Theft Of Digital Personal Data – A Rising Issue

We have been seeing many high-profile data breaches, hacks and cybercrimes over the past six months which are directly affecting the innocent users. Many users do not even realize how conveniently hackers get their sensitive personal information without breaking into their homes. It seems that user’s data is more vulnerable than anyone is ready to admit. In the recent past we have seen that hackers are easily getting access to our login details, our bank account or credit card number, and other valuable identifying data.

All the users today are worried about their data available online. There may be many of us who would be thinking about how our personal data reaches these hackers. And what can we do to protect it. Here are the primary ways through which hackers get access to our data.

  • One way that data leaks is through Trojans or other malware that enter our computer while we are surfing or accidently downloading files from the web. In such situation, hackers can easily access all the data stored in the computing device.
  • We may unknowingly install certain malicious apps or software without going through the “access rights” clearly.
  • Moreover a lot of our information is present on the social networking platforms that help hackers in a big way. There are various friendship and romance sites that lure users to give out their personal details and in return become a victim.
  • In many situations, we unknowingly visit fake shopping websites and produce our personal data to the hackers.
  • Hackers send malicious attachments through emails directing users to a malicious webpage which entice the user to provide sensitive information. Hackers use this information to steal our financial data, access our financial accounts, transfer our account balances, access our personal email account, open a new bank accounts, make purchases, apply for loans and much more.
  • Additionally, hackers also get data from lost or stolen laptops, removable storage devices, or even from paper records containing personal information.

What can a user do to ensure the safety of his online details? To minimize the risk of becoming a victim, there are some basic steps you can take.

  • Enable firewall in your computer system to ensure you are secure on local networks and the Internet.
  • Update your system with the latest antivirus software such as eScan that provides enhanced protection against evolving internet threats.
  • Before installing any program or software conduct a background check on various forums via search engines to understand the problems faced by the customers of the site in question and then act judiciously also do through research about the reputability of the company that is selling the program or software.
  • Never keep an easy password based on personal information for your online accounts. Use a combination of letters, numbers, and special characters.
  • Be suspicious of URLs sent in unsolicited email or text messages.
  • Do not provide sensitive information through email, and use caution when clicking on links in email messages.
  • Regularly check your accounts for any unusual activity.
  • Before providing personal or financial information, check the website’s privacy policy.
  • Monitor your child’s online activity to protect him/her from online danger and consider implementing parental controls in your computer, tablet and mobile. Additionally, parents need to educate their kids about the online dangers too.
  • Do not install mobile apps before understanding the “Access Rights” required by it.
  • Split your emails, rather than connecting Facebook, Twitter, newsgroups, shopping and banking sites to one email address.

Use free eScan toolkit to see whether your system is infected or not. Free eScanAV Anti-Virus Toolkit (MWAV): http://www.escanav.com/english/content/products/MWAV/escan_mwav.asp

Posted in eScan 11 | Leave a comment

Heartbleed Bug – Dangerous Security Threat Ever Seen

In a past few days we have been hearing the term Heartbleed over and over again. The question is, what is it? And why is it so dangerous?

Heartbleed is not a virus, but rather a mistake written into OpenSSL— open-source software for SSL implementation across the Web.  It is a security vulnerability in OpenSSL software that may affect nearly two-thirds of websites online and allow hackers to access data servers that may contain username, password and other sensitive information.

With the disclosure of a bug in OpenSSL’s implementation of heartbeat, it is no longer necessary for cybercriminals to hack into the server to steal the credentials or private keys. An easy execution of a small code will provide them with wealth of information just by exploiting the vulnerability in OpenSSL. While this is happening, the server admin will never know that their server has been exploited and how much of the information has been leaked by the exploit.

Security researchers found out that an encryption technology SSL/TLS that helps in providing communication security and privacy over the network for various applications viz. web-based applications, email and VPN had this security flaw. This encryption technology that used to safely transmit e-commerce transactions, email, social networking data and other Internet traffic was affected by Heartbleed and this security flaw was enough for hackers to access user’s sensitive personal information.

This vulnerability allows anyone to steal the information which under normal circumstances is protected, by the SSL/TLS encryption. Therefore, attackers can steal a server’s digital key which is used to encrypt data and get easy access to an organization’s sensitive documents.

Security researchers also add that this newly discovered security vulnerability is extremely dangerous as it remained undiscovered for more than two years. However, Wolfgang Kandek, chief technology officer for Redwood City security company Qualys said that, it still remains unclear if hackers have taken advantage of the flaw to steal sensitive data from vulnerable sites.

Researchers at Codenomicon say that OpenSSL is used by two of the most widely used Web server software, Apache and nginx. This means a lot of internet sites would possibly have this vulnerability.

Kandek added, many affected websites will now have to have their encryption keys recertified as safe. That’s because even after fixing the flaw in their software, unsafe keys can easily allow hackers to steal sensitive personal information.

Moreover, every website / server / service admin, who uses OpenSSL should be concerned about this vulnerability as it breaks everything for which SSL encryption was deployed in the first place.

So what are the things, a user should consider?

  • Change your passwords only after the affected online service provider has updated their servers in order to compensate for the Heartbleed vulnerability.
  • Services which are affected are ought to be sending emails to users and informing them, that they were affected by Heartbleed and have since updated their servers.
  • Only when you receive this update, change your password, otherwise it will not have the expected outcome.
  • But, if the website has already been compromised, and it is still to fix its software then you should wait to change your password.
  • If you are doubtful about a website’s status and whether it is compromised or not, you can check it by using Heartbleed Vulnerability test.
  • As phishing attacks are continuously increasing, some hackers may provide you with links to change your password. To ensure complete safety, manually go to the website yourself, log in and then change your password.

Few tips for changing your password:

Deploy a Password Manager: Password managers try to solve that problem by helping you generate random passwords for each account.

Create unique passwords: Each website should have its own unique password. Password should be at least eight characters long. It should contain uppercase and lowercase letters numbers and symbols.

Enable dual-factor authentication: (Gmail is one service that does so) In addition to a password, the service requests for another identifying information, such as a code that’s been texted to you.

However, to check if your favorite online store/bank is compromised by the OpenSSL Heartbleed Bug, take the Heartbleed Vulnerability test by clicking here.

Last but not the least, for complete security of your personal data stored in your computing device and for uninterrupted computing experience install eScanTotal Security Suite with Cloud Security.

Posted in eScan 11 | Leave a comment

Your Office Documents Are At Risk From The Latest Malware – Crigent “Power worm”

Making use of a contaminated Excel/Word file, a new malware family named Crigent enters the system of a targeted user. Crigent, which is dropped by other Malware hides in the infected Word or Excel documents. Using a scripting tool named Windows PowerShell, Crigent Worm easily performs its regular operations and successfully hides itself from network administrators.

When the infected file is opened, right away it downloads two additional components from online anonymity projects:  the Tor network, and Polipo, a personal web cache/proxy. It then communicates with its command and control server through these softwares. The server gives Crigent the PowerShell script that helps it upload details of the attacked PC onto its CnC server.

At the same time, Crigent gives different file-names to the infected files and also hides the place identifications where they’re hosted, within the DNS records. The attacker uses authentic cloud files for storing the files’ duplicates such as the OneDrive and Dropbox cloud hosts. This further helps the attacker to hide the worm’s activities from network admin.

Moreover, using a PowerShell script code, the following information of the user’s system is sent back to the C&C server:

  • IP Address
  • Country code
  • Country name
  • Region code
  • Region name
  • City
  • Zipcode
  • Latitude
  • User account privilege
  • OS version
  • OS architecture
  • Domain
  • OS Language
  • Microsoft Office applications
  • Microsoft Office versions

The downloaded PowerShell script can infect other Word and Excel documents too. It also disables the ‘alerts’ and ‘macros’ of the Word and Excel docs to be infected, so that the users are not alerted.

It then converts any existing .docx and .xlsx to the infected .doc and .xls formats, respectively, and cleverly deletes the content of the original file. Now, when the user opens any of these files, Crigent will restart the infection chain.

However, to detect the presence of CRIGENT within a network, the presence of Polipo and Tor within an internal network should be first taken into consideration. This is something that network administrators should easily detect so that the users stay protected against CRIGENT and other threats that uses TOR.

Nevertheless, to see whether your system is infected or not, use the Free eScan tool kit from here http://www.escanav.com/english/content/products/MWAV/escan_mwav.asp

Ensure total protection with eScan Security Solution and enjoy a worry-free life.

Posted in eScan 11 | Leave a comment

Do You Know, Malware Is Damaging Your Computer System!

Writing malwares is not a tough task, and hundreds of them creep in almost every system. It’s true, these days Malware is becoming an epidemic. You can find it everywhere in the cyber space and on almost all our computers. It’s no surprise that malware easily enters our computer and destroys our data and system. There are numerous ways a computer can get infected with Spyware, Viruses, and other Malware.

As Malware is becoming even more discreet, your computer could be infected and you may not even know it. Malware can be accidentally downloaded to your system from various programs files, Internet, or email attachments. They can also enter your PC via security holes in your operating system.

Although hackers target Windows operating system the most, Macintosh computers can still be vulnerable. Apparently, Macs were infected with the Mac Trojan Virus called “Flashback.” In the past also, Trojans have entered the computer system of Mac users. This proves that Malware is not only infecting Windows operating system but also Macintosh computers.

Moreover, hackers sometimes influence you to download fake antivirus software that claims to safeguard you against Malware; this fake security software when downloaded onto your system might damage your computer or even steal your personal information.

Besides this, there are many other ways through which Malware infects a computer system; some of them are as follows:

  • Social networks: Social Media at home as well as in the workplace represents a serious security risk. Spyware, Keylogger, Password cracker and Kazy Trojan via Adware infects your computer through social network.
  • Email: Spam emails and phishing attacks remain an ominous threat to consumers and businesses around the world. People open email attachments and accidently download Malware onto their system.
  • Web-based threats: Web-borne Malware attacks are becoming nightmare for almost everyone.  Such incidents are frequently seen in most organization’s IT network.
  • USB infections: There is always a potential IT security risk through removable media like USB sticks that infects the computer with Autorun.inf virus.
  • 3rd Party Applications:  A download of an unfamiliar third party website on your system can result to a serious security threat. Many organizations see a potential rise across 3rd party applications vulnerabilities within their IT environment.
  • Peer-to-Peer networks: Malware writers are continuously targeting P2P networks to spread infection.  Most of the times users download malicious software through P2P which carries Trojans and other malicious Adware.

Sources of Malware infection

Unless you are completely protected, hackers can gain access to almost anything stored on your PC through malicious programs.

Fortunately, your system can be protected from these malware attacks by following the right steps.

  • Update your system with the latest antivirus software such as eScan that protects your system from all kinds of Malware attacks.
  • Enable firewall in your computer system to ensure you are secure on local networks and the Internet.
  • Before installing any program or software do through research about the reputability of the company that is selling the program or software.
  • Do not open an email attachment sent from an unknown sender, open it only if you are positive about the source.
  • Avoid clicking on any pop-up that appears, especially pop-ups which are displayed on an unknown website.
  • Before downloading any freeware or shareware programs do a deep research because these software and program often brings in Spyware and Adware programs.
  • There are few websites that automatically downloads Malware onto your computer, beware of such questionable websites.
  • Keep your computer’s security settings to a higher level. Configure your computer’s AV settings to perform automatic system updates.
  • To see whether your system is infected or not, use the Free eScan tool kit from here http://www.escanav.com/english/content/products/MWAV/escan_mwav.asp

Secure your computer with eScan range of Security Solutions and enjoy a worry-free life.

Posted in eScan 11 | Leave a comment