All posts by 007admin

ESET

Cybercrime: Top experts to form international crook-hunting force

As many as 18 top cybercrime experts from around the world will form a new Joint Cybercrime Action Task Force based in the Hague, which will target “top-level criminals” far faster than any previous force, the Guardian reports. The Joint Cybercrime Action Task Force (J-CAT) said that the new entity would allow action against high-profile criminals to move more quickly than before, “It’s not a talk shop. This has to lead to more arrests,” said  Troels Oerting, head of Europol’s European Cybercrime Center, according to V3’s report. The unit will be headed by Britain’s Andy Archibald, head of the National Cyber Crime Unit,  according to The Parliament Magazine.

Cybercrime: “This will lead to more arrests”

“The J-CAT will operate from secure offices in Europol’s HQ, assisted by experts and analysts from the EC3. The aim is not purely strategic, but also very operational. The goal is to prevent cyber crime, to disrupt it, catch crooks and seize their illegal profits,” said Troels Oerting, head of Europol’s European Cybercrime Center, according to V3. “This is a first step in a long walk towards an open, transparent, free but also safe internet. The goal cannot be reached by law enforcement alone, but will require a consolidated effort from many stakeholders in our global village. But the J-CAT will do its part of the necessary ‘heavy lifting’ and that work started today. I am confident we will see practical tangible results very soon.” The Guardian pointed to some of the difficulties facing such organizations – such as the fact that criminals such as Evgeniy Bogachev remain at large, despite being accused of major cybercrimes.

“The goal is to prevent cybercrime”

Archibald, who will head the new organization, organized a major international operation to attack the command and control servers of the notorious banking malware Shylock/Win32/Caphaw. He says that cross-border cooperation is key to success against today’s cyber gangs. The new J-CAT organization will also deal with private-sector companies and computer-emergency teams from other EU organizations to ensure effective information sharing. Mr Archibald said: “There are many challenges faced by law enforcement agencies with regards to cyber criminals and cyber attacks. This is why there needs to be a truly holistic and collaborative approach taken when tackling them.” “The J-CAT will, for the first time, bring together a coalition of countries across Europe and beyond to coordinate the operational response to the common current and emerging global cyber threats faced by J-CAT members.” “This is a unique opportunity for international law enforcement agencies to collectively share our knowledge to defend against cyber related attacks, and the UK’s National Crime Agency is proud to be a founding member”.

The post Cybercrime: Top experts to form international crook-hunting force appeared first on We Live Security.

ESET

Wi-Fi password – “one second” hack allows attackers into many routers

A push-button function on many wireless routers designed to bypass the Wi-Fi password and provide quick access to the network could allow attackers to break in in just “one second”, reports have claimed. The Wi-Fi password flaw was found by Swiss security firm Oxcite, and allows hackers to bypass the security of Wi-Fi Protected Setup almost instantly, according to Engadget’s report. Rather than making thousands of guesses at the PIN code, the attackers make one guess, based on offline calculations. “It takes one second,” Dominique Brongard of Oxcite said. “It’s nothing. Bang. Done.”

Wi-Fi password: “It takes one second”

The attack is the latest in a series of weaknesses uncovered in popular models of routers – and affects routers using a chipset made by Broadcom and another , as yet unnamed, manufacturer. In both cases Oxcite claims, it would take roughly “one second” to guess the hotspot’s PIN code. The attack relies on poorly generated “random” numbers, and is not inherent to WPS itself, just the (as yet undisclosed) router models. The researchers believe, however, that the Wi-Fi password security flaw is relatively common, and advise users to switch off the WPS function (done from any router’s set-up page) until the problem is known to be solved. Research has shown that many popular router models ship with known Wi-Fi password vulnerabilities among others, which activist group Electronic Frontier Foundation attributes to the relatively low price of the devices, and the difficulty of budgeting for proper security updates. A We Live Security guide to keeping small-office and home routers as secure as possible can be found here.

“It’s nothing. Bang. Done.”

The Wi-Fi alliance said, speaking to Ars Technica, “A vendor implementation that improperly generates random numbers is more susceptible to attack, and it appears as though this is the case with at least two devices.” “It is likely that the issue lies in the specific vendor implementations rather than the technology itself. As the published research does not identify specific products, we do not know whether any Wi-Fi certified devices are affected, and we are unable to confirm the findings.”

The post Wi-Fi password – “one second” hack allows attackers into many routers appeared first on We Live Security.

Avira

Online dating is the latest trend – But is it also safe and secure?

The Internet is new territory, apparently. To government officials perhaps, but not when it comes to finding a partner. According to a study, 30% of relationships begin online[1]. And many of those are made to last offline: in 2013 16.4 % of all new partnerships in Germany began with the couples flirting online[2]. It’s great when things work out with the neighbor, but just as searching for a partner in the supermarket, bar or swimming pool isn’t without its risks, the online world has its pitfalls too. Take untruthful profiles for example. “Men make themselves taller, women younger”, that’s what a former product manager of Yahoo Dating said summarizing her experiences. These sorts of little white lies are relatively harmless as they’re easy to spot on the first date. It gets more difficult when something doesn’t add up about the job, and the chosen one doesn’t turn out to be a doctor after all, but unemployed, in debt, and on the hunt for some funding.

Cyber scammers have created an entire industry from people’s desire to be together. The “romance scammers” search the lonely hearts sites specifically for woman with whom they initially email and call for weeks at a time to establish trust only for them to then ask for money for medical treatment, medication for mom, a trip to their sweetheart’s country or whatever it may be. The meet-up itself isn’t risk-free either. Blackmail through secretly or openly filmed sex tapes has already happened more than once, just like alleged pregnancies which nobody will ever find out about if the victim contributes to the abortion costs. While this is dramatic, generally the worst thing those who flirt online have to fear is enduring an endlessly boring evening on the first date.

Here are a few simple tips that will help guard against both dangers – criminality and boredom. On the first date, meet in public and never at your home. Tell a friend, relative or your parents where you will be and arrange for them to call you at a set time so you can give them the all clear. By the way, you can also use the call to your advantage to fake an emergency and escape a boring date early.

Spam messages from those looking for love can also end up in your mailbox through no fault of your own, and people who date online are more likely to open the wrong attachment by mistake. Not every jpg image is what it appears to be, and those ominous-looking Word, PDF, and PowerPoint attachments from romance-seeking Natashas from Belarus are also best sent directly to the recycling bin. The latest version of a comprehensive antivirus software solution like Avira Antivirus Pro, Avira Internet Security Suite or Avira Free Antivirus blocks viruses, worms and Trojans and, in the best case, also evaluates websites before you click them. This minimizes digital dangers and searching for a partner online doesn’t lead to additional risks.

You should, however, pay particular attention to potential risks posed by revealing personal information. Even if endlessly long email conversations over many weeks are rather counterproductive, you should not be forthcoming with your personal information. Before you give your address and telephone number to the person you’ve been messaging, you should be absolutely sure that you won’t regret it. It’s a good idea to have a throw-away email address you only use for dating purposes. Another good tip is to stay completely within the dating provider’s web environment as it usually doesn’t allow real identities to be inferred from online identities. Above all choose the dating provider cautiously. Services you pay for sort at least some chaff, in the form of joke or fake profiles, from the wheat. All the best for your next date ;-)

 

[1]German study “Online-Dating-Marktreport 2013/2014″ (“Online Dating Market Report 2013/2014″) – singleboersen-vergleich.de, 2014

[2]“Vom Online-Dating zum Traualtar” (“From Online Dating to the Alter”, German survey of 827 German registry offices – singleboersen-Vergleich.de, 2013

The post Online dating is the latest trend – But is it also safe and secure? appeared first on Avira Blog.

Avira

Are all data breaches created equal?

Companies both small and large have had to deal with a lot of hacker headaches recently, and for many people, news about these data breaches has caused them to change how they interact with the companies that have been affected. Not only is this bad for business for the companies, but it’s also embarrassing.

Even though revealing this information can make life difficult for the companies, it still makes sense that the public should always know about it, right? Well, maybe not. At least that’s what some executives have been saying lately.

It might come as no surprise that corporate executives would be the ones saying that not all data breaches need to be disclosed, but there are a couple different ways to look at this as a consumer that we’re going to focus on.

Tell me everything – In this situation, no matter what the hackers were able to get access to, you want to know about it. This could be sensitive data related to your password or credit card number, or it could be data about the company that’s not related to you.

Just tell me when it’s serious – Under this scenario, you’d only be notified when hackers access sensitive data about you that could be used to cause problems. Data breaches that don’t have a direct bearing on you or your privacy would not be publicly disclosed.

Which one of these options do you personally prefer? Disclosure might be the rule, but with the constant barrage of attacks that many companies have to deal with, some consumers might say that ignorance is bliss to some extent and the companies need to address their security issues privately unless there’s the chance that sensitive customer data has been compromised.

We’d love to hear your thinking on this matter in the comments section.

The post Are all data breaches created equal? appeared first on Avira Blog.

Avira

Eliminating file sharing security threats with subscription services

Quite frankly, it became an addiction. Active users accumulated thousands of songs, and before too long, this file sharing madness spread into other areas, such as movies and software.

Getting whatever content you want whenever you want it sounds great on paper, but these early networks made it extremely easy to share content illegally, and that’s what they became popular for. Even though the Napster of old and other similar applications don’t exist anymore, downloading content illegally is still a simple task thanks to torrent sites and other dark corners of the Internet.

Of course, it’s not a good idea to be involved in this sort of activity just because it’s easy. For one thing, you’re accessing content illegally, and additionally, hackers love to use interest in illegal files to spread malware. Not only do many of the files contain security threats, but the sites that are used to distribute them can also often be plagued with malware.

Thankfully, if you want to access content online in a legal and secure way, then you have plenty of options that didn’t exist in the early days of Napster. Sure, you can buy a song or movie individually, but the trend these days is focused on subscription services. Part of the appeal of file sharing services is that they can give you access to everything at once, and that’s exactly what subscription services can provide legally for a small monthly fee. There are services like Netflix for movies and television shows, Spotify for music, Kindle Unlimited for books, and the list goes on.

The truth is that many of the people who download files illegally don’t necessarily want to do it, but they feel forced to do it because they can’t access the content in the digital way that they’d like to. Affordable subscription services are turning these people into legal consumers of content, and that’s a better solution for them and the content creators. Not only is the overall quality and experience enhanced for the user, but they’ll also have a clean conscience and avoid the security threats that come along with illegal file sharing.

The post Eliminating file sharing security threats with subscription services appeared first on Avira Blog.

AVG

Back to school…for the rest of us

“You’ll never know everything about anything, especially something you love.”

–Julia Child

All across the nation, parents are breathing sighs of relief as their children head back to school.

But how about ourselves? As I’ve mentioned before, I’m a strong believer in lifelong learning. It keeps us focused, interested, and engaged. It helps our communities. And whether you want to teach or learn, there’s a place for you, either in person or online.

While I have the greatest respect for traditional universities and our wonderful community colleges, there are so many resources available online today that make it easy to stay active and engaged in learning. Back in the early 2000s when I started an early online learning company that did classes for consumers on all sorts of topics sponsored by major brands – we were a bit ahead of our time. Now technologies –specifically video applications- have evolved so much to support and make online classes truly visual, interactive and engaging.

Though we juggle our work, projects, kids and other commitments and it can be crazy, many of the online courses are self-paced, making them more manageable.  And BTW, a report by the U.S. Department of Education has found that classes with online learning (either solely or as a component) on average produce stronger student learning outcomes than do classes with solely face-to-face instruction – especially among older learners.

Here are some of the best distance learning apps and sites that I’ve come across. These can be used whether you want to share your knowledge or want to learn…or, ideally, both! Here are five I recommend, with a bonus thrown in for good measure!

 

Canvas

Canvas is an open source platform for online collaboration that’s designed to be easy to use. It’s free and used by more than 800 colleges and universities. A sampling of courses shows a wide range of diverse material from “The Great Depression to the War on Terror,” a history course presented by a Seattle Central Community College Professor, to “Parenting in the Digital Age,” a course by the director of technology from an Indiana school district. These self-paced courses include video lectures, discussion forums, group work and more. Canvas’ motto is Keep Learning, something I think we can all agree with!

Coursera

The Coursera online portal also hosts classes from major universities around the country and the world, basically providing a way for you to learn at your own pace or audit classes from the comfort of your desktop. It currently boasts 9 million students, 737 courses and 110 partners, with both free and paid courses. In its specialization area you can take a group of courses, for example, to earn a Cybersecurity Certificate from the University of Maryland (for a fee). They also offer financial aid, by the way!

ePals

ePals says it’s “where learners connect”. It maintains a community of collaborative classrooms engaged in cross-cultural exchanges, project sharing and language education. It’s a sharing site that offers a way for groups of students around the world to be matched up and paired with other classrooms, and allows teachers to create their own projects or collaborate on others. It’s all about learning through experience.  I think this site is what the future is going to look like…at its best: People all over the world sharing knowledge together.

edX

edX is one of the leading sites for accessing free, open online courses. Harvard and MIT founded this platform, and offers classes from those amazing institutions, as well as classes from a growing list of partners. One course coming this week that caught my eye is UT Austin’s course on “Ideas of the Twentieth Century.”

iTunes U

Apple’s site and app for online and connected learning, iTunes U provides thousands of audio and video courses on-demand and the world’s largest catalog of free education content. You can access learning and presentations from many top schools and universities worldwide, including Stanford, Harvard, MIT and more.

 

And now for the bonus…

Don’t have time to commit to a class this fall? There’s an awesome YouTube presentation featuring Carl Sagan, Arthur C. Clark and Stephen Hawking here about “God, The Universe, and Everything Else.” Now that’s education in less than an hour.

Happy back to school, everyone!