Showing posts with label Security Tips. Show all posts
Showing posts with label Security Tips. Show all posts

Tuesday, April 22, 2014

Evil Twin and Fake Wireless Access Point Hacks: What They Are, How To Defend

Hacking is a term with a wide variety of acts associated with it. Some are incredibly complex and demand a high degree of knowledge, others are little more than installing some software on your device and acting a bit...less than ethically.

One of the most common hacks is also one of the easiest to defend against. This is what is known as a fake wireless access point. Hackers use this tactic to easily steal data of unsuspecting wireless users in public places.

What is a fake wireless access point data theft?
This type of attack has a number of nicknames associated with it: AP Phishing, Wi-Fi Phishing, Hotspotter, Evil Twins, and Honeypot AP. All of these are associated with creating a fake Wi-Fi connection that people log into, and whose goal is to steal credentials, logins, and passwords.

To accomplish this, hackers simply use a piece of software, or app, that is designed to capture data that is sent over a wireless connection. Examples of software that is sued during a fake Wi-Fi attack includes:

  • AirSSL
  • AirJack
  • Airsnarf
  • Dsniff
  • Cain
  • void11

No matter which apps are used, the key to it all is setting up a wireless connection that people will want to connect to. When they go to connect to the wireless point they likely won’t suspect a thing. Why? Because this tactic is used most often in public areas.

If you were to go into your local Starbucks, sit down with your mochalatte venti with cream and sugar pumpkin spice, and open up your tablet, finding a connection labelled ‘Starbucks Free WiFi,’ you’d probably connect in a heartbeat (on which is quicken by caffeine, at that). The same goes if you’re on a layover at JFK and you see a connection labelled ‘JFK Free Wi-Fi.- You wouldn’t think twice. That’s what the hackers are counting on - you not thinking.

How is your data stolen during a fake wireless access point theft?
How your most important data is stolen is a little shocking - you give it to them. A large percentage of these hacks take place with a fake wireless point that requires a login and password. Once that information is put into the login, hackers will take it and use it to sign into popular websites, assuming that you use the same login and password for multiple sites.

When your online accounts start showing charges that you didn’t initiate, or if your social media account is taken over, you could be the victim of a fake wireless access point data theft.

How to defend against an ‘Evil Twin’ attack?
There are a number of ways to defend against it, I’ll look at some easy to understand examples:
  • The best defence is to always verify with the wifi provider. Ask the Starbucks staff what their wi-fi is called, it can save you a massive headache. Always remember - if a deal seems too good to be true, like free wifi, it probably is.
  • Use different login details and passwords for public wifi.
  • Disconnect auto-connect when you’re in unfamiliar territory.
  • Be cautious when connects suddenly disconnect, especially if it happens for everyone on the network. An app known as aireplay is capable of disconnecting users from wifi, hoping that they’ll reconnect to their fake wifi.
  • Be cautious of certificates. Good websites can occasionally send you one, but if this happens over a public wifi that you don’t know, it is best to back off.
  • If a wifi hotspot is interfering with your VPN, forcing you to shut it down, that is a HUGE red flag. A VPN is a great defence against this attack, and hackers know it. Forcing your VPN to disable when you’re trying to connect is the only way that they can steal your data.
That last point is one I want to look at further. A VPN can be a great defence against this type of attack because it encrypts all of the data that you send out. With this data being encrypted, even when you create your login and password with the fake wifi, your data can not be stolen because it can not be deciphered. We review our Top 10 VPNs over on our website if you’re interested in learning more about them.

A last option that I’ll suggest is using SSL-protected apps. These do take more care and thought to use, but they will offer you protection that is similar to a VPN. Some hackers have even found a way around SSL protection ( the BREACH method), so you may want to explore using this with a secondary defensive measure.

The overall advice is to be cautious and verify before you connect. People look at me weird all the time when I ask for the correct wifi name that I should use to connect to. I’ve never been the victim of an ‘Evil Twin’ attack...I’ll take a funny look or two!

This is Guest Post from "Marcus Habert".

Continue   Reading>>

Saturday, June 1, 2013

How to enable Two-Factor authentication in Linkedin?

I'm very glad to hear the Linkedin is the latest company that boosts the security with the Two-Factor authentication. Few days back, Twitter enabled the two-step verification to thwart hackers.

Are you searching for the guide to configure the 2-step authentication? You are at right place.  Here is the guide that will help you to configure the linkedin two-step verification .

Before getting into the actual steps, let me explain what 2-step auth is.

Two-Step Verification:
A security feature that prompts you to enter a temporary secret number sent to your phone whenever you log into your account.

Why you should enable this feature?
I believe this is best security feature.  Let us assume, someone has stolen your login credentials via keylogger or phishing or any other method.  If the hacker try to log into the website with your credentials, he will asked to provide the secret number sent to your mobile.  Fortunately, you have your mobile with you ;) .  So hacker can't log in to your account.  Also you will come to know that someone is trying to access your account. 
How to configure the Linkedin Two-factor authentication?

Login to your account and go to the settings page:

Step 2:
select the "Account" tab and click the " Manage security settings " option.

Step 3: 
Now Here , you can see the "Two-step verification for sign in " option and it displays the feature is currently "off".  To turn on the feature , simply click the "Turn on" link.

In next step, you will be asked to enter your phone number.

Step4 :

Once you enter the phone number, you will receive a security code.  After entering the security code sent to your mobile number, the feature will be turned on.  Hurrah, Now you are protected :)

Next time, when you try to log in, you will be asked to provide the secret code :)

Continue   Reading>>

Wednesday, January 23, 2013

10 System Admin Tools to Help You Secure Your Network

System admins are frequently bombarded with security concerns, requests, alerts, news items, “did you see this?!” emails, and more. Keeping up with all the aspects of network security can seem like an overwhelming task, but in this post we’re going to look at ten tools a system admin can use to help secure their network. Some you may be familiar with, like network security software, while others may come as a surprise, like your email client; but all will help you to stay ahead of the bad guys, keep yourself informed of the latest threats, and maintain the security of your network.

1. Network security software
When we talk about network security software, we’re talking about a class of product more than any specific tool, and how important it is for you to have an application or small group of applications that can help you to accomplish most of your tasks. There are simply too many things for any one admin to do by hand, and network security software applications help to automate the heavy lifting and ensure that you can keep up with the workload. Look for network security software that multitasks. Think about it as a Swiss Army knife of software packages that includes many of the other items on this list.

2. Vulnerability scanner
A good vulnerability scanner is a key part of any toolkit, and should be used by server admins and security engineers alike. The top network security software apps will include a scanner that has a database of the thousands of vulnerabilities that could exist on your network, so that you can quickly, easily and regularly scan your network to ensure you systems are up-to-date, configured properly and secured.

3. Port scanner
A port scanner is another regular tool that should be in your network security software application. Attackers regularly scan your Internet connection looking for ways in and so should you. But you should also scan internally so you can find unauthorized services or misconfigured systems, and to validate your internal firewalls are set up correctly.

4. Patching software
Patching operating systems and third party applications is one of the most important, regularly recurring tasks a sys admin has. Network security software that can automate this, and handle the hundreds of other applications on your network, is the only realistic way you can keep up with this.

5. Auditing software
Auditing software may strike you as a strange recommendation at first, but consider all those apps you are trying to patch. How can you be sure you have no vulnerabilities on your systems if your users can install anything on your systems? How are you going to maintain licensing compliance if you don’t know who has installed what from \software? Network security software may also include software and hardware inventory components to help you stay informed and secure.

6. Secure remote clients
Telnet, older versions of PCAnyWhere and several of the web-based remote access apps that are out there all have a common issue - they’re not secure. Use SSH v2 or later for secure access to all CLI-based systems, and the most secure versions of Remote Desktop Protocol to manage Windows boxes. Using strong encryption, good passwords, lockout policies and, when possible, mutual authentication between client and host, will help to ensure no one sniffs credentials or brute-forces their way into a system. If you have two-factor authentication in your environment, ensure that every system possible uses it to further reduce your risk from unauthorized access.

7. A good network analyzer
Whether you like the open source WireShark, the free Microsoft tool NetMon, or one of the many other commercial network analysis tools, having a good “sniffer” is key to helping secure and analyze systems. There is simply no way that’s more effective to figure out just what is going on between networked systems than to see the traffic first hand.

8. Network tools
Whenever you are dealing with connections from foreign systems, you will find the need to check network addresses, routes and more. Having good tools like DIG, WHOIS, HOST, TCPING and others close at hand makes network evaluation a breeze.

9. Log parsing software
Securing systems means going through logs; lots of them. Web logs, access logs, system logs, security logs, SNMP logs, syslog logs – the list goes on and on. Having software that can quickly and easily parse through logs is critical. Everyone has their favorite. Some install locally like LogParser, while others run on servers like Splunk. Whichever you prefer, get a good log parser to help wade through what can be millions of entries quickly and easily so you can find events you need to check.

10. Your email client
Knowledge is power, and the best way to amass that knowledge is to stay informed. Whether you subscribe to email bulletins, security alerts, or RSS feeds, your email client can provide you the first indications that something new is out there, and also what you need to do to protect your systems from the threat. Zero day exploits, out of band patches, best practices and more, can all be yours if you simply join the right distribution lists and subscribe to the right lists.

These 10 system admin tools are a great start towards building your toolkit for security. Network security software plays a major role in this toolkit, which you supplement with other tools and the information you need to maintain a secure environment.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. Learn more about the importance of a secure business network by downloading the free eBook: A first aid kit for SysAdmins. All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>

Sunday, October 7, 2012

Blackhat SEO poisoning attacks

Recently , i have reported that Google Image search and Bing Image search leads to malware sites especially a blackhole exploit kit page. The reason behind this attack is SEO Poisoning.

What is SEO?
Search engine optimization (SEO) is a collection of techniques to improve the visibility of a website in a search engine's search results. Some of the techniques used by webmasters in

What is BlackHat SEO?

Black Hat SEO , also known as SEO poisoning, is a illegal-technique used by cyber criminals to make their links appear higher than legitimate results. When a user search for related keywords, the infected links appear in the top of the search results

Hacker use one of the following techniques:

*Creating SEO-friendly fake pages related to poplar search topics on  compromised sites
*Cloak malicious content from sphiders and security researchers.
* Iframe injection

Poisoning Image search Results:
As most of search engines filter and find the text-based seo poisoning attacks, Cyber criminals now poisoning the Image search results instead.

They hacked legitimate sites and inject malicoius code.  Whenever a person click the Image of compromised site in the search result , it will redirect him to malware sites.  Sophos reports that bing image-search results are being poisoned more than other search engines.

Continue   Reading>>

Tuesday, September 25, 2012

6 Web Security Risks of Not Monitoring Internet Activity

web security tips

Internet access is one of the most important things you can provide to your users. It’s a morale booster, it helps them do their job (for some it is even a vital component of their job,) it enables them to find solutions to problems, research the competition, find new customers, and more. But Internet access comes with a host of threats and if you are not on top of your web security game, allowing your users to have Internet access may cause just as many problems as it can solve. If you are going to provide your users Internet access, consider these top six web security risks of not monitoring Internet activity, and deploy a web security solution to make sure you don’t regret the generosity to your users.

1. Malware
Whether your users download infected files or they just visit compromised websites, malware infections are the single biggest risk to your users from Internet access. Web security applications can scan all files for malware and block access to known infected sites. They can also filter out malicious scripts embedded in web pages, providing strong protection against malware for your users.

2. Phishing
Phishing attacks not only put your users at risk, they can have significant and long lasting impact to your customers, your financials, and your reputation. As much as we raise awareness of phishing attacks, you can read about a new business falling victim almost weekly. Web security software can completely block access to known phishing sites, so even if your users do fall for a phishing email, they cannot submit sensitive information to the attacker’s website.

3. Copyright infringement
Even the best intentions can lead to costly impact to your business, and when users download audio and video files without obtaining the rights to them, the copyright holders can go after your business for compensation. Web security software can block the download of media files, or can filter access based on category to help prevent users from downloading content that might cost you in the long term.

4. Licensing violations
Audio and video are not the only ways a user’s actions can lead to fines and penalties. When users download and install software without obtaining a license for it, the company can be held liable as well. Sites that host cracked software, keygens, and other warez can be blocked completely using web security software, so you can exercise due diligence and avoid a run-in with the Business Software Alliance or other licensing issue.

5. Human Resources incidents
What’s appropriate to access at work and what users may be accustomed to accessing at home are often at opposite ends of the content spectrum, and it’s easy for a user to be offended, or even feel harassed, if exposed to content another user is accessing. This leads to workplace problems including morale issues, teamwork challenges, and can quickly escalate to an incident that involves HR and could lead to someone losing their job. You can avoid all of that by using web security software to block access to content inappropriate for the workplace, and to enforce safe search results in the major search engines.

6. Bandwidth consumption
Media sites such as YouTube, Netflix, Hulu, Pandora, Internet radio and television streaming sites, and others are great for when you are at home, but if only a handful of your users decide to start listening to their favorite music feed, or surreptitiously watching a movie while they should be working, you can quickly find your network without enough bandwidth to support the business critical applications like email. Web security software can block access to the non-business critical sites, and throttle bandwidth consumption for the sites you do want to allow, to ensure there is enough available for what your network really needs.

7. Wasting time
How often has a “quick” web search or social media check-in caused you to lose track of time? Now multiply that by the number of users on your network, who will do exactly the same thing, and you can quickly see how you can lose hours of productivity each day. Web security software can block access to social media sites, but the best products can instead simply limit the amount of total time or the time frames when users can use the web for recreational purposes. A few minutes here and there is a perfectly good way to ensure morale doesn’t suffer, and if a user wants to spend their lunch break updating their wall…what’s the harm in that, as long as they get back to work at the end of their lunch?

So don’t think web access without addressing web security. Web security applications can monitor access, filter out malware, block access to phishing sites or repositories, prevent the download of files that might contain copyrighted material, restrict the amount of bandwidth burned on streaming media, and even keep users from wasting time on social media sites. Web security applications are a critical component of your Internet security, and help to ensure that Internet access is a benefit, and not a risk to your company.

This guest post was provided by Casper Manes on behalf of GFI Software Ltd.

All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>

Tuesday, August 14, 2012

[Security Tips] How to Secure iOS Devices ?

Kaspersky’s ThreatPost has released an interesting video that’s meant to educate the owners of iOS devices on how to properly secure them.

"Considering the rapid proliferation of smartpones and tablets and the vast wealth of personal and financial data many of us store on them, it is increasingly important that we find ways of securing our mobile devices. With that in mind, we decided there was no better way to kick-off a series of security tutorials than with a short step by step video explaining simple ways of securing your iOS device."

Continue   Reading>>

Tuesday, April 17, 2012

List of websites to check whether website is safe to use or not

In one of my posts, i explained how to check a website is safe or not using McAfee siteAdvisor add on.  But ,checking with one site is not enough.  To make sure whether site is free from malware or not, we have to verify the target-link with few more sites.

Here ,i list out some websites that helpful to identify whether site is safe or not :

WOT is a community-based, free safe surfing tool for browsers that provides website ratings & reviews to help web users as they search, surf & shop online.


VirusTotal is a free virus, malware and URL online scanning service. File checking is done with more than 40 antivirus solutions.

3.Norton Safe Web, from Symantec
Look up website safety information and safe site rankings from Norton Safe Web from Symantec. Read what others think and write your site reviews.


4. Unmask Parasites
Free online website security service. Check your web pages for hidden illicit content (invisible spam links, iframes, malicious scripts and redirects).


5. Google Diagnostic:
checks whether site hosts malware or not.


6.Online Link Scan
Online Link Scan collects and summarizes the threat reports of the aforementioned Phishtank, AVG and Google Safe Browsing engines.


I believe this list is enough to verify site is safe to user. These sites will helpful when you are doing static malware analysis process.
Continue   Reading>>

Thursday, December 1, 2011

How to protect your cloud storage from hacking?

The concept of cloud storage has become more common these days especially when offered commercially since it's more cost effective for a large corporation to store data on an off-site data center. It is cheaper and they don't have to worry about finding space for storing data on server which can be the size of a warehouse. However, at individual level, it is preferred less over local storage devices like flash drive, hard drive and disk drive.

What is cloud storage?
To talk about the security level of cloud storage, we'll first have to talk about what cloud storage is. Cloud storage is an off-site data warehouse where data is transferred and stored. It can be accessed anywhere in the world provided an Internet access is available. You can store virtually anything in a cloud storage model. I say virtually, because you are transferring it over the Internet on a web-based interface or Application Programming Interface (API) so it makes it seem like it is stored virtually.

Audio, video, documents, and any other forms of data that you can think of can be stored on a cloud storage location. You also have the option of choosing to share files with others. Saving messages or draft on your email is actually a type of cloud storage. However, to store data on it, you'll have to pay according to the storage capacity and other factors as imposed by cloud storage companies.

Hacking and Security Issues
Hackers don't need to visit your house or office and use your computer to access data. They do it over the Internet through various means like email, attachments in downloads, and so on. Since cloud storage is the process of transferring, storing, and sharing data on a remote data center over the Internet, people question its integrity and security.

To figure out the level of security cloud storage provides; we first need to ask ourselves how we actually get hacked. A hacker simply cannot access my system without a medium of connecting my computer to theirs and the medium usually is the Internet. But if all the right measures are taken, then the risk of being hacked becomes close to none. Securing your system, having a good and updated anti-virus, using strong passwords that are not common like your name, date of birth, not opening attachments and emails of unknown senders, and so much more will keep your data safe. The same applies for cloud storage.

Just because you transfer your data over the Internet to a third party server doesn't mean the chances of your data getting hacked is relatively high. Making sure that the cloud storage data center is secure will assure you that your data won't get stolen. Find out about the measures cloud storage companies are taking to protect data. Ask what level of encryption and firewalls they are using and how safe is the process of data transfer from and to the data center before you start storing data onto their servers.

Hacking normally happens not because of the shortcomings of systems but rather because of human operators. Not taking proper measures like downloading free software or anything that is free, using an outdated antivirus and a weak or common password are generally the reasons you get hacked. So, it is through the user that a hacker can gain access to the system.

To ensure that your data is protected, make sure you've done all of the following:

• Use a strong password.
A strong password contains a combination of symbols, numbers, special characters like _, $ and so on. It should be a combination of uppercase and lowercase letters. Make sure you change your password periodically too - weekly, monthly or quarterly.

• Update your Anti-Virus
An outdated antivirus can pretty much be used to clean your garage. There are new viruses, Trojans, Worms, Botnets etc. so make sure your antivirus is updated.

• Do not accept malicious email.
Do not open emails and file attachments and spam from unknown senders.

• Avoid connecting an unsecure WiFi.

• Avoid freeware.
Do not download freeware unless you are absolutely sure of it. Make sure that the website is trustworthy before downloading anything. Hackers attach worms, viruses onto files that look and work normally.

• Do not share your password.
You have a password so that no one else can access your system. If you are going around telling people your password, then it's better not to have one instead.

• Set your cloud storage data sharing permission
Make sure you know whether you have opted to keep your stored data private or if you are sharing them with others.

• Find out about the company whose cloud storage service you'll be paying for
Store your data only on data centers of companies which uses an effective encryption when transferring data to and from your system and the data center itself. Know all about the security measures taken by the company to ensure your data is secure as well.

Guest Post submitted by Michelle
Continue   Reading>>

Monday, November 28, 2011

7 Things You Should Know About Online Passwords

As online technology has advanced, so have hackers techniques for getting into your accounts and stealing personal information. Hackers break into computers 2,244 times each day by figuring out weak usernames or passwords, according to University of Maryland data. If you’re still using the same password you made up when you opened your first email account, you are setting yourself up to be a hacking victim. But don’t worry; read on and learn how to set those Internet geniuses-gone-wrong up for failure by knowing the essentials about online passwords.

1.You need different passwords for each site

Since passwords are so hard to remember and you sometimes don’t sign into a site for months, many people have one or two passwords they use for everything. This is an easy way for hackers to get access to your accounts. Hackers will infiltrate sites that aren’t very secure and uncover the passwords used there. Then they run them on all the most popular sites; if you use the same password across the board, they can easily access several of your accounts. By using a different one for each site you log into, you’re not handing them your life if they figure out one password.

2.Longer passwords are harder to hack

It obviously takes less time to type in a five-character password than a 15-character one, but that also means it will take less time for an Internet burglar to figure out. Most of us probably don’t have the interest or the determination to break into someone’s account, so it’s hard to imagine going through enough combinations to find out a five-letter password. Hackers have advanced programs, though, that allow their computers to go through hundreds of possibilities every minute. Each letter, number, or symbol you add to your passwords multiplies the time it takes to figure it out, hopefully frustrating the hacker enough that he gives up. A six-letter password that’s all lower-case takes 10 minutes to hack while an eight-letter one takes four days.

3.You shouldn’t use a word from the dictionary
A dictionary attack sounds like something an overworked English teacher would do, but it’s actually a method of hacking passwords. Many hackers use automated password-guessers that go through the words in the dictionary to try to crack yours. If you’ve used any common words, there’s a good chance that a person equipped with the right tools will be able to break into your account very quickly. By combining two or three dictionary words, you increase the amount of time it will take to guess it exponentially. By adding symbols and numbers in the middle of words, you protect yourself almost completely from a dictionary attack.

4.Humans tend to choose passwords with personal meanings

Because we as humans are so forgetful, our first instinct when choosing a password is to think of words that mean something to us personally. This makes our choices very predictable to hackers. Pet names, favorite sports teams, birthdays, and other personal bits of information are some of the most commonly used passwords, so if anyone knows even a little bit about you (or can find it on Facebook), you could be in trouble. Stay away from using your own name, names of people in your family, or any memorable dates. It should go without saying that you shouldn’t be using “123456″ or “qwerty.”

5.Passwords need to be changed regularly

Some offices and organizations require you to change your password every 90 or 180 days, and while it seems like a hassle, it’s actually a smart practice to do with all your accounts. This is especially important to do with online banking sites or shopping sites where your credit card information might be stored. It’s also necessary if you access any accounts on public or shared computers because your password may be stored without you knowing it and some hackers use programs that record your keystrokes. By regularly changing your password to something completely different, you lower the risk of any major damage being done if someone did manage to hack your account.

6.There are guidelines for creating strong ones

Now that you know you shouldn’t use common words or your dog’s name to access your online accounts, you might wonder what you should use instead. Most Internet security experts recommend having a password that’s at least 8 characters long with a mix of capitalized and lower-case letters, numbers, and symbols. A common technique for avoiding easily guessed words is to put three unrelated words together and make up a short story that involves all three so you can remember it. You can also use the first letter of each word in your favorite line of a song or movie. Change out a couple letters for numbers or special characters, and your password should be too much trouble for a hacker to figure out.

7.Password managers can help you keep track of them all

Once you’ve updated all your passwords to long strings of letters and digits, you’re probably going to forget one along the way. Security experts say it’s a bad idea to write down a list of all your passwords and leave it on or near your computer because someone could easily steal it. The smartest alternative is to use a trusted password manager, which can be web-based technology, software you put on your computer, or a portable device. Password managers keep track of your various passwords and often protect against keystroke recording programs and look-alike sites that hackers use.

Background Check

I recommend EHN Magazine "Password is 123456" to know more about the Passwords risks and Security tips .
Continue   Reading>>

Tuesday, November 22, 2011

The Top 5 Subjects(Tricks) used by Malicious Spammers

According to the research of websense,, these are the top 5 Subjects used by Malicious Spammers. If you an email with the following subject or similar tricks, Don't click the links or download the Attachment, if you do, you will end up in malware attack.

Order N21560 (numbers vary)
This link redirects to .ru/main.php or .com/main.php URL, which serves the Blackhole exploit kit. These emails are targeting users who just purchased an Adobe CS4 license, which is weird, because version 5.5 is already out. The spammers obviously have not done their research and are behind the times.

FW: Re: UNIFORM TRAFFIC TICKET (ID: 239127922) (numbers vary and subject might appear without FW: or RE:)
Fwd: Your Flight Order N125-9487755 (numbers vary)

Users are lured to click on a "CLICK HERE" link, which redirects to another URL serving the Blackhole exploit kit. I guess these types of emails are targeting specific people: a) who have driven a vehicle in New York and b) who have been cited for a speeding violation recently, and of course c) those who are curious, otherwise why would they click on this link?

USPS Invoice copy ID46298 (numbers vary)
FedEx: New Agent File Form, trackid: 1V6ZFZ7FEOHUQ (numbers vary)
DHL Express Notification for shipment 90176712199 (numbers vary)

Fake emails pretending to be invoices or tracking emails have been around for several years and usually would have an attachment, such as a Trojan like Zeus or SpyEye. Websense Security Labs™ has written several blogs before about similar cases. I just want to point out that such emails are still being sent in bulk and are still being used as a vector to infect end users' computers. The reason why these kinds of emails are still so popular is because the attachments are being repacked for every new campaign; therefore, antivirus products struggle to release new signatures for those and are unable to block them, like in this case. The campaign is known, but VT shows only 8/42 results for an attachment.

4. test
This email suggests that the attachment is a patch for WoW (World of Warcraft). Unfortunately, for the criminals, the archive is corrupt and therefore harmless to the recipients. Emails with "test" in the Subject line are commonly used by criminals to spread their malicious software. Users are used to seeing legitimate emails with "test" in the Subject line when an email system is being checked, and also spammers use such techniques to validate an email address.
5. Payment/TAX systems:

Your Wire Transfer
Wire transfer rejected
IRS requires new EIN
IRS Tax report

Daily read our Spam News from eHackingNews .
Continue   Reading>>

Monday, November 14, 2011

5 Basic Mobile Security Tips to avoid Dangerous Application ,McAfee

Now a days, attackers targets smart phones rather than the Desktop.  The number of malware application for mobile is increasing.  Infected mobile can be used to steal confidential data or  send out expensive text messages without a user’s consent.

Some Top tricks used by attackers:

  • Malicious apps are usually offered for free and being disguised as fun applications such as games, calendar and comedy apps.
  • Download the legitimate application off of one marketplace, insert malware into it and then re-publish it on other marketplaces or sites with a similar name.
In order to stay away from these type of risky application, McAfee released 5 basic Mobile Security Tips.
  1. For the moment, the amount of detected smartphone malware is relatively low compared to malware that targets desktop or laptop PCs; but being aware that it exists is the first step toward protecting yourself and your data.
  2. Research apps and their publishers thoroughly and check the ratings – better to install apps that are broadly used in the market or are recommended by your circle of friends and colleagues.
  3. It is wise to purchase from a well-known, reputable app marketplace, such as Google’s Android Market or Apple’s App Store. One way for Android users to avoid installation of non-market applications is to de-select the “Unknown sources” option in the Applications Settings menu on their device. If the option is not listed, it means your mobile service provider has already done this for you.
  4. When you install an app, you’ll see a list of permissions for services that are granted access to the hardware and software components on your device, like contacts, camera and location. If something in the permissions screen doesn’t look right, don’t install that app! For example, a game or alarm clock app probably doesn’t need to access your contacts or have the ability to transmit that data from your device.
  5. Install antivirus software on your phone. It is a good idea to install an antivirus program when you get a new mobile device before you add any other apps.

Continue   Reading>>

Friday, November 11, 2011

Shield Against Hacking With a Daily Anti-Malware Scan

Hacking; it's the fear of every website owner and it keeps many online business owners up at night, checking their website and servers, making sure they are still in control. It's scary, one day you are doing well and selling products, the next, you can't log into your website, you have profane images instead of product images, and you are being a virus spreader that most search engines block and that most browsers will keep visitors from getting to. This can take years to recover from, even after the virus is gone, but there is hope. Malware often take a while to really get into the system and cause damage, and like with a human virus, if it is stopped early you will not encounter these terrible effects.

What is hacking?
Hacking is a large culture that has a large number of methods and attacks to get around your security, sneak into your website and server, and change everything around. There are many ways of doing this, but it is commonly done through malware that is designated to consume files and strike at an inopportune moment.

The problem about this is that, until the virus strikes, you may not know anything is happening. Just like a human virus, it is consuming files (like cells) and will manifest effects when it is already too late. By the time you notice that you cannot login, or that weird things are happening on your website, it's already too late. You have been taken over, and there are many disastrous effects to this.

The most direct effect is that your website is ruined. Well, that can be fixed easily enough. The real trouble is your private information. Do you have any credit cards, passwords, private business files and other classified information that only your or other associates should see? Hacking is a common form of corporate espionage, which is why you may be targeted.

If you have 10+ years in Internet security, maybe you can handle this by yourself; however, most website owners do not have this experience. Instead, you can use computer support Sydney daily malware scans. What does this do for you? Everyday, the computer support Sydney company will scan all your website files for malware. Since the malware typically needs several days or longer to really affect the website, this allows you to get rid of the malware before you see anything happen.

Another benefit to a daily malware scan is that most of the infected code or file can be metaphorically sanitized, leaving you with a clean website free of digital germs. Not only that, but this malware scanner is updated daily with new malware formats, methods and strategies that hackers think up. Think of this as a doctor who learns more and more about his field, just this works much faster.

This can also easily scale up from beginning websites to enterprise sized monoliths. So if you are worried about size, either because you have a small or large website, don't even let that be a concern. Your entire website can be easily scanned and searched for malware, which will then be prompted removed so you can enjoy the freedom of a clean website without viruses.

No website, especially a business website, can live a successful online life without daily malware scanning. Hackers come in for fun to destroy websites with weak code, and corporate espionage will target any competitors that do not have appropriate online security. Don't be another hacked website, don't fall to this devastating online virus. Use a daily malware scanner, and keep those nasty germs away from your precious website.

Jacob Pettit
Marketing, GO8

Continue   Reading>>

Friday, November 4, 2011

3 Basic Ways to Tell Your Computer Has Been Hacked

Learning how to hack into the accounts of individuals is really convenient and pretty cool—but when the tables get turned around and you become the "hackee"—yeah, not so cool anymore. Thankfully there are some clues that may suggest you are the victim of being hacked. To learn what they are, continue reading below.

1. It Seems as Though a Ghost Lives Inside Your Computer. If you start noticing that your computer starts to act strangely, almost paranormal like—for example maybe the cursor starts to move on its own, emails that you know were untouched in your inbox before suddenly vanish, passwords magically change, or numbers and other characters appear on your screen when you are more than sure that you didn’t even touch your keyboard—then chances are your "ghost" lives in some house across the country and is controlling your laptop or desktop from a distance. As soon as you notice any kind of the unusual activity listed above, it's recommended to immediately dis enable your wireless or unplug your Ethernet cable so the hacker cannot access your computer. Then you need to immediately scan your computer with your anti virus software so that it can remove any cookies or installed malicious software that the hacker administered to your computer. If you do not have anti virus software installed because you think it's just too expensive, AVG offers a basic version for free.

2. Your Internet Connection has Suddenly Turned into a Turtle. Since hackers have to operate from a remote location to gain control of your computer, typically it will slow down your internet connection speed substantially—this is because more broadwidth is being used. Of course there can be other reasons why your internet connection is slow—perhaps you have too many files. But just to make sure, it's probably best to check your system logs to see if a second or third party has logged into your computer at any time. To do this, right click on my computer, select manage, click on computer management and then select event viewer and security.

3. Your Computer is Always Processing Information. Lastly, if you're computer is idle, but your hard drive's LED still blinks, then this is a definite red flag that a hacker has invaded your computer. Granted, an update may be occurring, but if it's not you need to immediately disconnect your LAN or WiFi and do some damage control.

Author Bio:
This is a guest post by Nadia Jones who blogs at online college about education, college, student, teacher, money saving, movie related topics. You can reach her at nadia.jones5 @

Continue   Reading>>

Find If A Website Is safe To Open or not using Online sites and Tools

In last post, we explained how to check if the site is safe or not using the McAfee Advisor.  Now i am going to introduce some other sites and tools for testing the site is safe to open or not.

Websites To check sites:

Norton Safeweb:
Norton Safeweb is free online application provided by Norton Security. It works same in way as McAfeeAdvisor.
You can check the site safety here:

Google Safe Browsing:
Google safe browsing will analyze the site for malware.  It will also report the status of site in past months.
URL to Check:
replace the with your target site.

If you manually find any sites spreading malware, you can report here:

AVG Link Scanner:
AVG Link Scanner is free tool that also works like a McAfeeAdvisor.

  • Checks each web page in real time before it opens on your computer
  • Automatically updates whenever a new threat is discovered 
Download it from here:

Don't forget to check your own site frequently. Attackers can inject malicious script in your site also.
Continue   Reading>>

How to check if a website is safe to use or not? | McAfee SiteAdvisor

Cyber world is most risky world.  Here you may not know you are being attacked until your system completely destroyed or your data stolen.

if you trust whatever you website you see in Internet, then your data and system are in risk.  Website can spread malwares , this malware can infect your system without your knowledge.  In order to get protection from those sites, we have to identify harmful sites.  Here i am going to introduce McAfee SiteAdvisor. 

McAfee SiteAdvisor:
McAfee SiteAdvisor is free tool provided by McAfee to test the site safety against malware. It notifies you about potential threats and dangerous websites (adware, spyware, spam, viruses and even scams)

Install the SiteAdvisor Addon from here(chrome,Firefox):

How to use?
Whenever you search in Internet, Use McAfee Secure Search.  This will display list of sites with rating icons.  This will helpful to identify potentially dangerous sites.

If you don't like to use Addon, you can manually check the site in this site:

An attacker can infect your trusted websites. In internet, you should not blindly trust websites. Even facebook can be infected my malware( it is not going to happen ). So be careful. if you want proof, then check this news: 350,000 sites infected
Continue   Reading>>

Thursday, November 3, 2011

How to Hide email address when sending mail to Multiple Recipients

Recently, i got mail from my Institute(where i learned Java) regarding the Interview. when i look into the To address, it includes other email address (including girls email address).  This is not big matter when you send mail within organization. What if suppose you send to others.

Just for fun:
Just imagine you have two girl friends.  Forwarding some interesting mail to both.  If anyone notice the To address, then you will end up in hospital. 

 If you like to hide email address from other recipients while sending to multiple recipients, this article will explain how to do.  I believe this will helpful for organization and those who concerned about Security.

How to do?
It is very simple.

Whenever you send mail to group of mails, fill the mail address in BCC field instead of To field (leave the To field empty).

BCC is expanded as Blind Carbon Copy.

The receiver will see sender and his address.
He can't see others address.
Continue   Reading>>

Wednesday, November 2, 2011

Could Your Bad Password Habits Come Back To Haunt You?

According to Business Insider, the CEO of a major social network used its trusted database of user passwords in order to hack into one of its user’s email accounts. The hack was based on the guess that this user probably accessed all of their accounts using the same password.

Although the cloud has provided us with some amazing new tools, it’s also created the need for increased end-user education and policy enforcement.

Yes, it’s true that nearly all cloud providers act ethically. They invest heavily in security as a means of protecting their reputations. But also, there are laws which strictly dictate how they must handle and protect their client data.

In fact, most data leaks and privacy breaches are the result of “insider jobs” by people who had physical access to the victim’s computer or storage media. (It would be much easier for me to steal your laptop from your home, than for me to break into Google’s datacenter and steal the hard drive that stores your Gmail content).  But it only takes one bad apple or one security leak to put your password into the wrong hands. And once that happens, then all of the other accounts which depend on this password will be compromised.

There are a number of ways that you can protect yourself from the possibility of having your password stolen in this manner.

One simple way would be to make use of sites which feature single sign-on (such as OpenID), or where a single login would let you access multiple services (like your Google account). There are also a number of specialized apps which let you manage multiple online accounts from a single interface.This has the advantage that your credentials are only stored in a single central repository. (Every time you make a copy of a password, the chances of a data breach go up).  Of course, this still leaves you open to a breach in the event that someone steals your password, but at least it makes such breaches more difficult. Also, such a breach might leave suspicious activity patterns that could get flagged and blocked. (ex: Many SaaS providers can block or flag access coming in from a anonymizing proxy)

The ideal scenario would be to have some sort of multi-factor authentication that requires access from a specified IP address. At the moment, only a few SaaS apps offer this ability.

If you choose to aggregate your credentials in this manner, you should only do so for low-priority online services. Any services that require the handling of sensitive information should have their own dedicated unique highly-random passwords.

Another method for managing multiple accounts using a single set of credentials would be to use a single password which is scrambled using a hint that is unique to the account in question. For example, a user whose password is “pUpp1e5” could combine this password with the web site name and create an MD5 hash where the first 10 characters would be the new password.  So the password+site string “pUpp1e5” might hash to “50f49dd6f3f838fb74ca1b7de5898c48”. And the new password would be 50f49dd6f3.
But the absolute best way to prevent you passwords from being used against you would be to generate and memorize completely random passwords for every account you open. Although this takes a bit of discipline, it’s not as hard as it sounds.

Many people will rely on mnemonic systems which turn these passwords into easy-to-visualize sentences.
For example:
“Y!14gtP” could be turned into “Yolanda surprised 14 green turtles named Peter”
Although these mnemonic systems are ok for short-term memorization, I’ve found that their effectiveness is overrated. For a number of reasons - which would take too long to go into for this article – I find that there’s no substitute for good old-fashioned memorization through repetition.

Here is a technique that works for me.
  • Step 1: Generate a random password and memorize it mnemonically or write it down somewhere safe. (Maybe an encrypted file)
  • Step 2: Log in and out 5 times in a row to build muscle memory.
  • Step 3: The next day, log in and out again 5 times using the new password.
  • Step 4: One week later, log in and out again 5 times using the new password.
You can now go ahead and destroy the written or saved copy of the password. By this point, you should have the password memorized for life. (Or until you’re ready to change it again)
Now that we’re living in the “cloud age”, users need to be more aggressive than ever when it comes to maintaining effective password management habits.
About The Author:
For over ten years, Storagepipe has been providing online server backup services that help companies maintain the safety, security and confidentiality of their private data.

Continue   Reading>>

Wednesday, October 12, 2011

Introduction to Web Application Firewall (WAF) ~ Website Security

What is WAF?WAF is expanded as Web Application Firewall. WAF is server side application that controls the input and output(filter the HTTP communication).  It controls network traffic on any OSI Layer up to Application Layer.  The main purpose of WAF is to provide better protection over the top Wep Application vulnerability such as XSS(Cross Site Scripting), SQL Injection,RFI.  Daily lot of websites hacked because of these vulnerability.  Read Our Security News Section to know about the Security Risks in Interent.  Standard firewall blocks Non-HTTP attacks(restriction of ports,access..).  This WAF blocks HTTP attack.

The Most common Web Application Vulnerabilities:

  • SQL Injection(SQLi)
  • Cross-Site Scripting (XSS)
  • Broken Authentication and Session Management
  • Insecure Direct Object References
  • Cross-Site Request Forgery (CSRF)
  • Security Misconfiguration
  • Insecure Cryptographic Storage
  • Failure to Restrict URL Access
  • Insufficient Transport Layer Protection
  • Unvalidated Redirects and Forwards

The Wep Application Firewall(WAF) must meat the following features:
  • Protection Against Top Vulnerability(XSS,SQLi,..etc)
  • Very Few False Positives (i.e., should NEVER disallow an authorized request)
  • Strength of Default (Out of the Box) Defenses
  • Power and Ease of Learn Mode
  • Types of Vulnerabilities it can prevent.
  • Detects disclosure and unauthorized content in outbound reply messages, such as credit-card and Social Security numbers.
  • Both Positive and Negative Security model support.
  • Simplified and Intuitive User Interface.
  • Cluster mode support.
  • High Performance (milliseconds latency).
  • Complete Alerting, Forensics, Reporting capabilities.
  • Web Services\XML support.
  • Brute Force protection.
  • Ability to Active (block and log), Passive (log only) and bypass the web trafic.
  • Ability to keep individual users constrained to exactly what they have seen in the current session
  • Ability to be configured to prevent ANY specific problem (i.e., Emergency Patches)
  • Form Factor: Software vs. Hardware (Hardware generally preferred)
Top 10 Open Source Web Application Firefwall(WAF):

  1. ModSecurity (Trustwave SpiderLabs)
  2. AQTRONIX WebKnight
  4. WebCastellum
  5. BinarySec
  6. Guardian@JUMPERZ.NET
  7. OpenWAF
  8. Ironbee
  9. Profense
  10. Smoothwall
Continue   Reading>>

Tuesday, October 11, 2011

How to Stay Anonymous on the Internet Using Tor ? #Security Tips

Why you should hide yourself?
Internet is risky place to surf, here your privacy is not secure as you think.  Others can track what you are searching or what is your interest(Based on that , scammers can scam you).  Some websites store your real IP. An attacker can get the IP from the website by attacking that website.  Using your IP , he can take control of your System(using Open Port).  Two weeks back, we explained about the Facebook Privacy Ris.  If you want to secure your privacy, this article will help you. 

What is Tor and Usage?
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

For Individual: They use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

For Journalists: They use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.

For Groups such as Indymedia recommend Tor for safeguarding their members' online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

Continue   Reading>>

Wednesday, October 5, 2011

How to recover a Hacked or Compromised Gmail Account?~Security Tips

Now a days, hacking gmail account is increasing.  Most of people doesn't know how to be secure(because they doesn't visit BreakTheSecurity).  So please refer our website to your friends as Security tips Blog. Ok let me come to the point.  In this article, i will explain how to recover your hacked or compromised gmail accounts.

First of all verify yourself whether your entering the correct password. Also check whether the caps lock is turned on.

How to Recover Your Gmail Account?
If you believe your account is hacked, then visit click the Can't access your account? link below the signin button in gmail.

Enter the Email address . it might ask for CAPTCHA ,fill it and continue.

option 1: If you have secondary email address, select secondary mail and ask to send the password to your secondary mail address.

option 2:  Answer to your security question and change the password

option 3: if you have added mobile number in your account. then you can recover through mobile.

Contact Gmail:
If the above option doesn't work for you? then you have to contact the gmail.


It will ask whether the password recovery option worked or not. Click "No" button.  It will ask you to enter the information about your email account.  Fill everything. They will ask to enter the email to contact you, enter the alternative email address that you have.(if that also hacked, then create new account and enter it).

Submit the form.
They will contact you soon.

FAQ About Account Recovery

Q. Why can't I tell someone private information about my account that they could look up to verify my claim?
A. Account privacy rules are very strict within Google, and allowing employees to look at the contents of an account would be a serious breach of privacy.

Q. Why isn't there a comments section on the Account Recovery Form where I could add additional information to prove my claim?
A. Like above, it would be a violation of account privacy for an employee to look in the account to verify any additional information supplied.

Q. Why can't I simply talk to somebody about this?
A. Unfortunately, Google does not offer live support for the free Gmail product (see: You must use the recovery methods provided.

Q. Why can't Google lock the account to protect it from any more damage or outgoing spam.
A. They will lock an account that the detection system identifies as being compromised and sending out spam. But again, privacy concerns would prevent them from simply locking an account because someone claims it's theirs and is compromised. In addition, since there is no live support, there is no one to even make such a request to.

Q. I had a really long password of random strings that would be impossible to guess. How was my account compromised?
A. Google (as most e-mail providers) have blocks to prevent trying lots of passwords to guess the correct one (brute-force attacks). Most accounts are compromised by harvesting passwords other ways. While a secure password is important, it's only one in a long list of things needed to keep any online account secure.

Q. But I'm very careful with my password. I don't give it to anyone except an official request from Gmail.
A. Unfortunately if you provided your password in response to any e-mail (even claiming to be from Google/Gmail) then your password was harvested by phishing. It's very common, and can trick even the most careful people.

Q. My contacts were deleted by the hacker, how do I recover them?
A. Deleted contacts can now be restored to any point in the last thirty-days:

Q. My e-mail history was deleted by the hacker, how do I recover it?
A. Have you looked in All Mail and Trash for the missing information? Have you used Search to try and find it? Unfortunately, messages deleted from Trash or Spam can not be recovered. If you would like to request Google attempt to recovery messages deleted by a hacker, see:

Q. My account was deleted by the hacker, can I recover it?
A. The Account Recovery Form can sometimes restore a recently deleted account. That is your only option in this case.

Q. I don't care about the account, can I just get the e-mail history or the contacts from it.
A. Unfortunately, you have to be able to access the account in order to transfer any information out of it. This means you need to try and recover the account.

Q. I don’t care about the contents, I just need the e-mail address back because I have other things linked to that address.
A. Account names are never re-used, so you can’t re-create the account. So to get the name back you will have to try and recover the account.

Q. Can I find out who did this? Can anyone prosecute them?
A. About the only information you have available is the list of the last 10 IPs to access your account (see the Details link below the Inbox). But given how easy it is to fake IPs, and how inaccurate they are, it's unlikely that more than a general location can be determined. In general, law enforcement is not interested in a simple compromised account, and Google is not a law enforcement agency. Bottom line is: one's energy is better spent on recovery and re-securing the account.

Q. Isn't what the person did illegal? Can I sue them or get them arrested?
A. Any legal questions should be asked of local law enforcement or an attorney. Google is neither of those and can not advise you on any actions.

Q. Can I find out what they did in my account while they had access.
A. There are no account activity logs available, so you can’t find out for sure. If there is spam in your Sent Mail, they you know they used the account for that. But there’s no way to know if or what messages they may have looked at, so take appropriate precautions.

Q. How was my account compromised?
A. There are many ways passwords can be harvested and account compromised, but the most common ones include:
  • Using the same password on multiple web-sites. A less secure site is hacked and they get the user database (e-mail and password) and then just try them all. If the person did not use a unique password, the hacker gains access to the e-mail account.
  • Phishing e-mails that ask for account information or direct you to a phishing web-site. Don't dismiss this because the messages are a lot more convincing that you would imagine, often using text copied from actual Google e-mails or on-line forms.
  • Use of a computer that is infected with a key-logger or other malware (most common for public computers like at a school or library) which records your login information.

When you reclaim Your Account:

Begin by scrolling to the bottom of your Gmail page and see if there are any other sessions signed into your account ("This account is open in 1 other location"). Then click the word "Details" where it says "Last account activity" and then "Sign out all other sessions". Now change your password to anything reasonable but without worrying too much about how secure because you are going to change it again. Next check all the following items and verify that they are set correctly.

Note: in the following “Settings” means “Mail settings” as found under the Gear icon in the upper/right of the Gmail window. If you still have the old layout, then “Settings” will be one of the choices along the top. If you have the older “Settings” link, some of the paths below will be slightly different.

Account Security:
  • Settings -> Accounts and Import -> Change Account Settings -> Change Password [pick a new secure password]
  • Settings -> Accounts and Import -> Change Account Settings -> Change password recovery options [verify secret question, SMS and recovery e-mail address]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Email Address -> Edit [verify your name and other settings]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Authorizing applications & sites [revoke Access to any sites listed]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Using 2-step verification [enable 2-step verification]

Potential Spam:
  • Settings -> General -> Signature [make sure nothing as been added]
  • Settings -> General -> Vacation Responder [make sure it's disabled and empty]

E-mail Theft
  • Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
  • Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]
  • Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
  • Settings -> Filters [no filters that forward or delete e-mail]
  • Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address, delete any unrecognized entries]

Continue   Reading>>
Older Post Home

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com