The move to shift from multi-level communications and incorporating Unified communications such as VoIP and other unified platforms has become the prime targets of hackers who are now turning to IM attacks as their targets. Offices have de-centralized communications and other systems combining them into one system that is capable of handling communications eliminating the need for maintaining several systems each with its specific function. IM or Internet Messaging is cheaper and allows office workers in the field to communicate cheaply with the office and VoIP allows them to communicate cheaply over vast distances.
Unified communications is the next step towards virtualization which is currently being developed and tested by various developers. IM is one of the most convenient means of communications which has the capability to receive mail from all over just as SMS or Text messaging has done in the Mobile Industry. Every user who uses the internet may have one or more IM accounts with the many free mail providers or through their company hosting service. Using the IM allows hackers to send malware, unload their payloads and go on to propagate through the networked system, which if looked at from a business perspective crippling one of the vital communications links. There are still mobile phones and other means communications but being ever present at every desktop, any unsuspecting user can download malware without proper intrusion prevention and detection systems in place. Mobile phones have also suffered attacks from malware that is designed to attack stripped down versions of popular Operating systems, the forays of hackers into unified communications may mean they are keeping pace with the development of new technologies as fast as businesses adopt them and accept them as just part of the game.
Tags: IIS, IM, Microsoft, Unified Communications, voip
Categories: General, IM, IT Security Basics, Instant Messaging, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies
Experts have said it again and again and history has shown us that money is the root of all evil and so it goes the same for the development and eventual spread of more sophisticated malware intended for the ever growing mobile computing environment. Current malware is simple yet experts are warning users and other experts alike that it would only be time before some hacker develops a more robust and discreet form of malware that would circumvent standard virus scanners. As we have seen and read in news articles, these viruses, Trojans and other forms of malware are evolving so fast that removal and detection experts are finding it very hard to get one step ahead of them. In the time it takes to read this post, about 35 or so new types of malware would have been released into the wild to infect any of the millions of unprotected systems over the internet. The problem has gone into the pandemic stage that no system is safe for long. The soonest a new and more robust intrusion prevention and security system is in place, several new vulnerabilities in the computer systems we use are found and immediately exploited by hackers and their minion.
Economics or the promise of earning a buck from such malware creation and spreading is the major motivation for hackers. Say you get into the cell phone of your favorite Celebrity and get hold of private pictures, or get hold of a confidential report which lists the amount of funds along with the corresponding account information and much more information that one can sell quite profitably over the internet.
Tags: Malware, Mobile Malware Threat, viruses
Categories: Cryptography, General, IM, IT Security Basics, Instant Messaging, Malware, Network Security, News, Operating Systems, Real-World Issues, Security Policies, Spyware
To think the attacks over the internet would end, users of MySpace have been hit by a termed “Link Hack” which was discovered and is being studied by Websense which found the hack to re-direct the parsing process from the MySpace profile page, to the malicious site them back to the said legit page. The hack allows malicious code to be attached to all aspects of the MySpace page (such as the View Pictures, View Profile and other such legitimate functions that are normally used on the social networking site but instead of doing the requested operation, the user is re-directed to another site which prompts the user to click the back button or try to figure out what the hell just happened with the malicious phishing site getting all the info it needs and the cycle continues again and again.
The hijack process comes in stages and all the while the misguided clicks always execute a piece of JavaScript which re-directs the user to a page that seems to be the MySpace site but actually isn’t. The problem has seemingly dropped traffic due to the shutting down by the phishing site. Websense has informed the MySpace people regarding the matter and they are surely taking action to provide measures to ensure the privacy (which may be next to impossible to such open sites) of their subscribers. Symantec has also raised the alarm and has released information that can help users avert the disclosure of personal information to the said phishing site. MySpace has also identified several individuals who might be involved in the attack and have suspended their accounts as they continue to investigate the actions of these errant users and what part they had with the attach on the social networking site.
Tags: Link Hack, Malware, myspace, Social Network Under Attack
Categories: General, IM, IT Security Basics, Malware, Network Security, News, Real-World Issues, Review, Security Policies
Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).
Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).
Tags: Apple, linux, Microsoft, OS Wars
Categories: General, IM, IT Security Basics, Instant Messaging, Malware, News, Operating Systems, Privacy & Anonymity, Programming, Real-World Issues, Security Policies, Spyware
Everybody on this earth who uses the internet has to begin with a device (PC, Laptop or Mobile Phone) that has a form of operating system that gives the machine (computer/device) the ability to function as it does. May it be from Microsoft (Windows XP or Vista), Apple (OS X Leopard and prior versions) or Linux-Based operating systems, all these programs get their fair share of patches and bug fixes that are essentially damage control measures that hopefully correct programming errors before they cause too much harm to the user and the computer they are installed on.
These patches and updates are available for free for most licensed users but for those who still use bootlegged software, well, they are a bit too difficult to get hold of for the move of OS manufacturers to install (sometimes without you even knowing it), validation tools that check via the internet if the copy of your OS is licensed and legit. These underground updates are not always so discreet for some do get out and are found by users, programmers and other people who rely heavily on their computers for their everyday existence. Some get blown out of proportion sending them into the headlines as unwanted and unauthorized processes that you get to see on CNN and the BBC.
Software development firms are businesses and they do try their best to keep ahead of the pack (competitors) when it comes to the complexity and capabilities of their products. The competitiveness goes as far as the early release of a product before all testing and real-world simulations have been completed opting for patches and updates to correct them well after the product has been released into the wild (for public use). Some problems associated with them are so critical that the developers are so ashamed to admit they overlooked them that they opt to update these files without the user’s knowledge (have you ever seen your OS getting updates from the web as you get to go on your coffee break, sometimes so discreetly you even fail to notice, returning to a computer that tells you your system has been updated and a restart is needed for them to take effect?)
Tags: Apple, linux, Misrosoft, OS Wars
Categories: General, IM, IT Security Basics, Malware, News, Operating Systems, Privacy & Anonymity, Real-World Issues, Spyware
A new twist into the old email scam books, the fraudulent scam that asks for money from unsuspecting friends and acquaintances listed in your address books. True, many have been victimized by the said ploy wherein people gain access to your address book and sending out email that solicits cash funds to be wired to a location somewhere around the world. The scam began in Africa when a journalist began receiving unexpected calls and email regarding his misfortune in the African continent where he was supposedly on vacation and stuck in a hotel without any cash funds or other form of identification.
The incident used Yahoo which the perpetrator has broken into and taken the liberty of obtaining all the names and email addresses contained in the popular email facility service’s files. These addresses were then sent fake email messages telling the unfortunate story of you getting into misfortune somewhere and that you are in dire need of cash which you are supposed to pay back as soon as you return from the said trip ending the ordeal. It is a fake emergency message though and there have been many reports of similar cases happening using all the email services around. How the thieves got into the address book getting the necessary information is still a mystery and the guy who reported it first (who happens to be in the journalism business) had to go through a long process of getting all the account information from yahoo through phone after a lengthy conversation to prove that he was actually who he claimed to be. So, people be alert for the said scam and be sure to verify all incidents with the senders as well as alert all members of the family and your friends of such crazy behavior.
Tags: Email-Scams, Fraudulent-email, Scams
Categories: General, IM, IT Security Basics, Instant Messaging, News, Privacy & Anonymity, Real-World Issues
Employee’s love them, Network Administrators hate them, the advent of more function packed handheld devices have sparked a re-evaluation of the threat these small devices pose. Traditionally, networks were quite safe for to gain access to it you needed to be hooked up to the network, physically with a LAN cable. Now that the shift to wireless has become the network engineer’s best friend the network has surely been simplified and companies are switching to the new technology. Thy no longer needed wires and all existing computers are either replaced with ones that support Wi-Fi or bought individual dongles that allowed connection within the office. That was still an easy security agenda for they usually had a range of a couple of hundred feet.
Then came wireless internet hotspots which commercial developers started to put up to get more workers out of the office into their shops allowing them to work while, say having coffee. That’s where the problems began for the more office correspondence left the walls of the office, the more harder was it to secure. VPN’s were implemented that allowed a secure channel within existing networks making it a bit better. But that was still quite vulnerable to attack and security experts needed a better way of securing corporate data where-ever the user might be. Projections by business and security analysts estimate volume to increase to 100 million email transactions to and from outside the office locations that is still causing nightmares as the next step is found in the drive to secure this network without physical bounds.
[tags]Handheld Computing, Mobile Computing[/tags]
Tags: hackers, internet, security, Vulnerabilities, Wireless
Categories: Cryptography, General, IM, IT Security Basics, Instant Messaging, Network Security, News, Real-World Issues, Security Policies, Wireless Security
It would only be normal to find shared folders in the default setup of Windows operating systems. This can be easily seen once a person would go to the explorer option of his computer where shared folders are waiting to be accessed. This is automatically made for access if people connect to a network and would not set the security policies and accessibility on a restricted basis which only allows administrators to access them.
The importance of setting security levels to avoid such access to folders is important. Not al people are aware of the harmful things an unauthorized user may do once he gets the chance to intrude in another person’s workstation. Aside from probable back-ups, a person may lose the files contained in such folders if he is not careful. Hence it is best to do the precautionary measures before hand to avoid unwanted avoidable circumstances would ensue.
[tags]shared folders, security policy, network security[/tags]
Tags: Network Security, security-policy, shared-folders
Categories: Backups, Cryptography, IM, IT Security Basics, Instant Messaging, Network Security, Physical Security, Privacy & Anonymity, Security Policies, Storage, Tips
Anyone will receive different kinds of offline and online messages from friends and acquaintances. Some would be links to other websites they have done, pictures or news feeds. But while these would be helpful in most cases, it would be best to first query the person and ask what the site is all about.
Cases of rapidly increasing links that creep into the instant messaging service create havoc and spread to the entire contact list of people endorsing the various instant messaging services available over the web today. The most popular of which is perhaps Yahoo Messenger and Instant Messaging. These are the widely used modes of communication today since aside from saving on cost, they hold a wider coverage, thanks to the Internet which is available all throughout the world today.
Hence, such coverage offers a tempting way of making lives miserable and the computers a living hell. The discomforts that it would have would drive a person crazy since the need to remedy the situation may take some time. However, for some people there is always the option to format the whole system, something that is not needed by people who need to access their files regularly and have no backup copies.
[tags]yahoo messenger virus, spyware, instant messaging, hyperlinks, bad links[/tags]
Tags: bad-links, hyperlinks, Instant Messaging, Spyware, yahoo-messenger-virus
Categories: Backups, IM, IT Security Basics, Instant Messaging, Malware, Spyware, Tips
Slowly but surely, communication has grown entirely advanced. At first, it was mainly done through keystrokes called chatting conversations with some emoticons in tow to spice up the supposed conversation. Next came the web cam era wherein a person can now see the person he is talking to, being more relieved that the person they are communicating to is really existent.
Today, voice messaging has been added to the fray, making it all the more enticing for people who put premium on the web with regards to communicating with friends and associates anywhere in the world. One can just imagine the savings that such voice calls can provide compared to the old practice of making calls by phone. Indeed the latter was very expensive to the point that people would have problems settling their accounts payable to such providers.
Voice messaging today over the Internet is free as long as it is a PC to PC call. However, leaning on the trends and developments, it is not far fetched to see that one day that such offered voice calls would charge minimal amounts which would gradually increase as demand does too.
[tags]im, instant messaging, video conference, voice messaging[/tags]
Tags: IM, Instant Messaging, video-conference, voice-messaging
Categories: IM, Instant Messaging, Privacy & Anonymity, Wireless Security
The move to shift from multi-level communications and incorporating Unified communications such as VoIP and other unified platforms has become the prime targets of hackers who are now turning to IM attacks as their targets. Offices have de-centralized communications and other systems combining them into one system that is capable of handling communications eliminating the need for maintaining several systems each with its specific function. IM or Internet Messaging is cheaper and allows office workers in the field to communicate cheaply with the office and VoIP allows them to communicate cheaply over vast distances.
