Showing posts with label Security Tips. Show all posts
Showing posts with label Security Tips. Show all posts

Tuesday, April 22, 2014

Evil Twin and Fake Wireless Access Point Hacks: What They Are, How To Defend

Hacking is a term with a wide variety of acts associated with it. Some are incredibly complex and demand a high degree of knowledge, others are little more than installing some software on your device and acting a bit...less than ethically.

One of the most common hacks is also one of the easiest to defend against. This is what is known as a fake wireless access point. Hackers use this tactic to easily steal data of unsuspecting wireless users in public places.

What is a fake wireless access point data theft?
This type of attack has a number of nicknames associated with it: AP Phishing, Wi-Fi Phishing, Hotspotter, Evil Twins, and Honeypot AP. All of these are associated with creating a fake Wi-Fi connection that people log into, and whose goal is to steal credentials, logins, and passwords.

To accomplish this, hackers simply use a piece of software, or app, that is designed to capture data that is sent over a wireless connection. Examples of software that is sued during a fake Wi-Fi attack includes:

  • AirSSL
  • AirJack
  • Airsnarf
  • Dsniff
  • Cain
  • void11

No matter which apps are used, the key to it all is setting up a wireless connection that people will want to connect to. When they go to connect to the wireless point they likely won’t suspect a thing. Why? Because this tactic is used most often in public areas.

If you were to go into your local Starbucks, sit down with your mochalatte venti with cream and sugar pumpkin spice, and open up your tablet, finding a connection labelled ‘Starbucks Free WiFi,’ you’d probably connect in a heartbeat (on which is quicken by caffeine, at that). The same goes if you’re on a layover at JFK and you see a connection labelled ‘JFK Free Wi-Fi.- You wouldn’t think twice. That’s what the hackers are counting on - you not thinking.

How is your data stolen during a fake wireless access point theft?
How your most important data is stolen is a little shocking - you give it to them. A large percentage of these hacks take place with a fake wireless point that requires a login and password. Once that information is put into the login, hackers will take it and use it to sign into popular websites, assuming that you use the same login and password for multiple sites.

When your online accounts start showing charges that you didn’t initiate, or if your social media account is taken over, you could be the victim of a fake wireless access point data theft.

How to defend against an ‘Evil Twin’ attack?
There are a number of ways to defend against it, I’ll look at some easy to understand examples:
  • The best defence is to always verify with the wifi provider. Ask the Starbucks staff what their wi-fi is called, it can save you a massive headache. Always remember - if a deal seems too good to be true, like free wifi, it probably is.
  • Use different login details and passwords for public wifi.
  • Disconnect auto-connect when you’re in unfamiliar territory.
  • Be cautious when connects suddenly disconnect, especially if it happens for everyone on the network. An app known as aireplay is capable of disconnecting users from wifi, hoping that they’ll reconnect to their fake wifi.
  • Be cautious of certificates. Good websites can occasionally send you one, but if this happens over a public wifi that you don’t know, it is best to back off.
  • If a wifi hotspot is interfering with your VPN, forcing you to shut it down, that is a HUGE red flag. A VPN is a great defence against this attack, and hackers know it. Forcing your VPN to disable when you’re trying to connect is the only way that they can steal your data.
That last point is one I want to look at further. A VPN can be a great defence against this type of attack because it encrypts all of the data that you send out. With this data being encrypted, even when you create your login and password with the fake wifi, your data can not be stolen because it can not be deciphered. We review our Top 10 VPNs over on our website if you’re interested in learning more about them.

A last option that I’ll suggest is using SSL-protected apps. These do take more care and thought to use, but they will offer you protection that is similar to a VPN. Some hackers have even found a way around SSL protection ( the BREACH method), so you may want to explore using this with a secondary defensive measure.

The overall advice is to be cautious and verify before you connect. People look at me weird all the time when I ask for the correct wifi name that I should use to connect to. I’ve never been the victim of an ‘Evil Twin’ attack...I’ll take a funny look or two!

This is Guest Post from "Marcus Habert".

Continue   Reading>>

Saturday, June 1, 2013

How to enable Two-Factor authentication in Linkedin?

I'm very glad to hear the Linkedin is the latest company that boosts the security with the Two-Factor authentication. Few days back, Twitter enabled the two-step verification to thwart hackers.

Are you searching for the guide to configure the 2-step authentication? You are at right place.  Here is the guide that will help you to configure the linkedin two-step verification .

Before getting into the actual steps, let me explain what 2-step auth is.

Two-Step Verification:
A security feature that prompts you to enter a temporary secret number sent to your phone whenever you log into your account.

Why you should enable this feature?
I believe this is best security feature.  Let us assume, someone has stolen your login credentials via keylogger or phishing or any other method.  If the hacker try to log into the website with your credentials, he will asked to provide the secret number sent to your mobile.  Fortunately, you have your mobile with you ;) .  So hacker can't log in to your account.  Also you will come to know that someone is trying to access your account. 
How to configure the Linkedin Two-factor authentication?

Login to your account and go to the settings page:

Step 2:
select the "Account" tab and click the " Manage security settings " option.

Step 3: 
Now Here , you can see the "Two-step verification for sign in " option and it displays the feature is currently "off".  To turn on the feature , simply click the "Turn on" link.

In next step, you will be asked to enter your phone number.

Step4 :

Once you enter the phone number, you will receive a security code.  After entering the security code sent to your mobile number, the feature will be turned on.  Hurrah, Now you are protected :)

Next time, when you try to log in, you will be asked to provide the secret code :)

Continue   Reading>>

Wednesday, January 23, 2013

10 System Admin Tools to Help You Secure Your Network

System admins are frequently bombarded with security concerns, requests, alerts, news items, “did you see this?!” emails, and more. Keeping up with all the aspects of network security can seem like an overwhelming task, but in this post we’re going to look at ten tools a system admin can use to help secure their network. Some you may be familiar with, like network security software, while others may come as a surprise, like your email client; but all will help you to stay ahead of the bad guys, keep yourself informed of the latest threats, and maintain the security of your network.

1. Network security software
When we talk about network security software, we’re talking about a class of product more than any specific tool, and how important it is for you to have an application or small group of applications that can help you to accomplish most of your tasks. There are simply too many things for any one admin to do by hand, and network security software applications help to automate the heavy lifting and ensure that you can keep up with the workload. Look for network security software that multitasks. Think about it as a Swiss Army knife of software packages that includes many of the other items on this list.

2. Vulnerability scanner
A good vulnerability scanner is a key part of any toolkit, and should be used by server admins and security engineers alike. The top network security software apps will include a scanner that has a database of the thousands of vulnerabilities that could exist on your network, so that you can quickly, easily and regularly scan your network to ensure you systems are up-to-date, configured properly and secured.

3. Port scanner
A port scanner is another regular tool that should be in your network security software application. Attackers regularly scan your Internet connection looking for ways in and so should you. But you should also scan internally so you can find unauthorized services or misconfigured systems, and to validate your internal firewalls are set up correctly.

4. Patching software
Patching operating systems and third party applications is one of the most important, regularly recurring tasks a sys admin has. Network security software that can automate this, and handle the hundreds of other applications on your network, is the only realistic way you can keep up with this.

5. Auditing software
Auditing software may strike you as a strange recommendation at first, but consider all those apps you are trying to patch. How can you be sure you have no vulnerabilities on your systems if your users can install anything on your systems? How are you going to maintain licensing compliance if you don’t know who has installed what from \software? Network security software may also include software and hardware inventory components to help you stay informed and secure.

6. Secure remote clients
Telnet, older versions of PCAnyWhere and several of the web-based remote access apps that are out there all have a common issue - they’re not secure. Use SSH v2 or later for secure access to all CLI-based systems, and the most secure versions of Remote Desktop Protocol to manage Windows boxes. Using strong encryption, good passwords, lockout policies and, when possible, mutual authentication between client and host, will help to ensure no one sniffs credentials or brute-forces their way into a system. If you have two-factor authentication in your environment, ensure that every system possible uses it to further reduce your risk from unauthorized access.

7. A good network analyzer
Whether you like the open source WireShark, the free Microsoft tool NetMon, or one of the many other commercial network analysis tools, having a good “sniffer” is key to helping secure and analyze systems. There is simply no way that’s more effective to figure out just what is going on between networked systems than to see the traffic first hand.

8. Network tools
Whenever you are dealing with connections from foreign systems, you will find the need to check network addresses, routes and more. Having good tools like DIG, WHOIS, HOST, TCPING and others close at hand makes network evaluation a breeze.

9. Log parsing software
Securing systems means going through logs; lots of them. Web logs, access logs, system logs, security logs, SNMP logs, syslog logs – the list goes on and on. Having software that can quickly and easily parse through logs is critical. Everyone has their favorite. Some install locally like LogParser, while others run on servers like Splunk. Whichever you prefer, get a good log parser to help wade through what can be millions of entries quickly and easily so you can find events you need to check.

10. Your email client
Knowledge is power, and the best way to amass that knowledge is to stay informed. Whether you subscribe to email bulletins, security alerts, or RSS feeds, your email client can provide you the first indications that something new is out there, and also what you need to do to protect your systems from the threat. Zero day exploits, out of band patches, best practices and more, can all be yours if you simply join the right distribution lists and subscribe to the right lists.

These 10 system admin tools are a great start towards building your toolkit for security. Network security software plays a major role in this toolkit, which you supplement with other tools and the information you need to maintain a secure environment.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. Learn more about the importance of a secure business network by downloading the free eBook: A first aid kit for SysAdmins. All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>

Sunday, October 7, 2012

Blackhat SEO poisoning attacks

Recently , i have reported that Google Image search and Bing Image search leads to malware sites especially a blackhole exploit kit page. The reason behind this attack is SEO Poisoning.

What is SEO?
Search engine optimization (SEO) is a collection of techniques to improve the visibility of a website in a search engine's search results. Some of the techniques used by webmasters in

What is BlackHat SEO?

Black Hat SEO , also known as SEO poisoning, is a illegal-technique used by cyber criminals to make their links appear higher than legitimate results. When a user search for related keywords, the infected links appear in the top of the search results

Hacker use one of the following techniques:

*Creating SEO-friendly fake pages related to poplar search topics on  compromised sites
*Cloak malicious content from sphiders and security researchers.
* Iframe injection

Poisoning Image search Results:
As most of search engines filter and find the text-based seo poisoning attacks, Cyber criminals now poisoning the Image search results instead.

They hacked legitimate sites and inject malicoius code.  Whenever a person click the Image of compromised site in the search result , it will redirect him to malware sites.  Sophos reports that bing image-search results are being poisoned more than other search engines.

Continue   Reading>>

Tuesday, September 25, 2012

6 Web Security Risks of Not Monitoring Internet Activity

web security tips

Internet access is one of the most important things you can provide to your users. It’s a morale booster, it helps them do their job (for some it is even a vital component of their job,) it enables them to find solutions to problems, research the competition, find new customers, and more. But Internet access comes with a host of threats and if you are not on top of your web security game, allowing your users to have Internet access may cause just as many problems as it can solve. If you are going to provide your users Internet access, consider these top six web security risks of not monitoring Internet activity, and deploy a web security solution to make sure you don’t regret the generosity to your users.

1. Malware
Whether your users download infected files or they just visit compromised websites, malware infections are the single biggest risk to your users from Internet access. Web security applications can scan all files for malware and block access to known infected sites. They can also filter out malicious scripts embedded in web pages, providing strong protection against malware for your users.

2. Phishing
Phishing attacks not only put your users at risk, they can have significant and long lasting impact to your customers, your financials, and your reputation. As much as we raise awareness of phishing attacks, you can read about a new business falling victim almost weekly. Web security software can completely block access to known phishing sites, so even if your users do fall for a phishing email, they cannot submit sensitive information to the attacker’s website.

3. Copyright infringement
Even the best intentions can lead to costly impact to your business, and when users download audio and video files without obtaining the rights to them, the copyright holders can go after your business for compensation. Web security software can block the download of media files, or can filter access based on category to help prevent users from downloading content that might cost you in the long term.

4. Licensing violations
Audio and video are not the only ways a user’s actions can lead to fines and penalties. When users download and install software without obtaining a license for it, the company can be held liable as well. Sites that host cracked software, keygens, and other warez can be blocked completely using web security software, so you can exercise due diligence and avoid a run-in with the Business Software Alliance or other licensing issue.

5. Human Resources incidents
What’s appropriate to access at work and what users may be accustomed to accessing at home are often at opposite ends of the content spectrum, and it’s easy for a user to be offended, or even feel harassed, if exposed to content another user is accessing. This leads to workplace problems including morale issues, teamwork challenges, and can quickly escalate to an incident that involves HR and could lead to someone losing their job. You can avoid all of that by using web security software to block access to content inappropriate for the workplace, and to enforce safe search results in the major search engines.

6. Bandwidth consumption
Media sites such as YouTube, Netflix, Hulu, Pandora, Internet radio and television streaming sites, and others are great for when you are at home, but if only a handful of your users decide to start listening to their favorite music feed, or surreptitiously watching a movie while they should be working, you can quickly find your network without enough bandwidth to support the business critical applications like email. Web security software can block access to the non-business critical sites, and throttle bandwidth consumption for the sites you do want to allow, to ensure there is enough available for what your network really needs.

7. Wasting time
How often has a “quick” web search or social media check-in caused you to lose track of time? Now multiply that by the number of users on your network, who will do exactly the same thing, and you can quickly see how you can lose hours of productivity each day. Web security software can block access to social media sites, but the best products can instead simply limit the amount of total time or the time frames when users can use the web for recreational purposes. A few minutes here and there is a perfectly good way to ensure morale doesn’t suffer, and if a user wants to spend their lunch break updating their wall…what’s the harm in that, as long as they get back to work at the end of their lunch?

So don’t think web access without addressing web security. Web security applications can monitor access, filter out malware, block access to phishing sites or repositories, prevent the download of files that might contain copyrighted material, restrict the amount of bandwidth burned on streaming media, and even keep users from wasting time on social media sites. Web security applications are a critical component of your Internet security, and help to ensure that Internet access is a benefit, and not a risk to your company.

This guest post was provided by Casper Manes on behalf of GFI Software Ltd.

All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>
Older Post Home

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com