2012/011412-chinese-attack-us-dod-smart-254927.html

Read More

Scare Tactics of Anti-Virus Company

We've all seen the messages pop up on our screen. "Malware detected!" "Your computer is infected!" "Download this software now or cybercriminals will invade your privacy, steal your identity and obliterate your soul!" These are the tactics of third-rate scams, designed to have you click on them and - ironically - install viruses and malware on your machine, but I've always wondered how somewhat "trusted" antivirus companies got away with using similar methods. A new lawsuit alleges Symantec's Norton Antivirus performs scans that don't actually scan your computer but still warn of non-existent dangers in order to get you to pay $29.99 to upgrade. Further, the plaintiff James Gross contends that even if you pay the fee, Symentec's applications don't really do anything to help your computer at all.
"The scareware does not conduct any actual diagnostic testing on the computer," reads Gross's complaint filed in Northern California. "Instead, Symantec intentionally designed its scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user's PC, regardless of the real condition of the consumer's computer."
Gross said he bought the upgrade based on the prompt and afterwards hired IT experts to look at his machine. They told him that the scans almost always returned a negative report and that the software could not fix what it said it could. The complaint continues, "The scareware does not, and cannot, provide the benefits promised by Symantec. Accordingly, consumers are duped into purchasing software that does not function as advertised, and in fact, has very little (if any) utility."
sourse-forbes

Read More

Facebook Calling Hackers for open Competition for keeping world secure

Call it Mavericks for geeks. But instead of surfing waves, hackers from all over the world will get a chance to show off their creative programming skills at Facebook's third annual Hacker Cup, which starts with a 72-hour online qualification round later this month.
"It's really a chance to compete against the world's best programmers," Facebook spokesman Jonathan Thaw said.
Registration is now open for the contest, which starts Jan. 20 with the first of four online elimination rounds. For the finals, Facebook will fly the 25 highest-scoring hackers to California on March 16-17 for the last, two-hour competition at its Menlo Park campus.
"It's very intense," Thaw said. "You're working against the clock, trying to come up with an elegant and correct solution. It's a challenge."
The top prize winner gets $5,000 and bragging rights; the second and third place finalists get $2,000 and $1,000, respectively. In addition to the free trip and a behind-the-scenes tour of Facebook's headquarters -- including tech talks with company engineers and meals at its famed cafeteria -- the other 22 finalists will each get a crisp $100 bill.
How tough is the competition? Last year, 11,768 people from across the globe attempted the contest's first round of algorithmic coding challenges. The top 25 finalists -- all men -- came from China, Germany, Japan, the Netherlands, Poland, Russia, Switzerland, Ukraine and the United States. In the end, 26-year-old
Advertisement.Russian developer Petr Mitrichev was declared the world champ.
While Thaw said he expects some of 2011's finalists will try again for the title this year, the growing popularity of hacking will entice some newcomers as well."There are some programmers that basically do these sorts of competitions as a sport," he said. "But we'll likely see some new faces too. Every year, there's a new supply of talented programmers.".Facebook employees and their immediate family members and roommates are not eligible to enter, according to the contest rules. Thaw said he doesn't know whether any former competitors ended up with jobs at Facebook.

source=www.facebook.com/hackercup

Read More

Cyber espionage Threat of 2012 computer security

Cyber espionage (also spelled cyberespionage) involves the unauthorized probing to test a target computer’s configuration or evaluate its system defenses, or the unauthorized viewing and copying of data files.
Cyber-espionage, along with privacy violations and social networking attacks facilitated by the increased use of mobile and tablet devices, will be the source of increased security threats over the coming months, according to PandaLabs.
Cyber-espionage targeting companies and government agencies around the world will dominate corporate and national information security landscapes, with the integrity of classified and other protected information on the line. Trojans are expected to be the weapon of choice for hackers focused on these highly-sensitive targets.
According to Luis Corrons, technical director of PandaLabs, "We live in a world where all information is in digital form and is easily accessible if you know how. Today's spies no longer need to infiltrate a building to steal information. As long as they have the necessary computer skills, they can wreak havoc and access even the best-kept secrets of organizations without ever leaving their homes."
Consumers will continue to be targeted by cyber-criminals as they find ever more sophisticated ways to target social media sites for stealing personal data. Social engineering techniques exploiting users' naivete have become the weapon of choice for hackers targeting personally-identifiable information.
"Social networking sites provide a space where users feel safe as they interact with friends and family. The problem is that attackers are creating malware that takes advantage of that false sense of security to spread their creations," says Corrons. "It is very easy for cyber-criminals to trick users with generic messages like 'Look, you're on this video,' for example. Sometimes, curiosity can be our own worst enemy."


 major security trends of 2012:
Mobile malware: A year ago, PandaLabs predicted a surge in cyber attacks on mobile phones, and the fact that Android has become the number one mobile target for cyber-crooks in 2011 confirms that prediction. That trend will continue in 2012, with a new focus on mobile payment methods using Near-Field Communications (NFC) as these applications become increasingly popular.
Malware for tablets: Since tablets share the same operating system as smartphones, they are likely be targeted by the same malware. In addition, tablets might draw a special interest from cyber-crooks since people are using them for an increasing number of activities and are more likely to store sensitive data.
Mac malware: As the market share of Mac users continues to grow, the number of threats will grow as well. Fortunately, Mac users are now more aware that they are not immune to malware attacks and are increasingly using antivirus programs to protect themselves. The number of malware specimens for Mac will continue to grow in 2012, although still at a slower rate than for PCs.
PC malware: PC malware has grown exponentially over the past few years, and everything indicates that the trend will continue in 2012. Trojans, designed to sit silently on users' computers, stealing information and transmitting it back to their handlers, will continue to be cyber-crooks' weapon of choice; 75 percent of new malware strains in 2011 were Trojans.
SMBs under attack: Financial institutions are fairly well protected these days against malware. But smaller businesses are easier and cheaper targets to attack, and their customer databases can be a real treasure trove for hackers, particularly if credit card and other financial data is stored "in the clear." Unfortunately, many small to medium-sized companies do not have dedicated security teams, which makes them much more vulnerable.
Windows 8: While not scheduled until November 2012, the anticipated next version of Microsoft's operating system will offer cyber-crooks new opportunities to create malicious software. Windows 8 will allow users to develop malware applications for virtually any device (PCs, tablets and smartphones) running this platform, although this will likely not take place until 2013.
             Taken From Internet

Read More

Facebook---Sexbook Virus

Facebook get affected by orkut Type Virus so dont click if any post seen like following snapshot on your wall.If you click then it will automaticatlly post that link to all of yours friends wall.!!!!!!

                                                          Happy facebooking but be safe!!!!!!!

                                                                                             www.sintuhack.com

Read More