Sunday, October 26, 2008

sometimes it's a good thing to capture keystrokes!


A while back I compared teaching kids about the internet to teaching them gun safety. I believe the parallel works. In the case of guns - the safest thing to do is to not have one in the house. But if you do have one, do you keep it in a safe? with a trigger lock? do the kids know it's there? are your teenagers trained in the legal and safety aspects of using it safely?

The same can be said about the internet - if you are REALLY concerned about keeping your kids safe from cyber predators, don't have a computer online at home. If you must have one - develop your plan of how you'll train them. It's not about using a mouse, it's what you do with it.

There are many ways to make your home computer safer - here are a few tips and a recent testimonial on why it's important
Internet safety tips
•Don’t put a computer in the child’s room. It’s better to have it in a room where parents can monitor activity.

•Check out parental controls. Some are free.

•Get your kids to educate you about the Internet.

•Communicate with them and assure them they won’t lose Internet privileges for reporting inappropriate messages and images.


www.kansascity.com | 10/25/2008 | Program discusses Web safety for children

Friday, October 17, 2008

Silent Banker Trojan Keylogger Threatens All Online Transactions Just For Starters

My favorite nemesis is now being distributed as a root kit.

not good ...

the Silent Banker Trojan login page will steal your keystrokes with a keylogger & then send your passwords & login information to a server that is operated by cyber hackers or even cyber terrorists who need funding...

That's old news.

The latest problem with the Silent Banker Trojan is this...

It now apparently has added a rootkit that will let the Silent Banker Trojan load before your virus detections software rendering it useless.

Silent Banker Trojan Keylogger Threatens All Online Transactions Just For Starters

though the bigger bummer here is before I'd want to try out the software recommended by the author, I'd like to know more about who HE is before installing it! and also I'd want to try it out on a computer other than my primary one.

cyberwar is war

There are many reasons why an individual considers strengthening the security on their on computer.
1. Fear of identity theft
2. Protect their kids from predators
3. Protect their computer so it will still work ok
...
But I have not heard a single person outside of the tech industry ever say anything like
"eliminate one attack option for a hostile nation"


Take a look at the following link - When Russia and Georgia fought a small physical war last month - there was also a cyber component. The citizens of Georgia - military and civilian - could not get to the internet because of an attack called DoS. (Denial of Service)
"Russia is one of the most capable countries when it comes to launching system intrusion hacking attempts, distributed denial-of-service attacks, and operation of botnets," said Don Jackson, director of Threat Intelligence for SecureWorks. "Yet you'll notice the number of attacks coming from Russia are very low."
...
On the SecureWorks list, the United States has more than 20 million botnet compromised PCs. The next highest is China at roughly one-third that number, or 7 million. At first glance that may seem due to the size of each country and the number of computer users. Jackson said that isn't necessarily the case

A Denial of Service attack is a network of computers simultaneously making requests against a given server at a rate so high that the attacked server cannot respond. It's like trying to make a call out of a radio station during a promotion where they invite everyone to call in. DoS are most effectively run by Botnets. Botnets (robotic networks) are sleeper programs on regular citizens PCs. Like yours, or mine. When a botmaster wakes them up, he has an army to attack with. Last year a man arrested in LA who had a bot army of 250,000.

SOOOO - what do I do?

Well, Joe the Plumber, you can do a few things
1. throw out your computer, cellphone and any other computing device OR
2. get educated and stay educated! What is working for you today on your computer may not be enough tomorrow.

and of course - get a good firewall and AV/Anti-malware suite! :)



Thursday, October 16, 2008

there is nothing funny about bullies


remember the old days when a bully was a tough that wanted to take your lunch money?
you either went hungry, got in a fight, or RAN!

As a parent, it's tough enough to help your child deal with the local toughs, but with the cyberage upon us, it's even tougher. Take a look at these tips from our friends in the government, I'm sure I'll post more on it later

US-CERT Cyber Security Tip ST06-005 -- Dealing with Cyberbullies

BTW - where they say something like be careful what you post ... I'm almost CERTAIN this was written before all the social sites like MySpace, Facebook, LinkedIn etc became popular. You can look here for recent thoughts on them.

it's a small small world ...

drats! now I'll have that Disney song in my head all morning! ;)



Yesterday I attended the Electronic Crimes Task force quarterly meeting hosted by the Secret Service. Undersecretary of Cybersecurity from the department of Homeland Defense Gregory Garcia was the first speaker. His presentation was very good, it was clear that there still is a lot of work to do, but it was also clear that they had accomplished a lot during his watch.

One of the items he reminded us about was it is the 5th annual CyberSecurityAwareness month! Follow the link for a list of things you should think about for securing your home computer.

On a similar thread ... I read a story this morning discussing one of my favorite topics -(see the new economy)
The FBI was recently revealed to be operating an online forum called DarkMarket, as part of a sting operation against criminals buying and selling stolen identities and credit card information online.
see the whole story from cnet here

Cyber threats on the rise, FBI official says

Cyber threats on the rise, FBI official says

Thursday, October 9, 2008

ET phone home ...


It's been a great afternoon!

To help us celebrate Sarah's and Seth's birthdays, our good friends Suzanne, Seth and Luke took us out on their horses for an afternoon of riding. My guys haven't ridden very much, but everyone did very well - no new bumps or bruises! It was my first time on horseback since 91 when I went on a ride in the Blue Mountains just outside of Sydney. After a few nerves in the beginning (for both the horse and I!) it was a lot of fun.

Seth was just practicing his violin - playing Gavotte, Happy Farmer and Red River Valley on the violin - one of the family dogs Badger was doing his very very best to sing along ... it was very funny! :)

Now, I'm smelling brownies cooking ... mm mmmm very nice!

Much nicer than this ...

There's a new type of identity theft I just learned about - ATM skimming. Yes, this refers to stealing your card data and pin. Apparently the crooks can scan your card when you slide it in, then video you tapping in your pin - send all that data via a cellphone to a nifty card manufacturing warehouse and bada boom bada bing! they can rip you off!
For about $8,000, skimmers can have their own ATM overlay capable of transmitting 1,856 cards via SMS. Bulk pricing is available. And if they don't want the information sent card by card, they can dial into the device and download the data at their convenience.

robbers phone it in Defense in Depth - computer security, hacking, crime, viruses - CNET News

What can I do about this?? not a whole lot, just be aware of the ATMs you use, and look for things out of the ordinary.

Friday, October 3, 2008

bait and switch

so you want to find out a little more about the moderator on the VP debate - what else do people do these days but pull up google and badaboom badabing - you have a list of articles to read!

STOP! before you click on that top link - read this from ZD net!
Search keywords blackhat SEO malwareA random keyword “on fire” like gwen ifill wheelchair indicates that 55 minutes ago a malware serving blog has been successfully crawled and is now appearing within the first 10 results thanks to the high page rank of Windows Live Spaces. Upon clicking the link, the user is exposed to the typical ActiveX Object Error message that is attempting to trick them into installing TrojanDownloader:Win32/Zlob.AMV with 10 out of 36 AV scanners currently detecting it (27.78%).
full article here
Cybercriminals syndicating Google Trends keywords to serve malware | Zero Day | ZDNet.com

what does this mean?
well - the fraudsters have their program they want to install on your computer - in this case it's the Zlob.amv which would happily send out your personal information across the internet back to the fraudster. Now that they have it in hand, all they need to do is get YOU to download it to your computer. They do it by tricking you into thinking you'll be on a legitimate website researching ... whatever hot topic you are doing that day.

update - here's another example - this one from a fake YouTube site
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.

what can I do?
1. verify your Anti-Virus package evaluates all search results links. Only visit those that are verified as good.
2. verify your AV suite is a good one for detecting and killing malware!

Thursday, October 2, 2008

the new new economy


Below is a great write up of a new black market I've been describing to people over the past 18 months. The idea of hackers targeting you as an individual seems very slight - targeting your bank (assuming the bank is still there of course!) seems like a much better target.

But - that's where common sense fails.

All people who use the internet for commerce, banking or just chit chatting are exposed.

Why should I as a hacker attack a bank that has a couple of major firewalls and a variety of anti-fraud devices, when I can create, buy or rent a program that'll provide me with the keys to the kingdom?? (your username and password)

It's just like a burglar trying to convince a bank teller just to give him money - then failing that he walks down a suburb street just testing every front door. If it's locked, no problem, there are many more homes. If it is not - then he'll go inside and find the person's bank book and id so he can NOW easily make a withdrawal.

For this type of hacker, any or all of your personal information is valuable for social engineering as well as any user id's and passwords.

vnunet.com analysis: The malware 'shadow economy' - vnunet.com

the key here is don't freeze from fear - but take the right steps and protect yourself!