Online Security Guide

Google Play Apps with Android Trojan

mae@softwarecasa.com — Thu, 03 May 2012 11:08:12 +0000

Security experts are warning of yet more malicious applications found on Google’s official online apps market Play, this time designed to steal personal data in the background while promising to show trailers for Japanese anime, video games and porn.

The new Android Trojan had been discovered in 15 applications on Google Play so far and downloaded by at least 70,000 users, McAfee malware researcher Carlos Castillo explained in a blog post.

“Due the privacy risk that these applications represent to Android customers, all of them have been removed from the market,” he cautioned.

The malware, specifically designed to target Japanese users, is hidden in apps which show internet-based video trailers.

Source: The Register

Website Security and The Power of Checkmark

skye@softwarecasa.com — Thu, 03 May 2012 10:58:13 +0000

Talking about cyber security, the two trusted names Symantec and Verisign had set up a joint cyber security to call it ‘The Norton Secured Seal’. Symantec’s Norton Secured Seal extends its strategy from providing Security Sockets Layer (SSL) certificates, into offering comprehensive website security solutions.

“It will be displayed more than half a billion times per day in 170 countries on websites and in search results on enabled browsers,” Symantec said. It added its consumer products are used by more than 150 million people worldwide and Norton products ship on more than 60 percent of Windows-based consumer PCs.

Christian Christiansen, program vice president for Security Products and Services at IDC, said this is timely in the wake of increasing online threats.

He said customers increasingly need confirmation that a website is “genuine and safe.”

“To answer this customer requirement, companies need to present customers with assurances of reliability. Therefore, the Norton Secured Seal, backed by Symantec authentication and security, is an important and recognizable trust mark for online consumers,” he said.

“Since acquiring the VeriSign Authentication business, Symantec extends the core foundation of SSL to offer the most comprehensive security portfolio in the market,” said Fran Rosch, vice president, Identity and Authentication of Symantec.

Rosch added Symantec’s shift to delivering Website Security Solutions further strengthens the protection of data and information in transit.
The Norton Secured Seal represents a major step in helping companies establish higher levels of website trust and confidence with their customers, Rosch added.

Symantec Consumer Worldwide Marketing vice president Sally Jenkins added Symantec and Norton’s combined brand equity have created the most trusted global brand for protecting information and identities online.

“Norton is committed to helping consumers stay protected, across all aspects of their digital lives. The Norton Secured Seal is backed by the trusted Norton brand and empowers consumers to browse, shop, and socialize online with full confidence that their personal information is secure,” she said.

The Norton Secured Seal provides further assurance to businesses that their customers’ online information and transactions are protected at all stages thru the more familiar Norton Safe Web, a site ratings service that makes it easy for consumers to differentiate between a safe and risky site.

It leverages Safe Web technology to provide users visual site ratings within search results before they visit a site. For consumers, the seal would let them know it is safe to communicate, transact and exchange information on that site.

It cited a U.S. online consumer study that recognition of the Norton Secured seal is high: 94 percent of consumers are likely to continue an online purchase when they view the Norton Secured Seal during the checkout process, more than other seals or when no seal was displayed.

Symantec added 90 percent of respondents indicated they would not continue a transaction if they saw a browser warning page indicating the absence of a secure connection.

Symantec said business customers will value the Norton Secured Seal, which can attract new visitors and potential customers who trust it.

Symantec began automatically updating all VeriSign seals with the Norton Secured Seal to websites worldwide starting April 17. This goes on for two weeks, with the seamless transition needing no action by current customers.

Worried about your security – Check Out Security Software here!

BitDefender Brings Home the Bacon in Anti-Virus Testing

mae@softwarecasa.com — Wed, 25 Apr 2012 09:54:38 +0000

AV-TEST has undergone rigorous testing of Bitdefender Internet Security 2012 recently and the award-winning provider of innovative internet security solutions,BitDefender, was named the world’s reigning anti-virus champion.

Bitdefender has won five rounds of AV-TEST trials in a row, and has awarded the highest score, 17 points, of all tested products in the initial round of testing,as well as the organization’s prestigious Best Protection 2011 Award.

BitDefender scored best in “protection against zero-day malware attacks, detection of malware discovered in the last two to three months, and widespread and prevalent malware,” according to AV-TEST. Bitdefender was also top in “cleaning and repair of a malware-infected computer” and “detection of actively running widespread malware.”

“It’s a consistently very well-performing product and the company well deserves the great reputation it has. It’s always a pleasure to test Bitdefender products and we’re looking forward to the new ones this year.” said Andreas Marx, chief executive officer of AV-TEST.

Source: Latest News on Online Security

Another Mac OS X Trojan Discovered

mae@softwarecasa.com — Wed, 18 Apr 2012 08:17:00 +0000

Costin Raiu, Kaspersky Lab security researcher, has discovered another Mac OS X Trojan. Dubbed Backdoor.OSX.SabPub.a (or just SabPub, for short), the malware uses Java exploits to infect a Mac, connect to a remote Web site, and wait for instructions that include taking screenshots of the user’s Mac and executing commands.

“The Java exploits appear to be pretty standard, however, (and) they have been obfuscated using ZelixKlassMaster, a flexible and quite powerful Java obfuscator,” Raiu wrote on the Securelist blog. “This was obviously done in order to avoid detection from anti-malware products.”

Raiu’s discovery comes as Mac users are on high alert over the Flashback Trojan, which reportedly infected over 600,000 Macs worldwide.

Source: CNET News

Who Are The Hackers?

mae@softwarecasa.com — Thu, 12 Apr 2012 17:57:22 +0000

Individuals and companies spend a lot of time and money on trying to prevent their computers from hackers. Why do hackers bother to work so hard trying to break through computer security? Hacking is a laborious task, involving long hours tapping away at a keyboard, normally alone. A ‘hacker profile’ drawn up following a survey of internet users does not paint a particularly favourable profile of hackers and their lives. Why be a hacker?

Hackers and their Motivations

To combat hacking, it is important that we understand the reasons for it. While some hackers may fit the popular image of a bored teenager causing havoc for fun, there are many other reasons for hacking, and some very sophisticated and motivated hackers out there.

The white hat hacker. These hackers work for security firms to find holes in computer systems. Sometimes they work freelance, finding problems that they then offer to fix for a fee (these are sometimes called ‘grey hat hackers’. They are ‘good’ hackers, although some might once have been ‘bad’. They find a problem, and offer a solution to it. This kind of hacking can be big business: even Facebook uses hackers to help it find potential weak spots in its systems.
The black hat hacker: These hackers are the criminal, malicious hackers who hack to make money. There is evidence that international criminal gangs are turning to hackers to try and make money, where in the past they might have been involved in the drugs trade. Criminal hackers look to hack business systems and steal personal data or gain access to sensitive corporate information that they can use to make money. It is these hackers that can affect home computers. While they target businesses, they often do so in order to get to individuals’ personal information or to extort money, as this scam affecting adverts on high-profile websites including the London Stock Exchange did.
Corporate hackers. Corporate hackers are employed by some businesses to try and steal trade secrets and pass them on to their employers.
Hackers with a cause. Not all hackers do it for the money. Some are on a political or religious mission to target governments or corporations that they have a grudge against in some way. They might sometimes just look to embarrass those they target, altering a website to ridicule a particular person, for example. With increased political and religious tension across the world, we may find that hackers have increasingly strong political motivations, and that hacking is used as a form of cyber-terrorism. The more serious among them might look to shut down vital systems and cause considerable damage to particular groups or countries. The hacking group Anonymous have recently targeted the Home Office website in a denial of service attack, which shuts the system down by flooding it with requests.
Government hackers. Governments sometimes employ hackers to spy on the systems of other nations, or even to attack them. Last year, the Pentagon declared that it considered attempts to hack its systems as an ‘act of war’. In theory, hackers could cause considerable destruction and even death if they broke into a government’s systems. The difficulty for governments trying to combat hacking is that there is no real way of proving where the hackers came from. It’s possible to trace hackers to a particular country, but not so easy to prove that they were in the employ of that country’s government.

What Can Be Done?

Hacking is so pervasive that it seems as if it is impossible to stop it. We spend time and money on combating it, but just as a shopkeeper cannot stop their shop being burgled by buying shop insurance, so internet security measures cannot stop hackers. The internet is by its nature vulnerable to attack. It has millions of users and no central control. The more the internet is used, the more vulnerable it becomes to attack. Part of the problem is that no-one envisaged that the internet would become quite as large and important as it has. The need for both companies and individuals to make money means that internet users of all kinds tend to cut corners. Will stopping cutting corners stop hacking? No, but it could certainly help.

On Online Security Guide you get tips and tricks on how to get the most out of Online Security.

How to Keep Your Mac Safe

mae@softwarecasa.com — Thu, 12 Apr 2012 14:34:02 +0000

The Flashback Trojan went viral last week, infecting an estimated 1 percent of OS X computers worldwide. While the infection rate has subsided since then, it doesn’t mean that there’s cause for panic, either. Here are some common sense, effective tips for safeguarding your Mac against more malware.

Get a security suite - While the Windows suites have gotten significantly better, their Mac counterparts have never taken such a harsh collective toll on their host machines. We recommend BitDefender for Mac.
Lockdown Admin privileges - Create a non-Admin account for daily use such as e-mail, browsing, and music and video watching. Jump over to Admin when its necessary.
Stay on top of software updates - Make sure that you let Software Update do its job. Programs are rarely updated on a whim, so make sure that you’ve got the latest versions because they may contain security fixes.
Ditch Adobe Reader if you can - If you must keep it around, make sure that it’s always updated to the latest version.
Get rid of Java and Flash, too - Again, this may not apply to you, especially if you run a program like Adobe’s Creative Suite which (I’m fairly certain) relies on Java for some tasks.
Take control of your passwords - As often as possible, use “strong” passwords. This means random multi-word passwords, separated by spaces.

Hope these tips will help you stay ahead of the bad guys.

Source: CNET News

Hackers Caused 750,000 People in Utah Unsecured

mae@softwarecasa.com — Tue, 10 Apr 2012 18:25:51 +0000

Health officials in Utah say 750,000 additional people, including many children, may have had personal information stolen by hackers.

Utah Department of Health spokesman Tom Hudachko (HU’-dak-ko) said Monday that about 250,000 Social Security numbers were part of the tens of thousands of stolen files, although many numbers didn’t include other information.

Hudachko says the victims could be Medicaid and Children’s Health Insurance Program recipients as well as anyone whose healthcare provider submitted their information to the state for possible Medicaid coverage within the last four months.

Utah Department of Technology Services Executive Director Stephen Fletcher says the hackers accessed a health department server that didn’t have a secure password. The agency originally thought the hackers stole 24,000 Medicaid claims but now estimate more than 200,000 files were stolen.

See Full Story Here!

Source: Yahoo News

Your Child and Online Security

mae@softwarecasa.com — Mon, 09 Apr 2012 18:12:18 +0000

While many of us are reluctant to see our children step beyond the garden gate on their own, and would think twice about letting them walk to school or to a friend’s, we are far more relaxed about the internet. According to the 2010 Sexualisation of Young People Review by Linda Papadopoulos, we grant out children independence in cyberspace early, with 99% of eight to 17 year-olds having access to the internet, and 60% of 12 to 15 year-olds saying that they mainly use it on their own. Worryingly, Papadopoulos found that almost half of children say their parents set no rules for internet use.

One of the problems with the fast-moving pace of technological change is that teenagers tend to be at least one step ahead of their parents. Even if parents do switch filters on (and many don’t bother or don’t know how to), older kids who want to get round them usually can. In their report “The Secret Online Lives of Teens”, McAfee and Harris Interactive found that more than six in ten teens say they know how to conceal what they do online from their parents. Nearly a third of teenagers clear the browser history before logging off and one in six has created secret social networking profiles or email addresses.

We wouldn’t dream of letting our children walk around an unfamiliar city on their own. However, if we allow them to navigate the internet alone, we are opening the door to a virtual world where our own map-reading skills are flawed. Once the cyber door is opened it can be difficult to close, and we are not able to accompany our children once they have passed through. It’s not like with television where we can check the schedules and know what programmes our child will be watching. With the internet, as Tanith Carey points out in her book Where Has My Little Girl Gone? (20011, Lion Hudson), a child “can travel into whatever realms (he or) she likes.” The internet becomes a “lawless private world where adults have no place.”

Internet security measures and filters are very important but to successfully protect our children online, we need to keep the conversation going, not abandon them to technology because it gives us a bit of peace and quiet. In fact, the more involved we are with our children’s computer use, the better.

One decision that can make a huge difference is whether to let your child have a computer in his/her room. Tanith Carey recommends parents insist that the computer their child uses is in a public place in the home, where it can be seen and shared by the whole family. While this isn’t fail-safe, it reduces the chance that your child will be tempted to browse for something unsuitable, knowing that you might walk past at any minute.

Younger children are likely to be pleased and excited to have a parent surfing along with them to start with. A good first step is to help them find a selection of sites they like and create a favourites list. As most under-tens are usually happy to stick with what they know, ask them to just access sites in that favourites list when they use the computer on their own.

When kids want to look further afield, give them kids’ search engines to use. Google and Yahoo are incredible resources, but the access they give to children is just too much. Kidsclick, Ask Jeeves for Kids and Looksmart kids are better alternatives. They are written in simple language and are easy to negotiate. Plus if children try the 21^st century equivalent of looking up rude words in a dictionary, no sexual or pornographic content will come up, even if they try searching for it.

YouTube is another amazing resource and can be educational as well as amusing and entertaining. However, be aware that the videos that appear as suggestions on the right-hand-side of the screen can quickly steer into nasty territory. For example, Tanith Carey mentions the “funny animal videos that teen girls love can quickly divert into subject areas that are more disturbing.” Take a few minutes to switch on the YouTube safety mode at the very bottom of the webpage.

As parents we need to teach our children a healthy scepticism, namely that information on the web is not always reliable and should not be taken at face value. We can do this by helping our children question what they see online. Ask them to work out who created a site and what is its purpose. Is it based on opinion or fact? Is it to educate, to entertain or to sell? When you’re using the internet, share the experience with your children. Obviously, be sure you pick appropriate websites, but next time you’re looking for a deal on the cost of posting USA parcels, or you want to get the best price for a train ticket, for example, show how you navigate the site, where the adverts are and so on.

Furthermore, it’s important to stress that not all websites are the same. “While they are still young,” says Tanith Carey, “most girls don’t want to come across scary or explicit material.” A good way of explaining it is to say that just as films have an age guidance rating, there are also websites which are not suitable for children. If your child does come across unpleasant material, your reaction is important. To keep communication channels open and to avoid future secrecy, don’t make your child feel like they are to blame; thank them for telling you.

The main message is to combine internet safety systems, and your own interest and knowledge with good, open communication. That way you can avoid losing your kids in cyber space.

On Online Security Guide you get tips and tricks on how to get the most out of Online Security.

Macs are Now Being Targeted by Hackers

mae@softwarecasa.com — Fri, 06 Apr 2012 18:52:39 +0000

More than a half-million Macintosh computers may have been infected with a virus targeting Apple machines, a warning from the computer security industry.

Flashback Trojan malware tailored to slip past “Mac” defenses is a variation on viruses typically aimed at personal computers (PCs) powered by Microsoft’s Windows operating systems.

The infections, spotted “in the wild” by Finland-based computer security firm F-Secure and then quantified by Russian anti-virus program vendor Dr. Web, come as hackers increasingly take aim at Apple computers.

“All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world,” McAfee Labs director of threat intelligence Dave Marcus told AFP.

See Full Story Here!

Source: Yahoo News

Two Young Hackers Arrested

mae@softwarecasa.com — Wed, 04 Apr 2012 18:13:44 +0000

A 17-year-old Dutch boy and an Australian teenager were arrested last week in their own countries on suspicion of hacking into servers in nine nations, South Korea’s Cyber Terror Response Centre said in a statement.

The centre, part of the National Police Agency, said four Dutch investigators visited Seoul in February after a college student there reported a hacking case involving the server of Dutch telecom firm KPN.

The purpose of the alleged hacking was unclear.

“This case underlines the importance of international cooperation in cyber crimes,” the centre said, adding data would be sent to Dutch police for criminal procedures.

Source: Yahoo News!