Lionheart Group Scam Prevention Toolkit » internet-security

How Do The Bad Guys Use BitTorrent To Spread Their Malware?

Sun, 23 May 2010 09:00:46 +0000

If you are a person that is on the internet a lot then there is a good chance that you have heard of a technology called BitTorrent . You might not know what it does exactly but you have probably seen the name on some of the news sites that you visit. It has been a very controversial technology for a while now and, while its notoriety has been spreading, the software has been becoming ever more popular. While the technology itself, like all other technology, can be used for good and bad purposes by the average user, it is all of the sudden becoming a popular tool in the malware community. In the following article I will tell you what the technology does and why it is being used to spread malware around to unsuspecting computer users. BitTorrent And File Sharing Bittorrent is the name of the software and the protocol that allows you to share files quickly over the internet. Back in the day, you had to us a normal HTTP format to share files. The files would go from one location straight to the next place. With BitTorrent the file is split up and it is intended to be shared by a group of people. This way the file does not have to be downloaded completely by one person for him to share it with another person – they will just get the piece that he downloaded from someone else. There can be one or more seeders (people who have the original file) and a bunch of other people get the pieces from them. They get it piece by piece instead of all at the same time. With this system the file transfer goes quicker and everyone is able to get the most out of the bandwidth that is available. This technology is used for both legal and illegal file sharing which is the exact reason why it has been on the news lately. Spreading Malware Like any other technology, since it is becoming so popular, the bad guys are starting to use it more and more to deliver their malware. There have always been bad guys on the BitTorrent circuit but now there are more than ever. With certain attacks, they change the name of the files so that it confuses you and you download the wrong thing. They also hide the malware in illegally obtained software in the form of keygens or the executable itself. There have even been cases where they hide the malware in .pdf files . There are a lot of web sites that use BitTorrent to share their legal files so the technology is not going away anytime soon. This means that if you want to use the technology to get a file that you want you are going to have to take some precautions. There are certain precautions that you can take and they are the same precautions that you should employ any other time you download an unknown file from the internet. You must have an updated antivirus scanner and run it over everything that you download from BitTorrent sites – I would guess that maybe 99% of the items will come up clean but it is that other 1% that you have to worry about. If you scan everything that you download, you should be able to stop any problem before it is too late How Do The Bad Guys Use BitTorrent To Spread Their Malware? is a post from: Security FAQs

See the article here:
How Do The Bad Guys Use BitTorrent To Spread Their Malware?

Can I Limit My Exposure To Malware By Reading Web Site RSS Feeds?

Tue, 18 May 2010 09:00:59 +0000

When you think of getting information off of a web page you usually think of it being a simple process – you type the URL of the site that you want to go to in the browser, go to the web page, and then read the content that is on the page. It sounds simple, right? Most of the time it is, but there are times when this is not so simple. Inside of the code that made it possible for you to read the page that you are looking at could be lurking some dangerous malware. Malware can be easily picked up and hidden on a web page. So, unless it is a trusted site, then you are taking a chance that nothing is going to happen to your computer when you actually visit the page. But there are other ways that you can get the information off of the site as well. Subscribe To Your Favourite Sites Via RSS You can use a technology called RSS that will allow you to see the content as well, at least most of the time. Some web pages will limit the amount of lines that the RSS feed shows so that you will be forced to visit the web page itself (this is typically because they are afraid of having their content scraped) . Other RSS feeds will only give you the title of the story that is being discussed – you must, again, visit the web page to get the full details. But by far, most web pages will allow you to read the entire story in the RSS feed itself. They may show little ads in the RSS feed so that they can provide you the content while at the same time they are still able to get paid. RSS Feed Reading May Be Safer If you are reading the information about the web page on an RSS feed then this means that you are less vulnerable to an attack as the majority of attacks happen when you are exposed to the code that is on the actual web page itself. With an RSS feed the actual page is not going to your browser, it is only the content of the site that is being delivered to you. Keep in mind; even though it may be safer to receive the content like this, it is not fool proof. If someone wanted to, they could easily attack the RSS feed as well. The main reason that this is safer at this point is because attackers do not bother with it. There are not that many reported attacks when it comes to the RSS feed. Even though RSS feeds are not one hundred percent safe, they seem to be safer than visiting the actual web page. So if you want to make sure that your computer is not attacked, try subscribing to the RSS feed of a site instead. Can I Limit My Exposure To Malware By Reading Web Site RSS Feeds? is a post from: Security FAQs

Latest Coupons For Panda Offer Discounts Of Up To 40% On Their Security Products

Mon, 17 May 2010 23:58:29 +0000

Panda really do offer good value on their range of internet security products and, luckily for any of you thinking of buying any, that value just got much, much better. I just received an email from Panda which contains the following links in order to get yourself some pretty impresive discounts on their key security products. Check them out now – Coupon USA : Panda Global Protection 2010 – 40% OFF – Exp. 05-31-2010 Coupon USA : Panda Internet Security 2010 – 40% OFF – Exp. 05-31-2010 Coupon USA : Panda Anti-Virus 2010 – 30% OFF – Exp. 05-31-2010 Coupon USA : Antivirus for Netbooks – 20% OFF – Exp. 05-31-2010 Coupon : Panda Active Scan 2.0 Pro – 10% rebate – Exp. 05-31-2010 If you take advantage of any of the great discounts above then please do let me know how you get on with the products. Latest Coupons For Panda Offer Discounts Of Up To 40% On Their Security Products is a post from: Security FAQs

Continued here:
Latest Coupons For Panda Offer Discounts Of Up To 40% On Their Security Products

Are You Aware That The Biggest Security Threat May Come From Inside Your Workplace?

Fri, 14 May 2010 10:52:41 +0000

When a person first starts out in the world of being a cyber security expert, they have a different impression then they will have leaving the job. Their impressions are like most people and it is understandable. We get our ideas about hackers, and the threat that a computer contains, from Hollywood movies. They teach you that super smart hackers are able to infiltrate your system in little to no time at all. They also show that all attacks come from the other side of the planet by either some Russian or Chinese kid. Security Breaches Often Come From The Inside In reality, that is only a small portion of the problem when it comes to a company’s network security being breached. Usually the culprit can be found to be someone who either works there or has been fired recently. Basically if you have ever seen the movie Office Space then you will have a pretty good idea of how most cyber security breaches happen. In the movie a disgruntled employee and a couple of his friends find a way to be able to steal money from the company by using a piece of software that they wrote. This is how a great deal of breaches happen, yet people are mostly focused on protecting the network from users on the outside. This is very short sighted and can have dangerous consequences. Dealing With Internal Threats If you are an IT administrator, or the company’s security expert , then you must realize that you will need to have policies regulating the threat from inside of the network. There’s needs to be a hierarchy so that only the people who need a piece of information can access it. Not everyone that works at a company needs to have the power to access every file. Also third party USB thumb drives and DVD disks should not be allowed on the system. This is the perfect way to be able to infect a computer that is on the network (see the Conficker virus ) . If these types of portable media are allowed, they need to be heavily regulated. The problems that can occur from one of these devices is astronomical. Of course guarding your network from threats that are outside of the network is vital in keeping a happy and secured work place. Keeping that vector of attack safe is a full time job within itself. But if you are not protecting your network from threats that are inside of it, then you are not doing your job. Never give your workers 100% complete faith when they are working behind the network. A worker having one bad day can hurt your company for weeks and maybe even longer. Are You Aware That The Biggest Security Threat May Come From Inside Your Workplace? is a post from: Security FAQs

Read the original post:
Are You Aware That The Biggest Security Threat May Come From Inside Your Workplace?

How Can RAM Scrapers Be Used To Steal Your Company’s Data?

Tue, 11 May 2010 10:30:42 +0000

When you are dealing with cyber security you can almost have the same frame of mind as a general at war who is dealing with a smaller but versatile enemy. You have to worry about and guard every vector that can be used for an attack. The enemy only has to find one small crack in your infrastructure and they are able to do damage. This may not seem like it is fair but it is the reality of the situation. There are so many devices that are out now that can used against your network that it is almost too much to regulate. RAM Scrapers One of the new ways of attack that hackers have found, is that they can breach a system through the use of Ram Scrapers. Ram scrappers is actually a name that Verizon came up with, to describe a popular attack that is now making the rounds. It involves a piece of software that can be used to collect data. The data that it uses comes from items with volatile memory. Volatile memory is what most people would label Ram. Hence the name Ram scrappers. The way that Ram is supposed to work is that the data, when requested, is moved from the hard drive to Ram. After it goes to Ram, it then follows the path and heads to the register. After that it gets to the CPU. Ram is supposed to erase all data after it has no more electricity flowing through it. This helps solve the problem of old Ram sticks causing security breaches. Intercepting Data En Route The attackers have found a way to intercept the data that is going from the Ram to the registers. This allows them to capture the data that they unencrypted. There is a good reason why the hackers want the data that is coming out of the Ram of a device. Especially the most targeted device, a POS system. The letters POS stand for Point of Sale and are the computer systems used by retailers. When you are able to get a Ram Scraper into one of these devices, you are then able to get the data that you need readable and unencrypted. Hackers found the weak point and exploited it the best that they could. It has now become a serious problem and more research is being done to figure out how to stop it. The technique is used in more places than just a grocery store’s cash register. It can be used in atm’s and casino machines as well. This is just one of the many new attacks that a security professional has to be on the lookout for. It is hard to keep constant vigilance against so many types of threats but for right now, it is the best that we can do. How Can RAM Scrapers Be Used To Steal Your Company’s Data? is a post from: Security FAQs

Why You Need To Ensure That Your Company’s Database Is Secured From Two Types Of Threat

Sun, 09 May 2010 10:30:53 +0000

One of the most important things that we deal with on a daily basis is data. As we have lived through the bronze age, and the industrial age, so this era is known as the information age. The Rise Of The Database Since this is the case, the database has become one of the most useful software tools around. No matter if it is a relational database or a flat file, any software that has the ability to store and organize information has become uniquely important. Most companies now run database software to handle the data that is both generated and received by their business. An owner or manager must be sure that this data is being handled in a safe, secured fashion. If not, they might find all of their industrial secrets are out there for the world to see. There are a couple of things that you must be aware of when you have a database system on your network. First, you must be aware of what the hacker could be looking for and, secondly, the different types of vectors for attack. These are not small details either. The Two Motives For Database Hacking Most hackers these days, when they break into someone’s computer network, are looking for two things that will bring them a lot of profit. They are looking for either business information or personal information. Information like this on a company’s server has a lot of value to it. So the manager must be aware and secure the system in a proper way. Usually that would mean bringing in a professional to do the job. A big worry for a manager is the different ways that the system can be attacked. You will have to worry about both the online and the physical world trying to get into your system. I think it is obvious, when we talk about online, what we are talking about. This is the type of stuff that you see in movies. A hacker sitting in his room or office, trying to do several different things to break into a system from a remote location. Most security professionals that you bring in to work for you will know how to take care of that kind of problem. Another concern that they might look past is the co workers that are at the job. A disgruntled employee is a very serious risk when it comes to protecting your database data. The one thing that is worse than a profit motive to steal your data is a personal one. Instead of just stealing your data, they might try to destroy the whole system. That is why the professional that you bring in must be aware on how to stop someone from killing the database in this manner. There are several reasons why people would want to get the information off of your database. It is you job to make sure that you hire the right people to stop them. Why You Need To Ensure That Your Company’s Database Is Secured From Two Types Of Threat is a post from: Security FAQs

See original here:
Why You Need To Ensure That Your Company’s Database Is Secured From Two Types Of Threat

How Can I Choose A Completely Safe BitTorrent Client?

Fri, 07 May 2010 10:30:20 +0000

Even though the standard has been around for almost nine years, the world of BitTorrents is still a mysterious thing to a lot of people. When it comes to downloading files off of the internet, most people still use the traditional way of going to a web site and just downloading the file like they would normally do. Some people who may be a little more technically inclined may use one of the file sharing services like Kazaa to download files off of the net. But if you are a person that really knows computers then there are two ways that you are going to go – either use the Usenet service that has been around for ages or use bittorrent. Going Underground Even though bittorrent still remains somewhat an underground phenomenon, it is still popular enough that people make many versions of the client. Since the bittorrent client is an open protocol, anyone who feels like it can make their own version of it and can build it and use it themselves. Software and protocols being open like this is usually a good thing but there have been some bad guys that have tried to take advantage of this. They have created their own version of a bittorrent client and use it to spread malware to unsuspecting users’ computers. The tainted software does this by either pretending to be a real client when it isn’t, or it is a real client but it sends unauthorized downloads to your computer. Either way, both of these tricks can give a new user to bittorrent a bad impression about the software and the overall community itself. So, to make sure that you download a client that is safe, here is what you should do – The first thing that you can do to make sure that your client is safe is to go to a site that is well known and retrieve the client from there. If you look at a web site such as download.com or any other like that, you will find dozens of bittorrent clients waiting to be downloaded. This way you know the software is safe and has been tested. Peer Recommendations Another thing that you can do is to go and visit some forums to see what clients they are using. Ask the people for a link and you will surely be able to come up with a decent client to use. Once you start trying to find out what client you want to use, you will hear certain names that come up over and over again. Try a couple of these clients and see which one that you like the best. When a new person is entering the world of downloading torrents there is a steep learning curve to get past. Learning how to pick a safe client to use should not be on that list. Once you have a client remember also that there are some dangers inherent in downloading torrents . How Can I Choose A Completely Safe BitTorrent Client? is a post from: Security FAQs

See the original post here:
How Can I Choose A Completely Safe BitTorrent Client?

New PDF Flaw Leads To The Zeus Botnet

Thu, 06 May 2010 10:30:24 +0000

When a hacker wants to create a botnet they will use a million and one ways to get it done. So far, in the age of botnets, there have been no tricks that they haven’t pulled. They will use any means necessary to be able to spread their warez around to people’s computers. Most people or groups who make malware focus only on a couple of ways to distribute it across the internet whereas it would seem that the people or groups who like to build up their botnets will go to any lengths possible. That is why they are so hard to pin down. The Zeus Botnet Now they are using an Adobe PDF flaw so that they are able to spread their malware to everyone. This flaw was recently discovered but since we know of several hacks and exploits that are available through the PDF format, we are sure to see more to come. The botnet that is using this flaw in the PDF software is called Zeus and they have a pretty ingenious way of accomplishing this. They accomplish this goal by having a person download the infected PDF file. Once the PDF file is downloaded, the person has to click on the file to activate it. Once that file is clicked, they are asked to download another PDF to their computer. The file claims that it is a PDF but in reality it is really an EXE file. If you are a Windows user, then you should be familiar in what an .exe file is – these are the files that will execute a program on your computer. This file does the same thing; it is executing a piece of malware, which is another name for bad behaving software, onto your computer. Once the malware is installed your computer will automatically become part of the botnet. The Consequences Of Being Trapped In A Botnet Once your computer is part of the botnet it will start to do things such as send out spam or deliver a DDOS attack to a server on the internet. Your computer is now part of a big web of computers that are performing criminal behavior around the web. The worst thing about it is that you may never know that it is going on – the one thing that people that run botnets know how to do is to hide the software that they put on your computer. They do not want you to be able to discover that their software is on your computer. If you do, then most likely you will try to get it fixed and that leaves them with one less computer as part of their botnet. So it is in their best interests to try and not do any damage to your computer. Most likely all the new updates to antivirus software out there will have the patches to find this new exploit – this is why you must keep your software updated at all times. If you do not, then a piece of malware like this may be able to sneak up on you. New PDF Flaw Leads To The Zeus Botnet is a post from: Security FAQs

See the original post here:
New PDF Flaw Leads To The Zeus Botnet

The Basic Anatomy Of A Program And How It Can Take Over Your System

Mon, 03 May 2010 10:30:33 +0000

There is a big mystery when it comes to the world of programming and how a program actually operates. If the person that you are trying to explain the system to is not a programmer then it is hard to put what is happening behind the scenes of the computer in abstract terms. Even a lot of programmers have trouble digesting what is going on behind the scenes, especially if they work on a language that is several layers above the “metal”. The “metal” is a term that is used when we are describing the hardware parts of the computer. Usually this means the actual CPU and motherboard. When a program runs on the computer, is actually going through several layers before it can execute. I can give you a brief synopsis on how this works and then follow it up with an explanation of how this can lead into someone taking over your computer. Execution When you first start up a program, most of the time the data is just sitting on your hard drive. We will think of it as “sleeping” on your hard drive. Once you click on the button, you are waking the program up. When you wake the program up, you are placing the data into the memory. Another name for memory is ram. Ram actually stands for Random Access Memory. Once the data is there, it is stored and then released to the CPU. But before it goes to the CPU, it must make a stop into two to three caches, depending on the quality of the motherboard. The more caches, the better. These caches are known as L1, L2, and L3. The L3 cache is bigger than the L2. The L2 is bigger than the L1. The data goes through the caches and ends at L1. Once there, it goes into a register and then to the actual CPU to be executed. This may seem like a lot of processes for a single piece of data, but your computer is so fast that you will not notice. The only time that you see a lag in the system is when there is a large amount of data trying this process at once. Once it gets to the CPU, you then witness the magic on your screen. Now that you know how the program executes, you might be wondering how a bad program can ruin this process. Messing With The Memory Well, there are many ways that this can happen but one of the more popular is by messing with the memory . A talented black hat hacker can change the flow of the program by placing something in the memory that is not supposed to be there. Usually this is extra data that causes the computer to skip to a part of memory that is not supposed to, giving a program permissions that it is not supposed to have. These part of the memory that we are referring to is known as the “address”. This is usually the more complicated of attacks. Most attacks are not this complicated but do a lot less damage than this type can. Hopefully I have given you a basic understanding of how your computer works and how the wrong program can do bad things. Once a rogue program is in the memory, it can spell disaster. The Basic Anatomy Of A Program And How It Can Take Over Your System is a post from: Security FAQs

View original post here:
The Basic Anatomy Of A Program And How It Can Take Over Your System

How Can I Protect My Gmail Account?

Sun, 02 May 2010 10:30:14 +0000

For most people, even though it is still an older technology, email is still the number one way that they do business in the world of the internet. They are used to the ability of checking the account whenever they want and they still might not be comfortable with the real time aspects of most newer communication applications that are out there. Sure, email may be a slower way to communicate than some of the newer applications, but it is still one of the most effective ways to get your message across. Email Accounts Are Appealing To Black Hat Hackers But… black hat hackers know that a lot of people still use email as their main form of communication, so they have focused their latest attacks in getting past this road block. In particular they have focused on getting past the security barriers that are layed down by Google. Google’s Gmail service is one of the most popular email services out there and because of that, it has become a target. When you are dealing with Gmail or any other email accounts, you have to be careful who can gain access to it. There are a couple of steps that you can take to make sure that no one but you is able to access the account. Do not give the log in information to anyone else, or most of these techniques will be rendered moot. The first thing that you want to do before you try to protect your password, is to make sure that you have your reset password details set. In case you are hacked, you can let Google know that you are the real owner by answering a few questions. If you are not able to answer these questions, or if they are not set, then you will not be able to access the account. So make sure that you have this feature set. Password Security Is Paramount After that is done, make sure that you have a password that will not be easy to guess . When creating the password, use symbols, numbers, and Capitalized letters. Also make sure that the word is not a dictionary word. Using all of these precautions, you will be able to keep the attacker from guessing the password. Another thing that you should do, is to access GMail from as few locations as possible. Do not access your account from a public computer if possible. Some people forget to log out when they do this regularly and people are able to get in and see your information. When you log into Gmail, if anything seems off, you can check the IP address of whoever logged in last. At the bottom of the page, Google has set up a feature that is called “Last Known Activity”. You can check this to see if anyone besides you has access your account. To check your IP, go to WhatsmyIP.com and compare it to the ones that are listed on Google. Keep in mind that if you logged in from a remote place, such as work, it will give a different address. Or if you have an ISP that uses dynamic IP addresses, it will not be as effective as well. These are a couple of ways that you can protect your email . Make sure that you use them. How Can I Protect My Gmail Account? is a post from: Security FAQs

Link:
How Can I Protect My Gmail Account?