Thursday, February 18, 2010

Over 75,000 systems compromised in cyberattack

Over 75,000 systems compromised in cyberattack
via computerworld.com

Security researchers at Herndon, Va.-based NetWitness Corp. have unearthed a massive botnet affecting at least 75,000 computers at 2,500 companies and government agencies worldwide.
The Kneber botnet, named for the username linking the affected machines worldwide, has been used to gather login credentials to online financial systems, social networking sites and e-mail systems for the past 18 months, according to NetWitness.
A 75GB cache of stolen data discovered by NetWitness included 68,000 corporate login credentials, login data for user accounts at Facebook, Yahoo and Hotmail, 2,000 SSL certificate files and a large amount of highly detailed "dossier-level" identity information. In addition, systems compromised by the botnet also give attackers remote access inside the compromised network, the company said.

 Read entire article

Posted using ShareThis

Saturday, February 13, 2010

Passwords make a difference in keeping your accounts safe from hackers

Lately I've had an influx of people that have had their Facebook, Gmail, Yahoo and other accounts hacked only for someone in Nigeria to ask me to wire them money.  Do they really think that I am going to wire $2000 to someone I have just reconnected with?  No.  What I usually do is throw in a stumper in the chat.  Something the hacker won't have a clue about.  Not something that is true, but something that is false because the hacker will agree.  The other day someone asked me to wire them $3500 to London.  Now I haven't seen or heard from this guy since 8th grade so the fact that he's asking for money is already throwing up red flags, but I go with it.  Then I ask "How's my best UVA roommate doing?"  He answers; "I could really use the help."  Now, I know he went to Virginia Tech and saying he went to UVA would be like branding him with red hot pokers.  Furthermore, we did not even go to school together so being roommates was definitely not the truth.  At that point I knew his account was hacked.


How did his account get hacked?  Every account you open up on the internet requires a password.  It's the old daunting "what password can I make up today" scenario.  Most of us have one password that we use over, and over, and over, and over, well.... you get the point.  How secure is that password?  Can I guess it? Is it a variation of your username, real name, wife/girfriend's name, kids' name, dog's name?  I can guess those.  Most of the time, the hackers run programs that just try a bunch of passwords in a list.  This is what I call the "well known passwords and variations" list.  Do you really think that Pa55w0rd is a unique password you thought up and was cool?  No.  As soon as they get one password, they look for other accounts.  They then try the same password on the other accounts.  Once they have your email account, watch out, because they can reset passwords on just about any other account on the internet you created with that email address.


So, you ask, what is the casual, non-geeky internet user to do?  


Build a better password.  There are plenty of random password generators out there so use one.  When you register for a site, make sure that the password is random.  Now, you ask, how do I keep track of all these passwords?  I don't want to have to remember a different gobbledygook password for each site.  Well here's where technology comes into play.  In your browser, you have the option to save the password for each site.  Use that.  Many security experts say not to use it, but I say go for it.  There are only two scenarios where this poses a risk and those are when your computer gets physically stolen or totally hacked into.  I'll put up another blog post about securing your computer so that nothing can get accessed when it gets stolen, and someone trying to hack into YOUR computer doesn't really happen much anymore.  You can secure your computer against that with good anti-virus, anti-spyware/malware and a decent firewall.
If that doesn't tickle your fancy, you can use a password manager.  This is a program that you install on your computer that keeps track of all your passwords for the different sites.  Some can even automatically log you in or copy & paste your password onto the webpage.  My personal favorite is KeePass password Safe. (http://keepass.info)  This password manager will not only keep your passwords, but will automatically generate a new random password for you every time you create a new site.  The second bonus, it's FREE.


Give better answers.  Many of the sites ask you some "challenge questions".  "What's your mother's maiden name?" or "What city were you born in?" are the most common.  These are also easily guessed.  I can research the 'net and find out where you were born or what your mother's maiden name is without even having access to anything but your full name.  Here is what I like to do.  Make up your own and rotate the answers.  Put together a decoder key of sorts.  Every time a site asks for your mother's maiden name, put in your birthplace, or your first pet's name, or the street you grew up on, or even better some non-sensical answer. Just make sure you have a good decoder sheet for it.  You can also use the KeePass Password Safe to manage this since each site has a "notes" section.  In here you can put in the challenge question and how you answered it.


Stay safe out there on the 'net.  It's powerful, fun, entertaining, and dangerous.  When you put a lock on your house, you use a unique key that's hard to guess what the ridges look like.  You don't use one that has no ridges or only one.  Do the same for your online "house".  Use a good key to lock it all up.

Thursday, January 14, 2010

Google Turns on Gmail Encryption to Protect Wi-Fi Users

via Wired.com

Google is now encrypting all Gmail traffic from its servers to its users in a bid to foil sniffers who sit in cafes, eavesdropping in on traffic passing by, the company announced Wednesday.
The change comes just a day after the company announced it might pull its offices from China after discovering concerted attempts to break into Gmail accounts of human rights activists. The switch to always-on HTTPS adds more security, but does not help prevent the kind of attacks Google announced Tuesday.
All Gmail users will now default to using HTTPS, the secure, encrypted method for communicating with a remote server, for their entire e-mail sessions, not just for log-in. Session-long HTTPS has been an official option for Gmail users since 2008 (and unofficial for much longer), but Google says it hesitated turning it on for all since the encryption does slow down the service.
“Over the last few months, we’ve been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do,” Gmail Engineering Director Sam Schillace wrote in the Gmail blog.
This option often wasn’t necessary when people used fixed and trusted connections, such as their home or office DSL or cable lines. But as Wi-Fi connections, especially public ones, became more popular, hackers began using simple sniffing software to snoop on people’s online activities with the goal of stealing passwords.
Still, the switch doesn’t encrypt  e-mail — it simply encrypts the communications in transit between Google’s servers and a user’s computer — the same as when you use your bank’s website. E-mails sent to other people are transmitted in the clear as they have always been. True encrypted e-mail can only be read by the sender and receiver, regardless of how they move across the internet.
For those whose schools or workplaces that routinely monitor employee or student internet usage, the change also shields their e-mails from the IT department.
A coalition of privacy and security experts called on Google publicly to make the change last June, saying that Google was putting millions of people at risk by not using encryption as the default for their so-called cloud computing services.
Users who find the service slows them down or determine that it’s overkill for their needs can turn the HTTPS off in their account settings.
Rival free e-mail from Yahoo and Microsoft do not use HTTPS throughout their sessions, nor do social networking sites or other so-called cloud-computing services.
Instead, most of those services use the secure “HTTPS” protocol only for logging in, and fall back to unencrypted browsing thereafter.Failing to use HTTPS full time increases one’s vulnerability to a host of nasty hack attacks when using an open or badly secured network, particularly a public Wi-Fi spot.

Posted using ShareThis

Tuesday, January 12, 2010

Another new year and a new focus

So I've had 1 post in the last year. That really pathetic. After looking at the last year or two in happenings and other things, I will post some hints and tips on personal technology and security. There's been a few friends that have had their Yahoo, Facebook, GMail, and other online accounts hacked.  The worst thing is that the hacker is exploiting the relationship that person has with their friends/followers/contacts to extort money or other things.  Lets see how this goes.