Recent Internet Security Threats and Predictions for 2009

Like the growth and latest developments in the technology, the worldwide internet security threat activities are also on increase. Since the day the Internet emerged to till date, the users are vulnerable to attacks by one way or the other. Though there are advanced internet security software technologies growing on the parallel side to crush or kill those internet security threats, till the spammer and the phishers are not ready to give up and continue with the phishing attacks, network-attacks & spamming by giving out malicious i.e. malfunctioning codes. Likely this sounds as a “Chase and Run” of the internet security software providers, the phishers and the spammers.

To point out, most of the internet security threats including the recent threats for 2008 is due to the malicious activity. The malicious attack or activity not only include malware attack activity but also includes phishing, pharming attack, zombie, virus, spam, malicious code, command and control over server activities and so on. The question is why these (PC’s / Computer) systems are prone to such kind of attacks? The answer is pretty simple, because they are vulnerable i.e. Susceptible to attack. So the solution bought to overcome this kind of Vulnerability is the Intrusion Prevention System, IDS in short. The IDS is nothing but the Access Control Software namely a Firewall, which prevents an intruder from entering into your system using spam bots or any other means.

The most recent on-going internet security threat attacks, where consumers use to fall prey are the data breaches which lead to identity theft. This identity theft is done when the Web browser or the plug-in or the Web application is vulnerable. Also nowadays hackers use site specific and do cross site scripting to acquire the confidential information of a user. This kind of cross scripting is done mostly for the banking sector. To resolve this kind of website or web browser vulnerabilities, the SSL (Secure Sockets Layer) certificates are being implemented to have a secure session where the website address beings with Https:// instead of Http://. Later the EV SSL Technology i.e Extended Validation SSL certificates have been initiated by a internet security software development company, known as Comodo, which formed the CAB Forum i.e. Certification Authorities and Browsers Forum to provide High Assurance stringent validation certificates. After such a hard time defense against the Zero-day attacks, patch development vulnerability, phishing attacks, pharming attacks and malicious code attacks till date of 2008, now security professionals and analysts have started working out for the internet security threat predictions for the year 2009.

As far as the prediction made, there would be more and more internet security threats would be similar to the recent threats along with the form of virus, worms, and spam bot-infections etc. And most of the attacks would be made by the phishers sector wise which involves huge financial transactions and mostly using the cross site scripting. Also Phishers have begun targeting the top countries and host companies which may result in severe attacks in future. So unless and until the user, let them be a consumer, bank, institution, or a corporate know about the vulnerabilities prevailing, the attacks can’t be prevented. So consumers need to be educated on the security measures and the authentication models before they become the victims of identity theft or network attack. To be on the safer side corporate’s also need to prevent themselves and protect their consumers to have a good business.

Written by - R.Yuvaraj
www.ezencrypt.com
www.jobsntech.com

Internet Security Principles in Banking Technology & Recent Phishing Method

Recent IT trends has given special focus on the internet banking security principles inorder to prevent consumers falling prey to the phishers while banking online or involved in any such financial transactions. Recently the banks has been providing their customers with certain Online Banking Security Guidelines while opening an general banking account or Online banking account as a measure of creating online banking security awareness among their consumers.

It is evident from the most recent phishing attacks worldwide that online banking constitutes different risks for which the banks have to take some countermeasures to safeguard their consumers from such kind of internet security threats. The banks also need to be ready to identify the treat and defeat them as well as if there is any such incident that happens in spite of such kind of internet attacks (eg.hacking) the bank should be ready to respond to it immediately by either disruption of banking services, before the hacker can use or materialize that information which the hacker hacked from the online banking user (i.e. Consumer / Banking Customer).

Deceptive phishing has been the recent online banking threat, where a mail is being to sent to your inbox, claiming that its from the bank (which the user holds an account with), and states due to some reason like up gradation or some change you need to sign in to your account using an website, which is being linked to the hacker’s server. Once the user without verifying the security credentials logs in to the account, all the information including the transaction password would be re-directed to the phishing server, and the the hacker uses the information and steals the money from your banking account. For example, recently I received many emails to my inbox claiming to be from Axis Bank but they are not, asking me to upgrade the account. Some time back I got an mail from UTI Bank – Now Axis Bank, regarding the same, which means the phishers are updating all the logos, etc on a regular basis to make us fall in their cage. But we ought to check out the security credentials such as pad lock, the website address in the address bar, if via email, whether it is really from the bank or so on. Also read about the fraudulent email which I received sometime back from UTI Bank – Now Axis Bank, and again I received similar kind of email from Axis bank with the updated name. Here’s the link for you – UTI now Axis Bank Fraudulent Email.

Also I wish you would be interested in getting some free software download as a measure internet security & Personal Computer Security visit www.ezencrypt.com and also buy your SSL certificate now at cheap costs here.

Enterprise Information Security and its Standards | ISO and CMM Cerfications | VPN and Enterprise Security Softwares

Enterprises today are experiencing a pressure to comply with information security and practice safety standards such as ISO (International Organization for Standardization) to reduce the potential liability in the event of serious security issues– let it be Physical Security or Online Internet Security. Also see Past, Present and Future of Internet Security. So inorder to maintain the information security in the organizational standards, the enterprises has to follow certain rules and regulations given by the International Organizational Standards to ensure that the information security requirements have compliance with statutory regulations of the Company.

Those include so many security measures that needs to the covered by the organization, which is given by leading security control sectors which establishes certain guidelines and general principles for initiating, implementing, maintaining, and improving information security management and the objective outlined which provide general guidance that is commonly accepted goals in an Enterprise’s information security management such as Enterprise Security policy which include information security; asset management; human resources security; physical and environmental security; communications and operations management; access control; information security incident management; compliance and much more.

When it comes to Technical / Online Internet Security, it should compliance with regulations and standards of the enterprise. In an Enterprise the systems are more vulnerable to number of threats to which some of the preventions tools and software needs to be implemented to protect intruders entering in your system. This kind of information security is achieved by implementing a suitable set of controls, which include policies, processes, procedures, organizational structures, software and hardware functions. Such kind technical security controls can be executed by the workstations, servers, enterprise security software tools, routers, switches, firewalls, and other systems that comprise our IT networks and the Internet that enable you to automate your security policies that grant you access and privileges of identification and authentication, logging and auditing to provide high level’s of security regulations and standards.

Also some of the security measures which you implement in transferring the information, Website Security using SSL (Secure Sockets Layer), EV SSL, VPN’s (Virtual Private Network), Firewall, Anti-Virus and common sense of understanding the SPAM, Palm Security and other security tools will help your organization to grow into a SECURE successful Enterprise or Organization. Also visit http://www.ezencrypt.com/

Download your Linux based Comodo Trustix Enterprise Security Product for free at http://firewall.trustix.com/small/ and also learn more about Enterprise Level Internet Security at http://kriskarthik.blogspot.com/

UK Requirement – Bill Gates is Sharing His Fortune eMail - SPAM Emails

I have made my previous posting regarding the spam stating nirosha silva , it has been since long time the mail has been in circulation. Still the next SPAM email states its being from Microsoft, with the subject UK requirement which states that “Bill Gates is sharing his fortune” But this is again an SPAM / Fradulent email where many of the people using the internet, forward this kind of mails to their friend and relative, thinking that they would be earning more. But they realize finally that its an mail from a fradulent email. Here’s the mail which I received again from some of my friends. So inorder to educate about these kinds of SPAM emails I have made his post again. Here’s the mail I received stating that For every person that you forward this e-mail to, Microsoft will pay you $245.00. I got this mail some 3 years ago, and still I am receiving it from my friends till now once in 3-4 months or so, which is still in circulation.

From: Originated from someone (email address not available)

CC: sent to so many people (inculding me)

Subject: UK Requirement

Dear Friends,

Please do not take this for a junk letter. Bill Gates is sharing his fortune. If you ignore this you will repent later. Microsoft and AOL are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and AOL are running an e-mail beta test.

When you forward this e-mail to friends, Microsoft can and will track it (if you are a Microsoft Windows user) for a two week time period.

For every person that you forward this e-mail to, Microsoft will pay you $245.00, for every person that you sent it to that forwards it on, Microsoft will pay you $243.00 and for every third person that receives it, you will be paid $241.00. Within two week! s, Microsoft will contact you for your address and then send you a cheque.

For your information:

There are billions and billions of people who use Microsoft service worldwide, then why does Bill Gates wanted to share his fortune. Also a small wonder if Microsoft is going to give $245 to the person who sends the mail, will the company exist if the mail is being forwarded to all the Microsoft users? :) J

So don’t get fooled by these kinds of fake emails, Microsoft would be no way responsible if are being cheated by these kings of fraudulent emails.

I would like you to visit my “Try to understand what is SPAM” posting, to have a clear understanding on what a spam mail is and how it needs to be elimated. Also if you are a victim, just post my link in your email, and send this to friends to educate them about the kinds of SPAMS. I wish you to go through my entire blog to understand about Internet Security and the latest technology to encounter the frauds who steal your identity - which we term as Identity Theft or Phishing attacks. Be Safe and Secure Online – Happy Browsing!

To prevent from virus attacks in your computer, install an Antivirus software and if you are frequent internet user try to download internet security suite

Latest Technology News & Developments in Comodo

Comodo NewsWire ( http://comodonewswire.blogspot.com/ ) was started to let Consumers / Customers to know about he latest happenings in Comodo. Visit http://forums.comodo.com/ to know about the products which are being developed and is going to be Developed as per the Comodo Security Experts and the views/suggestion of our Valuable Customers/Consumers. Here is an small brief about Comodo.

Comodo, through its group of Internet security companies, is a leading Certification Authority and global provider of Identity and Trust Assurance services on the Internet. Comodo secures and authenticates online transactions and communications for over 2,000,000 businesses and consumers.

With a global presence Comodo offers businesses and consumers third-generation solutions for intelligent security and authentication technologies that create trust online. Comodo's technological expertise includes PKI digital certification, Code signing certification, integrated authentication infrastructure services, Web Content authentication, Secure messaging solutions, PCI compliancy scanning, SSL digital certificates including our flagship InstantSSL brand, HackerGuardian, Banking solutions including Two Factor Authentication, and digital e-commerce services.

For additional information on Comodo - Creating Trust Online™ visit http://www.comodo.com/

Palm Security – Biometric Authentication for your PC – Personal Computer – by Fujitsu Laboratories Ltd.

Fujitsu Laboratories Ltd. Has developed a highly precise biometric authentication. It has the technology that can verify as person’s identity by recognizing the pattern of blood veins in the person’s palm. This new of Biometric authentication PC Security technology is more useful in the securing your PC. The use of this technology would enable convenient biometric authentication for a wide range of applications, such as safe guarding important information through log in verification for the access to sales, technical or personal data.

How this New Method of Biometric Authentication Technology does helps in PC Security?

This new 2008 technology, in which it has incorporated a prototype computer mouse, identifies an individual by the unique pattern of veins in the palm. Palm vein patterns are advantageous for this purpose because they are unique from one person to the next and expect for the size, they do not change as the individual grows. The authentication process works as follows.

The palm is first illuminated by an infrared light. The veins just beneath the skin of the palm then emit a black reflection, giving a picture of the veins of the palm.

Using a proprietary Fujitsu algorithm, the pattern is then extracted from this picture and is checked against patterns stored in the system if there is a match the person’s identity is confirmed. This biometric authentication will surely help computer users securing them from identity theft. Also some measures have been taken to build this technology into wall-plates or mobile readers for other applications – Which were previously used by having stored the thump impression. Now it would be the palm security for 2008. Biometric security is both easy to use and hard to defeat, so its no surprise that finger scanners are popping up on notebooks as well as PC peripherals. But once you have swiped them anyone can use the computer. Now around 700 people were experimented with this new technology. Fujitsu has not yet begun selling the Palm Secure PC login kit. Also keep in mind that the Palm Secure works only on Windows XP and Vista. If you want to have managed multi-user biometric authentication across the enterprise’s PC’s, you need the authentication server edition.

Continuing with the PC Security, you also need to have the Desktop Security and Internet Email security products as well. The job would be to be more safe and Secure from the world of phishing or virus attacks.

JobsNtech - Jobs & Technology - IT Security - Wishes Very Happy and a Prosperous New Year 2008

Wishing You All a Very Happy and a Prosperous New Year 2008

We hope you had a great Christmas and New Year Holiday and now back to Business. The IT Field has been booming in Chennai, India and So many IT, ITES, BPO companies has been set up here, with the headquarters in US, UK , Australia and other foreign countries. So inorder to have a secure access of the server and secure transmission of files, VPN’s are more important. And also being doing international business which includes secure and safe banking, secure financial transactions need to be carried on for online shopping too. Hence there is need for the Internet Security, to know more about the internet security measures have a look at the entire blog. And also if you are looking out for a change or wanted to pursue a career in an IT / ITES or Non-IT sector in the blooming hot IT hub Chennai, India - post your profile to JobsNtech i.e. Jobs & Technology HR Management Consultancy Services, who are currently in the look out for clients and candidatures.