The movement to free Tibet from Chinese rule has had several web sites and organizations springing up to fight for Tibetan independence from the Chinese’s Communist Rule. The movement was threatened by the government to be met with force and it indeed was resulting in the much publicized crackdown on the remote Chinese territory. Their discovery of the Trojan, nicknamed FriBet by McAfee is quite unique in the sense that it is the only form of malware that has been specifically designed to attack a specific type of computer, one that supports the Pro-Tibetan movement. The said malware has been identified to have infected two web sites that have expressed support for the movement and the Trojan then seeks all databases that are linked to the said site. Visiting the said infected sites will trigger a seek operation that downloads the payload onto the machine which in turn spreads it to other sites that it visits.
This raises suspicion though the experts are not raising the idea that it may have been developed to wreak havoc on sites the Chinese government have identified as supporters. The Chinese link has yet to be officially declared but anyone knows these types of attacks are a common practice of hackers. The surprising fact is that it is similar to a patriot which locks in on a target which has been designated by mission control effectively getting its target in any weather. The aiming is quite precise which leads conspiracy theories to the conclusion that it may be an attack on these sites from the inside. Much is to be learned from the Trojan as it is tracked and detected throughout the globe. Major developers of anti-viruses have been able to remove and block it but unprotected machines may prove to be too easy a target for the Trojan.
Tags: Avert Labs, Malware Targets, McAfee, Tibet
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies, Spyware
In efforts to boost security, Paypal, one of the premier internet online payment providers is moving to block users who use older browsers to prevent weaknesses that these browsers possess. They have found that many users online still use old Microsoft IE 3.0 and 4.0 which have ended their support life a long time ago hence they do not have the needed updated security updates that are necessary to conduct safe and secure online transactions with regards to payments and other related business. Paypal has had a lot of bad publicity with regards to phishing and infiltration where people intercept and go on fake bidding sprees just to get at the vital financial information that people usually share over the network. In hopes of boosting security, they will be using script detection to begin blocking users and that they do apologize for all the inconvenience this may cause the millions of users who may be affected by their move. This comes as the amount of identity theft and other crimes have increasingly entered their ranks ending in much stolen information that leads to credit card fraud. Being the biggest, they are the most viable target for such hackers and they are trying to boost security on that front of the deal.
This would hopefully prevent more cases from developing and that any new ones will be ‘nipped in the bud’ so to speak.
Paypal and eBay have offered select users with a distinct security keys using VeriSign passwords that is to be transmitted during payment transactions which aims to prevent interception of the transaction information as it travels through the internet. Unlike specific credit card transactions that travel through dedicated lines which are now slowly being protected by PCI-DSS for improved security, regular PC do not have that much security hardware installed to protect them from interception by hackers who could tap into the network getting all credit card information for illegal purchases.
Tags: encryption, Paswords, PayPal, PCI-DSS, VeriSign
Categories: Cryptography, General, IT Security Basics, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies, Spyware
In the UK, identified sex offenders are facing bans from social networking sites which is to boost the reliability and security of having these social networksUK where surveillance has become a part of everyday life, with CCTV systems and all types of other video surveillance abound that may be possible with current facial recognition techniques that can scan a person’s face from any angle allowing identification without that person in question even knowing about it.
The intent is quite good but just how will these social web sites go about identifying sexual offenders is a very tough task indeed. With millions of registered users that span the globe along with the hundreds of social networking sites that may be next to impossible. Don’t expect these people to enter their true identity for that is the first thing they would make them most identifiable. To invent some form of technology that would brand them as such would be better and can indeed make the internet a safer place for all of us including your kids who are often the victims of such criminals.
Tags: Sex offenders, Sexual predators, social networks
Categories: General, IT Security Basics, News, Physical Security, Privacy & Anonymity, Real-World Issues
The Sans Institute has identified and determined the source of infections to some 20,000 web sites since January through research and extensive review of web sites and how they work. They have identified the point of entry for these attacks which capitalizes on a sneaky tool that uses Google’s search engine as it searches for specific types of vulnerable applications. They have also found that the process is automated, meaning they were not “live” attacks which has a user on the other end initiating it. The search tool works by finding vulnerable software and then executes a simple SQL statement that injects a script tag onto the discovered site. The exploit was designed to target Microsoft Window’s ISS which once infected, has the ability to infect all who visit the site. The sad side is that again, the malware is found and has been traced to report back to China which enforces more need for security on their side of the globe.
Their people were so thrilled at the discovery which they called a “GEM” due to the scarcity of such discoveries in the wild (internet). Discovery of such Trojans and other malware allows prompt response and sending out of updated signatures to anti-virus software and other intrusion prevention tools that prevents the spread to continue. They may have been lucky this time for the majority of malware out in the wild are not only very complex in terms of coding but have the ability to morph into totally different forms as they travel from computer to computer through the internet. The best way to avoid such problems would be to stay off the internet, which is next to impossible due to the current prevalence of the said technology in our everyday lives.
Tags: Google search tool, Malware, Web Site piggy-back
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies, Spyware
CNN, one of the US’s biggest media giants has been threatened by pro-Chinese activists as a target for attacks due to their unjust coverage of issues that concern the motherland (China). CNN International the web site, indeed suffered some form of DoS attacks which lasted 20 minutes but was halted due to unknown reasons. CNN has been criticized as too critical of the way the Chinese has handled the events in Tibet and that people are mad with their so-called one sided reports. The events in Tibet were hidden from the rest of the world when the Chinese cut off all internet connections and banned Western reporters from entering the area. Anyone caught within the exclusion zone were hastily sent out of the country in efforts to control the information that gets out of the territory which is moving for independence from China’s communist ways. Reporters were however allowed in only with strict government supervision.
The group claims to represent a majority of the Chinese public who have expressed disgust at how Western Media have been harassing China over issues that spans the whole country, from Tibet to the prevalence of piracy in all forms and shapes, China has managed to top all lists that lists it as haven for the top Hacker’s of the world, tainted goods and many more.
The attack on CNN was called off due to the news getting out and any attack could then be stopped. The exploratory attack did manage to impede access to users of CNN interactive but for the rest of the Western world there was no significant slowdown noticed. These kinds of attacks as well as others that have been targeted at many governments China have called as enemies of the state are commonplace, mostly being detected and dealt with promptly. There were repeated attacks on the Department Of Finance’s web site where identified hackers from China (where they were traced), and the US’s department of Homeland security has repeatedly called for the government to do something about such attacks. Many other such attacks that are aimed towards US firms have been found and discovered which raises the question wether the battlefield has moved into cyberspace not on the ground.
Tags: CNN, DoS Attacks, hacking, Media Targets
Categories: General, IT Security Basics, Malware, News, Real-World Issues
In efforts to boost their commitment to promoting better IT security, China has passed sentence on four hackers that were due to receive sentences ranging from two to eight years in prison. The four un-named cyber-criminals were given sentences of two and a half years which if one spends in a Chinese jail would be too long enough. They were however convicted not of cyber-crimes yet for “non-declaration of Income” which seems to overshadow their claims of boosting IT security measures. The convicted cyber-criminals were caught to have gained around a few thousand dollars of undeclared income which they got from information gathered through malware. China has repeatedly challenged allegations that they are the hacking capital of the world stating that they are victims instead of criminals in the IT Security scene. Their crackdown on Tibetan activists and supporters has again raised questions on the globalization policy of China as a country that is open for change in order to face the challenge of globalization.
The move is one of the many much publicized efforts by Chinese Authorities who say are doing all they can to stop the illegal activities that are happening within their borders. Their passing of the anti-hacking measures is seen as the harshest in the world and as said, the conditions in Chinese jails if taken into consideration would be too long for any length of time. They have tried hard to control the internet, by banning sites blocking access to external sites before they get to millions of Chinese users. People are suspicious of their motives for they emphasize more on the internal issues they have rather than those in conjunction with global matters such as the need for more intrusion prevention methods to prevent hackers from doing damage to all of us.
Tags: Chinese, Hacker Crackdown
Categories: General, IT Security Basics, Malware, Real-World Issues, Security Policies
Imagine having a form of windows that would run on the first versions of the P4 Intel Chip or on a Celeron, or the newer EEE’s and Ultraportables, wouldn’t that be a greener proposition than having to send tons upon tons of old computers to the recycling center (chips, computer chips are one of the most polluting products on earth due to the strict environment controls and exotic materials that are used in making them. The bad thing is that they’re so well made, recycling them to recover the precious metals can only be done through incineration to vaporize most of the packaging just to get to that precious couple of milligrams of silicon, lead or gold (plus many other exotic stuff they now use on these microprocessors).
Microsoft might still have it’s place in one of the most used Operating Systems but it’s time surely is numbered if they fail to follow suit on the open-system bandwagon which can have a basic web-server running on an old Pentium systems up and running in no time. Vista’s a flop (no doubt about it) and the announcement of a new OS from the software giant has put off more from shifting (even with the announcement of the mandatory phase-out of the selling of new machines bundled with XP). The genius of Bill might be needed (even though he has left the helm of the company again to come up with some concoction that would maintain the company’s grip on the industry it has so benefited from. “You see that light flashing in the corner of your eye? That’s your retirement light, and it’s flashing a bit faster every day)!!”
Tags: linux, Microsoft Windows XP, Ubuntu, Vista
Categories: IT Security Basics, News, Operating Systems, Real-World Issues
Many have been saying that time will come when the grip of Microsoft’s Windows on the market would be threatened by its own weight, the time is now. Gone is the time of the one size fit’s all philosophy and this is evident in their introduction from XP to Vista which not many prefer. The main reason, reliability of XP that has evolved since it was first introduced way back 2003. The OS has become so stable that it took the place of Windows 98′ as the preferred OS with all the right stuff in one neat package. That monopoly which has been held by the market is based on a one product fits all (through trim down versions and other editions such as the Media Center from 2005 which capitalized on the area of multimedia) This goes for all applications, from the home desktop, office laptop and desktops to server OS systems that are now feeling the crunch as people shift to more open-systems such as Ubuntu and Linux.
Why shift from a stable system developed by the industry’s largest and best developer, well, first they’re not the best anymore for the open-systems have gained ground allowing older PC’s to work at par as the latest multi-core driven computer systems. These alternate Operating Systems are developed and maintained by a group of industry experts and all users get to voice their needs and initiate changes according to relevance. The control Windows had with all the support and software updates coming from one big global company which sometimes doesn’t get what the user really wants (well, mostly really) has fed up most of us. Useless updates that make old systems slower, excessive overhead (in terms of disk space, memory and processor needs) and the notion that software drives the hardware development industry hand in hand rather than the hardware doing the same.
Tags: linux, Microsoft Windows XP, Ubuntu, Vista
Categories: IT Security Basics, News, Operating Systems, Real-World Issues
Yep, Microsoft the every surprise filled software developer who made Vista has now announced that the company will be extending the life of Windows XP till 2010. This overturns earlier announcements that they would be ending support and phasing out(which includes stopping the selling) of the most stable Windows Operating system ever. This is to give way to the newer Windows version, Vista which has again and again disappointed users even with the much promised improvements with SP1 (what…where?????? the improvements….. I see bugs, tons of them) which has failed to impress users from around the world. Big businesses are wary of the new operating system due to stability and support issues (which is only gathered from many years of continuously refining a program like XP, you’d think they’d have learned) which is still quite shaky at best.
The European arena isn’t too impressed either with the many lawsuits the company faced due to unfair commercial practices the software giant has allegedly committed(found Guilty and fined millions of Euros). The move may be a sign of what some bloggers are calling as a “continuing fiasco” regarding Vista’s capabilities which are irking more and more users everyday, having them revert to their old’ reliable XP installations for getting the simplest jobs done. Worst of all, better and improved versions of software from open-sourced communities and organizations is forcing big-M to do something fast for more and more are shifting to them for they are faster and better than Explorer with little overhead that eats up precious memory, hard disk space and video power.
Just hope the company would be more realistic than with their sudden twists and turns such as they have been doing in the last months regarding Yahoo and the announcement of other unusually generous gestures(again) from the company that is big-M.
Tags: Explorer, Microsoft, Open-Sourced
Categories: General, News, Real-World Issues
Recent studies are showing that having merely traditional Anti-Virus Programs Installed onto a computer is proving to be highly ineffective with today’s code morphing malware. The complexity and uncanny ability of these malware to change signatures defeats most if not all intrusion prevention systems. Hackers have also capitalized on the fact that users trust content that is seemingly from legitimate sources like the recent incident with a Goggle Mail application which is used to archive email from the email company’s servers which incorporated information gathering code. The problem was only found when a programmer unknowingly de-compiled the program and found an email address along with a log-in password to the program author’s mailbox. Upon using the derived information to get into the email account, he found several user information along with usernames and passwords of others who have used the program. He took drastic steps and deleted all information (email) he found not to be the author’s and informed the company which released the program about the incident. The developer simply said an error checking routine or some draft code was arbitrarily left within the released version. They promise not to do so in the upcoming versions of the said archiving program…. Yeah Right.
People have been warned again and again regarding the risk of getting free software and other free stuff that seemingly comes from legitimate sources (not the developer’s page) for they may have embedded payload which they unload once installed. Current Trojans also use swift actions to copy itself onto all peripherals(flash disk, digital camera, digital media players, PDA’s and other similar devices which can hide the code) attached to the system it infected so even a complete Operating System reinstall would only result in reinstallation if re connected to the same system. Other malware simply use the email addresses within certain programs like outlook and messenger sending out copies of itself to all those listed and infecting further computers as it travels all over the world.
The scenario has come to the point experts are talking about implementing a white list of sorts of all valid applications, sources for all legal and safe systems which are to be allowed access to their systems. This would have a sort of inventory program which keeps track from online sources of trusted sites and sources of files and rejecting those which are not included. Manual inclusion would be the Achilles’ heel of such an audit system for any wrong addition would again make it vulnerable to attack.
Tags: Anti-Viruses, Malware, viruses
Categories: General, Malware, Network Security, News, Real-World Issues, Spyware
The movement to free Tibet from Chinese rule has had several web sites and organizations springing up to fight for Tibetan independence from the Chinese’s Communist Rule. The movement was threatened by the government to be met with force and it indeed was resulting in the much publicized crackdown on the remote Chinese territory. Their discovery of the Trojan, nicknamed FriBet by McAfee is quite unique in the sense that it is the only form of malware that has been specifically designed to attack a specific type of computer, one that supports the Pro-Tibetan movement. The said malware has been identified to have infected two web sites that have expressed support for the movement and the Trojan then seeks all databases that are linked to the said site. Visiting the said infected sites will trigger a seek operation that downloads the payload onto the machine which in turn spreads it to other sites that it visits.
