Security Tech

Behind Every Good Network is “The Guy”

Posted on


We live in a world of cloud-connected services, ever-expanding workforces, and consumer apps and technology — and it all adds to the complexity of network connectivity.

Things like: linking remote sites, allowing access from home offices or mobile workers, and providing managed access to hosted services are all top of mind, and all require secure, reliable connectivity — but there has been no one-size-fits-all approach that’s easy.

I mean — that’s what I am told. See, back when I was an IT pro, I always had the perfect solution. I kind of cheated — I worked in an IT organization with an annual budget larger than most small business revenues, and we were able to buy more gear than your average local data center, but the real secret to my networking success? I had “the guy.” Read the rest of this entry »

The OpenSSL software bug that saves you from surveillance!

Posted on


FILED UNDER: CryptographyFeaturedPrivacy

Bugs in pseudorandom number generators (PRNGs) are usually cause for concern, at least in cryptographic circles.

There have been numerous examples over the years.

We had the Debian “code fix” that removed all but 15 bits’ worth of unpredictability from the random generator used to secure OpenSSH.

We had the CryptoCat bug that caused zeros to turn up about 0.4% too often.

And recently we had a cryptographic design flaw in Drupal that saw the wrong sort of random generator used in the wrong sort of way.

But this story is different.MORE

How We Track Wifi Hacker

Posted on Updated on


How We Track Wifi Hacker

Wi-Fi Compromised / Hacked ?How to Track wi-fi Hackers?

Got a Wi-Fi net connection ? And do you think it is secure enough ? With the onset of cyber crimes taking place,your Wi-fi may be used illegally by hackers or some other people.Either you may get high internet bills in reward or you may be on headlines as your net may be compromised to send malicious emails to anyone,that’s what happened in India sometime ago in Mumbai Bomb blast case. Well,there comes MoocherHunter™ to rescue.

MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. If you have ever wondered about the possibility of your wireless network getting used for illegal purposes, you must consider using Moocher Hunter. Read the rest of this entry »

Better than BackTrack? Kali Linux offers new brand of pen-testing tools

Posted on


BackTrack Linux no more. The popular open source package of penetration testing tools now has a new platform and a new name.
BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. It is often a tool recommended in TechRepublic discussions and in round-ups of open source tools for IT pros. The creators of BackTrack recently announced that in lieu of a new version, they have instead built a brand new distribution called Kali Linux that fulfills the same general purpose.
Writing five days after its initial release, the Kali team reported over 90,000 downloads and had already added more documentation and even an early bugfix. But what exactly is new in Kali and why did they scrap BackTrack and start all over? After putting together a wishlist of what they wanted in the next version of BackTrack, the developers realized they were looking at major changes: Read the rest of this entry »

Chess CAPTCHA – a serious defence against spammers?

Posted on


CAPTCHAs – the questions that a website asks you to answer to prove if you’re a human being or not – come in many shapes and forms.

Conventional CAPTCHA

Although they most commonly ask you to decipher some words hidden in a distorted graphic, there are more elaborate versions which can ask you tosolve some complicated mathematical calculation or ask you to add toppings to a pizza in an attempt to stop automated bots leaving spammy messages.

As a keen chess player, I was interested to see this CAPTCHA being used on an online chess forum:

Chess CAPTCHA

Okay, so it’s not much of a challenge if you’re a chess player, but it also clearly locks out any users who do not know how to play chess. (For those of you can’t see the checkmate, the answer is upside-down at the bottom of this article – and make sure to realise that Black is playing from the bottom)

But most importantly, if a CAPTCHA system like this were to become widely-used, how tricky would it be for an automated bot to solve the puzzle?MORE

Google Offers Help to Webmasters Whose Sites Were Hacked

Posted on


Google has launched a page and a set of tutorials aimed for webmasters whose site was hacked.

Specifically, Google explains webmasters how to deal with Google’s search warning that a site is dangerous, which usually appears if a hacker has infected the site with harmful code.

“Every day, cybercriminals compromise thousands of websites. Hacks are often invisible to users, yet remain harmful to anyone viewing the page — including the site owner,” claims Google on the site titled “Webmasters help for hacked sites.

Google starts with a video tutorial (above) which explains the basics of how and why sites get hacked, and then goes into more advanced territory with info on how to quarantine a site, identify its vulnerabilities and clean it up from harmful code.

How do you like Google’s latest initiative? Do you think the material is too advanced or perhaps too simple for the average webmaster? Share your thoughts in the comments.

Image credit: Google MORE

FBI: Hundreds Of Thousands May Lose Internet In July

Posted on


Cybersecurity

WASHINGTON (AP) — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.

Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org , that will inform them whether they’re infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.

Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.

Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.MORE

Web could vanish for hordes of people in July, FBI warns

Posted on


The FBI is warning that hundreds of thousands of people could lose their Internet connections come July, unless they take steps to diagnose and disinfect their computers.

The problem is related to malware called DNSChanger that was first discovered way back in 2007 and that has infected millions of computers worldwide.

In simple terms, when you type a Web address into your browser, your computer contacts DNS (or Domain Name System) servers to find out the numerical Internet Protocol (IP) address of the site you’re trying to reach, and then it takes you there. DNSChanger fiddled with an infected machine’s settings and directed it to rogue servers set up by a crime ring — servers that handed out addresses to whatever sites the ring chose.

DNS Changer infections per dayThe DNSChanger Working Group said early this year that about 450,000 systems were still infected by the DNSChanger virus.

(Credit: DCWG)

As a U.S attorney said in an FBI press release, the crooks “were international cyberbandits who hijacked millions of computers at will and rerouted them to Internet Web sites and advertisements of their own choosing — collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered.”

Late last year, however, the FBI disrupted the ring and seized the rogue servers. And since so many infected computers relied on the servers to reach the Internet, the agency opted not to shut them down and instead converted them to legitimate DNS machines.MORE

Fake Instagram app infects Android devices with malware

Posted on


InstagramTempted to try out the much talked about Instagram app? Well, be careful where you get it from – as malware authors are distributing malware disguised as the popular app.

It’s a rain cloud on a summer’s day for the Instagram photo-sharing smartphone app, which is otherwise having a glorious time right now.

First of all, Instagram released a first version for Android and managed to get five million downloads in less than a week.

Then the 13-employee firm managed to sell itself to Facebook for a cool $1 billion, making some of us wonder about privacy, and others think – “to heck with that, do I have a program that’s never earnt any money that I might be able to flog to Mark Zuckerberg?”.

Naturally, the Facebook acquisition news raised Instagram to even higher levels of public awareness and that’s where the bad guys stepped in.

Cybercriminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users.MORE

3 Hackathons Trying to Change the World

Posted on


 

Scott Henderson is managing director of CauseShift, writes about social impact for the Chronicle of Philanthropy, and is founder of NewEmpireBuilders.com, a media collaborative covering the startups, non-profits, and companies making the world better.

When you think of hackathons, you might think of coding, right? That’s certainly where the concept came from, but it’s taking on new meaning, as more non-profits and civic leaders embrace it as a format for social innovation.

In recent years, hackathons have helped city governments across the country build new web and mobile applications. These apps provide services like a way to report potholes. Now, hackathons are being used by an even wider range of sectors that involve social good. Below are three that are leading the way.MORE