Security code

Privacy Groups Calling for Internet Users to Employ More Security Tools

When Edward Snowden blew the whistle on the National Security Agency last summer, revealing that the agency had spied on millions of people online, Internet privacy advocates and security experts were concerned. If the U.S. government was able to engage in a large scale surveillance program without anyone noticing, who else is watching average Americans and businesses as they go about their normal activities?

In the wake of the surveillance allegations, a number of organizations, including technology companies, privacy advocates, civil liberties groups, websites and security firms are calling for better protections against unauthorized snooping. The centerpiece of their campaign is the “Reset the Net” campaign, which calls upon websites to deploy more effective security and privacy measures designed to keep online activity safe from surveillance — both from government agencies and cybercriminals.

While no one wants to allow risks to national security to go unchecked, many people are concerned that weaknesses in the current privacy and security controls on the Internet foster an environment in which individuals have limited privacy. It’s important to note that while government agencies were able to collect personal data simply by tapping into the unprotected networks, they need a court order — which must be precipitated by reasonable suspicion of wrongdoing — in order to review the information.

Still, many people bristle at the notion that someone is keeping tabs on their Netflix viewing habits or how long they play Candy Crush. Not to mention, cyber criminals do not adhere to restrictions regarding data collection — after all, they are usually accessing it illegally in the first place. This makes the call for increased privacy enhancements a matter of interest to everyone.

Protecting Your Privacy

While the “Reset the Net” campaign is focused largely on websites and service providers, there are steps that individuals can take as well to protect themselves from snooping and spying. Given that most people share sensitive data online every day, such as when they bank online, it’s important to take steps to protect your privacy and secure data.

To that end, privacy experts recommend taking the following steps:

Encrypting Data. Encryption is one of the most effective ways to protect your information from snoops. In fact, several major email services, including Google’s Gmail and Yahoo Mail have recently announced that they will begin using data encryption to secure messages sent and stored on their servers. Businesses and individuals alike can install encryption solutions on their computers to encode data both at rest and in transit, essentially rendering it useless to anyone who accesses it without the proper credentials.

Use Virtual Private Networks. Many businesses that allow BYOD have developed VPN’s to prevent employees from accessing corporate networks via public Wi-Fi or other unsecured connections. Individuals who do not have access to a VPN via their employer, or want to be able to check their email or bank balance securely using their smartphone or laptop in a coffee shop can download applications that create individual VPNs for increased privacy. A VPN won’t make you completely anonymous online, but it will block the hacker sitting at the next table over from eavesdropping on your online session.


Use HTTPS. Anyone who shops online should be familiar with HTTPS: When the S is added to the end of the “HTTP” in a web address, it indicates a secure connection. If the S doesn’t appear, anyone can spy on what you are doing. Consider installing a plugin that will ensure that any time you visit a site that has HTTPS capability, it’s launched.

Use Airplane Mode. If you’re doing something on your smartphone or tablet that doesn’t require an open Internet connection, switch the device into airplane mode. You will still be able to play games or watch downloaded videos — or even draft emails or text messages — but no one will be able to spy on your activities. When you can securely connect the device to a Wi-Fi network, then return it to normal mode and send your messages or update social media.

Some argue that the only way to maintain complete privacy is to ditch the smartphone and stay off t he computer. While that may be true, it’s certainly not practical for most people. It is possible to protect yourself from people who want to capture your information or see what you’re doing online without permission, so spend some time pulling down the proverbial shades. Even if you have nothing to hide, there’s a good chance someone is interested in what you’re up to.

This Guest blog is by  Erica Taylor


Don’t Let Usability Issues Compromise Security

RISKAnyone who has worked in an office environment as probably received an email or alert notifying staff that it’s time to change their login passwords (again) — and that those passwords have to meet an ever growing list of criteria: Letters, numbers, symbols, at least 8 characters, a Klingon word and their great-grandmother’s favorite color. So you come up with another “unbreakable” code that you can’t remember and write it down on a sticky note, conveniently stuck to the corner of your monitor.

Or perhaps you want to bring some work home for the weekend. But using your company’s secure system requires logging in, uploading the files and then establishing a secure connection — another multi-step process that adds several minutes and a migraine headache to the process. It’s easier to just email the files to your personal account, so you do.

Sound familiar? If so, welcome to a common problem in the world of security, where the solutions designed to protect us from “the bad guys” often create bigger security risks due to their lack of usability.

Common Barriers to Usability

One common issue in IT security is that the greater focus on security than on productivity. IT is so intent on protecting the asset that they forget that real people actually need to use it. Hence the regular and increasingly more complicated requests to change passwords, or the limited access to certain areas of the network, even though the employee has a legitimate reason to be there.

Some of the other common ways that security teams put security before usability include:

  • Implementing complex “tests” in order to gain access. An example is the CAPTCHA codes widely used to ensure that it’s a real person attempting to gain access. Yet they are almost universally hated, and many people would rather find a different application or online store than suffer through multiple attempts at getting the code right.
  • Overzealous blocking of websites or applications. Some companies go so far as to block any website that contains certain terms, fearing that employees will access inappropriate or harmful material on corporate networks — while also impeding their ability to do legitimate work-related tasks online.
  • Excess login requirements. A system that requires users to log in, enter a CAPTCHA code and then a one-time use code sent via text is not user-friendly. Multi-factor authentication does not mean using every single form of security available.
  • Implementing systems that are complex and do not fully identify or explain risks.

These are just a few of the ways the security overrides productivity, and they can put your data at risk. When your security protocols are so complex that employees use workarounds (like sending unencrypted emails to personal accounts),the very tools that you have in place to protect your network and data could be the cause of a security breach, as users attempt to find workarounds.

passwordSolving the Usability Problem

Just because a security solution limits what users would like to be able to do — or causes them to take a few extra moments to ensure that that everything is protected from prying eyes — doesn’t mean that it isn’t valuable. It’s just as hazardous to focus on productivity and ease of use while putting security on the back burner as it is the other way around.

The key is to find the right balance between implementing solutions that people will actually use and those that provide the highest degree of protection. To that end, it’s often best to approach security with the following in mind:

  1. How does this solution operate? Ideally, security should operates in the background with a minimum of user intervention, like SafeNet cloud security and encryption solutions.
  2. How can we streamline the security process? For example, implementing a single login process that allows an authorized user access to everything he or she needs on the network can make it easier for workers to stay productive while still protecting sensitive data.
  3. What are the security priorities? Does every application need the highest level of protection, or can security be managed in tiers, with lower priorities receiving less stringent access protocols?
  4. How can we move security from a place of “no” to a place of “yes”? Many experts note that modern IT security is largely focused on preventing bad behavior and protecting networks against “what ifs,” without thinking about how people really use them. Instead of focusing on blocking, preventing and denying, security should focus on how to allow people to do what they need while still providing protection.

The balance between usability and security has long been a tenuous one, and there is no easy solution. However, IT security teams that recognize the issues and take steps to mitigate the problem will likely find that they have fewer security issues and an overall safer network.


‘This Content Might Require Java Update 13.6′ Is a Masked Malware Attack

Java update is one of the technique that is used by cyber-criminal to promote their malwares. over this week onlinethreatalerts posted a new article that cover an online advertisement urging users to update their Java application to display certain content. by clicking on the banner victim will be redirected to a malicious website hosting fake updates and viruses.

The website is normally if you will see this URL it is clear that there is no Java on similar link. Any application or file can harm your system but here attacker will redirect users to where the actual malware hosted. this will add to the browser a toolbar and it will perform hijacking of the browser information.

6Fake Java Update 13.6 by onlinethreatalerts

If you see similar advertisement on any website you visit do not follow the link and make sure to download and update application only from official website that are tested and approved by the application owner.


Malicious Facebook scam claims Tracy Morgan’s Death

Social media including Facebook are often used by scammers to promote their fake applications or malware. the problem with those type of attack that the malicious link will be shared with victim friends and allows to further circulation. over this week a new case was spotted by Malwarebytes for a hoax claiming a video for the death Tracy Morgan.

The scam is titled “[Death Video] R.I.P. Tracy Morgan died few minutes ago in hospital” when the user click on the link he will be redirected to some offers and webpages to download fake applications.

morgan1screenshot  for the video shared on Facebook sourced malwarebytes

When you see similar scam on Facebook do not click on the link and make sure to report the video as a scam. the scam may lead to infect your system and share the malicious link with your contact. if you have mistakenly clicked on the link make sure to run a full system scan with your security software and change your Facebook password.


Cybercriminals create a network sniffing malware to reach bank customers

Online banking have made all systems connected and allowed users to easily purchase their product without any issue. while this is an advantage there are still some disadvantages for such solution with human vulnerabilities. In the last few years cyber criminals are focusing on these system by creating spoofed emails and phishing websites to compromise more users and have their credential.

one of the last cases spotted by TrendMicro is a new malware that steal victims credentials and sensitive information by sniffing the compromised network activity. EMOTET is the name of this malware that is promoted by spamming campaign where the fake email trick user by referring to a financial transaction for Volksbanken-AG and contain a link to download and install all malware component.

EMOTET-1Sample of the spam message spotted by TrendMicro

According to TrendMicro post targeted customers are for Banks in Germany this was identified by the email samples and malware configuration analyses. While the malware is combining the attack between network sniffing and DLL injection for hooking certain processes.

Reversing EMOTET shows that it is similar to other banking trojan as it look into the authentication field while the network information can add more capabilities for the malware to grab encrypted information with HTTPS. At the moment the malware is concentrated in Europe specifically in Germany while we may see more samples distributed in the cyberspace and other countries in the future.

If you receive similar spoofed emails make sure to ignore them and report them as a junk email so your security software update his definition.


drozer- security and attack framework for Android

Android becomes a popular platform for developers and we see an increasing number of applications running on mobile devices that support this system. Technology have rapidly changed and security tools for making the assessment are also increasing.  drozer is a tool that can be used for Mobile device review , Secure development of applications, BYOD approval and Mobile application testing.

There are two version of drozer an open source and professional one. the only addition for the pro version is the automation while remaining functionality are the same. some of the functionality are:

  1. Gathering the information about the application
  2. Find the attack surface
  3. Test your Exposure to Public Exploits (this is useful for checking the security of BYOD)
  4. Execute dynamic code on a device, to avoid the need to compile and install small test scripts.
  5. Start Android emulators, provisioned with the drozer Agent and the app you want to investigate.
  6. Simulate sensor input, such as GPS, to emulators to test the full attack surface.
  7. View the attack surface as a graph. this will be helpful for the risk assessment reporting.

drozer-simulate-sensor-inputCall a phone number from a remote android device (sourced drozer official website)

Drozer contain two component Agent that should be installed on the android device and server that will run the assessment and remote instruction to the agent.  You can read more and find the full usage instruction over this link: drozer user guide


Compromised banner on Nico Nico Spreading Fake Flash Player

Popup and advertising banner is one of the way that cyber criminals use to promote their malwares. some of the similar incident were found in the past include popular website such as yahoo, New york Time where attacker managed to compromise an advertising banner and post a link lead to their malware.

Symantec security researchers posted their finding about a malicious banner displayed on Nico Nico one of the largest video sharing resource in Japan.  the attack affected several million of users as if one open the video he will find a new pop-up notify them to update their Adobe flash player. The URL is registered on the .biz domain and not belonging to Adobe or Nico Nico while it is looking very close to Adobe page to trick users.

niconico_Fakeflash_LOBFake Flash Player Page sourced Symantec

The claimed update will start to verify victims information such as browser version, HD serial number, MAC address to send them over to remote system controlled by attackers. the Nico Nico confirmed the malicious banner and stated that the source is a third party advertising firm MicroAd. if the victim will allow the update on his browser he will notice fake programs to be installed (FLV Player, System Speedup ,Search Protect ,VuuPC etc) without really updating any flash player.

To protect your self against such attack make sure that your security software is updated and it is integrated with your web browser. normally if you have this enabled you will not have the banner or popup alert as the antivirus will block untrusted sources. It is also important to keep your browser updated to eliminate vulnerabilities.