Tips On Optimizing Your Internet Security

While you browse through internet with gay abandon, someone might be spying or hacking your computer security to steal your passwords and other important details from your computer which you might not be even aware of. With increasing number of virus vulnerability, spying and hacking threats taking place in the World Wide Web, it has become immensely essential to ensure that you network is fully secured from the external threats.

Following are some of the most important steps you must take to optimize your internet security

Installing Anti-virus Software: New viruses and threats are being discovered every single day and therefore, you must install some really effective anti-virus software on your system to ensure it doesn’t get virus affected. However, merely installing these softwares may not be enough – you need to update them with the latest updates available. Some of the most popularly used anti-virus softwares are Norton, AVG, Panda, Avasti and McFee.
Anti-Spyware Software

The spyware softwares are considered to be more dangerous than viruses and worms. While viruses corrupt your system files impending your normal processing speed or destroying the information on your system, spyware softwares literally install them on the system and, without your slightest knowledge, they steal vital information such passwords, SSN and credit card numbers stored in your system to their server. Hence, you must install some efficient anti-spywares on your system to protect your confidential data. Some of the most popular anit-spyware softwares are Spyware doctor, AdWare and Microsoft Anti-spyware.
Password Protection Advice

Passwords are the most important part of different online accounts. They are used to perform a wide range of online transactions and other activities such as e-mail on the internet. Hence, exposing your passwords is like making your money in bank vulnerable to stealing. Therefore, it is advised that you should not keep same passwords for different accounts. Further, you should not use guessable characters in your passwords such as you date of birth, you telephone numbers etc. it is always advisable to keep your password fairly long using a combination of both alphabets, letters and special characters as well. Moreover, you should never access your emails from any link in email; rather, you should open a fresh page for that.

Apply Latest Updates and Patches

No matter how efficient your anti-virus or anti-spyware softwares are; however, they are always prone to new threats. Hence, you need to update them latest updates and patches to ensure you machine is fully protected.

Firewall

Firewall protects you from potential hackers who can possibly hack your system and find out the vulnerabilities in your machine. Hence, install Firewall on your system to stop block the intrusion of unauthorized traffic or applications to your machine. Some of the very well-known Firewall softwares are Norton Internet Security and Zone Alarm.

All these software can be downloaded freely from the Internet with different versions. While downloading some versions might cost you a few bucks, but it is worth the spending. You should also keep on searching the net to update yourself on the latest anti-virus and anti-spyware tools being developed and available in the market so that the private and confidential information on your machine remain truly private and secured

Hacker taunts eBay with attacks

Who is Vladuz? Since at least the start of this year, eBay has been looking for this hacker from eastern Europe. According to evidence seen by the Guardian, he is able to see the listings of and listen to telephone conference calls within eBay. Sources in the hacking community say that he claims to be listening in on some meetings held by eBay chief executive Meg Whitman.

Says eBay: “This fraudster is known to eBay, Romanian authorities and the US Secret Service who are all working towards securing an arrest and successful prosecution.”

Concerned to reassure users, it adds: “The central eBay site is and always has been secure.” The company says, however, that the “phone system is ‘open’ because we conduct calls with external parties who need access to it. Confidential calls made through our system require separate security information.”

Despite the reassurances, this is not the first time Vladuz has embarrassed eBay. And he is extremely good at covering his tracks. “He covers himself very well with Gmail, and uses anonymous proxies [remote computers] to access those accounts too,” says David Steiner, editor of online auction news publisher Auctionbytes.

Hacker’s background

What is known from the hacking community is that the individual is in his mid to late 20s and has a strong background in programming. He operates from Romania, where he was born, and has years of experience working in a corporate environment.

He also has a history of both operating and facilitating eBay-based scams. As early as 2004, someone calling themselves Vladuz was selling a set of PHP files designed to create phishing sites that would collect eBay data. “It is a very basic SDK [software development kit], allowing script kiddies to set up a phishing email scam,” says Simon Heron, director of UK security company Network Box. “It sets up a website that uses as much as it can from the genuine eBay site to give it the right look and feel. The logon and password are sent to the scammer.” In the readme file that he used to distribute the kit was the message: “Well go there and scam the fucking bastards! For ANY scam email me and I’ll do it in max 30 hours.”

While he has been in operation for several years, the spotlight has only recently fallen on Vladuz. He first came to notice in December, when Rosalinda Baldwin from The Auction Guild, an independent publisher that monitors eBay’s activities (auctionguild.com), began seeing large numbers of fake auctions emerging from Chinese scammers using accounts hijacked from their real owners. “Researching that, I came across the name Vladuz in association with someone writing programs that Chinese hackers were using and building on to do these hijacks,” she alleges.

At the start of the year, he turned up again, this time posting several times on eBay’s forums. His posts were coloured pink, indicating that he was posting as an eBay employee. The company said that the pink postings were due to a handful of compromised eBay accounts.

“The funny thing was that he emailed through eBay, and when he was doing that he emailed me eBay employee passwords and user names,” says Josh Shaffer, who founded the site FireMeg.com, which attacks the auction site’s management.

In February, he attempted to highlight perceived flaws in eBay’s security systems by publishing a plugin for the Firefox browser designed automatically to solve eBay’s “Captchas”. A Captcha is a security challenge displaying distorted text which users must type in to prove that they are real people. They work because the text is supposed to be too difficult for computers to read. Heron confirms that the plugin code (linked to a site registered with a stolen credit card) was clean; it only did what it said, without tricking the user. But others suggest that there was a payload: it directed users to a site with a Romanian domain hosted by Yahoo! (now taken down), which reportedly required users to enter some credentials. That could be a phishing route.

The most spectacular hack for which he has claimed responsibility involved the posting of at least 1,200 eBay users’ personal information on an eBay discussion board late last month. The postings stayed up for over an hour, in spite of complaints from users, before the whole board was taken down. The company insists that the credit card details posted did not belong to users.

What drives Vladuz? “He told me in one email, ‘I’m not a good Samaritan. I’m in it for the money’,” says Baldwin. “It sounds like he’s selling the tools as well as using them.” But other incidents on eBay point to different motives. Days after the credit card hack, the “About me” page for eBay lawyer Scott Noyce was altered and his personal details were posted on the page. At the bottom was the signature “SGI Inc – V”. SGI stands for Solutions for Generating Income, and is the name that Vladuz gave to the team of people that helped him to run his scams earlier in his career.

He used a thread on the auction watching site Pheebay.com to boast of the Noyce incident and also to claim responsibility for the credit card hack. On that thread, he pointed to a February report about Noyce contacting German scam monitoring site Falle-Internet.de. The letter threatened them with legal action unless they took down some eBay-related pages. “Revenge time,” said Vladuz.

“I demand an explanation,” posted one eBay user on an eBay forum a week later, when his account was mysteriously shut down and reinstated. Another replied that the same had happened to him, accompanied by an email that read: “Stop saying shit stuff about me, asshole. vladuz.” eBay posted a response saying that the hacker had found some old administrative functions that had not been turned off after a security change. “We are undergoing an audit to ensure obsolete code that may still exist for other reasons is secure,” it said.

Security fears

“If there’s an administrative portal that was visible on an external server, how many other scammers have been using that?” asked Ed ‘Doc’ Koon, who runs the eBay monitoring site ebaymotorssucks.com. In the past few months, eBay has downplayed Vladuz’s significance, but Koon is one of a number of eBay watchers who believes that the company’s security is far from watertight.

eBay makes the rules of engagement clear for customers, describing the dangers of phishing emails that lure users to enter their details into fake eBay sites. But what about the redirect scams? “You have people actually embedding in auction pages redirects to fake sign-in pages,” says Pheebay. Clicking on a valid eBay page would thus take you straight to a phishing site. “I probably get a couple of emails a week from people that fall for these redirect scams,” says Koon. Redirect scams have been seen on eBay for more than a year. “I had one last week from a guy who sent $7,200 for a 57 Chevy convertible,” Koon says. “Hello? Your money’s gone.”

Others worry about “second chance” scams, in which fraudsters contact auction losers pretending to be from eBay, offering them the chance to bid on an item again. The link takes them to another site where their information is stolen. “How are these scammers getting these peoples’ direct email addresses?” asks Koon.

Rodger Flemming, who helps run Falle-Internet, speculates that scammers may have access to the eBay database. Screenshots of tools) purported to have been created to manipulate eBay’s systems have been posted on eBay watchers’ sites, but it is difficult to prove their authenticity. eBay maintains that the website has not been hacked, but such denials are always tainted with the obvious question: how can you be sure? When presented with news of the recent phone system hack, which targets internal corporate systems rather than the website, eBay admitted that it had no knowledge of it.

Intimate knowledge of systems

That hack, revealed to the Guardian by a source close to Vladuz, demonstrates an intimate knowledge of systems central to eBay’s day-to-day business operations. It has given the hacker access to a broad range of information. And nobody knows for how long Vladuz may have been eavesdropping.

While the community mulls these issues, some have said that Vladuz could be more than one person. Another theory, perhaps both more likely and more frightening, is that there are more like him. “There are thousands of hackers. It doesn’t make much sense that he’d be the only one out there,” says AuctionBytes’ Steiner. “It makes no sense to me that if these things are as wide open as he says, he would be the only one.”

And there’s the worry. For every loose-tongued, forum-happy blackhat, there could be many silent, disciplined ones. This latest revelation will do little to reassure users. Millions of dollars each day are transacted via eBay. The company made a net income of $1.1bn (£543m) last year on almost $6bn of revenues, and people depend on it for their livelihoods and it is a linchpin of the online economy. But just how safe is eBay from the dark side of the web?

Worst Cybersecurity Meltdowns

Most computer-security professionals don’t believe in security.

To those who know better, a computer network can never be “secure”–only “more secure.” In other words: No data is absolutely safe.

“There’s a vulnerability in every system,” says James Lewis, researcher at the Center for Strategic and International Studies, a public policy research organization in Washington, D.C. If it’s not a faulty firewall or an unprotected mobile device, he says, “it can be as simple as an employee’s password written on a yellow post-it note.”

That means a hacker with enough time, resources and skill can break or break into any network–no matter how seemingly well-protected. “If there’s something inside of a system that’s valuable to someone, they’ll eventually find a way to get it, regardless,” says Dave Marcus, researcher at security giant McAfee  (nyse: MFE -  news  -  people ).

Total cyber-devastation is extremely rare. Far more common–but still damaging–are the high-volume crime spikes, spam e-mail distribution and “phishing,” a pernicious technique for stealing credit-card information. (For more on online scams, check out “Where The Scammers Are”.) The carnage is hard to pin down in dollar terms, but Marcus Ranum, chief security officer of Tenable Security, says it’s “billions upon billions”–far more than all “major” hacking incidents combined.

“It’s like being put in a room with a billion mosquitoes,” he says. “Each bite doesn’t hurt, but in the end you die, because they suck you dry.”

Occasionally, though, hackers bring their full force to bear on a single target. When they do, the results can cost weeks of lost productivity, reveal private information and sometimes wipe out a business altogether.

If anyone should know how to thwart a hacker, it’s the folks at the Pentagon, right? Wrong. In September, Pentagon officials revealed to the Financial Times that Chinese cyberspies had spirited away an unknown amount of the Department of Defense’s e-mail data, potentially gaining access to classified documents. Parts of the Pentagon’s network had to be shut down for more than a week.

Around the same time, military contractors Boeing (nyse: BA – news – people ), Northrop Grumman (nyse: NOC – news – people ), Raytheon (nyse: RTN – news – people ) and Lockheed Martin (nyse: LMT – news – people ) were also hacked from computers in China, according to industry sources. (For more, see “Cyberspies Target Silent Victims”.) Alan Paller of the SANS Institute says that many of those breaches may have involved a technique known as “spear phishing”–impersonating a high level official’s e-mail to lure employees into revealing their security codes.

If the nation’s most sensitive military data is vulnerable, then hacking sloppily protected commercial networks is a cake walk. This year is on track to become the worst of all time for private data breaches, including the largest single consumer-information theft in history, perpetrated against retailer TJX (nyse: TJX – news – people ), owner of TJ Maxx and Marshall’s.

In January, TJX revealed that hackers had gained access to more than 45 million users’ credit-card information. According to an investigation by Canada’s Privacy Commission, the hackers likely used a long-range antenna to tap the stores’ wi-fi networks. Unraveling an outmoded wireless protocol called WEP, the electronic intruders spent more than a year and a half from mid-2005 to December 2006 stealing reams of private financial data. By TJX’s own accounting, the theft has cost more than $256 million. The security firm IPLock and others say that the legal and reputation-damaging repercussions of the event may eventually cost the firm more than $4.5 billion.

Then there are bad guys who set out to destroy organizations altogether. Earlier this year, cybercriminals took aim at a group of online businesses and non-profits like scam.com, scamwarners.com, and 419eater.com, which try to identify and shut down online credit-card scams.

A barrage of “distributed denial-of-service” attacks flooded the sites with traffic from botnets, groups of thousands of PCs unwittingly hijacked with hidden software. At their peak, the attacks were flooding the sites with more than a billion bits of data per second, according to Paul Laudanski, the founder of CastleCops, one of the victims. That fire hose of electrons was far more than the servers could handle. Almost every target went down for days; one, Fraudwatchers.org, remains offline.

In May, such grudge-hacking reached a new level: international cyber-warfare. When the Estonian government announced that it was relocating a Soviet war monument in Tallinn, the country’s capital, the local Russian community took to the streets in protest. Russian hackers, meanwhile, took to the Net, launching waves of distributed denial-of-service attacks against the country’s government, banking and media Web sites, using thousands of personal computers hijacked with hidden software to overload the servers. Many sites were down for more than a week.

Estonia originally blamed Russia’s government for the cyberblitz, but no direct connection between the hackers and the country’s government could be found.

One-Stop Shopping for Hackers

A new Eastern European Web site uses a large botnet to infect vulnerable PCs–clients are charged for each successful PC infection.
Security researchers studying the latest Internet crime trends have discovered a new Eastern European website that uses a large botnet to infect vulnerable PCs. The operators of the botnet and website charge clients for each successful PC infection.

The site is likely based out of Russia, according to the security researcher’s sources who asked to remain anonymous because of their underground intelligence work. While the front-end website, called loads.cc, doesn't appear to contain or deliver malware, readers are strongly urged to avoid visiting the site in case malware is present and because the site likely logs the IP addresses of its visitors. (The “.cc” Internet domain is assigned to the Australian territories of the Cocos and Keeling Islands.)

The sources discovered the site while performing forensics on some servers known to host malware. They say that, when last checked, loads.cc was still in operation.

A view of the loads.cc homepage, provided by researchers.

This service is another example of a service-based hacking product, similar to others recently reported here, that opens up Internet crime to less technically proficient criminals. Rather than compete with some of the other services, it actually complements them.

Whoever is running loads.cc controls a botnet that may include up to several million PCs in its network, according to the sources. The operator of the site provides real-time information on the size and availability of the botnet. The site operator charges clients for using the botnet to infect computers with whatever malware the customer chooses. The going rate at the time of its discovery was about 20 cents per “load,” or per successful injection into a vulnerable PC.

A client can ask in advance for a certain number of infections, say 1,000 infections for a $200 fee. Customers can also pay for loads based on country, IP addresses or other attributes. Once the job is done, the client receives a report-essentially an itemized bill-of the IP addresses where loads were successful. Then the perpetrators can pursue their goals: For example, they could potentially distribute spam, grab PC owners’ online banking information, or steal log-in credentials.

This is slightly different than the service model used by the criminal hackers behind the Gozi trojan and 76service, as reported in a special report. With 76service, clients paid for access to a form-grabber that had already infected the machine. This made each infection more expensive, since access was mostly exclusive and the trojan was already installed and operating on behalf of the buyer. With loads.cc, the client is paying to infect the machine in the first place, with whatever malware the buyer chooses. (The Gozi trojan resurfaced this week being distributed via PDF spam.)

The business model behind loads.cc creates several concerns. The botnet is available to anyone, and loads cost only 20 cents each. This could lead to a set of “super-infected” PCs that have several-possibly dozens-of bots loaded onto them. That, in turn, could lead to a proliferation of malware-so much that it could make infected PCs virtual battlegrounds for control over that machine.

The sources also worry about similar services creating a hyper-botnet in which the current botnet is used to load executable files that spread bots to other PCs, which in turn do the same, creating a viral effect.

Chinese Hackers Targeting Government Networks in US, UK, Germany

Sophos is reminding businesses of the importance of properly securing their computer systems following news stories that have claimed Chinese hackers have targeted government networks in the United States, UK and Germany.

The Financial Times has reported that the Chinese military are being blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary Robert Gates. Unnamed sources are said to have told the newspaper that the People’s Liberation Army (PLA) were blamed in an internal investigation for perpetrating the attempted hack. Media reports in The Guardian claim that the British and German governments have also been subject to similar probes by hackers working for the PLA.

The Chinese foreign ministry has vigorously denied the claims, and said it works hard to fight cybercrime. US President George W Bush has said that he may bring up the issue with the Chinese authorities, explaining that America’s relationship with the country was “complex”.

Experts at SophosLabs warn that all businesses and organisations, not just governments, need to defend themselves from the threat of cybercrime.

“There simply isn’t enough information for us to be able to provide an opinion on whether these attacks were sponsored by the Chinese military or not, but these reports do underline the importance for everyone to make computer security a priority,” said Graham Cluley, senior technology consultant for Sophos. “Internet hackers can hide their tracks, hopping from computer to computer, and leapfrogging around the world, making it very hard sometimes to determine precisely who is behind an attack. There is no doubt, however, of the importance of securing critical computers inside government from hackers whether motivated by politics, espionage or money.”

Sophos does believe China to have an important part to play in the global fight against cybercrime. Research reveals that country presently accounts for 44.8% of the world’s malware-infected webpages.

“Although a worrying number of Chinese-based webpages are being found containing malicious code designed to infect web surfers worldwide, it does not necessarily mean that the criminals behind these attacks are based in the country,” continued Cluley. “Cybercrime is a truly global problem and all businesses must ensure they are properly protected.”

Two years ago Sophos reported how it had assisted the UK government in analysing a series of Trojans designed to steal confidential and sensitive information. Nearly 300 UK government departments and businesses critical to the country’s infrastructure were the subject of Trojan horse attacks, many reportedly originating in the Far East.

Sophos notes that US government systems have been hit before by hackers based closer to home. For instance, last year Sophos reported how 21-year-old hacker Jeanson James Ancheta attacked PCs at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense. Ancheta was driven to hack the computers by the lure of money, however, rather than to steal secrets or disrupt infrastructure.

Last month, Sophos published its Security Threat Report July 2007, examining the latest trends in spam, malware and hacking. Included in the report are details of how Chinese computers are used to host much of the world’s malware, and details of some of the more notable arrests made by the cybercrime-fighting authorities since the beginning of the year.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

Malware warning over trial software hacks

Users actively install hacking tools on their PCs

Those tempted to download software cracks to unlawfully activate software from a trial mode into a paid mode have been warned that they may be unknowingly installing hacking tools onto their system. <!– document.write(”); if (navigator.userAgent.indexOf(“Mozilla/2.”) >= 0 || navigator.userAgent.indexOf(“MSIE”) >= 0) { document.write(‘‘); } document.write(”);// –>

TrendLabs, the research arm of PC security firm Trend Micro, said two out of the five most prevalent hacking tools in circulation have been actively downloaded by users seeking to extend the trial period of commercial software.

The company said such tools are often downloaded via P2P (peer-to-peer) networks or websites hosting illegal software, but users are unaware that the downloads surreptitiously install malicious software on PCs. The software can then be used by hackers to steal personal information including financial data, TrendLabs said.

“We estimate that approximately 16 percent of PCs worldwide are infected with hacking tools. In many cases, computers are being infected by users downloading software cracks and visiting illegal software download sites,” said David Sancho, Senior AV Researcher at Trend Micro.

“The objective is often to avoid paying thirty pounds for a piece of software, however, consumers should in fact realise that it could cost them hundreds of pounds in the long-term.”

Maharashtra Government(INDIA) Website Hacked

The official website of the Maharashtra government was allegedly hacked, forcing the state Information Technology department to lodge a formal complaint with the city police on Tuesday. The website was hacked for the second time in the past two weeks, the fourth since July. The previous attack took place on September 5.

Joint Commissioner of Police (Crime) Rakesh Maria said that access to the website, www.maharashtra.gov.in , had been blocked for a while. “It had some Arabic content posted on it by the hacker. The IT department has lodged an FIR with the police and we will try and trace the culprit,” said Maria. It is suspected that the same group of international hackers was behind all the four attacks.

The site was hacked into late on Monday night by a person or a group calling itself “coolhacker” who had left an imprint of a hand on the website. The state’s information and technology department came to know of the hacking Tuesday morning and immediately blocked all access to the website.

State officials maintained that no data had been lost and no serious damage had been inflicted on the website, which is updated daily with information on various government regulations and decisions, and supports links to all government departments. The hacker could only manage to damage the homepage. However, restoration work is in progress.

The state government website is hosted on a VSNL server. In the month of August, 345 Indian websites — ending with .in, .co.in and edu.in — were defaced by hackers. Nearly 2,700 Indian websites have been hacked since January.

Malicious PDF Files on the Loose

Reuters reports that emails containing malicious PDF files have been putting computers at risk since Friday. The danger is more pronounced because PDF attachments are usually not filtered at email gateways.

According to Finnish security software firm F-Secure, the emails look like credit card statements, with a subject line that says ‘Your credit report’, ‘Personal Financial Statement’, ‘Balance Report’ etc. The infected file has an attachment called report.pdf.

A security bulletin issued by Adobe specifies that the issue only affects customers on Windows XP or Windows 2003 with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities.

Adobe claims to have patched the vulnerability in its latest updates to Reader and Acrobat; both tagged as Version 8.1.1. Users can utilize the product’s automatic update facility, or get the latest versions from the downloads section.

Microsoft has been slower off the blocks, but the company says it’s looking at addressing the vulnerability.

Google Earth’s Security Risk Rings True

Barely two years after former president A.P.J. Abdul Kalam warned of the security risks posed by Google Earth, reports emerged today of Palestinian militants in the Gaza Strip using it to launch rocket attacks on Israel.

A failed attack on oil facilities in Yemen in September last year was also reportedly planned with the use of Google Earth, which provides detailed satellite maps of the world, the Daily Telegraph reported, without quoting sources.

The newspaper revealed in January that Iraqi insurgents were using Google Earth to attack British bases in Basra, prompting the company to replace images of military positions in the southern Iraqi province with others taken before the war.

Kalam had warned of the dangers from Google Earth in 2005 when he said its high-resolution images could further compromise the security of some developing countries that were already targets of terrorism.

Google Earth and the Indian government were later reported to have struck an agreement to show “fuzzy, low resolution pictures and distorted building plans” of installations that the government considered sensitive.

However, Google Earth in partnership with Digital Globe, the world’s most advanced commercial imaging satellite, has also responded quickly to provide high resolution photographs during unfolding crises such as the fires now raging in California.

Images provided by it are also being used by experts to analyze and gather startling information.

Experts at the Washington-based Institute for Science and International Security (ISIS), said Wednesday that comparisons of Google Earth images of an area in northern Syria before and after an Israeli air attack September 6 show it may have housed a small nuclear reactor under construction.

Images predating the Israeli attack, about which very little is known, showed a large industrial building and a pumping station near the Euphrates river that the ISIS said bore a resemblance to the Yongbyon nuclear facility in North Korea.

But images taken more than six weeks after the attack appear to show that the building has been completely removed and the ground scraped clean, experts said. The reactor was believed to be of a design thought capable of making about one nuclear weapon’s worth of plutonium each year.