IT Security Blog

Scan Storage Devices before Enabling

By

Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.

Scanning Protocol

For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.

Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.

[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]

The Price that Facebook has to Pay

By

Facebook and other popular social networking sites today have another thing to consider and this is concerned with the security risks that they may become susceptible with. Bear in mind, one thing that hackers and malicious-minded geeks want to do is to test the mettle of successful sites and Facebook happens to be one of them today.

Such a task is something that has to be addressed by successful developing companies such as Facebook. With a growing network and rising popularity, hackers and scammers pry on their success to be popular as well. But knowing how much developers have invested in these sites, you can almost be assured that they have thought of that. But considering the level of security is another thing since it only takes one minor flaw to make life a living hell for online and social networking sites.

We have seen sites in the past encounter such problems. While it would be best to avoid waiting to be another victim, Facebook and other social networking sites would do well to make sure they don’t limit their investment in this aspect. After earning millions from successful sponsorships and adsense earnings, the least they can do is put a portion of these earnings into site security.

Social networking sites such as Facebook, MySpace and LinkedIn are fast emerging as some of the most fertile grounds for malicious software, identity thieves and online mischief-makers. And while some of the talks given here at Black Hat, one of the larger hacker conferences in the country, would probably make most people want to avoid the sites altogether, it turns out that staying off these networks may not be the safest option, either.

Source

Secure Your Wireless Networks with Authentication Codes

By

Today, we see a lot of places that have Internet access. And it is not about plugging up your laptop to cables. They are wireless. With that in mind all you need is a Bluetooth adapter that can detect these wireless networks. Normally you can surf away. But for some networks, there are codes that you have to input since not all air born Internet access is free for some places.

They would normally have a common username and password for people to use. Owing to the fact that they can make money from it or make it a privilege from patrons who avail of other services, wireless Internet is really more of an add-on. For others however, it is about security as well as routers in place can be susceptible to malicious files such as viruses which can be injected if some network administrators are not careful.

You really cannot blame such networks from employing such defensive security measures. At the rate that hackers and harmful files can be solicited over the web these days, safeguarding you equipment and files is a definite priority. Internet access through wireless technology is indeed a breakthrough but it also provides a threat for networks that are not careful on who can access them.

Hence, outside that of trying to control the number of devices accessing a network, it is a security measure to configure wireless networks and limit the ones who are given access. There is no telling what things may occur, and normally they are not favorable.

The Cat’s out of the Bag (Part 2)

By

The admittance by an executive from within the industry was sure to happen and doing so may have given more importance on how you implement online security at home and in the office for knowing you are never always protected is the norm of the internet. There is no one software or provider that can promise total protection whatever the case and you are always infected with one form or the other how ever expensive the anti-virus software you have installed on your computer system. The industry is also in a dilemma of how best to present information on the ones that got away and caused mayhem before they caught it and issued a cure. You only hear of the ones they get and not the other way round, why, it’s bad for business. Getting your clients to know that they are not the total solution might get them thinking that if that’s the case, why spend hundreds if not thousands of dollars a year for something that may be effective? There are even instances that these programs that are designed to protect us from viruses and malware being infected and doing the dirty work themselves.
All the hype about technology and new software development tools also mean nothing for the very people who does the programming for these anti-virus programs also have the ability to use it for no good. The reality of using the net is to accept the fact that every click may be your last and that is the gauntlet you walk each and every day as you surf, download and do whatever you wish over the internet. True that it has allowed us more freedom and information but it also opened up the world to these scoundrels who are up to no good.

Bottom Up IT Security not being taught to Students

By

itsecurity.jpgAs it turns out, students in the many fields of IT such as software development are still being taught the lessons of old and not being taught how to pro-actively design software to defend itself from attack. This is the result of a recent survey which shows that many programmers and developers to be are not getting ample courses in integrating security into their systems. They are left to fend for themselves and have to rely on patches to overcome development bugs that could have been fixed before they became problems in the first place.
I started out as a programmer in the glory days of FoxPro and C++ and such events that we have now are non-existent or are not as malicious as they are now. Back then, they simply messed up the display of garbled the contents of a floppy with no bearing on Phishing or Vishing and the myriad of stuff today’s malware do. Security has become such an issue with development that people today have to rely on anti-viruses and other intrusion prevention systems for their systems to remain reliable. Incorporating more security into applications would prevent weaknesses even if bugs are present in the program for no system is totally fool-proof. We would still need these intrusion protection systems yet not as highly dependent on them for basic security needs.
Most companies rely on million dollar contracts with software developers who design software to protect their software, McAfee, Symantec and many other security software developers have shifted focus more on intrusion prevention and less on anti-viruses for today’s malware have gotten to a level of sophistication that they can self-modify themselves to elude anti-virus programs of the past. Integrating encryption and other security provisions into the software itself may take longer but it would provide a level of security that hackers would not find easy to break. Education is the key and knowledge is power, so giving the next generation of developers the knowledge to incorporate security greatly increases the level of power over these malicious programs and the hackers who make them.

OS Updates, Patches and Service Packs – What they’re not telling you (Part 2)

By

privacy.jpg
Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).

Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).