In efforts to boost security, Paypal, one of the premier internet online payment providers is moving to block users who use older browsers to prevent weaknesses that these browsers possess. They have found that many users online still use old Microsoft IE 3.0 and 4.0 which have ended their support life a long time ago hence they do not have the needed updated security updates that are necessary to conduct safe and secure online transactions with regards to payments and other related business. Paypal has had a lot of bad publicity with regards to phishing and infiltration where people intercept and go on fake bidding sprees just to get at the vital financial information that people usually share over the network. In hopes of boosting security, they will be using script detection to begin blocking users and that they do apologize for all the inconvenience this may cause the millions of users who may be affected by their move. This comes as the amount of identity theft and other crimes have increasingly entered their ranks ending in much stolen information that leads to credit card fraud. Being the biggest, they are the most viable target for such hackers and they are trying to boost security on that front of the deal.
This would hopefully prevent more cases from developing and that any new ones will be ‘nipped in the bud’ so to speak.
Paypal and eBay have offered select users with a distinct security keys using VeriSign passwords that is to be transmitted during payment transactions which aims to prevent interception of the transaction information as it travels through the internet. Unlike specific credit card transactions that travel through dedicated lines which are now slowly being protected by PCI-DSS for improved security, regular PC do not have that much security hardware installed to protect them from interception by hackers who could tap into the network getting all credit card information for illegal purchases.

Tags: encryption, Paswords, PayPal, PCI-DSS, VeriSign

Categories: Cryptography, General, IT Security Basics, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies, Spyware

Leave a Comment

In the UK, identified sex offenders are facing bans from social networking sites which is to boost the reliability and security of having these social networksUK where surveillance has become a part of everyday life, with CCTV systems and all types of other video surveillance abound that may be possible with current facial recognition techniques that can scan a person’s face from any angle allowing identification without that person in question even knowing about it.
The intent is quite good but just how will these social web sites go about identifying sexual offenders is a very tough task indeed. With millions of registered users that span the globe along with the hundreds of social networking sites that may be next to impossible. Don’t expect these people to enter their true identity for that is the first thing they would make them most identifiable. To invent some form of technology that would brand them as such would be better and can indeed make the internet a safer place for all of us including your kids who are often the victims of such criminals.

Tags: Sex offenders, Sexual predators, social networks

Categories: General, IT Security Basics, News, Physical Security, Privacy & Anonymity, Real-World Issues

Leave a Comment

Viacom, the company that owns MTV has confirmed the fact that there was indeed a leakage of information from their system that has resulted in personal information such as Social Security numbers, Birth dates and other employment related data. They confirmed the fact that the said information was taken from an employee workstation which may have been infected by malware that sent the said information to the outside without the management knowing about it. These types of problems are now becoming more common as people go on the web and as this case shows, the workstation in question was said to have entered a social networking site through which may have been the path the malware took. The said information was contained in password protected files and the company has said that it has launched an internal investigation as to why the employee in question may have been able to access the said site from the office workstation.
Information leakage such as this case is now so common that they happen even without anybody knowing about it. Even with installed security and intrusion prevention systems, programs that piggy-back onto legal programs have found and exploited ways to circumvent them exposing themselves to protection systems as legitimate programs. Social networks have been targeted as with the problems with Goggle’s Orkut, Myspace and the many other social networking sites which have fallen to hackers who use them as launch/propagation platforms to unload their payloads of Trojans, key-loggers and many other forms malicious code.
The Web transforming into the social network may be the best thing that has happened to many but it remains to be a thorn in IT Security People from all over. Many have fallen victim to such instances that have resulted in credit card fraud and full-blown identity theft cases which are a real-world issue everybody has take notice of. The threat is real and we must all make it a point to do our best. Install the proper intrusion prevention systems and establish systems usage security protocol which will minimize exposure to such threats which are sure to invade more of our daily lives as we go on living a second life in the internet of today, the Social net.

Tags: MTV, Social Networking, Spyware

Categories: General, IT Security Basics, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies, Spyware

Leave a Comment

In the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.

Tags: Google, Orkut, Trojan

Categories: General, IT Security Basics, Instant Messaging, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies

2 Comments

Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).

Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).

Tags: Apple, linux, Microsoft, OS Wars

Categories: General, IM, IT Security Basics, Instant Messaging, Malware, News, Operating Systems, Privacy & Anonymity, Programming, Real-World Issues, Security Policies, Spyware

1 Comment

Everybody on this earth who uses the internet has to begin with a device (PC, Laptop or Mobile Phone) that has a form of operating system that gives the machine (computer/device) the ability to function as it does. May it be from Microsoft (Windows XP or Vista), Apple (OS X Leopard and prior versions) or Linux-Based operating systems, all these programs get their fair share of patches and bug fixes that are essentially damage control measures that hopefully correct programming errors before they cause too much harm to the user and the computer they are installed on.

These patches and updates are available for free for most licensed users but for those who still use bootlegged software, well, they are a bit too difficult to get hold of for the move of OS manufacturers to install (sometimes without you even knowing it), validation tools that check via the internet if the copy of your OS is licensed and legit. These underground updates are not always so discreet for some do get out and are found by users, programmers and other people who rely heavily on their computers for their everyday existence. Some get blown out of proportion sending them into the headlines as unwanted and unauthorized processes that you get to see on CNN and the BBC.

Software development firms are businesses and they do try their best to keep ahead of the pack (competitors) when it comes to the complexity and capabilities of their products. The competitiveness goes as far as the early release of a product before all testing and real-world simulations have been completed opting for patches and updates to correct them well after the product has been released into the wild (for public use). Some problems associated with them are so critical that the developers are so ashamed to admit they overlooked them that they opt to update these files without the user’s knowledge (have you ever seen your OS getting updates from the web as you get to go on your coffee break, sometimes so discreetly you even fail to notice, returning to a computer that tells you your system has been updated and a restart is needed for them to take effect?)

Tags: Apple, linux, Misrosoft, OS Wars

Categories: General, IM, IT Security Basics, Malware, News, Operating Systems, Privacy & Anonymity, Real-World Issues, Spyware

3 Comments

The future (not actually that far off) sees computer systems that are powerful enough to map out the human face which is known as facial recognition, scanning it into a database that takes a full-360 degrees picture mapping the individual face into a digital fingerprint of sorts allowing no need for invasive security systems. Imagine walking towards your workplace which is studded with cameras that constantly takes pictures of your face and compares it to a digitized database of many other faces in the system. As you get to your terminal, you get immediate access (for the system has seen you as the rightful owner of the computer terminal) to all you stuff without having to physically go through invasive security systems (like the one seen on the sci-fi movie the Minority Report). In the movie, society has evolved into a centralized environment where there are security scanners tied into all major computer systems such as media advertising boards located in major city center’s. Advertising that is suited to one’s preferences and such other information are obtained on a person through retinal scanners that continuously scans one’s location and other information such as the case in the plot which has a rogue officer of the law being subject of much fuss. This gives an insight into the possible future of the human race and how much information technology play’s a part in that future world where nothing is secret and just about anything with the right access can get enough information about you. Hot Forest’s introduction of biometrics-technology based interface system (initially a mouse) that have embedded medical grade sensors that monitor blood pressure and other vital bodily functions to indicate the productivity of their staff based on baseline information collected as the system is implemented. Their system, ‘OPTIMAL OFFICE’ monitor’s the health of their employees through sensors (heart rate monitors) and software helping management create a less stressful workplace. This allows offices to monitor their employees productivity by monitoring their blood pressure which is a sure sign of stress or too much of it allowing better management and control.

The system works and begins to provide important information about an employee who uses the system for more than 2 hours allowing the collection and collation of vitals which are compared and rated according to standards set by the medical field as either healthy or hazardous to one’s health. Management is then alerted to whether they are under or over stressed based on these information allowing the conduction of adjustments or other health analysis tests. This is said to promote a better office for healthy people who work happily are more productive. Though many see the system as too invasive, it may offer an insight on what tomorrow would hold for us as technology become’s more of a necessity rather than an addition to the way we live day by day.

Tags: Biometrics, Facial Recognition, Future Tech, IT Security Basics, Vein Mapping Technology

Categories: General, IT Security Basics, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies

1 Comment

The accessory cards for the standard PC has become so widespread that they come in many shapes and form allowing the connection of any number of security cameras. Triggered systems which rely on other security deterrents for activation allows the people monitoring the site to save on storage which used to be a bank of video recorders that were set to record in extended mode on a loop in a back office which was hopefully secure enough to prevent tampering and destruction by perpetrators. Off-site security allows monitoring over high-speed internet lines of the site without the danger of loosing valuable evidence in the form of video footage safely secured onto the company’s own storage servers or can be out-sourced to off-site data storage companies like Iron Mountain who specialize in secure and reliable data storage. The advent of high capacity hard drives like the Toshiba Terabyte Drive allows a huge amount of data to be stored with minimal hardware footprint. Seagate on the other hand has gone a step further by releasing hardware-based encryption in it’s hard drives which can be activated with the use of the Operating System making for one ultra-secure hard drive (well, till you forget the password or key to decrypt the drive making it useless or exceed the MTBF of the specified drive, ouch.. that’s 931 GB of lost data).
Security has become an ever present need and so is the drive to protect assets that are the essence of business organizations. These newer and cheaper versions of security systems add a level of security that assures us our assets stay safe and secure in the event of either man-made or natural disasters that are becoming quite common as life becomes harder and money is harder to come by turning people to a life of crime never before seen on this earth.

[tags]Securing Assets, Security[/tags]

Tags: Asset-Protection, Remote-Security-Systems, Security-Systems, Video-Surveillance, Wireless-Surveillance

Categories: Backups, General, IT Security Basics, Network Security, Privacy & Anonymity, Real-World Issues, Security Policies

1 Comment

Security cameras in its many shapes and forms have evolved into more of a necessity rather than a luxury usually available to those firms who could afford it. Developments in CCD technology and miniaturization of electronics components have allowed the price to fall steady making them widely available and easy to deploy. Similar to webcams, IP based security systems like the one from LPM, are now more and more becoming well accepted for like VoIP, it allows the video feed from a site hundreds of miles away to be sent over the internet to a security center in the company’s security center allowing centralized monitoring of warehouses and other facilities that would otherwise need security personnel saving in manpower costs.

The technology has evolved to a point that all one needs for IP-based security surveillance monitoring is a peripheral card one installs into the standard PC and the necessary cameras that are desired. Another deterrent of security systems of past was the requirement for extensive cabling which can be quite costly if one wishes to monitor a large area which needs to have all supporting cabling installed (power, video feed cables, audio cables, etc.). The advent of the many wireless radio communication technologies have also contributed to ease of implementation allowing wireless communication between a site’s central console and it’s subordinate cameras, who then send the information through the internet to it’s security base which can be a few blocs to hundreds of miles away.

[tags]Security Systems, Video Surveillance, Remote Security Systems, Asset Protection [/tags]

Tags: Asset-Protection, IP-Based-Surveillance, Remote-Security-Systems, Security-Systems, Video-Surveillance

Categories: Backups, General, IT Security Basics, Network Security, News, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage

Leave a Comment

Everybody loves free stuff on the web but once in a while, well, most of the time that is, we get duped for something that describes itself to be a free virus/malware removal tool ending up with more malware and viruses. These scams are all over the internet with many still falling for their lure of being what else, FREE.

These tools have flooded the internet and even with common knowledge that it is best to trust only programs and offers from reputable brands, many still fall victim. They can either be anti-virus or malware removal tools that are being offered as swift response to remove them from your computer system.

Big names in the Anti-virus and Malware removal development industry have known about this and they even advice that one not to trust programs even from them that are not from their own secure sites. Though they produce some of the most sophisticated virus removal and repair software but who knows what can be done if a hidden script was run while downloading their programs from unauthorized sites. McAfee, Symantec, Kaspersky are some of the most successful developers of such software that have stood the test of time. Even they are finding it hard to remove and repair the damage done by such malicious code due to the many forms and strains they are taking.

Sites that offer them without the authorization of the developer can include malicious code within the download causing more damage than you started with. For someone who depends totally on a computer system, it would be best to subscribe or purchase a virus/malware protection software which are now evolving into security systems that are customized based on a user’s needs. One can purchase them out of the box at computer retail stores or order and download them straight from their secure sites once subscriptions are done. Old software is available for renewal or discounted for re-purchase of newer versions which gives you the latest protection available based on their development. Updates are usually done online and can be done automatically is configured to do so. So to best protect yourself from identity theft, Intrusion, virus damage and malware damage install one right away for if you remain open to attack no one knows what could happen.

[tags]Computer Viruses, malware, Free Tools[/tags]

Tags: anti-virus, Malware-removal, Malware-Scams, Security-Software, Tools

Categories: Cryptography, General, IT Security Basics, Malware, Network Security, Operating Systems, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Spyware

8 Comments