Monday, 20 June 2011

A New Trojan Threat Comes From Facebook


   


Today Facebook is the most popular Social Networking site in the world. Although it protects its users from many malicious Phishing  links. Actually it first check any link whether it contains any web hosting domain or not. If  web hosting domain (Phishing supported) is present inside the link, it becomes blocked. Otherwise it allows the link to be transmitted through the network. 


This message contains blocked content that has previously been flagged as abusive or spammy.

But, recently secure Mac has discovered a new Trojan that affects all Mac OS X versions. It is being distributed through emails and social networks like Facebook.

When a user clicks on the link, the Trojan is executed by a Java applet that downloads files to your computer, including an installer that is automatically launched and asks for your password. After typing in your password, a malicious person somewhere in another continent may have an easy access to your accounts.

The Trojan runs in the background and completely invisible, so each time you start your computer, it sends spam messages through the users contact list. It may affect all popular platforms, such as Windows, Linux and Mac OS X and it seems to be a variation of a malware originating from the Microsoft environment.

SecureMac has released a free tool which can protect computer users from this Trojan and remove it from the system in case of infection. Furthermore, to avoid any infection through Safari, you can always disable the Java plug in (not JavaScript) in your browser preferences, thus negating any possibility of running the Trojan.

BitDefender identifies this threat as Trojan.Generic.3576478


Wednesday, 15 June 2011

UK Government faces Threat of Cyber-Attacks



 
In the UK the government also confirmed that their networks receive about 20000 malicious e-mails each month.

Recently, the internet based systems are becoming more and more vulnerable. Britain elite electronic spying agency alerted that the country faces the threat of credible Cyber-Attack from any hostile group of criminals and states. According to the country’s head of spying agency, this kind of a Cyber-Attack could badly damage the infrastructure of the country.

The increased threat of cyber attacks and cyber terrorism has forced individuals, businesses and government organizations to rethink their security measures and procedures. The IMF will no doubt be reviewing their own security after what they described as a major cyber attack.

The major concern is that a successful cyber attack has the potential to seriously damage power, finance, security and government systems.

The statement by the director regarding Britain’s critical national Infrastructure implies to the facilities and services that are crucial for the daily lives. It means financial services, mass communication and transport and health sector.

For some individuals the recent cyber attack news has been so nerve raking that they have cancelled accounts on social networks, reset passwords wherever possible and delete any sensitive information stored online.

Monday, 13 June 2011

Cyber-Attacks: From Social Networking Sites to Secret Nuclear Facilities

The largest social network site has more than 500 million subscribers and it uses external e-mail services such as Google’s Gmail, Yahoo Mail etc. to help members find friends that are already part of the network. 

Those Mail-Accounts contains many confidential information of our real life and now a days also these social  networks are closely related to our real life. Data on nuclear generating facilities are also stored in the private sites of a country.

So, those data should be kept highly secure. A high level of Cyber-Security should be maintained there.

Introducing a comprehensive White House report on Cyber-Security released at the end of May, President Obama called Cyber-Security “one of the most serious economic and national security challenges we face as a nation.”

But, this cyber-security is violated through many Cyber-Attacks.

Denial-of-Service (DoS):  
  • Also known as distributed denial-of-service attack (DdoS), this involves criminals attempting to bring down or cripple individual websites, computers or networks often by flooding them with messages.
Malware:  
  • Malicious software designed to take over individuals’ computers in order to spread a bug onto other people’s devices or social networking profiles. It can also infect a computer and turn it into part of a “botnet” – networks of computers controlled remotely by hackers known as “herders” to spread spam or viruses. 
Phishing:  
  • Attacks designed to steal a person’s login and password details so that criminals can access their bank account or assume control of their social network. As many as 70 per cent of internet users use the same password for almost every web service they use making them vulnerable to identity theft if their details are stolen. 
Carders
  • Criminals who use underground online forums to sell stolen bank or credit card details for as little as £1. Gangsters then employ “money mules” to use duplicate cards to withdraw cash at ATMs or in shops. 

Spoofing:

  • A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

Saturday, 11 June 2011

Era of Digital Warfare comes through Cyber-Attack


Quite rapidly, parts of our public and private  lives have chunked into their own virtual   existence on the internet. A Cyber-Attack is an attempt to undermine or compromise the   function of a computer-based system, or attempt to track the online movements of   individuals without their permission. Attacks of this type may be undetectable to the end   user or network administrator.

As in our real lives we can be harmed by attacks, as well as in our virtual world also and these virtual attacks have real world consequences. Cyber-Attacks have become an international problem affecting both civilian and military areas Cyber terrorists are more sophisticated in nature.


 


Communication technologies–most notably social networks like Orkut, Facebook and Twitter–factored heavily in mobilizing the disillusioned populace to action. Both Facebook and Twitter are banned in China, but obviously there are alternative ways to get the message out.

So questions comes that Cyber-Attacks have been used,  When? Why? By whom?
We do not know who executed these attacks or why, but all involved intrusions through the Internet.

The ultimate doomsday scenario—thinks Live Free or Die Hard—could involve a simultaneous attack on economic e-infrastructure and e-communications: imagine al -Qaeda disabling banks, destroying financial data, disrupting networks, and driving the American economy back to the nineteenth century.  

There are certainly genuine security concerns associated with the Internet. But before accepting the demands of government agencies for new and increased powers to fight threats in cyberspace and prepare for Cyber-Warfare, we should look more closely at well-defined dangers and ask just where existing technological means and legal norms fall short. Because the technologies are changing so quickly, we cannot expect definitive answers.

One kind of Cyber-Security problem grows out of resource scarcity. This limitation creates an opportunity for attackers. Since no one, not even the U.S. government, has infinite computer resources, any network is potentially at risk. In that case attackers use the most basic kind of “denial-of-service” (DoS) attack, which aims to deny or delay the delivery of online services to legitimate users.

Hundreds of personal mail accounts, bank accounts etc. were phished for passwords. Emails that appeared to have been sent by friends carried attachments that brought the user to a phony login page.

But what about genuine Cyber-Warfare? The year was 2007 and the hacking victim was the U.S. Department of Defense. The cyber-attacks on Estonia in April-May 2007 (triggered by squabbling between Tallinn and Moscow over the relocation of a Soviet-era monument) and the Cyber-dimension of the August 2008 war between Russia and Georgia have reignited older debates about how Cyber-Attacks could be used by and against governments.


Now it’s 2011 and it’s Google that got hacked. This Google accounts belonged to senior U.S. government officials, Chinese political activists, officials in other Asian countries–mostly South Korea–as well as military personnel and journalists. According to Google, the phishing attempts originated in Jinan, China.


So, the age of Cyber-Warfare has arrived.  It's a Digital Revolution. At any time, the message can be announced.