Posts Tagged security
Sandbox technology, what is it?
Posted by Daniel Snyder in Computer Security on August 16, 2010
Sandbox technology is something that is getting more and more publicity lately, but still many individuals and particularly your average home user don’t really know much about it. Since the infocarnivore blog focuses on the simpler side of security with the aim of assisting individuals who aren’t computer security experts I thought I’d write a brief post outlining sandbox technology.
What is it?
Today’s Sandbox technology as it relates to computer security is simply put a method of separating running programs from each other. It’s not to be confused with the Sandbox Effect related to search engines, or Sandbox Technique used by software development companies. A security sandbox is essentially a virtual environment where programs can run safely without having an effect on the overall system. This is especially useful when browsing the web or testing an untrusted program from perhaps an unknown or untrusted source.
Sandboxie
A popular program that is available in a free version is Sandboxie which creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. The below image from the sandboxie website gives a perfect visual of sandbox technology when used in the context of browsing the web.
VMWare
Another solution is the VMware Workstation 7.1 – The Gold Standard in Desktop Virtualization (Click Here) which utilizes the same technology but is a little more advanced in features than Sandboxie, and is more of an enterprise or corporate solution as they have sandbox technology features for creating virtual desktops, virtual servers, and other management solutions.
VMWare download: VMware Storefront Homepage VMware
For You, the Home User
The simplest way of defining a sandbox is that new data (which could potentially include malicious threats) is separated from your critical system files and stored in the ‘sandbox’ where it can be dealt with appropriately. If there is a threat it is isolated from making any destructive changes to your system. Perhaps now you can see how this technology can be useful. In the corporate and enterprise environment there are many other applications and uses for sandbox technology, but for You, the home user the most basic of solutions is protecting you from online threats such as malware, spyware, rogue antivirus products, or potentially malicious web links.
Now that you know do you think you’d give Sandbox technology a try? Leave a comment with your experiences or thoughts.
Kaspersky agrees, here comes Microsoft
Posted by Daniel Snyder in Computer Security, Security News on August 9, 2010
In my most recent post: “MSE about to become major player in Antivirus solutions“, I discussed the looming changes that are taking place in the antivirus industry as Microsoft Security Essentials begins to gain recognition and prominence. Shortly after writing that post I got some feedback as well as stumbled upon a few new articles and it looks as though Eugene Kaspersky agrees the anivirus industry is undergoing some big changes right now and in the near future. The information security specialist and founder of Kaspersky Labs is anticipating several big changes that will force antivirus vendors to adapt and one of the biggest changes is that software giant Microsoft is making a push to grab a big portion of the antivirus industries market share.
More criminals on the web
The changes that are taking place in the antivirus industry are not sudden or unexpected, malware writers are getting increasingly more creative and aggressive. The internet grows and therefore the number of criminals on it grows also. Governments and law enforcement agencies are struggling to come to terms with the cyber security plans and security jobs are in high demand and expected to only increase. In years back security vendors had only to focus on viruses and early trojans, malware did not exist for criminal intent until more recently. Now that there are huge profits to be made, malware writers focus their energy more on stealing confidential information and using it to make a profit instead of focusing on notoriety as they once did. Viruses are no longer developed for the express purpose of destroying data or crashing computers as they once were. Major threats today include keyloggers, rogue products, phishing attacks, worms and adware (among many others).
Microsoft seriously focused on security solutions
Along comes Microsoft, Kaspersky acknowledges “Microsoft is going to be seriously focusing on the security solutions market; this will include developing antivirus solutions.” Enter, Microsoft Security Essentials. Kaspersky goes on to say “The software giant’s entry will undoubtedly have an impact on the best-known industry players and the current market share of antivirus companies is likely to change radically. Naturally, each company will be affected in a different way. For some, it will come as a heavy blow, while others will barely be affected and yet others will welcome Microsoft’s arrival on the market.” Companies will adapt of course and pursue different technologies as they continue to compete, as sandbox technology becomes more popular we are likely to see it breaking into mainstream as well. Everything changes and marketing still plays a huge role in who’s product is most popular. People are naturally brand loyal, so we will see what the future holds.
For myself I found it initially hard to trust a product like Microsoft Security Essentials since security has not been one of Microsoft’s strengths in the past. However this is clearly changing as we see endless positive reviews of MSE and the integrity and strength of Windows 7 are clearly strengthening Microsoft’s reputation in this area. If you’d like to read more about Eugene Kaspersky’s anticipated changes in the antivirus industry (which are happening now) you can read his article here.
Perhaps you have an opinion or observation about the current changes that the antivirus industry is undergoing, feel free to share your opinion openly here, your comments are appreciated.
No longer can Mac users claim they are safe
Posted by Daniel Snyder in Computer Security on July 24, 2010
I have always preferred PCs over MACs. The first computer I started on however was an Apple ][e followed of course by the Mac Classic. Shortly after that I discovered PC’s and MS-DOS and I was hooked. Over recent years I’ve had numerous debates and conversations with individuals over which system is safer, Mac’s or PC’s?
Mac’s less susceptible to malware?
I think the general perception is that Mac’s are safer, but I don’t believe that the general public sees the whole picture. Apple would love for us to believe that they are dominantly better when it comes to security, and most people think they are less susceptible to malware with a Mac. Is this an accurate picture? Looking at the most current operating systems for both machines (Windows 7 and Mac OS X) it seems that the majority of security experts agree; one or the other there isn’t a big difference. Paul Kocher, president and chief scientist at Cryptography Research is quoted as saying, “The fair answer is that with the latest versions of each operating system there isn’t a compelling security reason to pick one or the other. It used to be that Apple was doing a better job, but with Windows 7 Microsoft has caught up.”
The biggest concern for the average home user is the threat of being infected with a virus. With this in mind I can understand why the average user thinks Macs are safer. Simply put there is not the same number of malware threats for Macs as there are for PCs. Mac’s hold only about 10% of the market share (Some sources say as low as 5.8%), for that reason alone the hackers that are writing malware are investing their time in targeting PCs, it’s simply a bigger market. Charlie Miller, a principal analyst at consultancy Independent Security Evaluators, says “At some point the market share of Macs will reach a threshold to interest attackers, and then things will quickly turn bad for Mac users.”
Thinking of buying a mac?
If you’re thinking of buying a mac (and the reason I mention this, is because I have a few friends who are considering making a switch), then determine what’s motivating the switch and why. You must be aware that you are dealing with two platforms that will always have vulnerabilities. There is no impervious system. They both need to be updated and patched on a regular basis, they both have bugs, and they can both be exploited by hackers when zero-day’s are found.
My favorite quote on the topic comes from Joe Stewart, director of malware research at SecureWorks: “The answer is ‘for the average user, at this moment in time it is less risky to use Mac OS than Windows.’ The paradox is, by promoting that idea we’ve just made Macs a little less safe, since we are potentially increasing Apple’s market share by a tiny fraction, making it more of a viable target over time. Fundamentally Mac and Windows suffer from the same weakness–human programmers make mistakes and users are easily social-engineered. Whichever platform has the most users is ultimately the riskiest to use.”
I think Joe says succinctly what I’ve been attempting to communicate in numerous conversations with friends. Mac’s will not always be as safe as we currently think they are. And the tide is probably turning soon.
Threats will always exist for both systems
Malware will not go away, and it is only going to increase on the Mac side of things. Currently researchers are identifying over 50,000 new malware samples a day on windows systems, so it would be logical to gravitate towards a mac strictly based on current risk of threat. For me it’s just not as fun, tackling malware and cleaning up computers is a fantastic hobby for me. Still nothing beats good old fashioned common sense, if you have some that is. Social-engineering threats exist on both platforms, and if you don’t browse safe you’re liable to click on that threat and invite the malware right into your home, maybe giving away some critical personal information in the process. It happens every day.
An excellent article with more quotes can be found on CNET, PC vs. Mac in Security: Experts Share their opinions.
As well Paul Henry recently wrote an article titled Yes Virginia, Mac’s Can Get Viruses, read it on his blog.
So fill us in, what platform do you feel most secure on?
Keep your wordpress blog malware free
Posted by Daniel Snyder in Malware Info on June 26, 2010
Hackers are always on the lookout for vulnerable websites. It is important to keep your wordpress blog up-to-date and protected. Improving WordPress blog security requires a combination of vulnerability detection, attack blocking, and scanning. I recently discovered WP-MalWatch which is a useful and effective WordPress security plugin. This simple to install and use plugin scans your wordpress blog on a nightly basis and alerts blog owners of potential malware or other evidence that might show their blog has been compromised.
I was particularly impressed with the nice widget this throws on your dashboard, which provides details and a quick synopsis letting you know the status of your blog. Good news is my most recent scan says that “my blog is clear of signs of malware“.
WP-MalWatch supports:
- Scanning the Uploads directory for PHP files. (symlink friendly)
- Scan entire installs for multiple .HTACCESS files (symlink friendly)
- Dashboard Widget
- Report Page
Download here or check out their website.
What’s your thoughts on blog security? Leave a comment, perhaps you use other plugins and or software. Opinions and ideas are encouraged here.
Identity Theft and Password Security.
Posted by Daniel Snyder in Computer Security, Password Advice on June 21, 2010
Via: Online MBA
Some stats on Internet Crime
Posted by Daniel Snyder in Security News on June 21, 2010
In 2009 the Internet Crime Complaint Center (IC3) Web site received 336,655 complaint submissions. This was a 22.3% increase over 2008. The total dollar loss from all referred cases was $559.7 million with a median dollar loss of $575.
During 2009, email scams that used the FBI’s name was the offense most often reported to IC3, comprising 16.6% of all crime complaints. Non-delivery of merchandise and/or payment represented 11.9% of complaints. Advance fee fraud made up an additional 9.8% of complaints. Other top 10 complaint categories included identity theft (8.2%), overpayment fraud (7.3%), miscellaneous fraud (6.3%), spam (6.2%), credit card fraud (6.0%), auction fraud (5.7%), and destruction/damage/vandalism of computer property, (i.e.,“computer damage,” 4.5%)
Not surprising USA ranked highest with the number of perpetrators of cyber crime at 65.4%, the UK followed at 9.9%, and interestingly enough Nigeria was in third with 8.0% (looks like the old Nigerian email scam is still going strong!)
Hitman Scam
One of the more intriguing scams of 2009 was the “Hitman Scam,” a type of email extortion scheme. Victims are reportedly being threatened in an attempt to extort money. The victim receives an email from a member of an organization such as the “Ishmael Ghost Islamic Group.” The emailer claims to have been sent to assassinate the victim and the victim’s family members. The emailer asserts that the reason for the impending assassination resulted from an alleged offense, by the victim, against a member of the emailer’s gang. In a bizarre twist however, the emailer reveals that upon obtaining the victim’s information, another member of the gang (purported to know a member of the victim’s extended family) pleaded for the victim’s pardon. The emailer alleges that an agreement was reached with the pleading gang member to allow the victim pardon from assassination, if the victim takes some action such as sending $800 to a receiver in the United Kingdom for the migration of Islamic expatriates from the United States. Victims of this email are typically instructed to send the money via Western Union® or Money Gram® to a receiver in the United Kingdom. The emailer often gives the victim 72 hours to send the money or else pay with his/her life.
Fake Antivirus (Rogue products)
Of course high on the list was pop-up ads for fake antivirus software. Victims reportedly receive ads warning them of the existence of threatening viruses and/or illegal content allegedly found on the victim’s computer. When victims click on the fake pop-ups, malicious code is downloaded onto their computers. Victims are directed to purchase anti-virus software to repair their computers, but in some instances this resulted in viruses, Trojans, or key loggers downloaded onto their computers. Attempts to contact the anti-virus software companies were unsuccessful
Don’t be an internet crime victim, to test your practices check out: LooksTooGoodToBeTrue.com Here you can learn about all the different types of online frauds you may be susceptible to.
All statistics in this post taken from the 2009 IC3 Report. (IC3) is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA).
Security trends for 2010 : Be watchful
Posted by Daniel Snyder in Security News on June 13, 2010
Security of IT infrastructure means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. The next year, 2010 will be the year of constant change. Also, adoption of cloud computing, social media, 3G/4G, web based apps and virtualization technologies will require more security concerns due to emergence of new cybercriminal methods such as ransom-ware and Crime as a Service will threaten the enterprise segment at large.
The feature here discusses about various security trends for the upcoming 2010.
Security with Antivirus is not appropriate in Virtual-clouds
At present, various organizations are adopting cloud-based services that open them to many risks and infections as data travels to and from protected networks through a public pipe, creating many more opportunities for data infection or theft. Therefore, such organizations should consider suitable security measures to counter the issue.
Further, the much hyped virtualization technology, which allows companies’ business application to be managed by host’s hardware, will be a key in securing virtual movements on the servers. Hence, the increment in the malware activities during 2009, the industry should realize that the traditional approach of antivirus is not sufficient for such threats.
Social Engineering: A Major concern
Social engineering is the act of maneuvering people into performing actions or divulging confidential information. Various web criminals adopt such practices and never come face-to-face with the victim. Therefore, security companies like Symantec has suggested that such practices will surely increase in 2010.
Microsoft’s Windows 7
Microsoft’s Windows 7 is the most secure version from the software giant’s desktop operating system. However, the company had already released the first security patches for it. But, as always there could be some security lapses in the software, which can be exploited by hackers. Therefore, the Windows 7 could be a major focus in 2010.
Hype in Social Networking Apps
Today, various people are just crazy about social networking. But recently, Facebook users had discovered that on various quiz apps, they are providing vast amounts of personal information on the networking site.
Further on Facebook, users can load third-party applications, which are the simple widgets that are adding sparkle to friends’ profiles. After the user is allowed to install the widgets, these apps are displayed as small icons on the profile. However, it is found that sometimes these apps are compromised with viruses. Therefore, in 2010, the apps on the social networking would be of prime concern.
CAPTCHA Technology
CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. To fight against spammers and web attackers, which works in automated modes, the CAPTCHA technology will help the industry in 2010.
Win32 Conficker worm
Conficker worm had attacked defense computers in Britain and France besides German military systems in February, 2009. After that it is reported that Conficker C or April Fool’s virus will hit the world on April 1. However, a Conficker worn was discovered on April 7 called as Conficker E. Microsoft had announced that it will offer $250,000 to the person who will provide information about the culprit, but the investigation is still continuing. Hence, the Conficker worm would be a major concern for the next year.
CaaS vs. SaaS
SaaS or Security-as-a-service will offer services to protect against cyber-risk, but now cyber-criminals recasting the SaaS model to implement their own CaaS (Crime-as-a-Service approach).
Welcome & About Info Carnivore
Top Commenters