The Best Technology Portal of The World » Internet Security

Keylogging can be Malware or Legitimate

admin — Mon, 18 Jan 2010 14:25:00 +0000

Long considered to be malware and a threat to privacy and security, keylogging software has been found on Microsoft Internet Explorer 8 and Google Chrome. However, these keyloggers were not placed there by hackers—the companies put them there on purpose.

Google and Microsoft added keyloggers to their browsers in an attempt to improve searches for their users. Keylogging allows the browser to determine common or most likely searches based on the user’s past usage. They also store user log-ins and passwords for the user’s convenience, track activity to help determine the cause of errors, and employers use keyloggers to track employee productivity. While this is all very useful for the companies doing the tracking, it makes anti-malware protection more complicated, because the malware filters like Kaspersky cannot simply delete all keyloggers as they have up until this point.

Cyber criminals use keylogging to capture and record each keystroke you make to steal personal information like user IDs, passwords and anything else they can use to steal your identity. However, some companies are now using keylogging for more legitimate purposes.

In order to determine the best course of action regarding keyloggers, Kaspersky Labs, an industry leader in anti-malware protection, is seeking legal counsel. While they do not want to accuse legitimate companies of wrongdoing, they still want to provide the best and most comprehensive anti-malware protection on the market. If it were up to Eugene Kaspersky, CEO of the company, users would not stand for these privacy-invading programs to be present on their browsers and request the companies to remove them. “That would save us a lot of work, and we already have plenty to do,” he told Computer Weekly. Google is already reacting to the public’s aversion to keylogging by promising to keep the information anonymous, but Microsoft has made no such announcements as of yet.

What it all comes down to is this: is the convenience provided by keylogging worth compromising the security of your computer?

Vulnerable of Twitter to cross site scripting attacks

admin — Sun, 17 Jan 2010 14:19:06 +0000

James Slater found a cross-site-scripting vulnerability on Twitter.com which Twitter claims is now fixed. According to James, it is not fixed. The vulnerability allows malicious JavaScript to be embedded with user tweets. This can result in user accounts being compromised and the owner can loose control of their account.

The vulnerability comes down to Twitter’s application programming interface (API) that allows developers to interface with Twitter through their own software. Popular software packages like Twirl, TweekDeck, and HootSuite use this API to create and read posts on behalf of the user. The API does not filter the url of the applications using Twitter, allowing malicious JavaScript to be sent along with the URL.

This threat is almost impossible for the average user to protect against, as just seeing the tweet is enough to have your account taken over. Twitter’s response to this vulnerability was to filter out space characters from the address box in the application, but this only makes it slightly more difficult.

Internet Security

admin — Sat, 16 Jan 2010 14:10:02 +0000

With a wide variety of internet threats around the Web, you can never be sure that what you’re surfing is a clean site. Viruses can be acquired almost everywhere—downloading a software (where spyware might be hiding itself in the package), clicking an ad (where adware can make your PC hang), and even copying pirated MP3 songs from a thumb drive (where most worms, EXE files and viruses can be easily transferred). Through the years, internet security has been a big issue in the expanding Web. While everything seems possible with the internet, so does cyber-terrorism, internet hacking and many other security threats that should be resolved by our mighty warriors: our anti virus software.

There were numerous internet security software that were launched online, aiming to be the best internet software to effectively eliminate security threats. One of the internet security reviews have claimed Bit Defender one of the most reliable antivirus software. Bit Defender offers quick system scan, removable drives scan, and windows registry scan. Their antivirus software has the capability of identifying and deleting spywares, worms and viruses. Computer spyware can be easily detected by this software. To delete spyware, the user should confirm the software’s action of eliminating the threat. An added feature of this software is that the user can customize the destination of the virus upon detection, or they can simply delete it.

Malicious threats can also be treated as viruses depending on the user’s virus detection settings. The AVG anti-virus, on the other hand, gains a plus on all the other software because it offers real-time scanning. This means that it can detect viruses the moment it has entered your system, without the need for manually launching the system scan. It also verifies website’s authentication issues and labels a page that may be potentially harmful to your computer. The Norton Internet Security also offers promising results in the field of computer security. According to one of Norton’s software reviews, it was proven to be the fastest internet security suite. It also has the capability of blocking identity theft as it offers reliable spyware protection, and a recovery tool boot to repair badly infected data and files.

Network security can be best protected with the use of intrusion detection methods that will promptly alarm the system for any breach. These systems include vulnerability management software that provides helpful mechanism in intrusion prevention. They can effectively scan your system for viruses but after scanning them, the ultimate goal is to clean your system from these viruses and threats. Also, vulnerability management not only requires detection or software update but regular system reconfiguration according to the detected vulnerabilities of your system. It is very important to keep the severity of these matters under control, as it could cost the company a great deal of money if the damage has spread into the entire system. Regulatory compliance, on the other hand, ensures that each working computer system complies with the existing laws and regulations of the government, most especially pertaining to the company’s operations and security measures.

Secure Websites from Malware Attacks by Warning Alerts

admin — Thu, 31 Dec 2009 00:00:57 +0000

Malware Attacks on websites and blogs are increasing day by day. There are many forms and shapes in which these malware programs attack your websites. Some are easily seen, while some are hidden and not easily discovered. For instance, if a website is hacked, most of the time it is defaced and the entire world knows within minutes about the attack. These types of attacks are generally launched by hackers, who want to prove a point or two.

But there are some other types of attacks, which are more sophisticated and they insert a malicious script in your website code. On the face of it, you don’t see any change, but silently, your website is now one of the many similar platforms for that hacker to launch a bigger attack somewhere else. Your website is being used only as a pawn in the bigger game plan.

This situation is very risky. Soon your website will be tracked as a malicious site by various security agencies, including Google. And once this happens, and Google detects malware or phishing attacks are coming from your website they will place a warning next to your results listing, an interstitial warning page when the user clicks the result and a pop-up warning if the Google Toolbar is installed. As soon as this happens, your site is virtually killed.

How to Get Warning Alerts to Protect Your Website from Malware Attacks

Thankfully, Google comes to your rescue here. Google has recently started Safe Browsing API, which is a simple method for developers to download Google’s list of suspected phishing and malware URLs for which malware warning alerts are issued to the users of Firefox and Google Desktop. There are many applications under development at present which will make use of this API.

One such useful service is SERPGuard. It is a FREE malware alert service that regularly checks the Google Safe Browsing Blacklists. And whenever any mention of your website URLs appears there, it immediately shoots you warning signals, through emails, twitter and RSS. You just have to sign up with a FREE account with them and verify your site by uploading a small code to your webpages, and it starts monitoring your site for any malware and fishing attacks.

A really useful service in the long term.

Monitoring Users Activities in Computer

admin — Tue, 15 Dec 2009 17:10:09 +0000

In many occations, whether it is in office, home, or in any shared computers, there are the requirements for monitoring the computer activity for all users using it. There are a series of software applications that can accomplish the spy functions, one of them is the Computer spy. It is a thumb drive with an automatic mechanism to be able to detect all users activity in a computer. Just plug it to a PC, then the program will be able to monitor the computer in question. By lifting your pen drive and monitoring begins. To collect data just connect the pen drive again.

Interestingly, this application is very easy to install and collecting activity data. Its monitoring covers the webpages you open, entering passwords and other activities. This device will create screen capture and this screen shots are listed in system for viewing later.
Computer Spy also covers accounts password monitoring which is protected by Windows even if the User who is currently using computer does not have priviledges to install devices or softwares on the computer.
So, in the end, for all of you who needs a mechanism of monitoring which is simple to use and that records everything that is done on the computer and is not perceived by the User’s, surely can use Computer Spy.

Twitter has vulnerability to face site scripting cross attacks

admin — Sat, 28 Nov 2009 13:47:37 +0000

More information about this vulnerability can be found on David Naylor’s site. David Naylor is a well known search marketing consultant who broke the news to Twitter.

Tool for Parents to Monitor Child’s Internet Activity

admin — Fri, 27 Nov 2009 12:43:03 +0000

Millions of youngsters and youths are online each day. They surf internet pages, get their e-mail and discuss with their mates. Most fogeys believe this is safe, except that our youngsters are being singled out everyday by predators on the web.

Enter Internet parental monitoring software. It is used to detect the internet activity of a particular computer where it has been installed.

Internet parental monitoring software is becoming popular to stop kid predators online from getting in touch with the children. Their words are cunning and they take their time to groom their victims. Grooming is done by showering their victims with gifts, signs of love and anything more they can, to build trust and a relationship with potential victims. Once trust is built, blackmail and guilt are occasionally used to get the kid to submit to their demands.

Internet parental monitoring software is the most stable and dependable software to track and monitor internet and computer activities of your child. With computer monitoring software, you can secretly monitor your kids computer system over a network and view LIVE Desktop Activities.

Be aware that these predators can often times mask their age and state that they’re round the same age as your youngster. They may stalk the web sites that most youngsters and kids frequently visit. Hiding behind their PC screen, waiting patiently and then attacking their prey, our kids. How are you able to tell if your youngster is at risk? Your kid may switch off the PC suddenly when you enter the room. Your kid could be receiving gifts from others that you don’t know. They may become more secretive about what they are doing online and sometimes spend more than an hour a day on the web.

As a parent, what are you able to do? One of the finest paths to keep your kid safe online is to form open dialogue with your youngster and to set clear rules re PC and Net use. You’ll also consider exploiting Web monitoring tools like an Internet parental monitoring software to keep track of your kid’s activity. Get a tool that can combine both parental monitoring tools and tools to interpret the litany of instant message acronyms

Internet Security Challenge : ClickJacking

admin — Tue, 24 Nov 2009 18:30:55 +0000

Review your Internet Security

United States Computer Emergency Research team, US-CERT, has issued a warning about a serious vulnerability of all the popular Browsers like IE, Firefox, Opera, Safari etc. They have warned about an an attack that inserts itself in the middle of a user’s interaction with a Web page through clicking buttons. As soon as a person clicks on a link on a web page, his browser can perform any arbitrary function, including redirecting the browser to a third-party site, and a totally unwanted function may get performed.

This is called ClickJacking

According to one of the reports, Clickjacking gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable. Therefore, if a user clicks on a web page, they may actually be clicking on content from another page. A separate report indicates that this flaw affects most web browsers and that no fix is available, but that disabling browser scripting and plug-ins may help mitigate some of the risks.

And the worst part is that not only the malicious web pages, any legit site like Newsweek, Digg or BBC may carry this to you. The exact magnitude of risks is yet to come out, but is clear that present browsers are incapable of avoiding it.

In such a situation you can only hope to not come across it, while browsing.

So, right now, there are four options for you.

Stop Browsing the Internet, I know you can’t do it.
Suspend your browsing and wait till these browsers get updated, this is also difficult.
Start using Firefox, and install NoScript firefox plugin., You may not like it either, because this will make many of the sites you visit to appear as broken.
Pray, that you do not fall victim to the attack.

I think the only option is the last one.

Internet Marketers Should Know Computer and Internet Security (Written by Michel Maling)

admin — Tue, 05 Aug 2008 06:54:10 +0000

If you are working on the internet, or doing internet marketing, it is crucial that you have decent internet security. Failing to have adequate internet security will be a liability for you as it will be easy for hackers to access your computer and do all sorts of damage.
For one, hackers will be able to get hold of your passwords and it will be possible for them to go into your banking sites, or even worse they could get hold of your credit card information and spend a fortune before you get wind of it.

Hackers could also use your passwords to host their own websites under your name without you even knowing it. I have heard of cases where people were hosting porn and illegal sites without their knowledge. ID theft is also fairly common.

It is your responsibility to protect yourself and your business by making sure that you use an anti virus software, a firewall and anti spy ware and make sure that you update it regularly. There are 500 new viruses created each day, so make sure you stay on top of things.

A good site to visit to keep you up to date with all the viruses is ’staysafeonline.org.’ Here you can find out all you need to know about the latest viruses and also use some of their technology to protect your computer. Antivirus software that is pre loaded in your computer is normally outdated by the time it gets to you, so make sure you update by purchasing one of the recommended software programs, or stay on top of it by visiting the above site.

Invisus.com is a good site to visit for a wealth of information on this subject. They also have a free tool that you can use to run a check on your computer.

In short, to maximize your computer security: * Protect your personal information – It’s valuable. * Know who you are dealing with online. * Use strong passwords that can’t be guessed easily. Don’t use your date of birth for example. * Update your operating system and web browser software on a regular basis. * Backup all your important files. * And finally, make sure that you protect your children online.

I know we internet marketers are busy people, and we don’t always have time to think of things like this, but believe me you will waste a lot more time if your system is hacked into.

Do your virus update thing on a daily basis, it take five minutes, and then you can market to your hearts content for the rest of the day, not having to worry about the security of your personal information, or your computer crashing on you.

For more valuable internet marketing education visit: http://ashes2riches.com

About the Author
Michel Maling http://ashes2riches.com I live in the beautiful coastal city of Port Elizabeth in Sunny South Africa. I enjoy learning all there is to learn about internet marketing and helping others achieve their goals.