WISH YOU A HAPPY AND SECURE YEAR 2009

Saturday, November 22, 2008

Launch Application Keyboard Shortcuts

Launch Application Keyboard Shortcuts

Windows Vista has it's own set of keyboard shortcuts, but did you know you can launch also assign shortcuts to launch any application? For example, you might want to launch the Calculator every time you press CTRL + F12.

To assign a keyboard combination, find a shortcut to the application you wish to launch, right click it and select Properties:

Name:  keyboardshortcut.jpg Views: 661 Size:  9.0 KB

Then click in the "Shortcut Key" box and press the desired key combination you wish to start the application. Once you have done this, click OK. You can choose a key combination from the following options:
  • F1-F12 or Numpad Key
  • SHIFT + (F1-F12 or Numpad Key)
  • CTRL + (F1-F12 or Numpad Key)
  • (CTRL + ALT or CTRL + SHIFT or ALT + SHIFT) + Almost any key
Click image for larger version  Name: keyboardshortcut2.jpg Views: 117 Size: 14.1 KB ID: 203

Now, pressing that key combination should load your selected application. This can be a real time saver for your most used applications.

Thursday, November 20, 2008

Quote of the day

Quote of the day


When bad men combine, the good must associate; else they will fall one by one, an unpitied sacrifice in a contemptible struggle.

Edmund Burke

New IT Term of the day

New IT Term of the day


sockstress


Also called TCP sockstress, sockstress is a potentially serious generic issue in many operating systems that affects the availability of TCP services. It is believed that a DoS attack exploiting the sockstress vulnerability uses half-open connections to deplete resources in the machines under attack. It very quickly causes specific services to become unavailable and may even require complete machine reboots. The attack may be effective against almost anything on a network, including Windows, BSD, Linux, embedded systems TCP/IP stack implementations, and others.

May also be referred to as TCP state table manipulation vulnerability.

Keylogger spyware ordered off the market

LAW : Keylogger spyware ordered off the market

By Chuck Miller

Nov 18, 2008

http://www.securecomputing.net.au/News/128662,keylogger-spyware-ordered-off-the-market.aspx

In a victory for privacy advocates, an Orlando, Fla.-based company has been ordered not to sell keylogger spyware.

The company, Cyberspy Software, LLC, marketed a product called RemoteSpy keylogger spyware to customers, who in turn were enabled to secretly monitor unsuspecting users' computers.

The U.S. District Court court order, sustaining an action brought by the US Federal Trade Commission (FTC), said, “consumers throughout the United States have likely suffered and will likely continue to suffer substantial injury, including monetary loss, as a result of Defendants' unlawful acts or practices.

In addition, Defendants have been unjustly enriched as a result of their unlawful practices.”

The FTC complaint said that Cyberspy Software promoted the program, called RemoteSpy, as a “100 percent undetectable” way to “Spy on Anyone. From Anywhere.”

The FTC complaint also said that the defendants unfairly collected and stored the personal information gathered by their spyware on their own servers and disclosed it to their clients.

According to papers filed with the court, Cyberspy provided its clients with detailed instructions explaining how to disguise the spyware as an innocuous file, such as a photo attached to an email.

When the victims clicked on the disguised file, the keylogger spyware installed itself without the victims' knowledge and recorded every keystroke typed – including passwords.

In addition to halting the sale of RemoteSpy software, Cyberspy was ordered to disconnect any servers that collect, store or provide access to information that its software gathered.

The court also said that it may award other “ancillary relief,” which could include the return of “ill-gotten gains.”

The complaint named Tracer R. Spence – the registered agent and manager of CyberSpy Software – as the person “liable and culpable for the charges made in this case.”

This represents at least a small victory against what some people regard as one of the most nefarious ploys out there. But since keyloggers are the ubiquitous tools of the cybercrime tool inventory, just eliminating a commercially available program may do little to stem the tide.

But it's a start, and some technical progress against the threat is being made. For example, the 64-bit versions of Windows Vista and Server 2008 implement mandatory digital signing of kernel-mode device drivers, which restricts installation of keylogging rootkits.

British site focusing on online scams faces DDoS attack

ATTACK : British site focusing on online scams faces DDoS attack

by Elinor Mills

November 17, 2008

http://news.cnet.com/8301-1009_3-10098833-83.html

A British Web site that warns consumers about online financial scams was taken down by a distributed denial-of-service attack on Monday.

Bobbear was being overwhelmed by a "huge" botnet with "over half a million recorded zombie hits from midnight to 8 a.m. today (GMT)," Bob Harrison, administrator of Bobbear, told security firm Sophos.

The site remained down as late as midday Pacific time.

Bobbear has been targeted before. In October 2007, hackers attempted to damage the company's reputation by sending e-mails that solicited donations to the company via an online payment service.

"An attack like this is unfortunate news for the Internet community, as it disrupts the dissemination of hundreds of pages of warnings about e-mail frauds archived by Bob over the years," Sophos senior technology consultant Graham Cluley writes in his blog. "The only consolation that Bobbear can take is that they must be having an impact on the fraudsters if they are prepared to launch an attack like this."

GCC Vulnerable To Cyber-Criminals

RISK : GCC Vulnerable To Cyber-Criminals

November 16, 2008

http://crealis.es/2008/11/gcc-vulnerable-to-cyber-criminals.html

(Crealis) -- Global organized crime has gone high-tech, complete with auctioning sites selling malware and stolen bank card details, reports GCC regional security experts.

Organized crime is now the major driving force for illegal web activities. Due to the relative ease of operating almost invisibly over the Internet, criminal's shift from physical to cyber safe has been swift.

The rate of growth of malware has shot up exponentially in the last few years. In 2007 over 5 million unique malware samples were detected. At the current growth rate, this conservatively projects to over 230,000,000 by 2010.

A recent regional security survey conducted by Trend Micro and ITP.net revealed that in the past three months alone, 80 percent of users were affected by spam; 31 percent were affected by viruses; and 23 percent were affected by viruses and Trojans.

Startlingly, 25 percent were unaware that threats existed in the region.

The survey also revealed that, people in the Middle East are fairly knowledgeable about security threats such as spam, viruses, worms and Trojans, but only about 18 percent have heard of 'rootkits' - a set of tools that allows hackers to gain access to key root functions on a server.

"The Middle East's economic success signals a lucrative target for cyber criminals," said Ian Cochrane, Regional Marketing Manager, Trend Micro. "All attacks are financially motivated. Given the sophistication and stealth of these attacks, it is imperative that regional businesses have the right level of protection."

Web threats can be installed on a PC without the user's implicit knowledge and permission. Because 72 percent of regional employees browse web-sites unrelated to work, the chances of downloading malicious software are much higher.

Unprotected hot spots are particularly dangerous. The study shows that 73 percent of employees use laptops outside of work, increasing the chances of infection.

UK consumers worth £14500 each to cyber criminals

VALUE : UK consumers worth £14500 each to cyber criminals

Brits are prize catch for phishers

By Nick Heath

17 November 2008

http://software.silicon.com/security/0,39024655,39344715,00.htm

Each adult in the UK is worth about £14,500 to internet criminals according to the UK's online security guardians.

The value of the average UK person's salary and credit card details to online fraudsters was revealed in the 2008 report by the secure computing initiative Get Safe Online (GSO), whose members include HSBC, Microsoft and the Serious Organised Crime Agency.

A quarter of the 1,400 people surveyed said they knew someone who had revealed details to fraudsters following a phishing email - up from about eight per cent in 2007.

Nick Staib, director of GetSafeOnline.org and senior manager at HSBC, warned of the long term implications of falling victim to internet crime.

He said in a statement: "If your financial reputation has been compromised through identity theft, this could have an impact on your ability to obtain credit or borrow money in the future.

"Even with an explanatory note on your credit record, you may be viewed as 'high risk'."

A fifth of small UK businesses have been a victim of an internet scam and one third of companies have been infected by a virus, a separate GSO survey of about 1,000 businesses with fewer than 10 employees also found.

It said that an average of £1,540 is lost due to downtime during IT failure.

It echoes a recent report by the Corporate IT Forum that found 65 per cent of UK businesses had seen a rise in cyber attacks such as distributed denial of service assaults or malware infections.

The GSO report coincides with the start of Get Safe Online Week, a GSO drive to promote online security that began today.

Tuesday, November 18, 2008

Windows Vista Tips - Secret Vista Boot Screen

Secret Vista Boot Screen

Normally, Windows Vista will boot up with a boring progress bar scrolling across a black background. However, it is possible to change this to something much more interesting with just a few clicks!

The old boot screen currently looks like this:

Click image for larger version  Name: bootscreen2.jpg Views: 187 Size: 5.6 KB ID: 24

The new Aurora boot screen will look like this:

Click image for larger version  Name: bootscreen1.jpg Views: 199 Size: 10.7 KB ID: 25

To perform this change, run msconfig from the run box (press WINDOWS KEY + R to access this).

Name:  bootscreen3.jpg Views: 3346 Size:  25.6 KB

Then, select the Boot tab, click "No GUI Boot" and then OK.

Name:  bootscreen4.jpg Views: 3323 Size:  46.5 KB

Once you have restarted your PC you will see this new boot screen, which should not have any adverse effect on loading times.

Windows Vista Tips - Remove Shortcut Arrow

Remove Shortcut Arrow

Users of Windows XP were able to remove the shortcut arrows that you see on your desktop with the handy TweakUI tool. However, as this doesn't work in Windows Vista you'll need to use a new application to do this.

Download the Vista Shortcut Manager tool from FrameworkX.com (32Bit Version, 64Bit Version)

Once this is installed, open the application from the start menu and then select the No Arrow box and click Apply:

Name:  shortcutarrow1.jpg Views: 1103 Size:  36.2 KB
Now, your icons on your desktop will look much nicer with the little white shortcut arrow removed:
Name:  shortcutarrow2.jpg Views: 1087 Size:  5.1 KB
You can also play with the custom shortcut arrow options which let you make your own custom arrows or use a smaller semi-transparent one.

Windows Vista Tips - Vista Slow Network

Vista Slow Network

Windows Vista has been known to cause slow network transfer speeds for some users, most noticeable when copying files across a network that take much longer than before.

Some suggestions that may help users experiencing slow network performance are as follows:

1) Download the latest drivers for your network adapter from the manufacturers site (do not rely on the Windows Update drivers). Then, check they are configured properly by viewing the device manager settings.

2) Install the latest Windows Update patches, including Vista SP1.

3) If you use a 3rd Party firewall, be sure that it is configured correctly. For example, in Kaspersky Internet Security there is a "high speed" setting that should be ticked.

4) Try disabling Remote Differential Compression by clicking Start > Control Panel > Programs > Programs and Features. Then click Turn Windows features on and off, untick Remote Differential Compression and click OK:

Click image for larger version  Name: slownetwork1.jpg Views: 168 Size: 95.2 KB ID: 96

5) The final thing to try would be to disable network Auto-Tuning. First, load the run box by pressing WINDOWS KEY + R and then run:

netsh interface tcp set global autotuninglevel=disabled

You will need to restart your PC after this and retry the network transfer. If speeds are still low, you can return the auto-tuning to default mode by re-running the following command:

netsh interface tcp set global autotuninglevel=normal

Monday, November 17, 2008

Quote of the day

Quote of the day


They (corporations) cannot commit treason, nor be outlawed, nor excommunicated, for they have no souls

Lord Edward Coke

New IT Term of the day

New IT Term of the day


SOCKS


A protocol for handling TCP traffic through a proxy server. It can be used with virtually any TCP application, including Web browsers and FTP clients. It provides a simple firewall because it checks incoming and outgoing packets and hides the IP addresses of client applications.

There are two main versions of SOCKS -- V4 and V5. V5 adds an authentication mechanism for additional security. There are many freeware implementations of both versions. One of the most common V5 implementations is SOCKS5, developed by NEC.

SOCKS was recently accepted as an IETF standard and is documented in RFC 1928, 1929 and 1961.

Attacks on networks are increasing in size and frequency

TREND : Attacks on networks are increasing in size and frequency

Dan Raywood

November 14 2008

http://www.scmagazineuk.com/Attacks-on-networks-are-increasing-in-size-and-frequency/article/121016/

Malicious attacks on networks are continuing to grow.

According to a report by Arbor Networks, attacks grew at an alarming rate over the past year with smaller and more sophisticated attacks proving to be more difficult to manage than larger, brute-force attacks.

Arbor claimed that service-level and application-targeted attacks, DNS poisoning and route hijacking are more difficult to manage than larger, brute force attacks and can cause a serious disruption in network service or enable further compromise.

It also claimed that distributed denial-of-service (DDoS) attacks had been as large as 40 gigabits in the last year. The largest sustained attacks reported in the last two years were 24 gigabits per second (Gbps) and 17 Gbps, respectively. This represents a 67 per cent increase in attack scale over last year, an increase of nearly 2.5 times of the largest attack reported in 2006, and a 100-fold increase since 2001.

Botnets remain as the largest problem facing network operators in the next 12 months according to the report, with 26 per cent of respondents claiming that they were the primary vehicle for delivering the largest problems to network operations and security engineers.

The survey also asked providers where new threats could emerge in the next year. Fifty-five per cent of respondents said the scale and frequency of security threats for IPv6 will increase as it becomes more widely deployed, while only eight per cent of respondents believe threats will decrease with improved IPv6 deployment.

Although VoIP continues to be a rising attack vector for miscreants, providers were underprepared to protect their VoIP infrastructure from attack. Only 21 per cent of respondents indicated that they had tools in place to detect threats against VoIP infrastructure or services.

Rob Malan, co-founder and CTO of Arbor Networks, said: “Many organisations generate most or all of their revenue from web or other network service transactions, and their internet ‘presence' is critical to their fiscal well-being. As a result, many organisations now consider a subscription to MSS as an everyday cost of doing business on the internet, and budget for these services just as they would disaster recovery, data backups, and traditional network redundancy.”

Danny McPherson, chief security officer for Arbor, said: “Detection of application layer attacks is more difficult than with flood based attacks. Providers need to have deep application insight into IP services and applications – such as DNS, HTTP, VoIP, IM and P2P – in order to identify, and mitigate such attacks. To do so effectively, ISPs today must have the ability to detect and surgically remove only the attack traffic while maintaining legitimate business traffic – thereby ensuring the highest level of customer satisfaction.

“ISPs are currently waging a multi-faceted battle as they face increased cost and revenue pressure, along with multi-threaded attacks that are growing in size, frequency and sophistication. The good news is that through improved communications and information sharing in the operational security community – this report included – the service provider community will be better prepared for the fight against internet threats today and in the future.

“The growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and infrastructure investment. And, while most ISPs now have the infrastructure to detect bandwidth flood attacks, we found that many still lack the ability to quickly mitigate these attacks; only a small percentage of the providers we surveyed said they have the capability to mitigate DDoS attacks in ten minutes or less.

“What's even more concerning is that even fewer providers have the infrastructure to defend against service-level attacks or this year's reported peak of a 40 gigabit flooding attack. This is an area of weakness for operators that can be exploited quickly.”

New Online ID-card scheme to reduce password headaches

TECHNOLOGY : New Online ID-card scheme to reduce password headaches

Can Equifax succeed where OpenID failed?

By John Leyden

15th November 2008

http://www.theregister.co.uk/2008/11/15/equifax_i_card/

Credit reference agency Equifax has launched an online identity card scheme that aims to reduce consumer security and password headaches.

The Equifax online identity card or I-Card, launched as a beta on Thursday, is designed to make to make online transactions easier and more secure. Users of the i-card will be able to log into sites that support the technology without filling in forms or keeping tabs on multiple passwords.

I-cards would be used to access websites without the need for users to remember passwords. Consumers personal data such as their purchase preferences, payment, or verified identity information might in future be included on the card, making it an online loyalty and authentication card combo the allows one-click shopping. Information management company Parity worked with Equifax to develop the I-card, released to beta testing this week as one of the first cards of its type.

If it takes off the online identity card scheme might reduce the need for ecommerce firms to retain customers' personal data. The scheme aims to offer the online equivalent of a driver's license, passport, or similar ID real-world identity check.

That's a lofty aim. Equifax is a member of the newly established industry group, called ICF (Information Card Foundation), set up back in June to promote internet-enabled digital identities using information cards. Other firms signed up to ICF include Deutsche Telecom, Equifax, Google, Intel, Microsoft, Novell, Oracle, and PayPal.

While the scheme has heavyweight backing its perhaps wise to remember OpenID, a federated authentication scheme for the net, also boasts many high profile backers. OpenID was touted as a way to use one account across multiple web services. Anybody who has a Yahoo! account has an OpenID but the service is far from straightforward to use.

An even bigger problem is that some of the larger firms involved in OpenID issue identities themselves without allowing credentials issued by other participants to work on their websites, defeating the purpose of the scheme. Google, Yahoo!, and Microsoft have all been guilty of this so that you can't use a Yahoo! issued openID to log into Hotmail or a Microsoft ID to log into Picasso.

The online identity card scheme does include more electronic wallet-type features, which might make a difference in stimulating e-commerce takeup among ecommerce suppliers that could help the scheme get off the ground. Microsoft's Geneva federated identity scheme supports the project, which is gaining momentum, though whether it will avoid the political squabbles and incompatibilities that have blighted OpenID remains unclear.

The Equifax I-card comes free of charge.

Spam volumes drop 75 percent in a day

RELIEF : Spam volumes drop 75 percent in a day

Dan Raywood

Nov 14, 2008

http://www.securecomputing.net.au/News/128340,spam-volumes-drop-75-percent-in-a-day.aspx

A web-hosting firm that reportedly was responsible for some 75 percent of worldwide spam has been knocked offline.

Following reports from Brian Krebs of The Washington Post on evidence gathered about criminal activity emanating from the McColo, the California-based company was switched off by its upstream providers, Global Crossing and Hurricane Electric.

McColo was providing hosting capabilities for a number of unscrupulous cybergangs, the newspaper reported. These syndicates were responsible for managing botnets, selling pharmaceuticals, hawking rouge anti-virus programs and dispensing child porn.

When the company disappeared, the woldwide volume of spam saw a dramatic drop. The drop in activity was detected by researchers at Cisco's IronPort, which reported a decline of almost two-thirds of overall spam volume.

At first, analysts thought it was a technical problem, but on further investigation realised the drop occurred at the same time McColo was shut down, as reported by The Washington Post on Tuesday evening.

“It started with finding the people who hosted networks that sent spam and within seconds of it being turned off the amount of spam being sent had dropped,"

Jason Steer, an IronPort spokesman, said." We know that over 200 billion spam messages were sent every day before this, and after it was switched off we thought there was a problem with the system because of a drop in spam.”

There have been parallels to this in the past, and the spam levels were not affected in the long run, experts said.

"Another hosting provider, Intercage, hosted many spam botnets," IronPort product manager Nilesh Bhandari said."

It was shut down and we noticed spam volume decrease immediately. But a few days later, the volume was back to where it was before. So I think McColo, like Intercage, will just find another upstream provider."

Steer added: “I think that this will lead to a temporary lull, as the amount of money made is significant. I expect that there will be a drop in the amount of spam for a week or two but we won't see this lasting for a long time.”

Many observers had long noticed that there was a massive amount of malicious activity at McColo, including command-and-control centers for botnets.

"This botnet has been well known for a while as the criminals had been able to set up a legitimate business at the front end, and if the police were to ask them about it, they can say that ‘it was one of our customers that did it and it wasn't our problem," Steer said.

FireEye's Chief Security Content Officer Fengmin Gong said: “McColo, in light of all the activities observed, hardly did anything to address the issues that were discovered.”

As of Thu rsday morning EST, McColo's website remained inaccessible, so a representative there could not be reached for comment.

Japanese hacker arrests doubled in 2007

GROWTH : Japanese hacker arrests doubled in 2007

by Andy Carvell

November 11, 2008

http://www.geek.com/articles/news/japanese-hacker-arrests-doubled-in-2007-20081111/

In Japan, where crime is generally very low, computer crime appears to be booming. The Japanese Ministry of Justice have released figures showing that arrests relating to unauthorized access of computers doubled between 2006 and 2007.

A white paper released by the ministry shows that there were 1,442 arrests for computer access violations in 2007, up from 703 in 2006. Arrests for crimes involving computers totalled 3,918 in 2007, up 9% on 2006. Of this 3,918, 165 were for copyright violations (up 11% on the previous year), 192 for child pornography (down 24%), though arrests for child prostitutes soliciting or solicited online rose 19% from 463 to 551.

These figures will not include the case of the Japanese woman who was recently arrested on suspicion of hacking her virtual husband’s Maple Story MMO account in a fit of rage after he ‘divorced’ her in the virtual world.

Given these trends, it seems the Japanese law enforcement agencies will need to keep computer crime squarely in their sights.

This Day in History

Thanks for your Visit