In 2012, the company found malicious e-mail attachments on almost 3 million computers and detected 7 million Key-generators. We all know that the activation key generators or serial key generators that users install with “free” paid software or games often come loaded with malwares. But who cares? as long as we get to use paid software’s for free. Here comes the worst situation. Every time you download a Key-gen, your Antivirus flags it as a malware. Inspite of this warning we are always ready to run these small piece of software containing malware.

Read Also: Do you download Free Softwares from UN-OFFICIAL websites?

As far as email attachments are concerned, We do ignore SPAM emails unless we encounter luscious emails from dating websites or may be from hot Russian girl who is interested in you. Often these kind of emails will include malicious viral attachments or link to dangerous websites. The Email Spammers are increasingly using psychological temptations such as love, money and lust to encourage innocent users to activate malicious code.

Most users don’t have antivirus because either the trial period has expired, the software is out of date or it was disabled by malware. Some may also not realize the importance of antivirus so they don’t install it in the first place. Due to this scenario people easily fall prey to these kind of attacks.

Microsoft representatives said:

“An antivirus or antimalware product that offers real-time protection is one of the most crucial defenses a computer user has against these and other malware distribution tactics, Unfortunately, many computers are not protected by real-time antimalware software”

According to Microsoft, A person in the enterprise is more likely to encounter attacks through the Web than any of the network worms. The Report also showed that the Conficker and Autorun worm infections are declining, but web attacks are on the rise.

[ * ] Conficker is a worm that started spreading among enterprise desktop systems in 2008.

How do i protect myself?

1. Immediately get yourself a good Antivirus that has Real-time Internet Protection.
   ex: Kaspersky Internet Security.
2. Although Antivirus’s provide protection against Autorun viruses, Its always a good Idea to trust someone who has better knowledge about these kind of viruses.
   ex: Zbshareware USB Disk Security.
3. Always ignore SPAM emails.
4. If you need to Run keygens, always run them in Virtual environment (VMware)
5. While Downloading free “paid software’s” via Torrents, always make sure you read the comments on that torrent and Observe the number of Seeders.

Don’t have Antivirus installed? You are 5 Times More Likely to Get Malware! is a post from: facebook hacking and email hacking - hacker9

//- “Computer Killer” (Hawaii Five-O, 1975)—A murderous technician using an automatic coupler to enter false information into the databases of airlines and other places.

//- “Trapdoors” (Simon & Simon, 1981)—A precocious teenage boy is caught using his home computer to make fraudulent bank withdrawals. The bank manager then tries to get him to steal millions from the bank.

//- “The Case Against George Frankley” (Mathnet, part of Square One TV, 1987)—We learn that, before the episode began, George sent two brothers to prison for using their home computer to change their bank balance and withdraw the difference. They were caught when the bank computers were programmed to check for any signs of outside tampering.

The first computer virus was created in 1984 by computer scientist Fred Cohen as part of his thesis paper, and the underlying idea behind these malicious programs goes back as far as 1949, when the eminent John von Neumann published his “Theory of Self-Reproducing Automata.”

So much for the computer history lesson. Now, in today’s era of the Internet, when we have all sorts of categories of “malicious software” that go by such names as viruses, Trojan horses, rootkits, malware, backdoors and spyware, of which countless are released each day, the need for computer security has increased thousandfold. This article will deal with a number of aspects of the subject, including malware analysis, Virtualization security, vulnerability assessment and management, application security, pen testing and mobile security.

Malware Analysis

The basic purpose of malware analysis is to come to an understanding of the ways in which a particular kind of malware works in order to be able to create the appropriate defenses against it. Such analysis consists of answering two questions: How did the computer come to be infected with these piece of malware, and how exactly does it threaten the system? Once both these questions have been answered, it is naturally simply a matter of eliminating the malware from the system. This is sometimes possible without the necessity of rebuilding the entire system from scratch. But these cases are more the exception than the rule – especially with rootkit attacks, a complete system overhaul may be the only viable remedy. Those responsible for the rebuilding have the responsibility of making sure that the backup system or the rebuilding media have not also been compromised.

Virtualization Security

Virtualization brings some security benefits with it, but it also brings risks, and cloud security is becoming a major area of software design in its own right. The more important components of virtualization security, however, include being careful about what data is shared on the cloud, as anyone can access it.

Vulnerability Assessment and Management

“An ounce of prevention is worth a pound of cure” is more true in the field of computer security than it is in many other areas of life. That is why we have specialists who analyze the various components of computer systems in order to determine which ones are the most vulnerable to malware and designing ways to protect the high-priority spots. One vulnerability assessment solution, created by IntiGrow, addresses the core components of an organization “aggressively,” with proactive risk management being the key weapon in the battle against malicious software.

Application Security

Application security lasts throughout the lifetime of an application. It consists of preventing design and deployment from causing exceptions from occurring in the security policy. An application has no control over what resources are granted to them, but they do have control over those resources. To effectively engage in application security, one has to fulfill three tasks – knowing what the threat is, securing the network and the host in addition to the application itself and making security part of the software development process. All these things, and more, are described in detail in the book Improving Web Application Security.

Pen Testing

“Pen test” is short for “penetration test.” The term refers to when technicians deliberately introduce malicious software into a computer as a test of the effectiveness of its security system. This is analogous to the tests that the installers of home security systems often perform on them—if it cannot be breached even by the technicians who put it in, then it is indeed impenetrable.

Pen tests can be used to assess the most vulnerable areas of the machine. They can also identify vulnerabilities that would be extremely difficult or even impossible to detect by other means, such as vulnerability scanning software. A complete security audit always includes a pen test.

Mobile Security

Up until now we have been discussing only desktop security. But a mobile phone is essentially a computer that has been scaled down to the size of a cellphone, and as such it is subject to essentially the same threats described above—indeed, phone hackers often use their victims’ phones to make calls that result in huge bills. For that reason it is important for everyone who has a smartphone to be informed in how to keep it secure. This includes keeping everything password protected and installing a lock device that will cause the phone to “lock up” if an unauthorized user gets hold of it, and stay that way unless the owner himself unlocks it.

Ryan Fahey is a security researcher for InfoSec Institute. InfoSec Institute is a computer security training company that offers a diverse line up of relevant information security courses.

Stepping into Security: A General Introduction is a post from: facebook hacking and email hacking - hacker9

The use of devices like smartphones and tablets for accessing internet seems to be increasing with every passing day. Hence it’s important to remain alert all the time pertaining to these emerging internet security threats. Also, there are few security threats, which have been over the web since decades and are never going to go away from the world of internet. Let’s look at some of the top internet security threats, which will remain over the web.

Phishing

This is entirely an online threat. Today, you will find the phishing scams more convincing than before and are usually delivered through the updates found in social networking sites whose security is successfully compromised. With the help of phishing techniques, the cyber criminals are able to send out messages to a huge amount of people all across the world in just a short span of time. Even with a small success rate, the cyber criminals are able to spell out for huge profits via phishing.

The Piggybacking Legitimate sites

These websites have been present over the web as a big internet security concern from long. As more and more number of sites today relies over the third party advertisers to make profit, the cyber criminals are able to develop a sophisticated method to leverage the third party advertisers. This helps to display a number of malicious ads put by the cyber crooks for their own vested interests. Though you will find their deployment methods are consistently changing, more and more cyber crooks are finding out newer ways to piggyback legitimate sites to spread the menace.

The Java exploits

These have consistently continued to terrorize the internet security world for a good amount of time duration. More than one billion computing devices all across the globe are seen Java installed over them. Sadly, this problem has created problems for countless people. Every time, you see any new update coming, the cyber experts immediately come out with new vulnerability in the updates. Hence if you have Java installed in your machine, you make it completely updated and use it only when the systems are fully updated or else avoid doing so. A number of viruses and spywares are seen as the threats, which are usually associated with the Java exploits.

Malwares targeting new devices and operating systems

Malwares is among the common internet security threat present since past so many years. Now, you can see the cyber crooks designing malwares specifically for the newly introduced operating systems and devices coming into the market. You could therefore get to see countless malwares being designed by the cyber criminals the moment any new operating system or device is launched by the company. Today’s designed malware are more complex and dangerous as compared to the past ones.

The exploit kits

These are usually discovered in a wide range of shapes and sizes, however, their purpose are simply the same. These are simply designed to check the web based security vulnerabilities over the device of users. The modern day exploit kits concurrently scan for several vulnerabilities found over the OS and common software. To play safe against the exploit kits, you are supposed to update your software the moment they are launched.

Final word

With every passing day, the internet security threats are becoming more complex and challenging. If you want to secure your data and classified information, it is better to know these ever living online security threats and follow competent preventive measurements to protect all your devices.

About The Author: Alia is a writer/blogger. She loves writing, traveling and reading books. She contributes in Bret Clark Microsoft

Top Internet Security Threats That Never Seem to Go Away is a post from: facebook hacking and email hacking - hacker9

Ever wanted to see full size profile picture of your crush, who has made her account display picture visible to only limited people?. Well you have good news! this new profile picture hack allows you to view large size of locked profile picture(current) of any user you want.

Don’t believe me? Lets make a try!. Please do-not Misuse it.

Step #1. Open any Facebook profile with locked display picture. for instance lets visit this spare profile of mine:

http://www.facebook.com/neha.quraishi

Step #2. Right click on the profile picture and click “Copy image URL”.

Paste the copied URL in a notepad or address bar. you will see something like this:

https://fbcdn-profile-a.akamaihd.net/hprofile-ak-ash4/c36.35.446.446/s160x160/382342_547052581992560_1718937663_n.jpg

If you observe the above URL, you Will notice that the text in red actually matches the thumbnail size of the profile picture which is being locked i.e 160×160.

Step #3. Now the trick is to replace s160×160 with s720×720 in the above link , so your new link will look something like this:

https://fbcdn-profile-a.akamaihd.net/hprofile-ak-ash4/c36.35.446.446/s720x720/382342_547052581992560_1718937663_n.jpg

Step #4. Now just visit this new picture link and bam! you have the original locked profile/display picture on your Screen. Enjoy!!

Facebook hack: Enlarge locked profile picture (display picture hack) is a post from: facebook hacking and email hacking - hacker9

Security Threat 1: Data Interception

Walking up to this new millennium, it can be understood that any data sent over the Wi-Fi internet facility can be easily captured by eavesdroppers. They can capture the data if present within some hundred feet distance. Even, through directional antennas, they can catch the data from further distant areas. Tell it God’s grace or what, every single Wi-Fi certified products available these days now support AES-CCMP data encryption and integrity.

However, the most unfortunate situation is that there are still a whole lot of legacy products available that speak only about TKIP. There are a whole lot of WLANs configured to accept both the AES and TKIP. The major problem with TKIP is because of its vulnerable nature towards MIC (message integrity check) attacks which allow injecting a very limited range of spoofed frames. The most common example is ARP. Time has come to think beyond TKIP and introduce AES-CCMP based WLANs all over. This will ensure quality protection from data interception related security threats.

Security Threat 2: Rogue APs

It has always been a serious point of concern when business networks are being penetrated by unknown and unauthorized APs. It is quite a risky factor to worry about. However, the fortunate thing is that almost every enterprise WLANs use legitimate APs these days for scanning channels in order to find out any possible rogues. The most unfortunate thing is that tracking “true rogues” is not something that can be adopted so quickly. It is a critical procedure and requires years of experience and strong expertise. Even normal WLAN devices will unable to trace those true rogues.

Without the most accurate classification, it becomes a risky initiative to block automated rogues. The most effective solution to this critical security threat will be to deploy a wireless IPS which can easily differentiate between personal hotspots, harmless neighbors, and all those network-connected rogues that can pose some serious threat. It will not only detect but also mitigate the rogue by taking several policy-based actions for tracing, detecting, and blocking the threats.

Security Threat 3: Service Denial

WLANs are extremely vulnerable to DoS. Competitions among different WLANs become highly inevitable in populated areas since everyone shares relatively similar unlicensed frequencies. Don’t worry, as a necessary solution has been sorted out. Because enterprise WLANs gets migrated to 802.11n, there is a possibility of using different channels in less crowded yet larger 5 GHz band. this helps in reducing the accidental DoS situation. What becomes more important is that contemporary APs (access points) can easily auto-adjust channels for circumventing interference.

However, still there lies the possibility of some sort of DoS attacks like consuming of AP resources, phony messages used to disconnect users, and continuous busy channel network. The most common prevention from these security threats is search for newer products that offers 802.11w management frame protection support.

Security Threat 4: Soft APs and Ad Hocs

Laptops having Wi-Fi connectivity can easily establish peer-to-peer Ad Hoc connections. Such type of connections pose a security threat as they totally circumvent the network security policies. But the fortunate part is that Ad Hocs are extremely hard to configure. Because of this reason, not many bother to use them. And not the unfortunate scenario: with the introduction of Windows 7 Operating System, configuring Ad Hocs just got a lot easier. Even latest laptop models with Atheros and Intel Wi-Fi cards also features easy configuration of Ad Hocs.

The presence of these virtual APs can easily provide direct connections to several other users while routing traffic and bypassing network security onto the enterprise network. The best security measures to provide protection against soft APs is through WIPS and Managed-IT client settings.

Security Threat 5: Twin APs

Twin APs are possible. BUt in most of the scenarios, one of the APs gets involved in phishing activities. Remember, fraudulent APs have the ability to advertise easily through the same network name (SSID) as a legitimate business or hotspot WLAN. This causes a direct connection of all the Wi-Fi clients available closely to get connected to the evil AP. The only protective measure against such Evil AP twins is through server authentication.

The authentication should be carried out from 802.1X Server Validation to Application Server Certificate Verification.
Before signing off, there is a word of assurance to make. Over the years, Wi-Fi security concept has improved by a greater extent. The new enterprise based WLANs can efficiently handle threats of misuse and intrusion. Although end-to-end security is not guaranteed, but still protective measures available presently are sufficient to vaporize the threats.

About The Author: Claudia is a writer/blogger. She loves writing traveling and reading books. She contributes for Laughlin Kennel

Top Wi-Fi Security Threats and How to Secure is a post from: facebook hacking and email hacking - hacker9

(Click to enlarge)

The 26-year-old Aaron Swartz, who committed suicide just 2 days back was arrested in July 2011 and accused of stealing 4 million documents from MIT and JSTOR, an archive of scientific journals and academic papers.

JSTOR had dropped the charges after the digital copies of the articles were returned. However the MIT (Massachusetts Institute of Technology) did not do the same and decided to continue with charges against him. If convicted He would have faced $4 million in fines and more than 50 years in prison. His trial was set to begin this April. Unfortunately On Friday evening, Swartz was found dead in his apartment.

Anonymous decided to attack only hours after MIT released a statement on Swartz’s death, announcing it would launch an internal investigation on the events that led up to Swartz’ passing.

The group wrote in the message:

“Whether or not the government contributed to his suicide, the government’s 
prosecution of Swartz was a grotesque miscarriage of justice, a distorted 
and perverse shadow of the justice Aaron died fighting for” 

Anonymous also called for a reform of computer crime laws, copyright and intellectual property laws, and a renewal of a commitment to a “free and unfettered internet.

The 2 hacked Websites are:

1) http://cogen.mit.edu/ (Now restored)
2) http://rledev.mit.edu/aaron.html

Aaron Swartz:
(November 8, 1986 – January 11, 2013)
Aaron Swartz was a computer programmer, writer, archivist, political organizer, and Internet activist. He was a co-founder of Reddit.com, helped create RSS and was know as Internet freedom activist. He was also one ff The Earliest Google Bloggers. Swartz also focused on sociology, civic awareness and activism.

Anonymous hacks 2 MIT websites in the memory of web activist Aaron Swartz is a post from: facebook hacking and email hacking - hacker9

The sophisticated attacks are no longer a fiction in the Agatha Christie and Sherlock pages. Criminals and masterminds give shape to their master plans and mould them by choosing their targets, studying them carefully, launching reconnaissance attacks and quietly burrowing their way into the corporate networks. This is specifically what is coined as criminal logic. This includes an ever growing tools & tactics. This leads to the compromise of the legitimate websites and forcing them to serve Malware for the selection of the visitors. Traditional endpoint security techniques are unfortunately not designed for the understanding of the logic behind these attacks.

Serious exemplary crimes
Let us take an exemplary case of the commonly exploited sites, browser and content reader vulnerabilities.

How they make it work
When an organization for examples is chosen as a target along with its employees, the victim along with the identified victim’s friends or business colleagues face the tune. Fake emails are received by the targeted employees. These fake emails vary from fake LinkedIn to Facebook friendship requests. These contain links which lead to compromised servers which install malware by squeezing dry both known & unknown vulnerabilities in the browser of the employee and other content readers.

Hopes and remedies
As hopes never dries up though tactics often fail as criminals adeptly obfuscate their attack codes. Fields can best succeed with protections through threat intelligence & adaptability. The following measures may be acclimatized.

Focusing on crime logic
Though the attacks against the other enterprises are a bit different from the attacks against the organizations, the same crime logic is applied. This includes similar application manipulation, similar vulnerability, and almost the same data capturing transmission techniques, etc. ones best chance to prevent these attacks when they hit us is to have solutions which can identify crime logic instead of file patterns.

Having layers of protection
There is no one type of product or defense or vendor that is capable of providing all of the security an enterprise or an organization wants. One of the most effective solutions to avoid being jeopardized is to apply a multiple layers of protections. Applying them at the gateways, on the endpoints and within the networks works effectively in keeping the threats to its minimal.
This has been a brief introduction to the massive ocean of cyber-crimes which can give you readers a hint of what’s it all about.

About The Author: Alia is a writer/ blogger. She loves writing travelling and reading books. She contributes to Christian Weems.

To Stop Cybercrime: Understand Crime Logic, and Adapt! is a post from: facebook hacking and email hacking - hacker9

Bad password habits:

Average internet users have been reported to have more than twenty separate accounts; but use less than 6 passwords for them. Mostly passwords used are too easy to crack, as they are based on personal information. It is better to use alpha numeric passwords, and sometimes very dumb ones to fool the password crackers.

Better Technology: Boon or Bane?

With the much improved and ever evolving graphic technology, computing has become very fast. This also allows the password cracking software’s to run at great speed compared to the past. There are software’s that even track your keypad impression data work out various possibilities in fraction of seconds. you can check our Keylogger Section here..

The Networking Effects:

With each incident of hacking and the results being discussed and brought out in the open, hackers or would be hackers get a much more in-depth understanding of the general attitude. The new algorithms and better designed codes to break software combined with this understanding makes them lethal.

Weak Protection from sites:

The companies have not been protecting us or our personal information enough. Sites have not been providing enough cryptographic security to passwords as claimed by many internet security experts.

The big question from the above facts come out, are we not safe? Or cannot we save from being hacked?

Yes of course, if someone can hack our accounts, we definitely can do our part to protect our accounts or our personal information. A robber can be prevented from entering our house, if we think rationally and take some simple measures.

#1. Don’t be lured by Freebies:
Do not download any program which you are not sure of. Any program that offers anything free and raises suspicion is better to be avoided. Many of these program have key loggers embedded, and your email, passwords get recorded and shifted to the creator.
Most importantly do not download or reply mails declaring you winner of a fortune, or people asking for huge amount transfer help and offering you a cut.

#2. Secure your Wi-Fi:
Mostly Wi-Fi users leave them unsecured. This is like opening a door to a gold locker. Hackers can login to such unsecured networks and take control of the computer and do whatever they want to. Secure every Wi-Fi network, using hard to guess passwords, and regularly change them.

#3. Log Off:
Log off from all accounts before you leave your computer. Better to shut it down completely before going to rest. If you have allowed anyone to use your computer, make sure that the person has been logged off from all active accounts. Moreover never use any site that offers to save your login information. That may save some of your time but in the long run may take away much more.

#4. Secure Password For Everything:
It is always better to have different passwords for every account, particularly for the ones that are used for financial transaction. Use long passwords, a combination of numbers and alphabets and make it really hard-to-guess. Even known people can hack into accounts, so its better to be safe rather than sorry.

#5. Install Antivirus with Malware Protection:
Most hackers get passwords through malicious software’s popularly known as Malware. Install a good antivirus that offers protection from Malwares. Scan computer completely before logging in to the net. Set for regular updates and regular scan of the computer. Login to all accounts and change their password after that, keeping in mind that the passwords must be really hard-to guess.

Do the following diligently to avoid further hacking, if your account has been hacked.

1.  Always update your Operating System.
2.  Never reply to mails asking for passwords of your email or banking accounts.
3.  Carefully sign in to your email or bank accounts if you are using public computers, try avoiding unsecured Wi-Fi. Always log out properly and carefully. It is better to use the virtual keyboard in public networks to login.
4.  Try the two layered login options provided by most services.
5.  Make your account easily recoverable by changing the settings.
6.  Carefully reset your account, and restore your deleted mails and contacts.
7.  Keep changing your password regularly.

Conclusion:

Hackers will try to take advantage of your account and millions others. They will try to take advantage of the security loopholes. They will be using technology to their advantage. To prevent them most importantly you will also have to take the technical advantage. But the trick they use to hack should be your best weapon to prevent them. They try to think like you when they are trying to hack into your account, try thinking like them to stop them from doing so.

Article Submitted By: Claudia is a blogger by profession. She loves writing, reading and traveling. Beside this she is fond of luxury cars and wishes to own one day Lexus LS 600h.

Why everyone is getting hacked these days? and how to handle it? is a post from: facebook hacking and email hacking - hacker9

Facebook spokesperson Meredith Chinhas said: “We are testing a new way to add comments to a post on Facebook, “Now you will be able to reply to another comment as well as the original post.”

Here’s how it looks:

This “Reply to Comments” option is already present in Facebook’s Comments Plugin for websites and after this Awesome comments plugin, Facebook must have thought of adding this function to comments posted to individual posts on your Timeline.

Right now the new “reply to comments” feature is only available for a small amount of users and soon after testing, it will be made available live for rest of its 1 billion monthly active users. The move would surely make it much easier for users to respond to individual comments left on wall posts.

Facebook: “Reply” button on Comments coming soon! is a post from: facebook hacking and email hacking - hacker9

Who is Zynga anyway?, Zynga is a gaming company which happens to be closely related Facebook. How?, Zynga dominates the social gaming market, with hugely popular games including FarmVille, Mafia Wars and Words with Friends. It also accounted for 14 percent of Facebook’s total revenue and that’s how the relationship between Facebook and Zynga is quite symbiotic.

Anonymous group better known for its DDoS (distributed denial of service) and website defacement attacks, has pledged to take down Facebook tomorrow – Monday, Nov. 5, unless the closely affiliated gaming company Zynga agrees to back off on plans to lay off 1,000 employees.

Earlier this month during Apple’s recent iPad Mini event, Zynga’s had announced that it will lay off 1,000 of its employees and begin outsourcing work to third parties in a bid to save money and stay afloat. And this is how Zynga has made it to the list of Anonymous groups latest target.

If Anonymous makes Zynga’s games available to the masses for free it would have a devastating effect on Zynga’s business, stock price and advertising revenue. and as far as Facebook is concerned, Anonymous have threatened to ‘take down Facebook’ several times before. It hasn’t happened yet, and it is unlikely to happen.

Here’s the official statement quote from Anonymous website:

Zynga customers and Facebook users, We are anonymous.

During the last few days anonymous has been targeting Zynga for the outrageous treatment of their employees and their actions against many developers. We have come to believe that this actions of Zynga will result in massive layoff of a thousand people and legal actions against everyone that speaks to the public about this plan. It will also come to end of the US game market as we know it as all this jobs will be replaced in other more convenient financial countries. With a billion dollars cash sitting in a bank we do believe that such actions are an insult to the population and the behavior of corporations like Zynga must change. Anonymous could not allow this to happen so it’s starting to release confidential documents we have leaked on this plan. As we speak we are planning to release also all the games we’ve taken from their servers for free. That being said we will stop the idea of the distribution of such games if Zynga will cease immediately the plan.

Source: http://anonnews.org/forum/post/9195/

Anonymous group threaten to take down Facebook and Zynga tomorrow Nov. 5 is a post from: facebook hacking and email hacking - hacker9