Online PC Support

OPS Technical Solutions : +1877-770-0433

Welcome

Google™ warns 20,000 websites that they might be hacked

The owners and webmasters of around 20,000 websites have been warned by search giant Google of possible attacks by hackers. The warnings were sent to the owners of those sites, which according to the head of Google’s anti-spam team Matt Cutts were doing the so-called weird redirects.

“Is your site doing weird redirects? We just sent a ‘your site might be hacked’ message to 20,000 sites,” said Cutts in a Twitter post.

A link that contained a sample of the message that Google sent to the affected webmasters and site owners was also given along with the post. An English translation of the warning says, “we are writing to let you know that we believe some of your website’s pages may be hacked.”

“Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites,” it added.

The websites were also warned that server configuration files could also have been affected. “As a result of this, your site may be cloaking and showing the malicious content only in certain situations,” warned Google.

Linux® distributor security list destroyed after hacker compromise

Although Linux has been termed as a secure OS, kernel level malicious attacks can still happen. This is not the first time that the Vendor-Sec distributor security list has been compromised. It happened earlier in 2005 also. Is Linux just as vulnerable as any of the other available operating systems, is a point of discussion.

At the root of it, let us be sure of one thing, practices of the users clearly define the vulnerability of any operating system. We can only say that compared to the Windows platform, the Linux platform has suffered really very minimal attacks. What matters most is the security standards, or rather the lack of it, when defining how secure an operating system can be. Linux is neither intrusion proof, and is definitely not hacker proof. Linux is only extremely difficult for unauthorized entrants to break into.

Linux comes with a whole set of repositories as a part of the standard. If you are careful enough, not installing anything outside of the standard set of repositories, and you are quite safe. Regular updating is a must. The only difference between Linux and others is that the response time for the open source community, patching up of security holes, is extremely fast. Consider this the real beauty of Linux. Besides patching of holes, updates and fixes are rapidly sent out, minimizing whatever damage has been caused, very quickly.

Principally, being a multi-user networked system, the Linux is basically better on security. Linux was basically built to deal with potentially hostile environment. Only last week we saw the Ubuntu and their Linux kernel problems affecting quite a few versions of Linux.

It is absolutely essential that a very careful configuration of your firewall is done. Activating various filters and not allowing remote administration features and tools, can make the Linux environment safe and secure.

How to make the best password

The use of good and hard-to-guess passwords can make it difficult for a malicious hacker to break into your computer account. This article will enable you to make the best passwords.

Avoiding predictable keywords and using different methods to introduce variety into the passwords makes it easy to remember them but virtually impossible for others to guess them.

For keeping a password you can select a theme or some kind of date or event which you remember and would remember always. It can be like your date of birth, or your anniversary, or your cars number, or something related to your job or employer. Even if you are choosing to keep such passwords still do not use them as it is but use them with some alterations. Like your birthday should not be use just like 26121980(if it is on 26th Dec 1980) but you should change it to something like 12261980, so that even if someone tries to guess they could not do it easily. It is also good to mix number, letters and special characters in your passwords. According to a calculation if you have a 20 character long password which comprises of special characters, numbers and alphabets, then it will take around 20 years for a super computer to crack it using brute force technique. So just imagine how strong your password can become if you just add some special characters to it.

Another way to make your passwords strong is by using some words in upper case and others in lower case. For example write “PassWord” in plase of simple “password”. For passwords the upper and lower case letters are treated differently and so it just squares the permutation count for a hacker. If you password has only lower case letters then possible combinations can be 26^2, but if we add some upper case letters then the possible combinations can be 52^2. Interesting! Isn’t it?

Many sites or network policies ask you to change your password every month or after a regular interval of time. While changing the password make sure that you are not creating a series unintentionally. You might be using Robert1 as password and next month you can use Robert2. Such practices should be avoided. You can check the quality of your password by entering the password at SecurityStats.com. This Web site performs the calculations based on complexity and “guessability” of your password and tells you how good your password is. Remember that your password is transmitted over Internet in an encrypted format, so that you should try similar passwords instead of your actual passwords to get an idea of the characteristics of a good one.

Organizations are riffed with guest accounts, accounts with no passwords, group accounts, a lack of password expirations, passwords that can be easily guessed and opportunities to exploit technical weaknesses. With all these easy opportunities, computer accounts with good six-character passwords are only a trifle.

According to our point of view, the information sector professionals need to focus more on compliance of good user-account hygiene than the length of passwords.

Realizing Vulnerabilities: Addressing Malware issue in Linux

Linux is very popular for its open source programs as well as servers. It can be installed in a variety of computer hardware. In recent years, the Linux OS market share has been increasing steadily with the rising popularity of net books and smart phones using Linux. Of course, there are some limitations and vulnerabilities associated with the OS like the lack of patch management for the OS and even outdated applications. However, just recently, there has been a wakeup call for the Linux team!

Impervious

Linux is not impervious to an attack or a compromise. However, the Trojan in question is present while downloading that should not have any bearing in a business environment. Linux has been very complacent over the years about their imperviousness to a malware attack, until this year.

The score behind Unreal IRCd

One file of the mirrors in Unreal IRCd has been replaced by a backdoor Trojan. This kind of Trojan is capable of allowing a hacker to execute any kind of command with the privileges of the user running IRCd. This command can be executed albeit user restrictions like passwords.

Unreal IRCd is an internet relay chat program for the shooting game. Since it has been downloaded many times already, there is a big chance that a big number of Linux systems are compromised with the Trojan.

Less risk for businesses

Since the Unreal IRCd is a game and is not allowed in business settings, it should not be a problem for businesses or at least the risk should not be that threatening. However, it is essential to address the fact that possible attacks are clear and present! Given that there are hidden doors to vulnerability; businesses could be safe now, but probably not in the future.

Since Linux has overlooked the problem and it is not holding a considerable OS visibility, makes the users very vulnerable to attacks since security programs are geared to the majority of the computer users utilizing Windows OS.

Experts take responsibility of the vulnerabilities of the OS and its programs. The difference is the way the OS has been written and if there is any vulnerability, the issue could be addressed in a matter of hours. The reason to this is that it is very hard to exploit the vulnerabilities of Linux.

Creating solutions

  • Although there could be a sense of security for Linux users and the IT administrators, it is still best to underscore the importance of being vigilant. Unreal may have been the program that was initially compromised but sooner or later, there could be other programs that would have the same or even greater vulnerability.
  • Constant protection, maintenance and checking are essential to prevent possible attacks in the future.
  • A Linux user should implement security measures as in a Windows OS to ensure that the system is not compromised for months by a possible Trojan that could be lurking in the system.

How to Turn ON or OFF a Firewall in Windows XP Service Pack 2

A firewall is a software that is configured with a set of rules that will determine the flow of data to your computer from the Internet. Some major organizations use firewall to block certain data that is confidential to that organization. It serves as an application for security of digital information in such major organizations which is stored on the computer. Firewall is essential even for individuals in general. A hacker can easily get access to your computer through the internet if you do not have a firewall. The other danger of not having a firewall is that your computer can get affected with virus. SO it is of utmost importance that one should have a firewall in their computer.

How to turn ON the firewall

 

To turn on the firewall of your computer that is to enable it you should follow the following process. First of all click on the Start Menu. Once you do this then click Run. A window will pop up. In this window type Firewall.cpl and click on the button OK. A new window will pop up. In this window select the tab General. After this select ON and the last step to turn your firewall on is to click OK.

Incase you do not find any of the tab available it means that your computer might have a policy against running a firewall. It might also be possible that your computer might be running a third party firewall. In such a situation it will be highly recommended that you contact your system administrator.

How to turn OFF the firewall

 

The following process is to be followed when you want to turn off your firewall, that is disable your firewall. A word of caution before you disable your firewall – You should always disable your computer from all the networks it is connected to including the internet as disabling the firewall without disconnecting your computer will leave it exposed to attacks from other networks.

This is the process to disable your firewall. First of all click on the Start Menu. Once you do this then click Run. A window will pop up. In this window type Firewall.cpl and click the click on the button OK. A new window will pop up. In this window select the tab General. After this select OFF, and the last step to turn your firewall off is to click OK.

The above mentioned processes to turn off or turn on the firewall are only for Windows XP SP 2 and SP 3. But this process is not for the earlier versions. It is always advisable to determine which version of SP you are using.

Service pack 1 is outdated!!!! Upgrade your Service Pack. To determine which Service you are currently using, take the following steps:

Incase you wish to upgrade your Service pack you should first determine which Service you are currently using. Following is the process to determine which service pack you are using. First click on the Start Menu. Then select Run. A window will pop out, in this window type sysdm.cpl and click OK. There will be a new window which will have a lot of information. The last line of this information will show you which service pack you are currently using. If the last line does not mention this then it is assumed that you are running the release version of Windows XP.

For users who are running a Windows XP release version or are using Windows XP Service Pack 1 you should update to a higher version as soon as possible. These versions of Service Packs are completely obsolete. Please upgrade.

AT&T iPad 3G Data Breach

The news of investigation by the Federal Bureau of Investigation on the recent data breach on the new iPad with 3G connection by AT&T has been released. The release of this information has taken the world by storm because of the implications of this news. The news was confirmed to the Wall Street Journal on Thursday by the FBI. However, according to FBI, the case is still in its primary state. This information that the case is in the primary stages of investigation gives the company enough time to think of an adequate response.

Hacking as a cause of the security breach

AT&T hold the exclusive right for the 3G connections in the iPad, like all other products by Apple that needs a connection for internet service. A group of black hat hackers, calling themselves “Goatse Security” obtained the list of email addresses of 3G subscribers of iPad on last Wednesday. They took over more than 114,000 email addresses and iPad ICC-IDs. This they did when they hacked the website of AT&T.

How they hacked the system

After entering the serial number of the SIM card into the website, they were automatically able to generate a new email address for each user. The hackers used script language to pull out the email addresses based on the possible serial numbers; and that gave the whole list of the email IDs.

Whose information was hacked?

No other information except the email addresses were gained and AT&T already shut down the service. They mailed to each customer stating their apology for the incident. Some of these customers hold important position in the government and military as well as several officials of NASA, FAA and FCC. There are even some CEOs from large scale multinational organizations. This has brought a whole new meaning to the situation. If the company had lost some of the information of some common people at a random, then it would not have caused such a big furore, but since many of the people who lost their important personal details are high profile people, it is to be investigated to see if there is some sinister plan like a terrorist organization trying to get important information.

FBI handling the case

Any breach of security is a serious crime and when the national security is involved because of the high profile nature of the crime, there needed to be prompt action that was seen to be a deterrent to further attacks. Due to the severity of the crime, the FBI took over the case. According to Katherine Schweit, the spokesperson of FBI, the agency was always aware of these possible intrusions that could occur through the computer and had opened an investigation as soon as there was some inkling of doubt about the actual intrusion. She did not give any details on the possible suspects.

However, it is clear that Goatse Security is the first suspect and FBI will take a closer look on their recent activities as well as keep an eye on the present actions so that they are under their watchful eyes.

Call Now: +1 833-522-1003
Call Now: +1 833-522-1003
Call Now: +1 833-522-1003