RSS

Category Archives: security software

Tips to stay safe Online

Tips to stay safe Online

Computer security, we all know, is of paramount importance these days, whether it be a personal computer, used solely for personal purposes or one used for official or business purposes. Every computer needs to be kept secure, especially since much of our day-to-day life today is centered around the computer and the internet. Here are some valuable tips that could help keep your computer safe…
Computer Security

Tip 1: Use good antivirus, internet security suite
This is the most basic thing. Have a good antivirus or a good internet security suite. There might be the argument that antivirus programs may not be able to keep all viruses out, but that antivirus software is key to a computer’s security is an undeniable truth. Go for antivirus software with the best of features, which would guarantee maximum security.

Tip 2: Encrypt the hard drive(s)
Encrypting the hard drive(s) in a computer makes it impossible for anyone to steal data from the system. In case the system gets stolen or anyone unauthorized gets access to the system, it would be easy to bypass the Windows password set. Encrypting the hard drive(s) would guarantee confidentiality and security of the data on the system.

Tip 3: Secure Wi-Fi Connection(s)
An unsecured Wi-Fi connection can make hacking a system is easy. A system with unsecured Wi-Fi connection(s) is always vulnerable. Hence it’s always good to secure Wi-Fi with passwords and by encrypting the connection.

Tip 4: Stay safe from tech support scams
Tech supports scams are common these days. Cold calls or pop-up alerts saying you have computer security issues and that you need to sort them out may be scams. Once you decide to seek their help, they’d offer remote tech support. Giving them remote control of your system would mean exposing all data, all files, and documents that are there on the system. Thus it’s always good to stay safe from tech support scams.

Tip 5: Browse safe, stay safe from phishing emails etc
Ensure safe internet browsing habits. Stay away from spammy websites, make payments or purchases only through secure websites and always be wary of phishing emails and links.

Advertisements
 

Tags:

Security software thwarting security of online transactions

This is news. Security software, like antivirus programs, intended to guarantee online security, could perhaps thwart the security of online transactions.

A new research conducted at the Concordia University, Montreal, Canada shows that security certificate might even make online computing less safe. 14 commonly used software programs were used for the research, conducted by Mohammad Mannan, assistant professor in the Concordia Institute for Information Systems Engineering (CIISE), and PhD student Xavier de Carné de Carnavalet. They found that these software programs, which claim to make systems safe by blocking virus and protecting data, “were doing more harm than good. “

As explained in a news release brought out by the university, “At the root of the problem is how security applications act as gatekeepers, filtering dangerous or unwanted elements by inspecting secure web pages before they reach the browser.” The news release further says, “Normally, browsers themselves have to check the certificate delivered by a website, and verify that it has been issued by a proper entity, called a Certification Authority (CA). But security products make the computer “think” that they are themselves a fully entitled CA, thus allowing them to fool browsers into trusting any certificate issued by the products.”

The research and its inferences would most likely make every computer user, especially those who carry out online transactions, sit up and think about the usefulness of having security software/antivirus that they have been using for long, on which they have bestowed maximum trust.

Says Xavier de Carné de Carnavalet, “Out of the products we analyzed, we found that all of them lower the level of security normally provided by current browsers, and often bring serious security vulnerabilities…While a couple of fishy ad-related products were known to behave badly in the same set-up, it’s stunning to observe that products intended to bring security and safety to users can fail as badly.”

The research was supported in part by an NSERC Discovery Grant, a Vanier Canada Graduate Scholarship and the Office of the Privacy Commissioner of Canada’s Contributions Program and the findings were originally presented at the Network and Distributed System Security Symposium 2016, held in February in California.

Mohammad Mannan is quoted (in the University release) as saying- “We reported our findings to the respective vendors so they can fix their products…Not all of them have responded yet, but we hope to bring their attention to these issues.””

The release also quotes de Carnavalet- “We also hope that our work will bring more awareness among users when choosing a security suite or software to protect their children’s online activities…We encourage consumers to keep their browser, operating system and other applications up-to-date, so that they benefit from the latest security patches”. He is also quoted as saying- “Parental control apps exist that do not interfere with secure content, but merely block websites by their domain name, which is probably effective enough.”

These findings would definitely be eye-openers to the vendors of online security products while they would also be informative for internet users across the world.

 

Tags: , ,

New Phishing Gameplan Targets Facebook Users

Phishing agents have found a fertile new ground to launch malware attacks. They are now targeting the world’s most popular media sharing platform – the Facebook.

This was a finding unearthed by the Comodo Threat Research Lab in January earlier this year. According to Comodo researchers, phishing agents were found to be sending spam emails to Facebook users making it look like a new message in their Facebook mailbox.

It (phishing) may not be the most groundbreaking attack method cybercriminals use — but there’s no denying that cybercriminals are becoming more clever when crafting their messages. More frequently, they’re using well-known applications or social platforms and also action-oriented language in the subject lines to entice recipients to open the emails, click the links or attachments and spread the malware,” said Fatih Orhan, Director of Technology for Comodo Threat Research Lab.

In early January, the Comodo team discovered a similar tactic where malware agents sent fake emails pretending to be from WhatsApp, attempting at luring recipients to click malicious attachments that came with the mail. Comodo researchers said that both phishing campaigns probably is a gameplan originating from the same hive of cybercriminals.

Users should be cautious of any email that requires information or that redirects to a URL Web page— and especially if there is a file download. Comodo is working around the clock to stay ahead of cybercriminals’ next moves by creating innovative solutions that protect and secure endpoints and keep enterprises and IT environments safe” Orhan added.

Orhan heads a team of more than 40 ethical hackers, IT security professionals, computer scientists and engineers in the Comodo Threats Research Lab. The team rigorously work to analyse the latest malware types and tactics, filter out spams, decipher phishing and malware messages spread all across the globe. On average, the team analyses nearly 1 million potential malicious files and emails every day and apply the insights in making Comodo security products that can deftly tackle security threats.

Being an industry leader in the information security sector, the company is trying to spread public awareness against the risks of identity theft and unsolicited data breach. During the last Super Bowl 50, the company offered free endpoint protection and secure encryption channel to the public watching the game live in the Levi’s Stadium in order to prevent rogue wi-fi hot spots from stealing their identities.

We noticed a number of rouge open Wifi Access Points in the vicinity and did a little bit of security research and found that hackers are trying to capitalize on the event by tricking people into connecting their mobile devices to these criminal hotspots to intercept their data…” said John Peterson, VP of Product Marketing at Comodo.

Related Free Security Products:

Comodo Internet Security

Comodo Antivirus FREE

 
 

Tags: , , ,

How to remove Regin Malware from your computer

A new and highly advanced piece of infectious code called the Regin was identified that has been in use to spy on companies, governments, individuals since early 2008.

This malware is known to be a cyber espionage tool and is programmed in such a way that it cannot be detected by any other sources. This malware is designed for a high end mass surveillance. Its features makes it more potential that it can be used to last for many years. It is also noticed that though its presence is identified, it is really difficult to know what it is actually doing.

Regin malware is highly flexible and it can be customized that it can steal password and other important data, infecting computers and capturing screenshots. It inhouses a wide range of Trojan capabilities. It also programs itself to hijack the point and click functions of the mouse, some of the other infections include network traffic monitoring and much more. It is rated as the top most cyber espionage tool.

how to remove Regin MalwareMost of the malware are created to strain relations between the countries. For many years, it has been heard in the news that the US and China have fought over the accusations of cyber espionage. Most of the targets of Regin’s malware mainly focuses on telecommunications companies and Internet Service providers. The malware has infected most parts of Saudi Arabia, India, Mexico and Russia.
As and when the Regin malware is installed in the PC, malware interferes the PC operations with its malicious activities that are kept hidden in the Trojan folder by the malware author. The Regin malware comprises of five different attack levels, that are concealed and encrypted, except for the first stage that initializes the decrypting process to execute the next stage. All the stages have very little information on the structure of the malware. To know about the complete working of the malware, one should analyze the malicious activity that is posed by all the levels of the malware.

Regin can be deleted manually with several steps

Step1:
To enter safe mode in Windows 7/Vista/XP, restart PC, Press F8 until the Windows 7 splash screen pops up.
There are advanced Boot options, in this case, by using the up and down keys, Safe Mode could be highlighted. To proceed further, Press Enter.
In the case of Windows 8, Press Windows Key and C, click Settings. Then Click Power, followed by pressing Shift Key on your keyboard and then click Restart.
To enable Safe Mode, Press 4
Click Troubleshoot and click Advanced options.
Click Startup Settings and then click Restart.
Press 4 on your keyboard to Enable Safe Mode.

Step2. Delete the files created by Regin.

To show the hidden and protected files,  the first and foremost thing is to change the settings of folder options, as the Trojan establishes its files in the hidden folders
To do this, in Windows 7/Vista, Clisk Start, Select Control Panel, Select Appearance and Personalization and Choose and click Folder options
Select View Tab, in Advanced Settings, select Show hidden files and then OK

In the case of Windows 8, Select Control Panel and click to choose hidden files and folders.
In View tab, Advanced Settings, choose  Hidden files and folders and Press OK
Now search for Files and Folders to delete them completely
Then search for the Trojan files to delete them completely.

Step 3: The Registry entries that are created by the Trojans should be deleted.

The Registry Editor can be opened by clicking the Start Button and typing regedit in the search field and then press Enter
Now as the Windows Registry editor opens, try to search and delete the registry keys that are probed by the Trojan.

Step 4: Once all the Registry entries and keys of the Trojan are erased. Reboot the computer in normal mode

Useful Resources:

Download Free Antivirus Software:   https://antivirus.comodo.com

Free Internet Security Software: https://www.comodo.com/home/internet-security/free-internet-security.php

 
Leave a comment

Posted by on September 9, 2015 in malware, security software

 

Tags:

Human expertise filling endpoint security holes that defunct antivirus tools no longer can

Human expertise filling endpoint security holes that defunct antivirus tools no longer can

Endpoint traffic has to be under control to sustain the security defense mechanism in today’s digital world. Though there are a wide range of security tools available, human intervention is mandatory to fix the security flaws of any outdated conventional antivirus software and to know how to protect the endpoints from Malicious attacks.

All of us totally rely on the use of laptops, tablets and mobiles almost for all our day to day needs. Its presence everywhere entails the demand for a higher fold of security that overshoots the traditional security perimeter as the conventional methods do not provide an effective protective mechanism.

Earlier days, these conventional antivirus software were a good source of protective system strong enough to defend any malware attacks. Current malware attacks / vulnerability are intelligent enough to get into the system through phishing mails. They are developed in such a way that when the target victim opens an email attachment or simply click on any of the links that the user finds it in the mail, then he/she will be highly be prone to infection.

The security attacks have possibly been increasing due to the users’ wrong practice of dealing with security issues. Most of the users have an outdated security software that makes the endpoints vulnerable to malware infections. Installing a security software is not just enough to protect the endpoint devices it is also important for the users to keep a check on the updates of the software for any latest security patches. A recent study on human behavior confirms that most of the humans are prone to the phishing emails that they get convinced and click on the attachments and the links and hence get infected. If you are looking at Protecting your Endpoints it is not about relying on the security software completely it is also important to use a proper sense of intelligence.

 

Tags: , , , ,