Every day we read about an incredible number of successful attacks and data breaches that exploited leak of authentication mechanisms practically in every sector. Often also critical control system are exposed on line protected only by a weak password, in many cases the default one of factory settings, wrong behavior related to the human component and absence of input validation makes many applications vulnerable to external attacks.
Today I desire to focus the attention of a report published by the consulting firm’s Deloitte titled “Technology, Media & Telecommunications Predictions 2013” that provide a series of technology predictions, including the outlook for subscription TV services and enterprise social networks. The document correctly express great concern of the improper use of passwords that will continue also in 2013 being causes of many problems, it must to be considered that value of the information protected by passwords continues to grow attracting ill-intentioned.
The report focuses the need to reconsider password management processes in the light of technological contexts that we will before Duncan Stewart, Director of TMT Research, declared: “Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust,” “But these can be easily cracked with the emergence of advance hardware and software.”
he Internet is a vast expanse and there’s a ton of information out there, most of it is legal, while some of it is illegal. Unfortunately, due to a number of reasons, sites that have content that may be in the clear might also get blocked by either the authorities, your ISP or sometimes even your office network administrator. Gaining access can be considered to be a very technical and complicated process, but it really isn’t. We’re going to look at some of these ways to unblock sites. Most of these techniques are really simply, while a couple of others might need more than a minute or two to get running.
1.Unblocking by changing your DNS server
A DNS server is like an index, with a list of domain names – such as YouTube.com, Tech2.com and pretty much every other site on the Internet. When you type in a website address in your browser, your computer sends a request to the DNS server and it tells you the IP address for that site. One of the easiest ways for ISPs to stop access to a particular site is by removing the entries for the sites that need to be blocked. ISPs can choose to redirect the request to a different site or a notice page as well.
However, there is a way around this. There are free, fully open third-party DNS services run by organizations and other ISPs. The most popular ones are run by Google and OpenDNS. All you need to do is change your DNS server settings to theirs. In a typical Windows 7 system, head over to the Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings. Right click on your network adapter, click on Internet Protocol Version 4, click on Properties. Click on the Use the following DNS server addresses and enter the DNS server of your choice. Google’s DNS addresses are 184.108.40.206 and 220.127.116.11, while OpenDNS’ are 18.104.22.168 and 22.214.171.124. Click on OK to save the settings and reboot your PC.
2.Using browsing proxies
Browsing proxies are services that allow you to use their Internet connection, thus bypassing most of the restrictions setup by the ISPs or the network administrators. There are plenty of these on the Internet that can be accessed through your browser. All you need to do is access them and enter the URL of the site that you want to access in the address bar provided by the site. All the requests will then be channeled through that browsing proxy server.
The only downside to this of course is that if the browsing proxy itself gets blocked by your ISP, you’ll have to find another one. Some of these browsing proxies, depending on how popular they are, can be slow to access. A quick Google search for ‘anonymous browsing proxy’ will give you a long list of services available on the web.
3.Using Google cached pages and Google Translate
One of the simplest ways to access text content on blocked pages on the the web is using Google. The popular search engine maintains a cached mirror of most of the popular web sites. When you search for a particular site on Google, look for the cached version of the page by clicking on the >> icon on next to the search result. A linked called ‘cached’ should be available there. Clicking on it will load the cached version of the page. This mirrored content is refreshed quite often, so you won’t be left with outdated content. The downside to using this technique is that you may not be able to use interactive content, such as Flash and streaming media. Even sites that require login and passwords will not work.
Another way to access content is to use Google’s Translate feature – it’s accessible athttp://translate.google.com. The service allows users to translate text from one language to another. However, if you enter the URL of the site you want to view, choose the page language as anything, but English and the translated language as English. You should be able to view the blocked site in English.
The most popular and easy to use tunneling service, is called TOR. It’s a software that connects to a network that claims to offer anonymity on the Internet. Of course, you also get open access to web sites. Head over to the TOR site and download a copy of the software for your operating system.
Once installed, the program should run and connect to the TOR network. It should also install a plug-in for your browser. For example, in Firefox you should be able to enable or disable traffic from being channeled through the TOR network, giving you open access to the Internet, all by a click of a button.
5.Using a VPN
Using a virtual private network or VPN, as it is popularly known is a more secure and concrete way to access the web. The system works by setting up a connection that is channeled through your ISP, through to a VPN service or a computer that has open Internet access. Using this technique, you should be able to access the web freely with no restrictions on sites, keywords, services, etc. Unfortunately, VPNs are a bit more complicated to set-up. For one, you will need to find a free, open service service that allows VPN connections or you might need someone with an open connection to allow VPN connections to be made to his or her system.
Most consumer versions of the Windows operating systems come built with a VPN server that allow one client to connect. To use this, you’ll have to add a new VPN connection through your Network Connections feature in Windows and enter the authentication as set up by the person running the VPN server. Setting up a server is also relatively easy. One of the ways to try it is by running a VPN server at home and connecting to it via your mobile device, notebook or PC at work. If you’re an advanced user and want to share your connection with multiple PCs and devices, check out OpenVPN. Another alternative is to use one of the freely available VPN programs, such as Hamachi and set up a proxy on the remote PC with an open Internet connection. There are also a whole bunch of free VPN services, such as ProXPN and CyberGhost available on the web, however these are likely to have download or speed restrictions.
6.Some others are
UltraSurf is the free small software of UltraReach Internet Corp. It enables users to browse any website freely just the same as using the regular IE browser. This is very easy software to use. User can easily access any kind of website anywhere in the world because this small software breaks all the walls. the software enables users to bypass using HTTP bypass.
Hotspot Shield VPN is the ultimate Internet security solution that secures your browsing session, detects and blocks malware, protects your privacy and allows you to access blocked sites. Hotspot Shield is available both as a free VPN and a paid Hotspot Shield Elite subscription.
Original post at –Tech2.in
Thanks for reading. hope it might helped you.
Summary: Hacktivist collective Anonymous has withdrawn support for whistleblower site Wikileaks.
In its latest attempt to gain funding, Wikileaks has erected a paywall for users who wish to access the Global Information files. Hacktivist group Anonymous does not approve.
The whistleblower website, a proverbial dumping ground for classified documents from the U.S. and beyond, has been in financial trouble for some time. The controversial nature of the site has resulted in both Mastercard and Visa withdrawing payment support, as well as a stop placed on donations sent via PayPal.
In 2010, the loose hacktivist collective sprung to the site’s defense when the payment parties barred Wikileaks. Those days may now be long past.
What’s the issue? A paywall — coding that prevents an online user from accessing a website or service without paying for it first. Implemented October 10, if you attempt to access the Global Information files, you are faced with such a system. Proudly declaring “In this election, vote with your wallet – vote Wikileaks’, you are required to donate before being granted access. Interestingly, you can pay by Mastercard or Visa.
We have to keep in mind it is only this portion of the site which is behind a paywall, and not Wikileaks itself. However, Anonymous has taken issue with this step to raise money, and hasreleased a statement in return.
After an angry exchange on Twitter between Anonymous and Wikileaks, the paywall was removed for a short period of time. However, it returned on the 11th — prompting the hackers to retaliate, believing they have been “betrayed” by such “rabid scrounging for money”. The group’s statement argues that “Anonymous has been a steadfast ally of both WikiLeaks and Assange”, and many Anonymous members have been charged or arrested for their support — but no Wikileaks staff members have ever been charged or imprisoned.
The hacking collective insists it will not attack any of the Wikileaks web assets, as the site is considered a media outlet. According to the group, any future attacks on the site attributed to them is a “lie”, but what they can and will do is withdraw support not only for the whistleblower site, but for Julian Assange — who is currently taking refuge in the London-based Ecuadorian embassy.
Original Post at Zdnet
Thanks for reading. hope it might helped you.
The Top 5 Cyber Security Threats That Could Affect Your Life–
Our electronic devices are such a big part of our lives today that it’s hard to imagine what we once did without them. But our constant use of technology to keep in touch, pay bills, stay on top of the news, shop and research things has a downside: Our data can be exposed to criminals who commit crimes such as identity theft and credit card fraud – unless we take the proper precautions. Our growing reliance on electronic devices is part of the reason why careers in cyber security are growing at a faster pace. Jobs in information security, web development and computer network architecture – three fields at the forefront of cyber security – are expected to grow 22% between 2010 and 2020. Understanding the threats can help everyone do their part to make those jobs easier. Here are five top cyber security threats and tips on how to protect yourself against them, according to experts.
1. Malware and Bots
If you’ve ever spent a frustrating afternoon calling a help line to tackle a computer virus, then you know how pesky malicious software – or malware, for short – can be. Malware also includes nuisances like spyware, which allows digital hackers to track your every move and to view the passwords you are entering, according to the National Cyber Security Alliance, an organization focused on educating the public about how to use the Internet safely. Typically consumers get tricked into downloading malware by accident, when for instance they click on a rogue website or try to download what seems to be free software, like a screen saver. When criminals use malware to take control of individuals’ computers remotely to perpetrate financial crimes or attack computer networks and websites, the setup is known as a botnet.
Further, “malware can be spread by your Friends on social networking sites like Facebook,” says, Linda McCarthy, cyber security expert, former senior director of Internet safety at Symantec and author of Own Your Space: Keep Yourself and Your Stuff Safe Online. You need to think about that link your Friend is telling you to click on. Is that really a Friend sending that link, or was their account compromised? Don’t click on suspicious links, McCarthy warns. Spreading malware on social networking sites is growing at an alarming rate. “Even though social networking sites have systems in place to minimize the risk, you are still the first line of defense in protecting yourself. It makes sense that malware writers target social networks because you are likely to trust a link that came from one of your friends,” she says.
You already know that “spam” is the email equivalent of junk mail. But it can do more than clutter up your inbox. Some of these email missives can contain a link or an attachment prompting you to download a computer virus. They can also be used to defraud those close to you. For instance, someone who has hacked into your email account can send a message asking every one of your contacts to wire money because you are in distress – and possibly rope in a few people who aren’t familiar with this common fraud. The CAN-SPAM Act was set up to protect consumers from deceptive email messages, subjecting senders to fines of up to $16,000 per violation.
One common way for identity thieves to gain control of consumers’ personal information is through digital crimes known as “phishing.” In this practice, fraudsters create an email that looks like it was issued from a legitimate company. They will ask for a recipient’s personal information – like an account number or a password – and then use that information to commit financial crimes, such as opening fraudulent charge cards in a consumer’s name and running up big bills on them.
“Phishing scams are successful because they use social engineering techniques to gain your trust,” says McCarthy. For example, one scam claims to be a relative traveling in another country reaching out for your help. It’s an email from your nephew. He was mugged, lost his wallet, and he needs you to wire him money right away. “It’s a natural reaction to want to help someone in trouble. That’s what the phishers count on. Beware of social networking techniques and be sure to protect your accounts,” she adds.
4.Unsecured Home Wireless Networks
Many of us have converted to home wireless Internet networks to connect our TVs, smartphones, laptops, computers and tablets. And why not? It’s very convenient. But with these home networks come risks. Without certain protections, cyber criminals in the area may be able to access the Internet through your network and possibly gain access to your computer and other devices.
5. Data Gone AWOL
Given all of the places where we tote mobile devices such as laptops, tablets and smartphones, it becomes very easy to lose them. If the data on those devices falls into the wrong hands and isn’t properly protected through techniques like encryption (the process of masking information using an algorithm, so that it becomes unreadable), it can be a field day for cybercriminals. It’s not just consumers who lose data. Forty-five percent of data breaches at companies are caused by lost laptops and mobile devices, according to a 2012 study by the Ponemon Institute, a research center based in Traverse City, Mich., that is dedicated to consumer privacy, data protection and information security policy. Even use of YouSendIt, Dropbox and other Internet-based file-sharing tools by employees – now a common phenomenon – raise the risk that confidential corporate data will be leaked, according to Ponemon.
But even if devices don’t get lost, it’s possible that in using them we’ll fall prey to cyber criminals while checking emails in an airport lounge using Wi-Fi on a smartphone, or while reading on a tablet over a mocha latte in a café.
“With all of your devices and more to come, be sure to have a backup strategy,” advises McCarthy. Many of the security software packages now include backup as an option. That won’t help with all of the data on every device, so be sure you plan and back up all of your important devices. There’s no telling what types of devices will be part of our lives years from now. The tech explosion presents immense opportunity for those with the creativity and know-how to make the gadgets we use better and better – and to simply keep them running smoothly. In the meantime, building a few smart cyber security habits is a good way for all of us to enjoy the technology we use every day with few hassles.
Advances in technology are not likely to slow down in the future, nor is our increased reliance on the fruits of that growth. New security threats will be a constant reality, which makes it more important than ever that skilled individuals step up to fill the increasing number of jobs available in cyber security, and that those who choose other career paths take steps to protect their own security.
Original Post at http://www.devry.edu/know-how/top-5-cyber-security-threats-that-could-affect-your-life/
Thanks for reading. hope it might helped you.
One of the ‘The Hacker News’ reader inform us today about porn content on some Indian Government websites. After analyzing such websites, we came across more than 30 sub domains belongs to ‘entegramam.gov.in’ . Where ‘entegramam’ means “My village” and all sub domains of this website are names of the different cities of Kerala state.
The websites are in Malayalam language and most of the sites are powered by Joomla and Drupal (older vulnerable versions) with discussion forums on them. On our further analyze we found that time stamp of the Porn articles posted on forum dated back to “2012/08/30 16:00”.
That means, Government websites hosting Child Porn content from last four months and authorities or the moderators of the website are not aware about the issue. On a simple Google search, one can found all such pages : site:gov.in “nude” for further reports and analyzing.
Running responsible Government websites without monitoring or moderators is not a good security practice at all. We Request authorities , if you host something – please moderate them.
Thanks for reading. hope it might helped you.