Ransomware : A new kind of Maleware

Ransomware is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. 

Ransomware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again.

e.g.

How do criminals install ransomware?

Ransomware is usually installed when you open a malicious email attachment or when you click a malicious link in an email message or instant message or on a social networking site or other website. Ransomware can even be installed when you visit a malicious website.

How do I avoid ransomware?

There are several free ways to help protect your computer against ransomware and other malware:

• Keep all of the software on your computer up to date. Make sure automatic updating is turned on to get all the latest Microsoft security updates.
• Keep your firewall turned on.
• Don't open spam email messages or click links on suspicious websites.
  How do I remove a ransomware infection from my computer?
  Here are two methods on how you may be able to remove a ransomware infection from your computer.
  Method 1: Use the Microsoft Safety Scanner
  
  
  Before you begin, you will need to have access to a computer that is not infected and is connected to the Internet, so you can download a copy of the Microsoft Safety Scanner.
  
  
  Try to restart your computer in safe mode. Here's how:
  In Windows 7
  In Windows Vista
  In Windows XP
  If you are able to restart your computer in safe mode, run the Microsoft Safety Scanner in your computer.
  Restart your computer after running the Microsoft Safety Scanner.
  If this resolves your ransomware infection, follow these steps to take once your computer has been cleaned.
  If this does not resolve your ransomware infection, follow Method 2.
  Method 2: Use Windows Defender Offline
  
  
  Before you begin: you will need to have access to a computer that is not infected and is connected to the Internet, so you can download a copy of Windows Defender Offline.
  
  
  The way Windows Defender Offline works, is by allowing you to:
  
  
  Download a copy of the tool from a computer that has access to the Internet
  Save a copy of the recovery tool to a removable drive, in order to create bootable media
  Run the recovery tool on a compromised computer
  Note: Windows Defender Offline is not a replacement for a full antivirus solution providing ongoing protection. It is meant to be used in situations where you cannot start or scan your infected computer due to a virus or other malware actively running on the computer and impeding antimalware software.
  
  
  Here's how to use Windows Defender Offline:
  
  
  Determine if you require the 32-bit or 64-bit download. See the Microsoft Help and Support article for instructions on how to check if your infected computer is running a 32- or 64-bit version of Windows.
  Using a computer that can connect to the Internet, download the version of the Windows Defender Offline that applies to your infected computer.
  
  
  If your computer is a: 
  
  
  - 32-bit computer, then download the 32-bit version here. 
  - 64-bit computer, then download the 64-bit version here.
  
  
  Note: For the recovery tool to be effective, make sure you download the version that matches your infected computer. For example, if your 64-bit desktop is affected, you will need to download the 64-bit version of Windows Defender Offline and save it to a removable drive.
  Save the downloaded file to a local drive on your computer.
  Launch the downloaded file, and create a bootable device by following the instructions on the wizard. We recommend creating a bootable USB or CD; if you create a bootable USB, this can be updated for future use.
  From the infected computer, boot from the USB or CD you created in step 4. You may need to set the boot order in the BIOS to do this. This is device specific, so if you are unsure, refer to your system manual or manufacturer.
  Follow the prompts to run a full system scan. Depending on the outcome of the scan, your next steps will vary. Follow the prompts from Windows Defender Offline to manage any threat detections.
  If this resolves your ransomware infection, follow these steps to take once your computer has been cleaned.
  
  
  source: http://www.microsoft.com/security/portal/shared/ransomware.aspx

Read More

Latest computer security threat

Latest 10 virus alerts
1 Troj/Mdrop-DKE
2 Troj/Sasfis-O
3 Troj/Keygen-FU
4 Troj/Zbot-AOY
5 Troj/Zbot-AOW
6 W32/Womble-E
7 Troj/VB-FGD
8 Troj/FakeAV-DFF
9 Troj/SWFLdr-W
10 W32/RorpiaMem-A

Top 10 viruses in October 2011

1 Troj/Invo-Zip

2 W32/Netsky

3 Mal/EncPk-EI

4 Troj/Pushdo-Gen

5 Troj/Agent-HFU

6 Mal/Iframe-E

7 Troj/Mdrop-BTV

8 Troj/Mdrop-BUF

9 Troj/Agent-HFZ

10 Troj/Agent-HGT

Top 10 virus hoaxes
1 Hotmail hoax
2 Budweiser frogs screensaver
3 Bonsai kitten
4 Olympic torch
5 MSN is closing down
6 A virtual card for you
7 Meninas da Playboy
8 Bill Gates fortune
9 JDBGMGR
10 Justice for Jamie

Read More

Computer Security

1 Protect your personal information. It's valuable.
2 Know who you're dealing with.
3 Use security software that updates automatically.
4 Keep your operating system and Web browser up-to-date, and learn about their security features.
5 Keep your passwords safe, secure, and strong.
6 Back up important files.
7 Learn what to do in an e-mergency.
Access to information and entertainment, credit and financial services, products from every corner of the world — even to your work — is greater than ever. Thanks to the internet, you can play a friendly game with an opponent across the ocean; review and rate videos, songs, or clothes; get expert advice in an instant; or collaborate with far-flung co-workers in a "virtual" office.
But the internet — and the anonymity it affords — also can give online scammers, hackers, and identity thieves access to your computer, personal information, finances, and more.
With awareness as your safety net, you can minimize the chance of an internet mishap. Being on guard online helps you protect your information, your computer, and your money. To be safer and more secure online, make these seven practices part of your online routine.
1. Protect your personal information. It's valuable.
To an identity thief, your personal information can provide instant access to your financial accounts, your credit record, and other assets. If you think no one would be interested in YOUR personal information, think again. ANYONE can be a victim of identity theft. In fact, according to the Federal Trade Commission, millions of people become victims every year. Visit ftc.gov/idtheft to learn what to do if your identity is stolen or your personal or financial information has been compromised – online or in the "real" world.
How do criminals get your personal information online? One way is by lying about who they are, to convince you to share your account numbers, passwords, and other information so they can get your money or buy things in your name. The scam is called "phishing": criminals send email, text, or pop-up messages that appear to come from your bank, a government agency, an online seller or another organization with which you do business. The message asks you to click to a website or call a phone number to update your account information or claim a prize or benefit. It might suggest something bad will happen if you don't respond quickly with your personal information. In reality, legitimate businesses should never use email, pop-ups, or text messages to ask for your personal information.
To avoid phishing scams:
Don't reply to an email, text, or pop-up message that asks for personal or financial information, and don't click on links in the message. If you want to go to a bank or business's website, type the web address into your browser yourself.
Don't respond if you get a message – by email, text, pop-up or phone – that asks you to call a phone number to update your account or give your personal information to access a refund. If you need to reach an organization with which you do business, call the number on your financial statement, or use a telephone directory
Some identity thieves have stolen personal information from many people at once, by hacking into large databases managed by businesses or government agencies. While you can't enjoy the benefits of the internet without sharing some personal information, you can take steps to share only with organizations you know and trust. Don't give out your personal information unless you first find out how it's going to be used and how it will be protected.
If you are shopping online, don't provide your personal or financial information through a company's website until you have checked for indicators that the site is secure, like a lock icon on the browser's status bar or a website URL that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some scammers have forged security icons. And some hackers have managed to breach sites that took appropriate security precautions.
Read website privacy policies. They should explain what personal information the website collects, how the information is used, and whether it is provided to third parties. The privacy policy also should tell you whether you have the right to see what information the website has about you and what security measures the company takes to protect your information. If you don't see a privacy policy — or if you can't understand it — consider doing business elsewhere.
2. Know who you're dealing with.
And what you're getting into. There are dishonest people in the bricks and mortar world and on the internet. But online, you can't judge an operator's trustworthiness with a gut-affirming look in the eye. It's remarkably simple for online scammers to impersonate a legitimate business, so you need to know who you're dealing with. If you're thinking about shopping on a site with which you're not familiar, do some independent research before you buy.
If it's your first time on an unfamiliar site, call the seller's phone number, so you know you can reach them if you need to. If you can't find a working phone number, take your business elsewhere.
Type the site's name into a search engine: If you find unfavorable reviews posted, you may be better off doing business with a different seller.
Consider using a software toolbar that rates websites and warns you if a site has gotten unfavorable reports from experts and other internet users. Some reputable companies provide free tools that may alert you if a website is a known phishing site or is used to distribute spyware.
File-Sharing: Worth the hidden costs?
Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often, the software is free and easy to access.
But file-sharing can have a number of risks. If you don't check the proper settings, you could allow access not only to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents. In addition, you may unwittingly download malware or pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.
If you decide to use file-sharing software, be sure to read the End User Licensing Agreement to be sure you understand and are willing to tolerate the potential risks of free downloads.
3. Use security software that updates automatically.
Keep your security software active and current: at a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. You can buy stand-alone programs for each element or a security suite that includes these programs from a variety of sources, including commercial vendors or from your Internet Service Provider. Security software that comes pre-installed on a computer generally works for a short time unless you pay a subscription fee to keep it in effect. In any case, security software protects against the newest threats only if it is up-to-date. That's why it is critical to set your security software to update automatically.
Some scam artists distribute malware disguised as anti-spyware software. Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers have used to spread malware. OnGuardOnline.gov can connect you to a list of security tools from legitimate security vendors selected by GetNetWise, a project of the Internet Education Foundation.
Once you confirm that your security software is up-to-date, run it to scan your computer for viruses and spyware. If the program identifies a file as a problem, delete it.
Anti-Virus Software
Anti-virus software protects your computer from viruses that can destroy your data, slow your computer's performance, cause a crash, or even allow spammers to send email through your account. It works by scanning your computer and your incoming email for viruses, and then deleting them.
Anti-Spyware Software
Installed on your computer without your consent, spyware software monitors or controls your computer use. It may be used to send you pop-up ads, redirect your computer to websites, monitor your internet surfing, or record your keystrokes, which, in turn, could lead to the theft of your personal information.
A computer may be infected with spyware if it:
Slows down, malfunctions, or displays repeated error messages
Won't shut down or restart
Serves up a lot of pop-up ads, or displays them when you're not surfing the web
Displays web pages or programs you didn't intend to use, or sends emails you didn't write.
Firewalls
A firewall helps keep hackers from using your computer to send out your personal information without your permission. While anti-virus software scans incoming email and files, a firewall is like a guard, watching for outside attempts to access your system and blocking communications to and from sources you don't permit.
Don't Let Your Computer Become Part of a "BotNet"
Some spammers search the internet for unprotected computers they can control and use anonymously to send spam, turning them into a robot network, known as a "botnet." Also known as a "zombie army," a botnet is made up of many thousands of home computers sending emails by the millions. Most spam is sent remotely this way; millions of home computers are part of botnets.
Spammers scan the internet to find computers that aren't protected by security software, and then install bad software – known as "malware" – through those "open doors." That's one reason why up-to-date security software is critical.
Malware may be hidden in free software applications. It can be appealing to download free software like games, file-sharing programs, customized toolbars, and the like. But sometimes just visiting a website or downloading files may cause a "drive-by download," which could turn your computer into a "bot."
Another way spammers take over your computer is by sending you an email with attachments, links or images which, if you click on or open them, install hidden software. Be cautious about opening any attachments or downloading files from emails you receive. Don't open an email attachment — even if it looks like it's from a friend or coworker — unless you are expecting it or know what it contains. If you send an email with an attached file, include a text message explaining what it is.
4. Keep your operating system and Web browser up-to-date, and learn about their security features.
Hackers also take advantage of Web browsers (like Firefox or Internet Explorer) and operating system software (like Windows or Mac's OS) that don't have the latest security updates. Operating system companies issue security patches for flaws that they find in their systems, so it's important to set your operating system and Web browser software to download and install security patches automatically.
In addition, you can increase your online security by changing the built-in security and privacy settings in your operating system or browser. Check the "Tools" or "Options" menus to learn how to upgrade from the default settings. Use your "Help" function for more information about your choices.
If you're not using your computer for an extended period, disconnect it from the internet. When it's disconnected, the computer doesn't send or receive information from the internet and isn't vulnerable to hackers.
5. Protect your passwords.
Keep your passwords in a secure place, and out of plain sight. Don't share them on the internet, over email, or on the phone. Your Internet Service Provider (ISP) should never ask for your password.
In addition, hackers may try to figure out your passwords to gain access to your computer. To make it tougher for them:
Use passwords that have at least eight characters and include numbers or symbols. The longer the password, the tougher it is to crack. A 12-character password is stronger than one with eight characters.
Avoid common words: some hackers use programs that can try every word in the dictionary.
Don't use your personal information, your login name, or adjacent keys on the keyboard as passwords.
Change your passwords regularly (at a minimum, every 90 days).
Don't use the same password for each online account you access.
6. Back up important files.
If you follow these tips, you're more likely to be free of interference from hackers, viruses, and spammers. But no system is completely secure. If you have important files stored on your computer, copy them onto a removable disc or an external hard drive, and store it in a safe place.
7. Learn what to do in an e-mergency.
If you suspect malware is lurking on your computer, stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information. Malware could be sending your personal information to identity thieves.
Confirm that your security software is up-to-date, then use it to scan your computer. Delete everything the program identifies as a problem. You may have to restart your computer for the changes to take effect.
If the problem persists after you exhaust your ability to diagnose and treat it, you might want to call for professional help. If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem. Your notes will help you give an accurate description to the technician.
If you need professional help, if your machine isn't covered by a warranty, or if your security software isn't doing the job properly, you may need to pay for technical support. Many companies — including some affiliated with retail stores — offer tech support via the phone, online, at their store, or in your home. Telephone or online help generally are the least expensive ways to access support services — especially if there's a toll-free helpline — but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a technician or repair person to come into your home.
Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do to avoid it in the future.
Also, talk about safe computing with anyone else who uses the computer. Tell them that some online activity can put a computer at risk, and share the seven practices for safer computing.

Read More

Internet security

1. Use a firewall
We strongly recommend the use of some type of firewall product for Internet security, such as a network appliance or a personal firewall software package. Intruders are constantly scanning home user systems for known vulnerabilities. Network firewalls (whether software or hardware-based) can provide some degree of protection against these attacks.
2. Don't open unknown email attachments[ Internet security]
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs. [ Internet security]
If you must open an attachment before you can verify the source, we suggest the following procedure:

a. save the file to your hard disk
b. scan the file using your antivirus software
c. open the file
For additional protection, you can disconnect or lock your computer's network connection before opening the file.
Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
3. Don't run programs of unknown origin
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain a Trojan horse program. These programs seriously hurt Internet Security.

4. Disable hidden filename extensions
Windows operating systems contain an option to "Hide file extensions for known file types". The option is enabled by default, but you can disable this option in order to have file extensions displayed by Windows. After disabling this option, there are still some file extensions that, by default, will continue to remain hidden.
There is a registry value which, if set, will cause Windows to hide certain file extensions regardless of user configuration choices elsewhere in the operating system. The "NeverShowExt" registry value is used to hide the extensions for basic Windows file types. For example, the ".LNK" extension associated with Windows shortcuts remains hidden even after a user has turned off the option to hide extensions.[ Internet security]

5. Keep all applications, including your operating system, patched
Vendors will usually release patches for their software when a vulnerability has been discovered. Most product documentation offers a method to get updates and patches. You should be able to obtain updates from the vendor's web site. Read the manuals or browse the vendor's web site for more information.
Some applications will automatically check for available updates, and many vendors offer automatic notification of updates via a mailing list. Look on your vendor's web site for information about automatic notification. If no mailing list or other automated notification mechanism is offered you may need to check periodically for updates.[ Internet security]

6. Turn off your computer or disconnect from the network when not in use
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.[ Internet security]

7. Disable Java, JavaScript, and ActiveX if possible
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.[ Internet security]
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.[ Internet security]

8. Disable scripting features in email programs
Because many email programs use the same code as web browsers to display HTML, vulnerabilities that affect ActiveX, Java, and JavaScript are often applicable to email as well as web pages. Therefore, in addition to disabling scripting features in web browsers, we recommend that users also disable these features in their email programs. It is important to Internet security.[ Internet security]

9. Make regular backups of critical data
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.[ Internet security]

10. Make a boot disk in case your computer is damaged or compromised
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.[ Internet security]

11. Consult your system support personnel if you work from home
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate, before following any of the steps outlined in this document.[ Internet security]
Taken from armor2net.com

Read More

 Working on orkut security, I know that fraudulent sites sometimes try to take advantage of orkut users like you and me. To help make sure that everyone is able to have a fun and safe experience on the site, I thought I'd share a few quick tips that I've picked up during my time on the orkut team. A bunch of these might seem like no-brainers, but hopefully you'll learn something new here as well:

• Create a tough password: While "yourname123" is always a tempting password to create, keep in mind that it's just as easy for a malicious user to figure out as it is for you to remember. Try creating a password that involves a combination of letters and numbers that no one could easily guess, even if they know basic details about who you are. The same goes for your security question (the question that pops up if you forget your password)– you should try your best to pick a question that only you can answer.

• Keep your private details private: Never share your orkut username and password with friends or on a site not authenticated by Google. orkut does not allow any external sites to store orkut login information and will never request that you enter it anywhere outside of the orkut login page. To be on the safe side, always check that your address bar reads "https://www.google.com/accounts/ServiceLogin?....." and nothing else when sharing your orkut user name and password.

• Leave the coding to the engineers: Never copy and paste code into your address bar, no matter what it claims to be able to do. Typically these scripts actually send messages (in your name!) to your friends trying to trick them into giving up their personal information.

• Downloads and orkut don't mix: Never download any file off of orkut, especially those that end in '.vb' or '.exe'. These files are often viruses that can infect your computer and start sending thousands of spam messages on your behalf. Sites offering special orkut themes or skins are particularly risky.

• Think twice about external links: Links to sites outside of orkut that appear in scraps or posts have not been verified by the orkut team, and could lead you to harmful sites. We'd recommend only clicking on links that go to trusted sites or those that are from other orkut users you know well.

• Anti-Virus software is always a good call: Even the most conscientious orkuteer can fall victim to a phishing attack, so it's important to always be alert and prepared. Regularly scanning your computer with updated anti-virus software is a great way to keep your computer secure.

• For new orkut features, check out apps!: Sometimes an unofficial site may claim to offer special orkut features, but these sites are known for taking over orkut accounts and directly violate our Terms of Service. If you're looking for fun new orkut functionality, check out the thousands of applications that we have available. All of these apps have been built by talented developers according to standards that we believe will help to keep you safe online. If you haven't visited the app directory recently, take a look– you might be surprised at how much cool stuff you find.

via orkut blog 

Read More

Cross site scripting

Cross site script is most common web attack.it basically attacks on application layer of web.
.its basically hits html and javascipt.
  cross site scripting arises when web application take data from form of site and include in it
web page without properly validating the data.XSS vulnerabilities allow an attackers to execute arbitrary commands and display arbitrary content in a victim users browsers. when XSS attacks became a successful attack it take control of victim browser or victim web application.  the potency of an XSS attack lies in the fact that thr malicious code executes in the context of the victim's session,allowing the attackers to bypass normal security restriction

Types of Cross Site Scripting Attacks :-

Reflective Cross Site  Scripting :-
 
In this XSS attacks attacker send the victim a misleading mail with the link containing malicious
javascript,if the victim click the link ,the http request is intiated  from the victim browsers
 and sent to the vulnerable web application.Thw malicious javascript is then reflected back to the victim's browsers,where it is executed int the
context of  of victim users session
 
Persistent Xss

Consider a Web application that allows users to enter a user name which is displayed on each user’s profile page. The application stores each user name in a local database. A malicious user notices that the Web application fails to sanitize the user name field and inputs malicious JavaScript code as part of their user name. When other users view the attacker’s profile page, the malicious code automatically executes in the context of their session.

 

Read More

Online Survey Company Is Fraud Or Not-how to know

Today, when there is hot dispute is already going on between the star news and online paid survey company Speak Asia after publishing the negative news about Speak Asia and their business behavior. sintuhack strongly feel that sintuhack should post an article to help you find the possible online fraud survey companies which are asking for money any how.


1. Whois Lookup:
A/c to sintuhack try to who is look up for the domain of official website of paid survey company you can easily find the following details.sintuhack also suggest you to know
Who is the owner of website domain?
From since long the website is active, means since how long the company is in survey business?
What is the registered official address? Where the company office is actually located.
All these info helps a lot to decide weather the company you are researching about is just another online scam or not.


2. SEO Research:
Seo research on the paid survey website can easily tell you the fact about how the website is popular in the world. You can look for number of backlinks, Google page rank and alexa rank for this. From alexa traffic analysis you can also find the location of main traffic toward the website so you can know where the website is doing more business in the world.


3. Online Complains and Scam Discussion boards:
One thing more a/c to sintuhack use google to know page rank of that website.
If you search in Google with the words like complain, fraud, scam along with the company name, you can easily find the various blogs or websites where people might have discussed about their issues or complaints with the company. Although every good company will also have some issues with clients but too much of them can really alarm you about possible online scam.


4. Make money online blogs and forums.
Here sintuhack talking about the blogs and forums where people are generally from the similar niche and discuss about how to make money online. It would be great source to find the exact information about such paid scams. If you are new to online money making niche and much not aware of the scams you can also post comments (here also) and threads in forum in similar niche to get reviews of experts in the same niche.


5. Think smartly, wisely and independently.
And last sintuhack guide you to use internet smartly wisely and independently
Think smartly to detect online scams
Its my own experience that people always get trapped in scams because they are always in search of quick rich formula and hence they generally do not think for the most important questions. So think like you want to investigate about the company and not want to invest in it, this way you can find most answers easily.

Read More

Computer Hackers and Predators

How computer hackers and predators are threat for your computer security?

People with bad mind, not the computers, create computer threats. Computer predators victimize unaware people for their gain.  A predator having access to the Internet is exponentially bigger threat to your PC than the others. Computer hackers and predators are unauthorized users who break into others computer systems to steal, change or destroy valuable information, often by installing dangerous and harmful malware without your knowledge. The use of clever tactics and detailed technical knowledge help them to access the information you really don’t want to let them know.
What computer hackers and predators do to find you?
Everyone who uses a computer with a Internet connection is susceptible by the threats of computer hackers and predators. These online demons mainly use spam emails or instant messages, phishing scams, and bogus Web sites (fake or duplicate webpage which almost look like the original) to deliver dangerous and harmful malware to the computer and disable your computer security. They will also try to access your computer and thus your private information directly if you had not taken protection by configuring your firewall. They can also peruse your personal Web page or monitor your chat room conversations. Generally by using a fake identity, predators can fool you and make you into revealing sensitive personal and financial information.
Be aware: computer hackers and predators can do the following things to you.
With the help of malware transmitted by the hacker, he can get your personal as well as financial information without your knowledge. Then he can use this information for his benefit and it will harm you in the aspect of loss of money as well as private information and data. In either case, they may:
•    Know your usernames and passwords and will change it or use it according to him.
•    Using your info they can open credit card and bank accounts in your name
•    Steal your money and Ruin your credit
•    additional credit cards  or Request new account Personal Identification Numbers (PINs) o
•    Make purchases form offline stores.
•    Add themselves or an alias that they control as an authorized user so it’s easier to use your credit
•    Obtain cash advances from your credit card
•     Abuse your Social Security number
•    Sell your information to such person who will use it for illegal purposes
Especially predators can pose a serious physical threat. Be extremely cautious when agreeing to meet an online “friend” or acquaintance in person.
Ways to know that are you in the net or not?
Regularly check the accuracy of your personal accounts, credit cards bills and other documents. Are there any unexplained transactions?
Questionable or unauthorized changes?
 If so, the dangerous and harmful malware is already installed by predators or hackers in your computer.
What can I do about computer hackers and predators?
Read as much as possible about the articles on computer security threats on this blog and increase our knowledge about this. Although Hackers and predators pose equally serious and but very different threats you will wiser enough to avoid their tricks.
To protect your computer from hackers and predators:
•    Regularly check the accuracy of your personal accounts and deal with any discrepancies instantly.
•    Use extreme caution when entering any chat rooms or posting on personal Web pages
•    Put a limit on the personal information you post on a personal Web pages
•    Carefully monitor requests  on social networking sites by online “friends” or acquaintances for predatory behavior
•    Keep personal and financial information out of any type of online conversations
Take these steps to protect your computer from hackers right away:
•    Switch to 2 way firewall.
•    Update your operating system on regular basis.
•    Increase your browser security settings.
•    Only download software from trusted sites you trust.
•    First carefully evaluate free software then use and do same in the case of file-sharing applications before downloading them.
•    Practice safe email protocol.
•    Don't respond messages from unknown senders, even don’t open it.
•    Immediately delete messages you suspect to be spam.
•    Make sure that you have the best internet security products installed on your computer.
•    Always use antivirus protection
•    Also Get antispyware software protection
An unprotected computer is a like a free gift for computer hackers and predators. To protect your computer from hackers and predators also use a spam filter or gateway to scan inbound email or IM messages. While free anti-spyware and antivirus downloads are widely available, they just can’t keep up with the continuous onslaught of new malware strains due to their limited functionality. Previously undetected forms of malware can often do the most damage, so it’s necessary to have up-to-the-minute updated and guaranteed protection.

Read More

Remove virus – Trojan Horse Sheur2

The Trojan Horse Sheur2 is a dangerous and harmful Trojan that infects Windows 98, Windows 95, Windows XP, Windows ME, Windows Vista, Windows 2000 computers. If your computer constantly raises speaker beep sounds, shows “Blue Screen” and reports that the error is produced by missing dll’s, registry keys, and Windows files, or your pop-up blocker is unable to block the pornographic and gambling related bulk popups then you are sure to have Trojan Horse Sheur2 on your computer.

The Trojan Horse Sheur2 is not just one computer infection. It comes in various forms and related infections. Some related infections are: SHeur2.hsf, SHeur2.FO, SHeur2, SHeur2.AS, SHeur2.MR, SHeur2.ISU, SHeur2.BBJ, sheur2.hsd, and SHeur2.CFT

SHeur enters your computer through backdoor without your knowledge. It usually gets into your computer due to browser security holes on your computer or if you visit questionable websites such as gambling, pornography, and hacking related websites.
Once installed on your computer, it hides itself on your computer as a legal software and the will start performing its various annoyances.

It drops malicious code to your local or network computer, disables the firewall and antivirus software configured on your computer, redirects your web browser to malicious websites, downloads malicious code, slowdowns the performance of your computer considerably, slowdowns Internet connection, and forwards passwords, login names and other confidential private information from your computer to remote computers.
How To Remove Trojan Horse Sheur2

You can remove SHeur2 Trojan using and automatic removal tool or manually. To remove it manually, you need to:

1.    Restart you computer Safe Mode.
2.    Open Internet Explorer and clean browser history and temporary internet files.
3.    Remove startup items.
4.    Remove Registry entries related to SHeur2
5.    Reboot your computer.

If the Trojan is still there you can try performing a System Restore to remove it. It is very difficult to remove SHeur2 manually because it re-installs itself if you have not completely removed its presence from your computer. Also it requires an expertise to handle system registry else you may end up in damaging your computer even more than it is damaged by this Trojan. It is therefore strongly recommended to use an automatic trojan Sheur removal tool to get rid of this virus from your computer

Read More

Document Viruses

Document or “macro” viruses take advantage of macros – commands that are embedded in fi les and run automatically.

Many applications, such as word processing and spreadsheet programs, use macros.
A macro virus is a macro program that can copy itself and spread from one file to
another. If you open a file that contains a macro virus, the virus copies itself into the
application’s startup files. The computer is now infected.

When you next open a file using the same application, the virus infects that file. If your
computer is on a network, the infection can spread rapidly: when you send an infected
file to someone else, they can become infected too. A malicious macro can also make
changes to your documents or settings.

Macro viruses infect files used in most offices and some can infect several file types,
such as Word and Excel files. They can also spread to any platform on which their host
application runs.

Macro viruses first appeared in the mid-1990s and rapidly became the most serious
virus threat of that time. Few viruses of this type are seen now

Read More

Computer Security Threats--Backdoor Trojan

A backdoor Trojan(security threat) allows someone to take control of another user’s
computer via the internet without their permission.
A backdoor Trojan(security threat) may pose as legitimate software, just as other Trojan horse programs
do, so that users run it. Alternatively – as is now increasingly common – users may
allow Trojans onto their computer by following a link in spam mail.
Once the Trojan is run, it adds itself to the computer’s startup routine. It can then
monitor the computer until the user is connected to the internet. When the computer
goes online, the person who sent the Trojan can perform many actions – for example,
run programs on the infected computer, access personal files, modify and upload files,
track the user’s keystrokes, or send out spam mail.
Well-known backdoor Trojans include Subseven, BackOrifice and, more recently,
Graybird, which was disguised as a fix for the notorious Blaster worm.
To avoid backdoor Trojans, you should keep your computers up to date with the latest
patches (to close down vulnerabilities in the operating system), and run anti-spam
and anti-virus software. You should also run a firewall, which can prevent Trojans from
accessing the internet to make contact with the hacker.Backdoor trojan computer security threat is one of
danger security attack.so be aware about this security threat.

Read More

Computer Security Threats

We are living in a digital world, were computers are not just an ordinary thing anymore but a “necessity” to our everyday lives. Most of us only knew a little about computer security threats, the most common were “virus” and “worm”. But did you know that there are 34 different types of Computer Security Threats? A lot huh? You’ll know more about them below, so keep reading and i hope that you’ll be more cautious and knowledgeable in using your computer.

1. Adware

Adware is software that displays advertisements on your computer.

Adware, or advertising-supported software, displays advertising banners or pop-ups on
your computer when you use the application. This is not necessarily a bad thing. Such
advertising can fund the development of useful software, which is then distributed free
(for example, the Opera web browser).

However, adware becomes a problem if it:

• installs itself on your computer without your consent
• installs itself in applications other than the one it came with and displays advertising
  when you use those applications
• hijacks your web browser in order to display more ads (see Browser hijackers)
• gathers data on your web browsing without your consent and sends it to others via
  the internet (see Spyware)
• is designed to be difficult to uninstall.

Adware can slow down your PC. It can also slow down your internet connection by
downloading advertisements. Sometimes programming flaws in the adware can make
your computer unstable.

Advertising pop-ups can also distract you and waste your time if they have to be closed
before you can continue using your PC.

Some anti-virus programs detect adware and report it as “potentially unwanted
applications”. You can then either authorize the adware program or remove it from the
computer. There are also dedicated programs for detecting adware.

THIS IS FIRST COMUTER SECURITY THREAT,I WILL POST ALL 34 COMUTER SECURITY THREAT ONE BY ONE,DUE TO CRISIS OF TIME I CANT POST ALL AT ONCE SO KEEP TOUCH WITH THIS BLOG,THIS IS MY PROMISE TO ALL OF YOU,I WILL COLLECT ALL RELEVANT INFORMATION ABOUT COMPUTER SECURITY THREAT FOR YOU.

UP COMING POST ON--- Backdoor Trojans.SECURITY THREAT.WITH BEST WAY TO SAVE YOUR COMPUTER

Read More

uAndroid's Security Framework

                            uAndroid's Security Framework

The Google Android mobile phone platform is one of the most anticipated smartphone operating systems. Android defines a new component-based framework for developing mobile applications, where each application is comprised of different numbers and types of components. Activity components form the basis of the user interface; each screen presented to the user is a different Activity. Service components provide background processing that continues even after its application loses focus. Services also define arbitrary interfaces for communicating with other applications. Content Provider components share information in relational database form. For instance, the system includes an application with a Content Provider devoted to sharing the user's address book upon which other applications can query. Finally, Broadcast Receiver components act as an asynchronous mailbox for messages from the system and other applications. As a whole, this application framework supports a flexible degree of collaboration between applications, where dependencies can be as simple or complex as a situation requires.

Read More

Internet Security

                        Tips for browsing internet safely
The concern for internet safety is a global phenomenon, mostly for those who are new-fangled to internet. While the prevalence of social networking websites, online communities and internet-enabled processes should be great news for individual, corporate and government users, the concern for safety remains a major source of concern. The 21st century is the age of computers and World Wide Web. Everyone starting from child to old is accustomed with web browsing. But the question arises how much we are safe on the internet? Hackers and malicious software is a great threat to our individual online privacy. So we need to protect our self from these dangerous aspects of internet. Following are some steps that can ensure a safe browsing practice. 
 1–Use Common Sense 
 To browse the internet safely, it’s best if you do so by using common sense. Do not click on advertisements that may harm your computer, and stay away from sites that promise “free” items, cash or other services simply by entering your personal information. Just because a website looks official, this does not mean that it can’t harm your computer.
2 – Use a Firewall 
 To improve the safety of your internet browsing, it’s highly recommended that you install some high-quality firewall software. Having a firewall can help prevent programs from infiltrating your computer, and may also protect against some hackers or internet criminals.
3- Use Strong Passwords
 Ensure data security by using strong passwords for your online accounts and your system files. Do not use your name or birth date as a password since they are easy to crack. Instead, use a password that contains alphanumeric characters and is at least eight characters long. Also, do not store passwords on your system. If remembering all your passwords is difficult, use a password manager program to organize and manage your passwords.
 4- Install Antivirus and Antispyware Tools 
 Use an antivirus and an antispyware tool to keep your system protected from malicious programs, such as viruses, worms, adware, and spyware. Configure these tools to perform regular full system scans on your computer.
5 – Be Aware 
When other people are using your computer, it’s best if you supervise their activities. Even if a friend asks to check their email, its best if you have them login under a other account that you have created for others to use. Having a Guest account on your computer enables you to allow others to use your computer without having to worry about them installing potentially malicious software. When creating a Guest account, disable sharing of important files on your computer. In addition to this, you should always make sure that any sensitive files are password-protected. Don’t load non-essential programs off the Internet, especially things like toolbars, screensavers, or video programs. These programs normally install extra, malicious software that causes problems and often requires a repair to remove effectively. Don’t click on anything in a pop-up and unsolicited links received in email, instant messages, or chat rooms, as it might install malware.
6- Do Not Open Attachments from Unsolicited Emails
Attachments that come with unwanted emails can contain malicious programs, such as viruses and worms. These malicious programs often cause severe damage to your system. Therefore, it is best that you straight away delete any unwanted emails you receive. You must also scan the attachments that you obtain from known sources before opening them.
7- Lock icon in the browser doesn’t means it’s secure
When the lock icon appears in the browser, many of us believe we are opening a secure site. This is because the lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the personal sensitive information. However, it does not present any security from malware. In fact, it’s the reverse because most Web security products are totally blind to encrypted connections: it’s the perfect vehicle for malware to penetrate a machine. There have been many cases where hackers emulate bank, credit card sites complete with spoofed SSL certificates that are difficult for a user to identify as deceptive. So keep away from the unknown site which shows lock icon.
8- Keep your Operating System, Software, and Drivers Up-To-Date     

Read More

LATEST VIRUS NAME..

    1.     Virus Name:     Virus:W32/Sality
   A malicious program that secretly integrates itself into program or datafiles.It spreads by integrating itself into more files each time the host program is run.
              
    2.     Virus Name:           Trojan-Downloader:W32/Hiloti
                   This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
              
    3.     Virus Name:  Trojan-Downloader:W32/Fakerean.gen!A

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

              
    4.     Virus Name:  Trojan-Downloader:W32/Wimad.gen!A
     A trojan that secretly downloads malicious files from a remote server, then installs and executes the files.
              
    5.     Virus Name:           Trojan-Downloader:W32/Oficla

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

              

    6.     Virus Name:           Trojan:AndroidOS/Tapsnake
 Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
              
    7.     Virus Name:           Email-Worm:W32/Bagle.GE

  This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.

              
    8.     Virus Name:           Virus:W32/Bursted

A malicious program that secretly integrates itself into program or data files. It spreads by integrating itself into  more files each time the host program is run.

              
    9.     Virus Name:           Trojan:W32/Qhost
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
              
    10.     Virus Name:           Trojan:W32/Agent.DKJC
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.  

Read More

Email Security...some Basic point

In today’s electronic world, email is critical to any business being competitive. In most cases it now forms the backbone of most organisations’ day-to-day activities, and its use will continue to grow. According to the The Radicati Group’s study, “Microsoft Exchange and Outlook Analysis, 2005-2009,” the worldwide email market will grow from 1.2 billion mailboxes in 2005 to 1.8 billion mailboxes in 2009.[sintuhack]
As email becomes more prevalent in the market, the importance of email security becomes more significant. In particular, the security implications associated with the management of email storage, policy enforcement, auditing, archiving and data recovery. Managing large, active stores of information takes time and effort in order to avoid failures – failures that will impact the users and therefore the business, undoubtedly leading to lost productivity. For secure and effective storage management, organisations must take a proactive approach and invest wisely in a comprehensive solution.When considering a secure email storage management solution, a layered approach, combining both business processes and applications makes sense. By considering the service email provides to the business, email management can be broken down into a number of components: mail flow, storage, and user access – both at the server and user levels. Whilst each one of these components should be addressed separately, they must be viewed as part of a total security agenda.[sintuhack]
Mail flow can encompass many aspects of an email system. However, the security of mail flow is for the large part focused around the auditing and tracking of mails into and out of the organisation. Monitoring the content and ensuring that any email that has been sent and received complies with business policy is fundamental.[sintuhack].Proving who has sent or received email is a lawful requirement for many industries and email can often be used as evidence in fraud and human resource court cases.[sintuhack],Another key aspect of the management of mail flow security is the protection of the business from malicious or unlawful attacks. It is at the gateway into the mail system where a business must protect itself via a variety of methods including hardware and software protection systems, such as spam filters and virus scanner[sintuhack].

Read More

Mobile security:Tips for using Bluetooth Securely

All  deficiencies(described in previuos post )  leave a Bluetooth device vulnerable to security threats. Even though security gaps are being filled every day by the manufacturer and technologist, Following are some of the tips that a normal user can keep in mind and protect himself from an amateur BlueTooth  security breacher.[sintuhack]

• Keep BlueTooth   in the disabled state, enable it only when needed and disable immediately after the intended task is completed.[sintuhack]
• Keep the device in non-discoverable (hidden) mode,[sintuhack]
• DO NOT accept any unknown and unexpected request for pairing your device.[sintuhack]
• 
  
• Use non regular patterns as PIN keys while pairing a device. Use those key combinations which are non sequential, non obvious on the keypad.[sintuhack]
• Keep a check of all paired devices in the past from time to time and delete any paired device which you are not sure about.[sintuhack]
• Register your device at the Manufacturer site and insure that security updates are installed regularly to protect from previously know threat which had been rectified in new models.[sintuhack]
• Always enable encryption when establishing Bluetooth connection to your PC.[sintuhack]

Above Bluetooth Security Tips should make your Bluetooth experience trouble free. Good Luck…!!! And that’s the end of chapter on bluetooth.[sintuhack].

Read More