Saturday 21 July 2012

beware of Apps

In a recent case reported in Ahmedabad, a company that developed applications was struck by data thieves - who were, in fact, the company's former employees. A group of four employees had suddenly quit one day, citing different reasons. A month later, the owner of the company discovered the theft when he noticed that an application developed by his firm was on sale with a different name and logo. Investigations revealed that the employees had stolen the data while leaving the company and had manipulated it.

According to experts, the theft exemplifies the future of cyber crime, in which mobile phone applications and new additions to technology - such as cloud computing - will be targeted by hackers. However, impersonation, data theft, espionage and phishing will remain prevalent in ever-changing forms. These were some of the insights presented by experts who gathered at a workshop organised by DSCI and GFSU in Gandhinagar on Friday.

Dr J M Vyas, director general of GFSU, said in his speech that cyber security had now become a basic necessity for everyone using internet and computers. He said that investigators as well as the public needed to become aware of cyber security's significance. "We hear about cyber attacks now and then, and the day is not far off when wars will be fought on cyber frontiers," he said.

Vinayak Godse, director of data protection, DSCI, told that the worrisome part about cyber crime was that it could not only affect individual computers but could also cripple a defence system or even the economy. "Thus, more and more strategic installations are going off the grid or developing their own networks to be safe from hackers," he said.

Experts emphasised that the Android operating system for mobile phones was vulnerable to such assaults. "Applications for this platform can be made by anybody and put up online," said an IT security expert. "While this is a boon for users, it can become a potential threat as a malware can steal crucial data when a user surfs internet from his tablet or mobile device. We thus advise users not to download any unidentified applications directly from websites."

Saturday 7 July 2012

9th July 2012.


The warning message is a fact. The message from FBI warns millions of computer users around the world to have been attacked by DNS changer, and they may lose complete access to internet on July 9, 2012.
DNS stands for Domain Name System, which is a standard internet service that converts user-friendly domain names like www.hoaxorfact.com into numerical addresses, thereby allowing the computers to talk to each other. DNS connects your computer to the DNS servers operated by internet service providers. Therefore, without DNS and DNS servers, you will not be able to use any internet services.
What is DNSChanger
DNSChanger is a malware started by cyber criminals in 2007, which has infected millions of computers across the world. This malware in user's computer allows the criminals to control the DNS servers of your internet providers. As a result of this, the criminals have forced unsuspecting computer users to fraudulent websites, interfering with their web browsing and also making their computers vulnerable to other types of malicious software.
DNSChanger
How DNSChanger Infects Your Computer
DNSChanger malware usually comes as a small file (about 1.5 kilobytes) which is designed to change the user's 'NameServer' Registry key value to a custom IP address. This custom IP address is generally encrypted in the body of the trojan. When a user's computer is infected with DNSChanger, it will contact the newly assigned DNS server and resolve names of different webservers. Further, this malware attempts to access other devices on victim’s small office/home office (SOHO) network(like router or home gateway) using common default usernames and passwords and, if successful, can impact all computers on the SOHO network. This is how criminals can change good DNS servers with bad DNS servers operated by them, and mislead users to fraudulent websites and other malicious activities.
the Internet Systems Consortium (ISC) have deployed and maintained temporary clean DNS servers for victims of DNSChanger malware to clean their affected computers and restore their normal DNS settings. These clean DNS servers will be turned off on July 9, 2012, and so the computers which are still impacted by DNSChanger may lose Internet access at that time.
How to Check if Your Computer is Infected
To check if your computer is infected with DNSChanger malware, you need to check if your DNS server settings have been changed to a bad server. If your computer is connected to a wireless access point or a router, settings on those devices should also be checked.
If you are using a Windows computer, open command prompt and enter
ipconfig /all
Search for the entry that reads “DNS Servers………”
The numbers corresponding to this line and the line(s) below it are the IP addresses for your DNS servers. These numbers will be in the format of nnn.nnn.nnn.nnn, where nnn is a number in the range of 0 to 255. Make a note of them, and go to the official website of FBI   to check if your computer is using a bad DNS.
windows xp dns settings
If you are using an Apple computer, click on the Apple icon on the top left corner and go to System Preferences. From the Apple System Preferences window, select Network to view a number of possible connections on the left side. Choose your active network and click on the Advanced button in the lower right corner. Then select DNS from the options to check your DNS servers.
Apple dns settings
If your computer is on a network, you should check DNS settings of your routers and other devices of your SOHO network. You should refer to the product documentation of the manufacturer to know how to find DNS server details.
What to Do if Infected
If your computer is infected with DNSChanger, the FBI website will warn you with the below message, when you check your DNS server.
Your IP corresponds to a known rogue DNS server, and your computer may be infected, please consult a computer professional.
If your computer is infected with DNSChanger, it is a serious issue and you need to do some intensive work to get rid of it. The easiest and safest solution is to back up your important data, reformat your hard drives, and then reinstall the operating system. Instead, you can try removing the DNSChanger with a good malware removal utility such as Kaspersky Labs' TDSSKiller  .
If your infected computer is on a network with a hacked router, you should reset it and confirm that all network settings are restored to the manufacturer's defaults. For instructions how to reset your router, follow manufacturer's guidelines.
When you are done with all that, you should verify that your computer is no longer infected with DNSChanger. Once this malware DNSChanger is eliminated, you will not be affected when FBI shuts down the ISC's temporary DNS servers on July 9th, 2012.
Note: If you are not comfortable with any of the above mentioned procedures, it is advised to consult a computer professional.
                                     courtsey::Hoax or Fact