Saturday, June 30, 2012

Law firms are a prime target for hackers

Mobile devices and apps provide multiple avenues for hackers to access confidential information


Laptops, cell phones and mobile apps for devices such as iPhones and Androids keep us constantly connected to friends, family and colleagues. Unfortunately, they also may be connecting lawyers to predatory hackers, according to an article in the Wall Street Journal.


Law firms are a prime target for hackers seeking to access valuable confidential information, such as documents related to upcoming mergers and acquisitions or litigation. Over the past few years, several Canadian and U.S. law firms have been targeted by hackers linked to Chinese computers, according to the article. In 2010, lawyers at Gipson Hoffman & Pancione received emails—ostensibly from members of the firm—that were designed to steal data from their computers.


At the time, the firm was representing a software company in a $2.2 billion lawsuit against the Chinese government and computer manufacturers. Emails are just one way for hackers to retrieve sensitive information. Popular cloud storage applications such as Dropbox, for instance, afford lawyers the convenience of accessing their files on multiple devices.


But these applications potentially leave information vulnerable to third parties—Dropbox reserves the right to turn over files in response to legal or regulatory requests.


To protect data security, many firms are advising attorneys to take increased security measures, such as encrypting messages, avoiding free Wi-Fi connections, password protecting their devices and deleting suspicious emails or text messages.


Read the full story at the Wall Street Journal.

Friday, June 29, 2012

Nigerian Scams Deliberately Designed To Target Stupid People


Why email scammers say they're from Nigeria?

A recent study found that email scammers really aren't interested in appearing believable because it would just be too expensive if everyone fell for it.

The research conducted by Microsoft’s Machine Learning Department, titled Why do Nigerian scammers say they are from Nigeria? found that the OTT scam email, complete with typos is a simple, cost effective way of weeding out intelligent people, leaving only the most gullible to hit.

"Far-fetched tales of West African riches strike as comical," wrote principal researcher, Cormac Herley in the study. "Our analysis suggests that is an advantage to the attacker, not a disadvantage.

“Since his attack has a low density of victims, the Nigerian scammer has an over-riding need to reduce the false positives. By sending an email that repels all but the most gullible, the scammer gets the most promising marks to self-select, and tilts the true to false positive ration in his favour.”

It seems to work. Just last year a Nigerian man was jailed for 12 years after scamming US$1.3 million. In 2008 an Oregon woman lost $400k to a similar scam.

So next time you open a scam email and think to yourself: "Why bother?" live happy in the knowledge you're not the target market.



Wednesday, June 27, 2012

Nobody can halt cyberweapons creation

Interesting read posted by New York Times - A Weapon We Can't Control


The decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush's presidency marked a significant and dangerous turning point in the gradual militarization of the Internet.


Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory. It is one thing to write viruses and lock them away safely for future use should circumstances dictate it. It is quite another to deploy them in peacetime.


Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyberweaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyberweapons outside any regulatory framework. There is no international treaty or agreement restricting the use of cyberweapons, which can do anything from controlling an individual laptop to disrupting an entire country's critical telecommunications or banking infrastructure.


It is in the United States' interest to push for one before the monster it has unleashed comes home to roost. Stuxnet was originally deployed with the specific aim of infecting the Natanz uranium enrichment facility in Iran. This required sneaking a memory stick into the plant to introduce the virus to its private and secure "offline" network. But despite Natanz's isolation, Stuxnet somehow escaped into the cyberwild, eventually affecting hundreds of thousands of systems worldwide.


This is one of the frightening dangers of an uncontrolled arms race in cyberspace; once released, virus developers generally lose control of their inventions, which will inevitably seek out and attack the networks of innocent parties. Moreover, all countries that possess an offensive cyber capability will be tempted to use it now that the first shot has been fired. Until recent revelations by The New York Times' David E. Sanger, there was no definitive proof that America was behind Stuxnet.


Now computer security experts have found a clear link between its creators and a newly discovered virus called Flame, which transforms infected computers into multipurpose espionage tools and has infected machines across the Middle East. The United States has long been a commendable leader in combating the spread of malicious computer code, known as malware, that pranksters, criminals, intelligence services and terrorist organizations have been using to further their own ends.


But by introducing such pernicious viruses as Stuxnet and Flame, America has severely undermined its moral and political credibility. Flame circulated on the Web for at least four years and evaded detection by the big antivirus operators like McAfee, Symantec, Kaspersky Labs and F-Secure - companies that are vital to ensuring that law-abiding consumers can go about their business on the Web unmolested by the army of malware writers, who release nasty computer code onto the Internet to steal our money, data, intellectual property or identities. But senior industry figures have now expressed deep worries about the state-sponsored release of the most potent malware ever seen.


During the cold war, countries' chief assets were missiles with nuclear warheads. Generally their number and location was common knowledge, as was the damage they could inflict and how long it would take them to inflict it. Advanced cyberwar is different: A country's assets lie as much in the weaknesses of enemy computer defenses as in the power of the weapons it possesses. So in order to assess one's own capability, there is a strong temptation to penetrate the enemy's systems before a conflict erupts. It is no good trying to hit them once hostilities have broken out; they will be prepared and there's a risk that they already will have infected your systems.


Once the logic of cyberwarfare takes hold, it is worryingly pre-emptive and can lead to the uncontrolled spread of malware. Until now, America has been reluctant to discuss regulation of the Internet with Russia and China. Washington believes any moves toward a treaty might undermine its presumed superiority in the field of cyberweaponry and robotics. And it fears that Moscow and Beijing would exploit a global regulation of military activity on the Web, in order to justify and further strengthen the powerful tools they already use to restrict their citizens' freedom on the Net.


The United States must now consider entering into discussions, anathema though they may be, with the world's major powers about the rules governing the Internet as a military domain. Any agreement should regulate only military uses of the Internet and should specifically avoid any clauses that might affect private or commercial use of the Web.


Nobody can halt the worldwide rush to create cyberweapons, but a treaty could prevent their deployment in peacetime and allow for a collective response to countries or organizations that violate it. Technical superiority is not written in stone, and the United States is arguably more dependent on networked computer systems than any other country in the world.


Washington must halt the spiral toward an arms race, which, in the long term, it is not guaranteed to win.


Source: New York Times

Monday, June 25, 2012

Recent Survey Reveals Banks Investing More in Emerging Technologies

2012's Top Anti-Fraud Tech Investments


Banks and credit unions say investments in enhanced fraud detection, monitoring systems and customer and member education top their lists for fighting fraud this year.


That's according to BankInfoSecurity's second annual Faces of Fraud survey. A full report on the survey is now available.


More than half of the more than 200 financial institutions that participated in this year's survey say they have increased funding for new fraud technology and personnel.


Top Anti-Fraud Investments


In addition to enhanced detection, monitoring and education, other top anti-fraud investments for banks and credit unions this year include:
  • Improved out-of-band verification;
  • Enhanced controls over account activities;
  • More internal and external audits;
  • Improved vendor management practices;
  • More anti-money-laundering tools;
  • Enhanced dual authorization through different access devices;
  • Improved tracking of high-risk customers and members.
Refer here to download the report.

Wednesday, June 20, 2012

Enable Do Not Track Feature In Web Browsers

How to enable the “Do Not Track feature” in a web browser, you are using?


You may not be aware about the all the modern web browser you are using, is tracking your every single details which might not be put to a good use, good or bad, not sure, but how would it feel if someone follows your every single click, every web page you are surfing, every single details you are entering somewhere and what it could mean, even I’m not sure.


But there are some features and settings which might put a stop on all these activities, a simple setting, a user have to tweak in order to enable the Do Not Track Feature. Most of the modern web browser supports “Do Not Track” Feature, it’s just you’ve to enable for it to work.


Let’s start with Google Chrome.


Unfortunately, there’s no built-in setting which you can enable Do Not Track feature in Google Chrome, but there are so many Google Chrome Extensions which you can use to add “Do Not Track” feature to it. So, simply use this Google Chrome extension to avoid any kind of web tracking. Just make sure you are using the latest Google Chrome web browser, at-least 17 or later. Add it, enable it, and you are free from spying.


Enable Do Not Track Feature In Mozilla Firefox



We don’t need any Add-on to enable Do Not Track feature in Mozilla Firefox. Just follow this quick tweak in Mozilla Firefox privacy settings and you are done. That’s the beauty of it.
  • Click on Firefox button.
firefox options tab
  • Move over to Options.
options tracking mozilla firefox
  • Under the Privacy Tab, check that box beside that says “Tell websites I do not want to be tracked”. Ok, and there you are, a free bird.

Enable Do Not Track Feature In Internet Explorer

internet explorer
To add that feature in Internet Explorer, visit this Do Not Track Test Page, and under the heading that says “To express your preference not to be tracked in IE9”, click on that link. Make sure you are clicking that using Internet Explorer 9.
tracking protection internet explorer

Thursday, June 14, 2012

Metasploit: The Penetration Tester’s Guide

Want a great book on Backtrack 5 and the Metasploit Framework?


Look no further than “Metasploit: The Penetration Tester’s Guide” written by the all star cast of David Kennedy (creator of the Social Engineering Toolkit), Jim O’Gorman (instructor at Offensive-Security), Devon Kearns (a BackTrack Linux developer), and Mati Aharoni (created BackTrack and founder of Offensive-Security). 


This is the most complete and comprehensive instruction book for Metasploit that I have seen so far. The authors walk you step by step, command by command through using the Metasploit Framework as a penetration tester. You move quickly from the basics of Penetration testing through using the platform to perform the different phases of intelligence gathering and exploitation. 


Excellent book for anyone interested in a hands on approach to computer security, the Metaslpoit pro who wants a great reference book and those new to Metasploit that want a step by step instruction manual.


Metasploit: The Penetration Tester’s Guide – Check it out!

Tuesday, June 12, 2012

Password-Strength Checker

Check your password—is it strong?


Learn how to use the Password Strength Calculator to test the strength of your password security. Online password strength checker for secure passwords from Microsoft.


What is a strong password?


The strength of a password depends on the different types of characters that you use, the overall length of the password, and whether the password can be found in a dictionary. It should be 8 or more characters long.


For tips about how to create passwords that are easy for you to remember but difficult for others to guess, read Create strong passwords.


Refer here.

Sunday, June 10, 2012

Apple has released IOS Security

Apple IOS Security


Apple normally stays very quiet when it comes to discussing the security mechanisms of its products. Apple has released a document that will make life a little easier for anyone responsible for securing iOS devices.


The document, titled iOS Security, provides details on the system architecture, encryption and data protection, network security features and device access for iOS devices. If you develop policies and/or mechanisms for BYOD security, this is recommended reading. 


From the Apple iOS Security document:


“This document provides details about how security technology and features are implemented within the iOS platform. It also outlines key elements that organizations should understand when evaluating or deploying iOS devices on their networks.”


System architecture: The secure platform and hardware foundations of iPhone, iPad, and iPod touch.


Encryption and Data Protection: The architecture and design that protects the user’s data when the device is lost or stolen, or when an unauthorized person attempts to use or modify it.


Network security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.


Device access: Methods that prevent unauthorized use of the device and enable it to be remotely wiped if lost or stolen.”




Is Apple now recognizing the growing threats their products face? Prior to this, security researchers have traditionally had to rely on reverse engineering Apple’s products to better understand their security mechanisms.


Refer here to download the document from Apple website.

Friday, June 8, 2012

How hackers could bring down Boeing's new Dreamliner jet

There is a hidden "back door" in the jet's computer chip


It would usually be a fairly safe bet to assume new passenger planes would be protected from hacking attacks, however this may not be the case with Boeing's new Dreamliner jet.


Experts have claimed a hidden “back door” in a computer chip used in the jets’ computer systems could be exploited by cyber-criminals in order to override and control the planes, the UK’s Guardian reported.


Researchers Sergei Skorobogatov of Cambridge University and Chris Woods of Quo Vadis Labs sent out a warning to governments around the world after reportedly discovering the hacking method. "The great danger comes from the fact that such a back door undermines the high level of security in the chip making it exposed to various attacks,” they noted in a document cited by the Guardian.


"An attacker can disable all the security on the chip, reprogram cryptographic and access keys… or permanently damage the device." Woods claims the “back door” is inserted into a device for extra functionality, offering a secret way to get into the chip and control it without needing an encrypted channel.


The chips are used in areas such as communications and consumer products as well as the military, medical and automotive industries.


Source from News.com.au

Monday, June 4, 2012

Free Framework for Vulnerability Reporting

Breach Info Sharing Tool Enhanced


The Industry Consortium for Advancement of Security on the Internet has introduced an enhanced version of its free security vulnerability reporting framework designed to ease the sharing of breach information.


The framework enables stakeholders across different organizations to share vulnerability information in an open and common machine-readable format. ICASI, a non-profit association of eight major information technology companies, says Version 1.1 of the Common Vulnerability Reporting Framework offers users a more comprehensive and flexible format, while reducing duplication and the possibility of errors.


"CVRF replaces the many nonstandard reporting formats previously in use, thus speeding up information exchange and processing," the association says. Russell Smoak, ICASI's president, in an earlier interview with Information Security Media Group, explained that the framework allows for consistency among vendors, researchers and customers in exchanging vulnerability information. "It speeds the response in the event of a breach," he said.


For example, by using the framework, an organization that's a customer of three companies that have all been affected by a data breach could receive consistent reports and then more promptly take appropriate action, Smoak explained. The framework is available for free at the consortium's website, which also includes information about a May 30 webcast on the framework.

Saturday, June 2, 2012

Ongoing Investments Have To Be Made To Protect Corporate And Online Perimeters

Why Hacktivists Attack?


Hacktivists usually attack because they want to embarrass their targets.


This week, Anonymous took credit for hacking a server at the United States Bureau of Justice Statistics, copying 1.76 GB of data and posting it online.


Why? "... to spread information, to allow the people to be heard and to know the corruption in their government. We are releasing it to end the corruption that exists, and truly make those who are being oppressed free," hackers claiming to be part of Anonymous posted on AnonNews.org.


Another example: this week's takedown of WHMCS, a UK-based online billing platform used by Web hosting providers throughout the world. The hacktivist group known as UGNazi took credit for a breach of WHMCS's database - a breach that likely exposed details on 500,000 payment cards.


The group also launched a denial of service attack on one of WHMCS's servers, which ultimately took the platform's site down for 24 hours and disrupted service to its global client base. Why? UGNazi says it targeted WHMCS because the company refused to address security vulnerabilities.


In a May 23 post on Pastebin, UGNazi hacker Cosmo says WHMCS's database was leaked because the company ignored UGNazi's warnings about security concerns linked to its Web hosting provider, HostGator.


Cosmo writes: "It is now 2 days after the attack from us and the site is back up and it still remains on HostGator after Matt knows it is insecure. ... We laugh at your security."


UGNazi hackers reportedly socially engineered customer service reps at HostGator into coughing up admin credentials to WHMCS's servers.


How could WHMCS have avoided this attack? Perhaps by publicly responding to the threats and admitting it needed to enhance security.