PC World Philippines » Security

D-Link doubles security for home networking routers

Fei — Mon, 13 Sep 2010 12:09:35 +0000

September 13, 2010

D-Link has announced that it is the first in the industry to double router security protection by incorporating both CAPTCHA and DNS Security Extensions (DNSSEC) to guard against hacking, viruses and other malicious Web attacks.

“We’re excited to be the first in the market to offer such double security capability in our routers,” said Desmond Toh, Marketing Director, D-Link International Pte Ltd. “By incorporating both DNSSEC and CAPTCHA initiatives, D-Link routers now facilitate another layer of the latest security technology while protecting Internet users against cache poisoning and other cyber attacks and warding off web hacking and phishing.”

DNSSEC is a suite of Internet Engineering Task Force (IETF) specifications that adds security to the Internet’s Domain Name System (DNS) to provide assurance that the information received from a Domain Name Server is authentic. The security extensions are designed to protect the DNS from cache poisoning attacks, which can occur when hackers corrupt DNS data stored on recursive name servers to redirect queries to malicious sites.

DNSSEC applies digital signatures to DNS data to authenticate the data’s origin and verify its integrity as it moves across the Internet and can provide users with effective verification that their applications, such as Web or email, are using the correct addresses for servers they want to reach.

In mid-2009, D-Link integrated Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) into its popular home and small office routers to thwart worms designed to access a router and alter the victim’s DNS records to divert traffic toward the attacker’s network.

CAPTCHA is a challenge-response test that ensures that a response during a user logon is not computer-generated but instead is truly entered by a human hand, by requiring a user to manually enter a small amount of text displayed in an image to help prevent automated registration and fraud.

To further consider security while future-proofing its routers, D-Link is migrating to IPv6 certification. With the growing number of Internet-capable devices on the market – including mobile, media, and storage – the pool of IPv4 address has dropped to six percent and is expected to run out sometime in 2011. While this is a major motivation for IPv6, other improvements are also realized. The IPv6 specification specifies certain security measures that were not defined in IPv4, such as IPSec, which is a method of authenticating and encrypting data transferred between pairs of hosts. Although it was possible to implement IPSec with IPv4, it was not part of the specification. IPSec is a requirement in the IPv6 specification.

D-Link has begun the transition to IPv6 by participating in the ‘IPv6 Logo Testing Program’ to assure that its products support transitional technologies and provide IPv6 connectivity. All new D-Link routers currently ship with the “IPv6 Ready Phase II” certification and logo.

The DNSSEC, CAPTCHA and IPv6 features are currently available on most currently shipping D-Link’s routers, with more being updated. Visit www.dlink.com for availability of firmware updates.

Supercharge Your Business With Google Apps

Fei — Wed, 25 Aug 2010 23:00:45 +0000

By Zack Stern
August 26, 2010

SAN FRANCISCO – All businesses need basic services such as e-mail hosting, document sharing, and file editing. The ways to set up these functions vary greatly, however–pick the wrong method, and you’ll waste time and money.

For example, you don’t need to cover the costs of your own server, since the various Google Apps for businesses shift these tools into the cloud. Plus, the online approach makes your organization more mobile, since it allows you and your staff to connect from any computer and from most smartphones.

Google’s offerings for businesses differ from the company’s consumer applications. But that’s just the beginning. In this article I’ll reveal tips and tweaks that can supercharge Google’s tools to improve your business’s productivity. Whether you are just beginning to explore Google Apps or are already a subscriber, these tricks will help you get the most from the services.

Google Apps Collaboration Tools

In addition to handling your e-mail, Google Apps can help people in your business collaborate. Many tools are available, covering everything from scheduling to document creation to videoconferencing. And though you save everything in the cloud, Google maintains good security to protect your data.

Google Calendar can help you keep appointments and share scheduling with groups. The business service is similar to the consumer version, but oriented toward clusters of employees. You’ll be able to share workday details with coworkers so that they know when you’re free for a possible meeting, for instance. The tool can send meeting invitations and update itself as recipients verify their attendance.

Google Docs imports and edits basic office-suite files, including .doc, .ppt, and .xls files in its word processor, presentation tool, and spreadsheet app, respectively. Multiple staffers can share documents, each person editing them without worrying about losing someone else’s changes (as they might when downloading and uploading documents to a file server). Google keeps a complete history of each contributor’s updates, and colleagues can even edit files at the same time. This setup can serve as a great group note-taking space for a conference call or during a presentation.
Google Sites, available in each edition of Google Apps, acts as an intranet Website. You can use it as a company bulletin board for everyone, store HR policies, highlight an upcoming event, or otherwise organize information. Google Sites and Google Docs can store any document type, so you can use them for simple file sharing, too.

Google Groups, available in the Premier Edition, acts as a center point for collaboration. Groups allow staffers to send messages within mailing lists at your company, such as a sales-team list. In addition, members can share a calendar and documents as a group. When new people join the group, they gain access to the message history as well as to the rest of the information, so that they can get up to speed with in-progress plans.

Google Video, another Premier-only service, is essentially your company’s own version of YouTube. You can post private, internal videos for training, collaboration, or any other use. The tool also hosts your public videos, eliminating another subscription or service that you might need.

Using Gmail for Business

The main difference between consumer Gmail and the version available through Google Apps is easy to spot: custom domain names. Instead of an @gmail.com address, you get @yourbusinessname.com, which makes a major difference in your branding, even if you operate a sole proprietorship. I know I always assume that bob@bobsmithconstruction.com (or even @bobsmith.com) represents a more established business than does bobsmith@gmail.com.

If you already own a domain name, such as for your Website and current e-mail, you’ll point its MX records to Google. Essentially, when computers contact your domain registrar to locate your mail server, the MX record creates a forwarding address to Google so that mail still flows properly to you. If you don’t own a domain name yet, Google can register one for $10 a year, configuring it automatically.

Small businesses might be content with the free Standard Edition of Google Apps. It supports up to 50 e-mail addresses, each with 7.4GB of storage space. Each e-mail address can send messages to 500 different recipients each day. Unless your business has a wide volume of daily contacts, those limits should be fine. But like consumer Gmail, this mail service includes ads, which might be a reason to move up.

The paid, $50-per-year-per-user Premier Edition eliminates ads and increases those limits. Each address can send to 2000 recipients per day, and you get 25GB of storage per e-mail address.
With the paid or free version, you can share contacts within your company, pooling resources from Web-based or mobile Google Apps.

Next: Tweaking Gmail, Calendar, and Voice

Turn Off Ads in Premier Edition Gmail

If you use the paid, Premier Edition of Google Apps, you might be annoyed to see text ads in your mail service. Relax. Here’s how to turn them off.

When logged in as an administrator, click Manage this domain at the top of the page. Pick Domain settings, and check the box in the middle of the page for Hide all ads for [your domain]. Click Save changes. That’s all it takes, although I’d rather Google assume that paid users want ads off by default.

Follow Business Leads Within Gmail

What happens to your important but misaddressed e-mail, such as when a new client tries to reach out to your business but misspells your name? You can create e-mail aliases for suspected misspellings, catch all misdirected e-mail, and make a group e-mail address for certain teams.

While logged in as an administrator in the Dashboard, click Email. Pick the Email addresses option. Click the user’s name. Scroll down, and click Add a nickname. Enter an alias there–I added “zach.” Click Save changes.

Other misaddressed messages might be junk, but you can catch them just in case they’re important. Go to Service Settings, Email. Scroll down to the ‘Email routing’ section. Click the radio button for Route to catch-all address, enter your username, and click Save changes.

Google Groups can manage internal communication, but you can also use Groups to receive messages from anyone. That way, you could have a sales@yourbusiness.com address that forwards mail to everyone on the team. Just click the Groups button and select Create a new group.

By default, only members of the group can send messages, but you can change that here. Scroll down and click the checkbox for Also allow anyone on the Internet to post messages. Now customers can contact all of your sales staff via one address.

Customize Google Calendar Meeting Reminders

You can set Google Calendar to remind you about meetings in a handful of ways: e-mail, pop-up window, or SMS to your phone (including a plain, dumb handset). Here’s how to configure the defaults to remind you to prepare well in advance and to ping you just before the meeting time.

Within your personal Google Apps account–not the administration dashboard–visit the calendar. Click Calendar settings and Notifications. You can click Add a reminder or remove to layer more or less. Try setting the first default to e-mail you a reminder 1 day in advance. Set another reminder (or two) to send you a text message just before meetings. (First, if necessary, click Set up your mobile phone to receive notifications.) Click Save.

Do More With Additional Apps

The e-mail, calendar, document, and other tools bundled with Google Apps can act as the cornerstone of your business operations. But additional, third-party apps can add more tools, even interfacing with your contacts, calendar, and other data. Among these extras are project management programs, CRM tools, time trackers, and more.

Visit the Google Apps Marketplace to find a mixture of free and paid add-ons. When you find something of interest, click Add it now, and follow the prompts. When you click the button to enable the app, it will be activated for all of your users, saving installation time versus traditional software.

Custom-Route Unknown Google Voice Callers

Google Voice permits people to reach you by phone wherever you may be. The free service assigns you a single phone number that rings all of your phones. You can have it ring your home number, the office, your cell phone, a temporary location, or anywhere.
Being reachable is great when you’re working, but it’s frustrating when you’re away and you don’t want strangers to call. You could temporarily shut off your mobile-number forwarding, but that would block people you want to be able to call. Instead, manage where calls ring depending on the caller, with calling groups.

First, scale back the default places that Google Voice will ring. Uncheck various lines in Settings, Voice Settings, Phones. Think of these preferences as your away mode, when you don’t want to be reached by strangers. I recommend leaving just your office line enabled. Then click Groups, and edit those profiles. In the Friends group, for example, edit the default to ring all of your phones. Click Save. (Add people to the groups in the Contacts area.)

Now when your friends or members of other groups call, they’ll be routed to certain lines. When strangers call, they’ll reach you at your desk but not at home after-hours.

Privacy Concerns Hit Facebook (Again)

Fei — Mon, 02 Aug 2010 22:59:32 +0000

By Paul Suarez
August 3, 2010

SAN FRANCISCO – Another week, another Facebook privacy issue.

A few days ago, a database was uploaded to Bit Torrent with the names and public information of every searchable Facebook user’s profile. The 2.8 GB file contains information on more than 170 million profiles.

The Facebook database disclosure is just the latest of several privacy issues, from apps that reveal more than you realize to confusing privacy settings. And users aren’t agreeing on their responses, although most suggest this latest issue is a sign of things to come.

Facebook was quick to respond that the data was easily accessible via Facebook and web searches and the posting was no threat to user security. A spokesperson wrote to the New York Times:

“People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want. Our responsibility is to respect their wishes. … No private data is available or has been compromised. Similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook.”

From the Web, few were as nonchalant.

Dan Tynan at IT World thinks Facebook is missing the point. The Internet is full of bits and pieces of information that are “marginally useful — until someone collects them all in one spot and organizes them. Then, suddenly, they can be extremely useful,” he says.

Tynan specifically addresses Facebook’s phone book analogy.

“Think about the phone book. Tons of information in there, but not terribly useful for looking up more than one name at once — until you put it online. Suddenly it’s a lot more useful. Now you can locate numbers for everyone in a particular area or ZIP code, plug them into a piece of software, and start robo-dialing.”

He goes on to explain how nefarious users might use similar data to take control of people’s Facebook accounts or try to extort your friends for a few bucks.

The database was created by Ron Bowes, a Canadian security consultant, to get a list of the most probable combination of first and last names to test a new password security tool he helped develop.

“It is designed to test password policies of organizations by using brute force attacks; in other words, guessing every username and password combination,” he told the BBC.

“Bad guys” could easily use the same strategy to create password-cracking software that could be used for virtually anything, instead of testing password security for large corporations.

It seems like large corporations might also be interested in the data — which, as Tynan said, could prove useful for marketing, targeting specific demographics, and finding potential customers.

A Gizmodo reader discovered that several IP addresses of users that were also downloading the file belonged to 65 companies including: Lucasfilm, Motorola, Mcafee, Nvidia, Pepsi, Coke, Boeing, Apple and Hewlett-Packard (to see a more complete list check out the Gizmodo post). To be fair, that doesn’t mean the company sanctioned the download; it just means that someone at the company was probably downloading it.

My PC World colleague Tony Bradley says if the corporations did sanction the downloads they might not have specific reasons for acquiring the data or future plans for it.

“But, the fact that a file exists which contains personal information for millions of customers that might prove valuable in the future is reason enough to go ahead and acquire the data while it’s still out there,” he says.

Aaron Couch of NPR’s All Tech Considered thinks this could be the beginning of personalized advertising, much like that seen in Minority Report where companies know so much about you they “can give us exactly what we think we want and need.”

“When it comes to online privacy, I’m like a smoker circa 1965. Despite all the evidence, I don’t want to admit there’s a problem,” he says.

If nothing else, this should serve as a reminder for those of you who haven’t taken advantage of Facebook’s privacy options to do so now. Check out a PC World guide on how to test your settings.

As PC World user Milesobrien commented on a story, “… Put yourself or information on a ‘social networking’ site and it IS PUBLIC!!”

Did Apple update Mac’s security but not tell anyone?

Fei — Mon, 21 Jun 2010 23:00:26 +0000

By Jeff Bertolucci
June 22, 2010

SAN FRANCISCO – Perhaps Microsoft isn’t alone in issuing some security patches on the down-low. A new report from security software maker Sophos claims that Apple this week silently updated anti-malware protection in its Mac OS X operating system. In fact, the patch was so hush-hush that Apple failed to mention it in either the release notes or security bulletin that came with its Mac OS X 10.6.4 upgrade, which included the mysterious security fix.

Sophos senior technology consultant Graham Cluley, in a Friday blog post, asserts that Apple quietly patched the Mac’s malware protection to thwart a backdoor Trojan horse that could allow hackers to control an iMac or MacBook remotely.

Apple’s OS X 10.6.4 upgrade secretly patched XProtect.plist, a file that contains “elementary signatures of a handful of Mac threats – to detect what they call HellRTS,” Cluley writes. Malicious hackers have been disguising HellRTS as iPhoto, the Mac’s photo-editing program.

A Mac infected by this particular breed of malware would be open to a variety of attacks. For instance, hackers could capture screenshots of user activity, access files and clipboard data, and send spam from the computer. Sophos security programs have detected HellRTS as OSX/Pinhead-B since April, according to Cluley.
Apple did not respond to PCWorld’s request for comment.

Saving Face

If Sophos’ claims are correct, Apple wouldn’t be the first OS maker to keep some security fixes secret. Microsoft officials in May admitted that they don’t report all the security shortcomings in their software. Redmond’s non-disclosure of patches was revealed by Core Security Technologies, which discovered three undocumented fixes in recent Microsoft software upgrades.

Does an operating system vendor have a responsibility to reveal all of its security patches to its users? The question is particularly pertinent to Apple, which has long trumpeted the Mac as the safer alternative to Windows PCs.

Cluley believes that Apple’s marketing strategy has contributed to a false sense of security among Mac users:

“Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn’t helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done. You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. ‘Shh! Don’t tell folks that we have to protect against malware on Mac OS X!’ ”

Apple employees are often “the worst offenders when it comes to giving users security advice,” says Cluley, who adds that a former colleague of his, while visiting an Apple Store recently, overheard a staffer tell a customer that it was “impossible” for Macs to get viruses, and that Mac users shouldn’t “even worry about it.”

Security patches are a fact of life for OS makers. For a vendor like Apple, fixes of this nature can be particularly embarrassing. What do you think? Should Cupertino spill the beans on every anti-malware upgrade it issues?

‘Norton Everywhere’ initiative takes consumer business beyond the PC and security

Fei — Wed, 09 Jun 2010 00:54:24 +0000

June 9, 2010

Symantec has unveiled Norton Everywhere, a three-part initiative to take Norton beyond the PC and extend trust to new devices and consumer applications. The initiative spans the areas of mobile safety, web safety across any device and embedded services on smart devices. Symantec is combining its own consumer security, backup, and infrastructure technologies with partners to deliver Norton services to consumers in an entirely new way. This initiative means that consumers will be able to trust the protection of Norton everywhere – across many locations, devices and digital experiences. The offerings will be delivered direct to consumers, as well as through new business-to-business offerings.

Products being launched recently and in the coming weeks include Norton Smartphone Security for Android Beta, Norton Connect Beta and Norton DNS Beta. The company is demonstrating these technologies and other prototypes today at its annual investor conference in New York.

“We are entering a new era where non-PC devices are exploding in numbers, which means more opportunity for cybercriminals. It’s becoming more and more critical for consumers to be protected beyond their PCs,” said Janice Chaffin, President Consumer Business Unit, Symantec. “The Norton Everywhere initiative takes a broad view of how Norton can deliver trust and high value to consumers and address evolving market needs. Symantec’s breadth of resources, partnerships, global reach and brand recognition make it uniquely able to deliver security and more to any Internet-connected device in the world.”

With a never-ending wealth of new features and applications, the smartphone market is seeing explosive growth, and in fact shipments are expected to surpass that of desktop PCs by the end of 2011. Norton Mobile will address some of today’s most common issues for smartphones, including device loss and data protection. Norton Mobile will address this rapidly growing market by delivering security and non-security offerings for the mobile platform.

Norton Smartphone Security Beta for Android is scheduled to be available in June 2010. This new mobile application will give users the ability to remotely lock or wipe their device from prying eyes via text message in the event of device loss. Users will also benefit from Norton-strength antimalware protection and call blocking for unwanted callers.

Symantec has now joined the partner program of HTC MobilityNow, a division of HTC Corporation, one of the fastest-growing companies in the mobile sector. Symantec and HTC MobilityNow are working in concert for software development and testing on Android and Windows Mobile platforms.

Also scheduled for June release is the Norton Connect Beta, a free mobile application that can access any files archived via Norton Online Backup or Norton 360 from your iPhone, iPad or Android device. With Norton Connect, users can enjoy anytime, anywhere access to files. Users will be able to download Norton Connect Beta from the Android Market or the iPhone App Store.

A new mobile destination m.norton.com is now available for all mobile users to access the latest news, videos, and downloads from Norton. The new site is available in English and will be available in German and Japanese in June.

Norton DNS Beta – based on the Domain Name System which acts as the Internet’s invisible switchboard – has been designed to provide a safer, more reliable, and faster Internet experience by delivering a variety of basic protection services like antiphishing, antimalware and anti-spyware via Norton verified web filtering. Just as people associate Norton security products with scanning files that come onto a system, with Norton DNS, every time a user navigates to a URL, it will be verified. Using DNS technology, Norton is able to deliver another layer of security to both the mobile and PC environments.

Scheduled to be available in June, the Norton DNS Beta will be free and widely available. Users can provide safer web access to everyone in the home by either manually changing the DNS settings of their home router or alternatively, by installing a small application (available in June at www.nortondns.com) which will configure Norton DNS automatically.

Also in June, Android users can access Norton DNS Beta for faster, safer web access when on wi-fi via a small, easy-to-install mobile application from the Android Market.

According to industry research firm IDC, there are over 10 billion non-PC devices that connect to the Internet today and that number is expected to grow to almost 20 billion by 2014. Furthermore, these Internet connected devices often have little or no security built into them. Norton for Smart Devices brings Symantec embedded security and other services into non-PC internet connected media devices such as Blu-ray players, televisions and media streamers, smartphones, home security systems, digital cameras, picture frames and more.

Symantec is announcing a strategic partnership with Mocana Corporation. Symantec led Mocana’s recent series C investment round. This first partnership under Norton for Smart Devices is meant to provide turn-key solutions to device manufacturers eager to bring new devices quickly to market. Among other goals, our solutions will be designed to help manufacturers:

o Securely and intelligently update a device’s firmware, operating system and applications

o Remotely support a device in order to drive down a device’s support costs

o Bring secure and robust online storage to a device in order to secure configuration settings, application data and user data.

Products and services related to this partnership will be announced upon availability.

Symantec’s Norton products protect consumers from cybercrime with technologies like antivirus, anti-spyware and phishing protection — while also being light on system resources. The company also provides services such as online backup, PC tuneup, and family online safety. Fan Norton on Facebook at www.facebook.com/norton and follow @NortonOnline on Twitter.

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Facebook Overhauls Safety Center

Fei — Thu, 15 Apr 2010 23:00:51 +0000

Brennon Slattery
April 16, 2010

SAN FRANCISCO – In the wake of high profile cyber-bullying cases — such as the one that led to a teenage suicide in 2006 — social networking sites have been tightening the belt on Internet security. Pushing itself to the forefront, Facebook has overhauled its Safety Center with descriptive information for teens, parents, law enforcement officials, educators and general users to help protect themselves against scammers, bullies and other riffraff.

Facebook formed a Safety Advisory Board in December 2009, comprised of organizations such as Common Sense Media, ConnectSafely, WiredSafety, Childnet International and The Family Online Safety Institute. As a result of this union, the Safety Center was born. (Click on image below to enlarge)
“There’s no single answer to making the Internet or Facebook safer. That’s why we’re introducing new tools and advice for parents, educators and teens. We want our approach for improving safety to be as simple, easy and effective as our approach to improving Facebook’s user experience. Our Safety Advisory Board has been a tremendous resource in developing this next generation of safety resources and offering us ideas for new initiatives. Going forward, you’ll see even more powerful — and simpler — safety innovations coming from Facebook,” said Elliot Schrage, Vice-President of Global Communications and Public Policy at Facebook, in a statement.
With a streamlined interface and honed topics for specific groups, the Safety Center provides a clean and informative experience. In the educators section, for instance, Facebook addresses concerns such as how students can report abuse, and how educators can separate their personal accounts from professional ones. Some of the information is general methods to protect one’s privacy.

The law enforcement section contains guides on how to report sex offenders and terrorist activities. This could be a useful read for any Facebook user — or, on the opposite end of the spectrum, it could fuel paranoia amongst the overly cautious. Sex offenders have already been banned from social networking sites in some states, especially after MySpace was found to be hosting at least 29,000 in 2007 and it evicted 90,000 two years later.

Facebook’s comprehensive Safety Center should set an example for all Web sites dedicated to connecting individuals across the Internet. And even though nobody really cares about MySpace anymore, the site should really get on the ball and update its own safety FAQ.

Make Your PC Hassle-Free, Part 5: Gear Up for Backups

Fei — Sun, 10 Jan 2010 14:12:10 +0000

By Rick Broida
January 10, 2010

SAN FRANCISCO – Good news! Having burned that system-repair disc, banished the crapware, bolstered your security, and imaged your hard drive, there’s only big step left in hassle-proofing your new PC.

You guessed it (probably from the headline): backups. Once again I’m going to lecture you on the computing equivalent of flossing your teeth. Bottom line: Do it now or regret it later.

Actually, I’m not going to lecture you at all, but rather steer you to a PC World feature I wrote last year: How to Prevent a Data Disaster. It has all the information you need about creating a diversified backup plan, which for my money is the only way to ensure total safety.

The one item that needs updating is the now-defunct DocSyncer, which made it possible to sync your local documents with your Google Docs account. Fortunately, a free tool called OffiSync can take its place.

Now go forth and enjoy that new PC! And let me know if you run into any other hassles that need solving.

2010 cyberthreat forecast from Kaspersky Lab

Jon — Sat, 02 Jan 2010 09:44:28 +0000

January 2, 2009

When asked about what will happen in 2009, a rise in global epidemics was at the top of Kaspersky Lab‘s prediction list. Kaspersky Lab, a leading developer of Internet threat management solutions that protect against all forms of malicious software, has seen that prediction to be true — 2009 was dominated by sophisticated malicious programs with rootkit functionality, Conficker, Web attacks and botnets, SMS fraud and attacks on social networks.

With the start of 2010, researchers and analysts from Kaspersky Lab have come up with a list of six predictions for what will be the New Year’s greatest threats and newest attack vectors.

1.       A rise in attacks originating from file sharing networks.
This year, we will see a shift in the types of attacks on users, from attacks via Web sites and applications toward attacks originating from file sharing networks.

2.       An increase in mass malware epidemics via P2P networks.
In 2009 a series of mass malware epidemics has been “supported” by malicious files that are spread via file sharing networks. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, we expect to see a significant increase in these types of incidents on P2P networks.

3.       Continuous competition for traffic from cybercriminals.
The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. In the future, we foresee the emergence of more “grey” schemes in the botnet services market. These so-called “partner programs” enable botnet owners to make a profit from activities such as sending spam, performing denial of service (DoS) attacks or distributing malware without committing an explicit crime.

4.       A decline in fake anti-virus programs.
The decline in gaming Trojans witnessed in 2009 is likely to be repeated for fake anti-virus programs in 2010. Conficker installed a rogue anti-virus program on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen. Additionally, this kind of activity is now being closely monitored by both IT security companies and law enforcement agencies, making it increasingly difficult to distribute fake anti-virus programs.

5.       An interest in attacking Google Wave.
When it comes to attacks on Web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.

6.       An increase in attacks on iPhone and Android mobile platforms.
The year 2010 promises to be a difficult time for iPhone and Android users. The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals. The only iPhone users currently at risk are those with compromised devices; however the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS combined with a lack of effective checks to ensure third-party software applications are secure, will lead to a number of high-profile malware outbreaks.

“Malware will continue to further its sophistication in 2010 with specific malware families requiring significant resources from anti-malware companies to adequately fight them,” said Roel Schouwenberg, senior malware researcher at Kaspersky Lab. “Third party program vulnerabilities will continue to be the target of choice by cybercriminals with Adobe continuing to be the main target. And finally I believe that with the introduction of real-time search, black hat SEO and social networks will become an even bigger focus of cybercriminals.”

Twitter’s DNS provider denies hack

Jon — Sat, 19 Dec 2009 17:39:54 +0000

By Gregg Keizer
Computerworld
December 19, 2009

Hackers redirected Twitter.com’s traffic to a rogue Web site for more than an hour Friday by accessing its DNS records using an account assigned to Twitter, the company that manages Twitter’s DNS (Domain Name System) servers said.

Twitter initially blamed the early-Friday hour-long blackout of its site on changes made to the company’s DNS records, which act like a telephone directory to match the twitter.com domain name with the IP addresses used by its servers.

“Twitter’s DNS records were temporarily compromised, but have now been fixed,” the company said on its service status page at 2:30 a.m. ET. “We are looking into the underlying cause and will update with more information soon.” The status page has not been revised with more information since then.

Twitter uses a New Hampshire firm, Dyn Inc., to manage its DNS records, which match Twitter’s domain name (twitter.com, and numerous others) with the IP addresses of its servers.

Today, Dyn denied that its infrastructure had been hacked. Early Friday, Tom Daly, Dyn’s chief technology officer, told the Washington Post it appeared someone changed Twitter’s DNS records to point visitors to a different IP address using the proper account credentials assigned to Twitter.

“Someone logged in who purported to be a legitimate user of their [DNS] platform account and started making changes,” Daly told the Post ‘s Brian Krebs . “It was not a failing on our systems whatsoever.”

Kyle York, Dyn’s vice president of marketing, echoed that in an interview with Computerworld. “No unauthenticated e-mail address associated with the account accessed the [Twitter] account,” York maintained. “This was not an unauthorized breach of our system.”

When asked whether the Twitter account had been used by someone authorized to do so, or if those account credentials had been pilfered by hackers, York declined to answer directly. “You’ll have to read between the lines,” he said. However, he did point to a tweet on Dyn’s own Twitter feed as having the right explanation.

That tweet referenced a story on The Tech Herald , in which reporter Steve Ragan used the clues available, including Dyn’s public statements, to theorize that someone compromised a Twitter staffer’s e-mail account, presumably via malware that snuck onto the Twitter employee’s computer, or through a standard phishing-style identity theft attack.

Once in control of the e-mail account, the hackers then used it to request a password reset for Twitter’s account with Dyn, Ragan speculated. “The password reset process is completed, and at this point the person(s) posing as a Twitter staffer gets the reset password via e-mail,” Ragan wrote.

That approach makes the most sense, agreed Ray Dickenson, chief technology officer at security vendor Authentium. “That’s the most logical explanation,” said Dickenson. “If someone obtained administrator credentials for Twitter’s account with Dyn, or even if it was inside job, everything worked except the human element.”

Dickenson said Dyn’s claim that its servers had not been officially hacked is also likely true. “It’s very difficult to directly hack a top-tier DNS provider,” he said, noting that security at such firms is extremely tight. “You’ve got to believe that Twitter looked at the options, and made the right choice when it went with Dyn. Twitter’s a huge site, and a huge brand.”

Also in Dyn’s favor, said Dickenson, is the company’s contention that only Twitter’s DNS records were altered, a fact that York stressed. “The fact that virtually all of Twitter’s records were pointing to this defaced site, and that no other [Dyn] customers’ records had been altered, corroborates what Dyn’s saying.”

According to York, Twitter will post a more detailed explanation of the cause of the outage later Friday. “It will fully exonerate us, that’s one thing I can say,” York said.

Twitter has been on shaky security ground for some time. Last August, determined distributed denial-of-service attacks knocked it offline for several hours. Two months before that, a hack of a URL-shortening service redirected millions of Twitter users to an unintended destination.

Hackers take twitter offline

Jon — Fri, 18 Dec 2009 15:53:51 +0000

By Sumner Lemon
IDG News Service
December 18, 2009

Microblogging site Twitter went offline for a while Friday after hackers calling themselves the Iranian Cyber Army apparently managed to change DNS records, redirecting traffic to another Web page.

Instead of the usual Twitter Web site design, visitors to the site instead saw a black screen with an image of a green flag and Arabic writing. The defaced site also included a message that said, “This site has been hacked by Iranian Cyber Army,” and an e-mail address.

Whether or not Iranian hackers are responsible for the attack wasn’t immediately clear. However, Twitter and other Internet sites have been used by Iranian opposition groups and protestors to share details of anti-government protests in that country.

Twitter blamed the outage on changes made to the company’s DNS (Domain Name System) records, which match the company’s domain name with the IP addresses of its servers.

“Twitter’s DNS records were temporarily compromised but have now been fixed. We are looking into the underlying cause and will update with more information soon,” Twitter said on its Twitter Status page.

Based on Twitter’s account of the attack, it’s possible that the company’s servers were never compromised. The actual attack may have instead targeted Dyn, the DNS service provider that manages Twitter’s DNS records, according to whois records.

While the outage left Twitter users cut off from the service for about an hour, the type of attack wasn’t serious, according to Dhillon Andrew Kannabhiran , founder and CEO of Hack In The Box, a Malaysian company that runs security conferences in Europe, the Middle East and Asia.

“Yawn, is my comment. It was a simple defacement. So what?” Kannabhiran said.