There is a growing Black Market demand not only for computers, but for swapped out internal parts, like chips, drivers, memory, etc.. Many universities, corporations, and government facilities are reporting losses of hundreds of thousands of dollars every year. Others are reporting millions of dollars of losses. The most disturbing aspect is that only 5%-15% is due to forcible entry, while 85% to 95% is due to internal theft.
Because most theft is internal, conventional alarm systems and card access systems are not effective. You need to find a computer security product that can protect equipment 7 days a week, 24 hours a day.
For more details logon to : http://www.worldsecuritycorp.com/crime.htm
Monday, February 4, 2008
IE plus Firefox equals 'critical' security risk
Firefox combined with Internet Explorer on the same desktop opens up a zero-day vulnerability that is highly critical, according to security researchers.
Users could face a "highly critical" risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a "firefoxurl://" URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.
Earlier Tuesday, security researcher Thor Larholm, who discovered the IE flaw, and security research giant Symantec put much of the blame on IE, while Secunia's chief technology officer, Thomas Kristensen, attributed the problem to Firefox versions 2.0 or later.
"It's a little bit of both," said Oliver Friedrichs, director of Symantec's Security Response Center. "You have two very complex applications that are not playing well together and leading to a security issue. The components themselves are secure as stand-alone products but not together."
"Firefox is the current attack vector, but Internet Explorer is to blame for not escaping ... characters when passing on the input to the command line," said Larholm, in response to a reader's comments. "I agree that Firefox could have registered its URL handler with pure DDE (dynamic data exchange, the protocol for information exchange) instead and thereby have avoided the possibility of a command-line argument injection, but IE should still be able to safely launch external applications."
Friedrichs noted that while Firefox, which released version 2 last year, has gained in popularity, most Firefox users will also have IE loaded on their computers, since it comes with the Windows operating system.
The number of people who may be at risk could be substantial, he added.
Meanwhile, Kristensen of Secunia said: "A new URI handler was registered on Windows systems to allow Web sites to force launching Firefox if the 'firefoxurl://' URI was called, like ftp://, http://, or similar would call other applications."
But because of the way the URI handler was registered by Firefox, it causes any parameter -- which activates a program to perform a particular task -- to be passed from Microsoft's Internet Explorer, or another application, to Firefox, when firefoxurl:// is activated.
An attacker may use "chrome" context -- the interface elements of a browser that create the frame around its page displays -- to inject code on a user's system that would be executed within Firefox, Kristensen said.
"Registering the URI handler must be done with care, since Windows does not have any proper way of knowing what kind of input potentially could be dangerous for an application," said Kristensen. "For example, how should Windows know that the string 'chrome' could be dangerous for Firefox."
Other than avoiding malicious Web sites, system administrators could unregister, or remove, the "Firefox URL" URI handler, as well as change the way Firefox accepts the chrome input, Kristensen said.
Source : http://www.zdnet.com.au
Users could face a "highly critical" risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a "firefoxurl://" URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.
Earlier Tuesday, security researcher Thor Larholm, who discovered the IE flaw, and security research giant Symantec put much of the blame on IE, while Secunia's chief technology officer, Thomas Kristensen, attributed the problem to Firefox versions 2.0 or later.
"It's a little bit of both," said Oliver Friedrichs, director of Symantec's Security Response Center. "You have two very complex applications that are not playing well together and leading to a security issue. The components themselves are secure as stand-alone products but not together."
"Firefox is the current attack vector, but Internet Explorer is to blame for not escaping ... characters when passing on the input to the command line," said Larholm, in response to a reader's comments. "I agree that Firefox could have registered its URL handler with pure DDE (dynamic data exchange, the protocol for information exchange) instead and thereby have avoided the possibility of a command-line argument injection, but IE should still be able to safely launch external applications."
Friedrichs noted that while Firefox, which released version 2 last year, has gained in popularity, most Firefox users will also have IE loaded on their computers, since it comes with the Windows operating system.
The number of people who may be at risk could be substantial, he added.
Meanwhile, Kristensen of Secunia said: "A new URI handler was registered on Windows systems to allow Web sites to force launching Firefox if the 'firefoxurl://' URI was called, like ftp://, http://, or similar would call other applications."
But because of the way the URI handler was registered by Firefox, it causes any parameter -- which activates a program to perform a particular task -- to be passed from Microsoft's Internet Explorer, or another application, to Firefox, when firefoxurl:// is activated.
An attacker may use "chrome" context -- the interface elements of a browser that create the frame around its page displays -- to inject code on a user's system that would be executed within Firefox, Kristensen said.
"Registering the URI handler must be done with care, since Windows does not have any proper way of knowing what kind of input potentially could be dangerous for an application," said Kristensen. "For example, how should Windows know that the string 'chrome' could be dangerous for Firefox."
Other than avoiding malicious Web sites, system administrators could unregister, or remove, the "Firefox URL" URI handler, as well as change the way Firefox accepts the chrome input, Kristensen said.
Source : http://www.zdnet.com.au
What is Phishing?
Phishing is an email fraud method in which criminals send out legitimate-looking email requesting personal and financial details from unsuspecting people. The messages normally appear to come from well-known and trustworthy Web sites. Web sites that are often used in phishing attacks include eBay, PayPal, Yahoo, MSN, and America Online as well as the sites of a lot of big banks and retailers.
Typically, the fraudulent emails direct victims to counterfeit Web pages that look identical to the companies' sites in order to fool you into submitting personal, financial, or password data. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would probably never request this sort of information via email.
Typically, the fraudulent emails direct victims to counterfeit Web pages that look identical to the companies' sites in order to fool you into submitting personal, financial, or password data. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would probably never request this sort of information via email.
Current threat Caller-ID Spoofing
In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cellphones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless. Due to the distributed geographic nature of the Internet, VoIP calls can be generated in a different country to the receiver, which means that it is very difficult to have a legal framework to control those who would use fake Caller IDs as part of a scam.
Thanks to Bhuvaneshwari ...
Thanks to Bhuvaneshwari ...
Saturday, February 2, 2008
List of Some Free Antivirus Software
- AntiVir PersonalEdition Classic
- AOL Active Virus Shield (no longer available via AOL)
- AVG Anti-Virus Free
- Avast! Home
- Avira
- BitDefender Free Edition
- Comodo AntiVirus
- PC Tools AntiVirus
List of Some Properietary Antivirus Software
- AhnLab V3 Internet Security
- avast!
- Avira
- AVG Anti-Virus
- BitDefender
- BullGuard
- Cisco Security Agent
- Dr.Web FRISK Software International
- F-Secure
- Kaspersky Anti-Virus
- LinuxShield
- McAfee VirusScan
- NOD32
- Norman ASA
- Norton AntiVirus
- Panda Security
- PC Tools AntiVirus
- Prevx
- Quick Heal Antivirus
- Rising AntiVirus
- Rudra Antivirus
- Sophos Anti-Virus
- Trend Micro Antivirus
- Vba32 AntiVirus
- Virus Chaser
- Windows Live OneCare
- ZoneAlarm
How to choose an antivirus ?
If you plan to buy an Anti-Virus, please visit the vendor's site and evaluate their software by downloading a trial version, as there are also many other features (e.g. firewall, behaviorblocker, etc.) and important things (e.g. impact on system performance, compatibility, graphical user interface, price, etc.) for an Anti-Virus that you should evaluate by yourself. Even if quite important, the data provided in the test reports on this site are just some aspects that you should consider when buying Anti-Virus software.
Antivirus Software
Antivirus software is a term used to describe a computer program that attempts to identify, neutralize or eliminate malicious codes. This type of software is so named because the earliest examples were designed exclusively to combat computer viruses; however most modern antivirus software is now designed to combat a wide range of threats, including worms, phishing attacks, rootkits, trojan horses and other malware.
Antivirus software typically uses two different techniques to accomplish this:
- Signature-Based Approach : Examining (scanning) files to look for known viruses matching definitions in a virus database.
- Heuristic-Based Approach : Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Signature-Based approach : In the signature-based approach, when the antivirus software looks at a file, it refers to a database of known viruses that the authors of the antivirus software have identified. If a piece of code in the file matches any virus identified in the database, then the antivirus software can take one of the following actions:
- Attempt to repair the file by removing the virus itself from the file
- Quarantine the file (such that the file remains inaccessible to other programs and its virus can no longer spread)
- Delete the infected file
To achieve consistent success in the medium and long term, the virus signature approach requires periodic (generally online) downloads of updated virus database entries. As civically minded and technically inclined users identify new viruses "in the wild", they can send their infected files to the authors of antivirus software, who then include information about the new viruses in their databases.
Signature-based antivirus software typically examines files when the computer's operating system creates, opens, closes or e-mails them. In this way it can detect a known virus immediately upon receipt. Note too that a System Administrator can typically schedule the antivirus software to examine (scan) all files on the computer's hard disk on a regular basis.
Although the signature-based approach can effectively contain virus outbreaks in the right circumstances, virus authors have tried to stay a step ahead of such software by writing "oligomorphic", "polymorphic" and more recently "metamorphic" viruses, which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the database.
Heuristic-Based Approach : The Heuristic-based behavior approach by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, the antivirus software can flag this suspicious behavior, alert a user and ask what to do.
Unlike the signature-based approach, the suspicious behavior approach therefore provides little protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it can also sound a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the antivirus software obviously gives no benefit to that user. This problem has worsened since 1997, since many more nonmalicious program designs came to modify other .exe files without regard to this false positive issue. Thus, most modern antivirus software uses this technique less and less.
Subscribe to:
Posts (Atom)
Posts
