Amfas Tech | Technology, Blogging & Internet Marketing: Computer Security

8 Techniques to Prevent Insider Threats in Organization

insider-threat

Many organizations and employees focus their security measures on network borders; but forget to focus on insider threat in an organization. Rarely anyone in the organization can guess about the insider who caused an attack whether intentional or not. It might be hard to believe that the well-dressed lady or gentleman with a nice smile from the next office might be the culprit who has been giving your company a hard time while you are busy searching for a non-existing external cyber-criminal.

Well, an insider threat is malicious cyber threat to an organization that comes through an organization’s personnel such as employees, ex-employees, contractors or business associates who have full information to the organization and access to their data, security passes, and computer systems.

Insider threats usually come from any level in an organization but usually, the higher-level employees offer bigger threats since they have high-level security clearance and more access to the company’s classified data. According to a survey conducted by Dell on cyber security professionals, 59% of the insider threats are from managers followed by 48% by contractors, 46% by regular employees, 41% by IT administrators and staff and the least being 30% from third party service providers.

Insider threats are usually disgruntled employees or ex-employees who believe that the organization did not do justice to them and are therefore looking for revenge. It might also come in the shape of an ignorant employee who accidentally leaks the organization’s vital information without intending to or perhaps those greedy employees who trade in classified company data and information to make an extra buck.

On the other hand, these threats may also come via unfortunate situations like blackmailed employees who are forced to turn against their organizations to save their loved ones or their dirty little secrets. Whether justified or not, these inside threats pose a major threat to all organizations worldwide.

This calls for a serious alarm to all organizations against insider threats where serious security measures should be put in place to counter insider threats as equally as external threats. It is time to tight the loose nuts. Here are some of the security measures that would help reduce insider threats in a modern organization.

1. Conducting a periodic risk assessment for the whole organization

Organizations must assess their critical and most valuable assets and the risks that might occur periodically and then come up with strategies on how to protect those assets from both inside and outside threats. Most firms wait until there is an attack before they can take measures against the attack, which already has caused damage. These periodic risk assessments periods must be at short intervals to reduce the risk of a cyber attack in between the assessments.

2. Conducting periodic security awareness training for all employees

A good number of employees pose a threat to their organizations due to ignorance or by being unaware of the security policies in the workplace. By conducting security awareness training, employees are made to understand security policies and procedures of the organization; why they exist and the consequences in case one violate the policies. Such a measure wards off the possible intended inside attacks while it also reduces cases of ignorant insider threats by a huge percentage.

3. Encouraging separation of duties and minimal privileges

By separating duties of employees and giving them minimal access privileges, an organization is bound to restrict employees to their line of work securing the other departments in case one decides to attack the organization’s system. This will make it easy to identify the source of the problem keeping in mind that there are no overlapping roles.

4. Logging, monitoring and auditing employee actions periodically

By monitoring and logging employee actions periodically, the organization will be able to discover suspicious action of the insider threat before he/she does the actual damage to the organization. This way, the organizations will always be a step ahead of the threat.

5. Keeping an eye on system administrators and privileged users

Statistics show most inside threats usually come from the system administrators and privileged users such as managers who have access to most if not all of the data in the organization. Caution must be exercised on such individuals to secure the data they have in their control. Remember, as you keep an eye on those privileged users do not forget to watch the junior employees.

6. Monitoring and responding suspicious behaviors in workplaces

As much as the organizations are monitoring their employees’ online activity on their user accounts, it may not be enough! In other words, it is prudent for any organization to monitor their employees’ behavior in their workplaces to take note of dissatisfaction and complaints, which can drive them to turn against the organization.

7. Deactivating user access following termination

Once an employee leaves or is fired from an organization, his access credentials should be terminated immediately. Of course, most ex-employees, especially the ones fired are usually dissatisfied with the organization. They would want revenge against the authority or person who is responsible for their job loss. What would be the better way to do so than misusing their privileges?

8. Actively defending against malicious codes

Privileged users and system administrators who are inside threats sometimes attack the organization system by planting logic bombs or malicious codes which will disrupt the system in place. Therefore, by putting in place a system that defends the organization against malicious codes, one can reduce attacks on the systems by these inside threats.

At last..

These just a few major measures can help you counter insider threats in organizations. To cut the long story short, a good amount of resources should be dedicated to counter insider threats. Let us just say that organizations today should be very wary of the insiders if they are to have an upper hand in the war against cybercrime.


Author Bio: Harry Patel is a full-time businessman and part time blogger.He has more than 10 years experience in web development and marketing. Currently, he is working as a consultant.






























Continue Reading

5 Tips to Protect Your Windows 10 in 2017

Installing Windows 10 on your device or buying a new one with this operating system will give you the sense of getting a new toy. You want to explore as much as possible what you OS can do and customize it to fit your needs perfectly. This is the best time to handle your device’s security as well and make sure from the very beginning that every aspect of it protected and accounted for.

 

There are steps that you can take to make your Windows 10 more protected that don’t require spending a lot of money to security software. We will share with you 5 simple, but effective tips to protect your Windows 10 and enjoy it safely.

 

5-tips-to-protect-your-windows-10-1

 

1. Tweak Your Privacy Settings

One of the first things you should when you’ve logged into your new computer is to see where exactly you stand when it comes to your Privacy Settings. The usual scenario is that everything will be set in the way that Microsoft finds it most convenient, but that doesn’t have to coincide with your security needs one bit.

 

There are a number of things that you can do to improve your security right then and there. First, if you want to be on the safe side, you should deal with location tracking. You will see that there are apps that have permission to access your location and if you don’t want them to keep tabs on you, simply disable those permissions. In fact, it would probably be a wise decision to get rid of location tracking completely, so that no one can easily find out where you currently are. Unless your messages, contacts and calendar are connected with your Microsoft account, there’s no need for any apps to have access to your private information either. Also, camera and microphone access is something that should be strictly limited, though you can only do this when it comes to apps, rules don’t apply when it comes to system programs, but it is still a step forward toward better security.

 

2. Manage Wi-Fi Sense Carefully

Here’s an option made to help us share our wireless connections more easily with anyone we want. Naturally, there are people who will take full advantage of it, even when it means endangering your security. The beauty of AWi-Fi Sense is that enables other people to use your bandwidth, but they don’t get full access to your network either. This feature also makes it much easier for you to connect to some other network quickly. However, a word of caution is necessary here, because public Wi-Fi can cause serious security troubles due to the fact that it is full of malware lurking to infect your device. Use VPN to keep your system safe from any unexpected cyber-attacks that can happen whenever you’re using public Wi-Fi.

 

3. Keep Cortana at Bay

5-tips-to-protect-your-windows-10-3

 

One of the main improvements of Windows 10 is the new digital assistant Cortana that does come in handy once in a while. However, its usefulness falls short when we take into account the amount of personal information it has access to and that is a lot. Unless you’ve got a dire need of a digital assistant, disable Cortana completely, because the information it gathers are a serious risk that you don’t have to take. We recommend doing this as soon as possible, because all the data that Cortana processes are very quickly uploaded to a cloud which can’t be erased. If you’ve explored Cortana’s abilities, then you know that it also keeps extensive record of your interests and preferences and you would do well to edit and erase this section as well, because you never know what kind of personal information hackers could use to get into your device and wreak havoc.

 

4. Do a Clean Reinstall

If you’ve just bought a new laptop or a mobile device and you’ve already got Windows 10 installed on it, then you probably think your work is done. While your device will work just fine, chances are that it will be filled with all forms of unnecessary software you’ll never use and it will slow down your computer. There’s also the fact that this junkware can affect poorly your device’s performance and the best way to deal with it is to get rid of it all. Do a clean reinstall of Windows 10 to get a completely clean slate with your new device and not worry that there might a hidden program somewhere in your computer that is endangering your security.

 

5. Lock Down Your Device

Whenever you’re away from your device, it should be safe and protected just as much as when you are using it. Enable the option to lock your screen whenever you’re planning to leave your computer or phone unattended, so that no one can just use it as they please. If you want to be extra safe, set up passwords to protect your OS from anyone trying to physically install malware on your device.

 

5-tips-to-protect-your-windows-10-2

 

Windows 10 comes with a great deal of new exciting perks and you should freely explore each and every one of them. Just remember that the security of your operating system should always be your main priority and you can protect it very well by following these five tips, as well as investing some time to constantly learn about new ways to improve your security.

 

About Author:

thomas-milva

Thomas Milva is 28 and has been in an Information Security Analyst for over four years. He loves his job, but he also loves spending his time in nature, because he’s working from home, which sometimes means not getting enough fresh air. He also regularly writes for wefollowtech.com, where he often comments on the latest web trends in his articles. Thomas currently lives in Baton Rouge with his dog, two fish and his girlfriend.

Continue Reading

Recover Deleted or Lost Files on Windows 7/8/8.1/10 Easily with Wondershare Data Recovery Tool

Data is the most valuable part of the computers. The digital format of information is vulnerable to the several threats which may result in lose of data. It may be due to the human error or the technical glitch that happened inside the circuits. At the end, the users remain the victims of data loss. Recovering deleted or lost files on computer is not as difficult as it was. We have better software and hardware tools available in the market now.

 

Spending time and money on the deleted files may worth trying but it also need a supervision of budget and effort. Wondershare offers a budget friendly solution for recovering deleted files on Windows computer. Their Data Recovery Software is available for just $49.95 and is effective in recovering the lost files on Windows computer.

 

I tried this software for recovering my niece’s lost birthday photos on my Windows 7 desktop and on my Windows 10 laptop. It worked great! I almost recovered all the photos back. This time I backed them up to cloud.

 

Wondershare Data Recovery software have some interesting recovery options that are quite needed when your are perplexed of what to do in such panicking situations. I will show you how this software can be used to recover your lost file of any format.

 

Note: Recovering of data is not 100% possible with any tool that is available for us so far. However, some tools like Wondershare Data Recovery help us recover almost all files of any condition by all means possible. I recommend you to take a backup of your data very often.

 

 

Recovering the deleted or lost data

Download and install Wondershare Data Recovery tool on your Windows computer. Run the tool after installation.

 

The home screen under ‘Standard’ mode will be shown with the recovery options of the software including the file recovery, partition recovery, RAW file recovery and recovery resume. This will recover files of all formats. If you want to recover files by type, click on the ‘Wizard’ link on the white bar on the screen. This will open a new wizard where you will be shown all the file type options including image, audio, video, office document, email specifically and other formats.

 

Lost File Recovery – Recovering lost files of any format

wondershare-recovery-home

 

This is the first and very non-specific option that this data recovery tool has. You can find this option on the home screen of the tool itself.

 

recovery-file-location

 

You just have to show the location of the disk to search for the lost or deleted files. The rest of the process is taken care of by the tool itself.

 

Just select the location from the shown disks and click ‘Start’ to continue the search process.

 

scanning-for-lost-files

 

When the search is over it shows all type of files that can be recovered along with the health status of these files. Click on the files to view the preview, select those you wanted and click ‘Recover’.

 

Partition Recovery – Recovering data from partitions

This option will help you recover the files from the particular partition of the list of hard drives that are connected to the computer. This specificity will help the user plan & organize the search process from partition to partition.

 

partition-recovery

 

All you need to do is to choose the hard disk > partition > and start the search process. Check the files that are found, preview if necessary and recover them on to your hard drive.

 

RAW File Recovery – Recovering files that are difficult to recover

RAW format files are those that are identified by the non-human readable attributes like name and path. Sometimes the deleted or lost files cannot be recovered by using normal recovery mode. This RAW file recovery option will help to recover such difficult-to-recover files easily.

 

RAW files includes all random files that are deleted or removed from the HDD with time. As they are found unnamed, the previewing process might take a bit long yet worth when it can recover the actual data.

 

recovering-raw-files

 

Click on ‘RAW File Recovery option > Select the partition > Hit ‘Start’. The search will find all the random RAW files on the HDD. This process might take a bit longer than the other options, as the possibility of finding the number of files is more.

 

Resume Recovery – Save scan and resume the search process later

This is one such great feature that is needed for a system utility tool like this. Wondershare Data Recovery tool is an efficient data recovery software that takes optimal time to search the lost or deleted files on the hard drive. The time to finish the scan also depends on the size of the hard disk, number of type of files selected to find and the type of scan chosen.

 

save-scan

 

The terabyte hard disks of now-a-kind, re-checking for every file extension chosen and scan types like RAW file recovery will take lot of time to find the files from death and present before us. We cannot stay along all the time during the process and sometimes we may need to shutdown our computers after a while. At such times, this ‘Resume Recovery’ option will help us ‘Save Scan’ and resume later in any future.

 

Recovering data by type of file – Specific data recovery method

There is another mode of recovery wizard that you can swap on to. This recovery mode allows you to choose the type of file to recover > choose the partition or location and scan.

 

You can choose the photo, audio, video, email, office document and all other file types specifically to scan for. This will reduce the time of scanning and will give you quick results.

 

To be more specific, it scans the following file file extensions associated with the file types.

 

Image files – All common image formats such as JPG, PNG, GIF, BMP, TIFF, EXIF etc.

Audio – All common audio file formats such as MP3, WMA, AAC, AMR etc.

Video – All common video file formats AVI, FLV, WMV, MOV, MP4 etc.

Office Documents – All common document file formats such as Word, Excel, PDF and so on.

Emails – All common email file formats such as Outlook, Outlook Express, PST, DBX etc.

 

Still thinking?

There is nothing valuable more than data in this world and when it comes to digital data, it costs a penny more to recover. Spending just $50 for a license is nothing for the flexibility of data recovery options that Wondershare Data Recovery tool offers. Go Get the tool today and get back your valuable files.

Continue Reading

How to Remove Trotux Malware from Your Browsers

Trotux is one of the malware programs that hijacks the browser settings and occupies the homepage and search. This malware program comes with some free software. This would actually be installed with the free software that you download with or without being noticed.

 

Trotux infects the 3 major browsers, Google Chrome, Mozilla Firefox and Internet Explorer. It hijacks the browser shortcuts on the desktop and hijacks the browser settings by not allowing you to change/remove anything.

 

The confusing thing is that you won’t find any extensions installed in the browser settings. You may not even find the malware in the program files or even existed not with the same name. In such cases, it is better to contact the expert user. Because, a technician might bring up service bill to stars in the sky. No! I’m not serious. You may reach out to a technician if you are really serious about it.

 

But, before that, try this out.

 

remove-trotux-malware-from-browsers

The actual Trotux that I’ve encountered is on my cousin’s computer. When I asked about it, he said that he was trying to download the IDM (Internet Download Manager). He ended up download the fake IDM setup with the uninvited guest of Trotux malware.

 

Removing Trotux malware from browsers

Step 1: If this happened to your own computer, find the program or file that you have recently downloaded and remove it first. Yes, the setup file I mean.

 

If this happened to your friend’s or family system, ask them what did they do and when was the last time they used it in good health. Find any malware program or files and remove them manually.

 

Step 2: Scan your computer for malware with the anti-virus software. At most cases, anti-virus software might not detect such stealth malwares on the system. Even the official Chrome malware cleaner tool cannot identify Trotux hijack. This is not to scare you but the fact.

 

Step 3: Download Malwarebytes on to your computer and install it. Make sure it doesn't flag any incompatibilities with the existed software on your computer. If Malwarebytes shows any incompatible software, remove it first temporarily and run Malwarebytes stress free.

 

 

Step 4: Scan the whole system with Malwarebytes and let it list out the threats. When finished, remove the shown threats.

 

Step 5: Restart the computer. Open the bowser and check now for the Trotux. Good if it is not visible. If it still shows up, better consult a technician for the sake of your data security.

 

Share this solution to your friends and help them get rid of Trotux browser hijacker. Comment below if you need any further verbal assistance regarding this. I’ll be happy to help at my knowledge level.

Continue Reading

7 Reasons to Install Windows 10 Anniversary Update 2016

There is another side (the benefit side) of installing updates for your Windows 10 operating system on your machine. And that side brings the more features in the upcoming update. Microsoft is planning to push Windows 10 anniversary update 2016 with a lot amazing features and upgrades to its operating system.

You should let your system download and install the updates as they are going to bring the valuable visible and functional changes to the operating system even though the automatic updates are disabled.

The anniversary update brings the following upgrades to the UI and functionality of the Windows 10 computer. If you are a UNIX/Linux lover, you would love the new changes that are coming through the aisle.

1. Bash Shell to Command Prompt

Microsoft considered to fulfill the request of the users in providing the UNIX/Linux bash shell for Windows command line interface. Therefore, they have built a Windows Sub-system, for Linux (WSL). This brings the improvements to command shell with the added functionality of bash shell.

windows10-bash-shell

The bash shell can be accessed by entering the command ‘bash’ in the command prompt. You will have the full control over the UNIX/Linux libraries and no virtualization is needed to enable it. Just install the anniversary update and you will get the bash shell functionality get installed with it.

2. Dark Theme

dark-theme-windows10-anniversary-update

The whole Windows open with a white background by default. We didn’t had an ash gray or dark matte gray themed Windows so far. The new anniversary update brings the dark theme for Windows which is pretty cool and geekish. I’d also prefer to use the word eye-friendly. However all apps might not adhere the black theme except the windows of settings menus.

3. Emoji's with new skin tones

The Emoji’s are totally revamped with the new skin tones and it now makes chatting from an Windows device interesting as never like before.

new-emojis-windows-10

4. Windows Ink

Windows Ink that works as a true digital ink for the windows touch devices, will be added the new anniversary update of Windows 10. User can use his fingers or ePen to write on the screens to look more natural as it looks on paper when drawn written with pen.

widows10-windows-ink-anniversary-update

You can check out the programming technicalities of Windows Ink technology from the MSDN articles.

5. Cortana anywhere

new-cortana-lockscreen-windwos10-anniverary-update

The Cortana is the one of the best features that Windows brought to us. It would be much better and intelligently accessible anywhere including on the locked screen. The voice assistance anywhere responds to the call ‘Hey Cortana’ and listens to your commands. No wonder if it reminds you of the ‘Hey Siri’ feature of Apple iOS.

6. Windows Hello

widnows10-windows-hello-anniversary-update

The is one of the phenomenal feature that is being introduced by the Windows itself first into the market. Windows Hello need no PINs and passwords to unlock the device, it needs you and your eye positioning to unlock the screen. This feature is till in beta phase yet will be introduced with Windows 10 anniversary update of 2016.

7. Connect and play with Xbox One players

Microsoft always loved gamers and is. With the anniversary update of 2016, Windows 10 users will be allowed to connect to the Xbox players and join the games right from their PC’s and mobile phones. Microsoft delivers a special edition of DirectX 12 update with his anniversary update that allows users to connect to Xbox live transforming the conventional PC gaming experience.

windows10-xbox-one-gmaing

Also with this Windows 10 update, you will get Forza Motorsport 6: Apex for free.

Do you still want any more reasons to stop this anniversary update of Windows 10 of 2016? C’mon, you can’t be that rude to your computer.
Continue Reading

Lock your Keyboard and Mouse for Kids

After everything has computerized these days, people started using it for watching their favorite shows on them. There available as many live channels online as on TV’s right now. So the world is moving on to the computers, leaving televisions behind the line of past ages. Computers with webcams replaced most of the conventional voice calls with video calls these days.

When you wanted to show a cartoon video or show them your grand parents or relatives over a video call on your computer or laptop to your kids, you need to make sure they don’t bash your keyboard and play with your mouse while the conversation is going on. Because, as these are the actively connected input devices, keying in randomly or letting kids play with your mouse might not only spoil your conversation but also spoils your software. So it is advised not to leave keyboards and mice active while you are using your computers with your kids.

How to keep it safe?

Should you unplug the devices? The answer is No! If you unplug the input devices and if you needed to respond to a simple error or warning notification, would you like to wrap up yourself in wires every time you want to hit a simple click on the ok button?

For this simple problem I have a simple solution for you. There is a portable tool called Key Freeze which freezes/unfreezes the input devices like keyboard and mouse with just one shortcut key combination or a click. You can download it from here.

How to use it?

As told before, the key freeze activates with CTRL+ALT+DEL combination while running it. It can be controlled with mouse too.

Screenshots




This portable tool works with XP to present versions of Windows operating system. Share you thoughts about this tool in comments below.
Continue Reading

How to Get Rid Of Malware from a Brand New PC

You just bought yourself a brand new computer. You are amused with the system’s fresh-out-of-the-box newness. That’s great news! Yet, you have to take care of a few boring-yet-important tasks to save heartbreak and lots of money later. Keep reading to know more!

 

You must take care of a few crucial things after buying a brand new PC. Your system might be pre-installed with bundled software. These programs can be classified into the following categories:

  1. Shovelware
  2. Bloatware
  3. Crapware

These programs could be anything from adware to malware and they just offset the price of super-cheap PC in retail stores. So, to keep your device or computer in a pristine out-of-the-box condition for a long time, keep a tab on the device’s serial number. Take a backup of all the data on a recovery drive or disc. Also, keep a reminder for your warranty expiration so that the right patches and updates are installed at all the right intervals.

 

Get-Rid-Of-Malware

 

You must save your serial number

Every computer comes with a serial number which is written at the bottom or behind. Note it down for future reference before it wears down with time in laptops and net books. In many systems these numbers are not easily accessible in PCs. While unpacking the new device, click a photograph of this serial number and save it in a cloud drive any other storage service like a hard disk drive. Windows computer users must grab a snapshot of the license key so that there is no reinstallation issue.

 

Keep a tab on the surge protector

Power surges are a constant headache. To avoid damages to your brand new computing device, keep a new surge protector handy. It might lose its effectiveness with. Sometimes, special effects are needed to avoid flashing and its dangerous harmful effects.

 

Insurance is always a must

You can make use of insurance for a brand new device as is much more valuable than an average PC. An insurance company would let you schedule additional protection that is independent of the main policy. Sometimes, scheduling an entire item often covers the mishaps in the main policy and it is also independent &cheap.

 

Set a reminder for the expiration of your warranty

Computer problems can be extremely irritating when the device or software crosses the warranty time limit. In order to avoid confusions, you can put down a reminder in the calendar beforehand. In such a case, you will not get hassled anymore. Ensure that this reminder can be quickly accessed for reference.

 

Download a PC cleaner utility

Sometimes, a tune-up utility works wonders for it is a basic application with a user-friendly interface. Such utilities are designed by experts to carry out defragmentation of data upon the system's hard drive. These tools fix the all-important, notorious and incredibly problematic Windows registry. Reliable registry software tools from certified manufacturers basically delete all the useless and duplicate files. Some tools go a level ahead actually improve your PC’s complete performance in interesting ways. They render a boost to the PC by unlocking unreachable CPU cores and boosting overall CPU clock speed as needed. Intelligent PC tune up utilities utilize the aggregated data collected from user bases for optimizing all recommend settings is a PC.

 

Use a recovery disc or drive

In order to reinstall apps that get accidentally deleted while you run an effective computer cleaning software, make use of a recovery/backup drive. Store all the data in this device so that it can be restored in adverse situations. For the records, certain PCs come with reliable recovery CDs/drives, but others don’t. So you would have to order for a recovery media from the PC manufacturer. You can also create a USB stick of the OS (operating system).

 

Some pc tune up utilities mostly creates a save/rollback point. This point comprises of several positions of many desktop icons that can be restored at a later time so you’re your PC does not flake out.

 

Besides the above steps, you must carry out numerous hardware-oriented tasks. Ensure that the passwords used in all licenses and keys have been audited. Moreover, you must set up a strong antivirus so that you can prep-up your computer for heavyweight usage in the future. This step is crucial if you are an entrepreneur.

Continue Reading

Remove ‘Keeps Coming Back’ Browser Extensions on Google Chrome Easily

When we are installing software packages some unknown or unwanted programs also get installed with it. We don’t recognize them until we are annoyed with their behavior.

When the adware or malware or crapware, whatever you call it, gets installed on our browsers as toolbars, add-ons and extensions, we will see some abnormal behavior in using the browser. We can remove an extension easily by going to Settings>Extensions and clicking the trash can under every extension.

Sounds everything fine? No! it is not. Why would they are called as malware if they let go of themselves so easily.

These browser extensions ‘keeps coming back’ when we restart the system. No matter how many times you remove them from the Settings>Extensions, they will reborn after every restart.

Here is the catch

The extensions keeps coming back after every restart, that means the malware resides somewhere on the computer and is triggered when the user is logged in.

If we can remove the source of the extension from which it is loaded, we can consider it removed safely.

Removing the malware

As it is a Google Chrome extension, the source code of the malware should reside within the chrome folders.

Generally, the chrome extensions will exist in the following path:
C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions

Copy and paste the path in Windows address bar. Don’t forget to replace the USERNAME with yours before you hit ‘Enter’.

You can see the list of chrome extensions in folders with some random alphabets as a name as shown in the following screenshot. The name is the chrome extension ID that you can find in Settings>Extensions.

chrome-extensions
Go to Google Chrome Settings>Extensions to find the ID of the malware extension(s).

malware-ID

Copy the ID and search for it in the chrome extensions folder.

Findin-malware-extension-folder

When found, delete it permanently from your computer and restart your browser.

Check once signing out and signing in to your computer again. If you can’t follow the textual instructions, watch the video below to learn how to do it:

 



Drumroll, please!
Continue Reading

Recover Lost Files with MiniTool Power Data Recovery

We often loose your files on our computers for some known and some other unknown causes. It might be because of the damage occurred to the drive or the repartition we had done to it recently.

MiniTool Power Data Recovery software helps you recover deleted files even from damaged and reformatted hard drive. You can also recover files from CDs DVDs, memory sticks, memory cards, flash drives and RAID devices.

Before we see how the data can be recovered by using MiniTool Power Data Recovery software, I would to like you to make sure of the following points:
  • Never ever made any changes to the data on the data-lost drive.
  • Never install or uninstall any kind of software including Data Recovery software on the data-lost drive.

Download & Install

A free version of MiniTool Power Data Recovery can be downloaded and used with a 1GB data recovery restriction. You have to buy the software to make the full use of it.

Go to powerdatarecovery.com and download the free/premium version of it as per your needs.

MiniTool Power Data Recovery is compatible with the following operating systems:
  • Windows 7 (32 & 64 bit)
  • Windows 8 (32 & 64 bit)
  • Windows Vista (32 & 64 bit)
  • Windows XP (32 & 64 bit)
  • Windows 2000 Professional
  • Windows Server 2008 (32 & 64 bit) *
  • Windows Server 2003 (32 & 64 bit) *
  • Windows 2000 Server Family *
Installation of this program is easy – Install it the same way you install every other program on Windows.

Using Power Data Recovery

This program features five recovery modules, Undelete Recovery, Damaged Partition Recovery, Lost Partition Recovery, Digital Media Recovery and CD/DVD Recovery.

minitool-powerdatarecovery-modules

Undelete Recovery – Useful in bringing back the shift deleted files on the computer.

Damaged Partition Recovery – Recovers data from the damaged partition. Keep an external hard disk with you in case you are doing a partition recovery.

Lost Partition Recovery – We accidentally loose data along with some partitions while managing space on computer. Power Data Recovery can also recover files from those lost partitions.

Digital Media Recovery – Digital devices are the most data vulnerable devices we often face problems with. It can recover data even from damaged digital devices.

CD/DVD Recovery – When was the last time you used a CD/DVD on your computer? In this age of high capacity hard drive configured computers, people rarely back up data on to CD/DVDs. However the data backed up on to CD/DVDs can be lost due to physical scratches and worn outs of the disc.

Power Data Recovery can also recover data from damaged CD/DVDs there by ensuring our data safety.

Here are the abilities of this program in a summary:
  • Recover deleted files and folders
  • Recover data from damaged partition
  • Recover data from inaccessible hard drive
  • Recover data after re-partition
  • Recover data from a crashed hard drive
  • Recover data after an MBR corruption
  • Recover data after reinstalling windows
  • Recover data from formatted partition with original path and filename
  • Recover photos from memory card
  • Recover music and video from iPod
  • Recover data from quick formatted CD/DVD disk
  • Recover data from an unfinalized DVD disk
  • Recover files from scratched or defective CD and DVD disk
  • Recover data from Windows Dynamic Disk Volume
This program might look like another data recovery software available in the market today. But its capability of handing deleted data and recovery process is so handy. The only flaw I found is the limitation of data recovery up to 1GB for free version. It may not be helpful for recovering huge amount of data. You have buy it to make the most of it. Though, it is enough to recover huge list of documents kind of files to 1GB limition.
Continue Reading

History Of Cryptography eBook Download

History-Of-Cryptography-eBook-Download

Title: History of Cryptography

Primary Category: IT – Security

Short Description: An easy to understand history of cryptography.
 
Long Description: This white paper presents a brief history of cryptography and how encryption-related technologies have evolved and will continue to evolve as well as the measures Internet users should consider when implementing modern encryptions.
 
Publisher: Thawte
 
Download
Continue Reading

List of Best Child Internet Safety Software for Parents

The internet is an important learning tool for children these days. It has become a part of their academic curriculum and moreover in their lives. The necessity of letting children use computes and internet is already discussed in previous write-up. All you need to take care of is, monitor their activity and keep the computer in your control.

There are a lot of software available in the market to maintain and manage the cyber security of children while letting them use computers and internet. They let you monitor your child’s activity on the internet and help you block websites not to be watched. They also help you block access to harmful and spammy websites making your computer and internet connection more secured while in the hands of children.

internet-child-safety

I hereby bring you a list some famous child safety programs that can help you relax while your kids are on computers.

K9 Web Protection – K9 provides tools for parents that can control unwanted content from the internet and provide a safe internet for your family. You can block websites by category and URLs(70+ categories available) including pornography, gambling, drugs, violence/hate/racism, malware/spyware, phishing.

Norton Family – It is a powerful parental control tool with plenty of controls and lot of useful features. You can set the computer usage times for your kids so that they won’t get addicted to it all times. You can also block websites and URLs of different categories(40+ categories available). Your kids are not even allowed to see email with or from blocked URLs. If you are looking for a strict monitoring tool, this is it.

DNS Angel – DNS Angel lets you connect through different safe automated filtering DNS servers. When any porn or harmful site is found to be visited, it is blocked automatically by the DNS server. This software have limited functionality and you can’t have full control like the rest.

This tool is helpful when your children wanted administrator access to your computer to learn some kind of programming and you don’t wanted them visit unwanted websites.

Net Nanny – Net Nanny is the most preferred parenting control solution in the word that gives parents full power of protecting their family by filtering out the unwanted content and threats from internet.

Net Nanny is not only for computers but also available for smart phones. It is available for Windows, Mac, Android and iOS there by giving full control of internet for children even through smart phones.

 Web Watcher – This tools records activity of your kids on internet even on smart phones. It is 100% undetectable and can help monitoring teenage kids more particularly. It records all the screenshots and keystrokes of the programs and webpages and is saved into reports.

McAfee Safe Eyes – McAfee Safe Eyes is a family protection software from Microsoft. It can block objectionable videos from video hosting websites like YouTube. It blocks online game play and online gaming sites there by protecting children from falling to hacker pranks. It also controls downloading explicit content even from trusted websites like iTunes. It controls online TV stream by rating, P2P and blocks media player.

McAfee offers full control for Windows operating systems than Apple Mac. If you are using Windows and wanted full control of your kids, McAfee is a good choice.

There are a lot software that help you protect your family from internet dangers. All the software look same with similar filtering options and blocking mechanisms but different. Not every family protection software uses same filtering algorithms. So choose a tool within your budget and start protecting your kids online.

Stay Safe Online!

Do you protect your kids online? Which software do you use? Is it really helpful? Share your experiences with us!
Continue Reading

Enterprise Security Issue: Fighting Against APTs or Targeted Attacks?

Advanced Persistent Attacks(APTs) or targeted attacks are a category of intrusion attacks that compromise the targeted systems upon hacking. APTs are conducted in a series of failed and successful attacks over time to get deeper and deeper into the target’s network.

Enterprises consider APT attacks a high priority threat because of the significant impact on the past victims in the industry. These kind of attacks are highly risky and occur because of the weaknesses in the security system of the company. Once the enterprise network is compromised and the hacker allowed in to it, it becomes difficult to get it resolved fully.

The introduction and adaption of new technologies, platforms and entities into business can only further broaden the attack surface. Information Security Officers have found the necessity of safe guarding the company data on the network after they have seen the noticeable data breach attacks in past years.

A better understanding of targeted attacks can give enterprise security groups the correct mindset in dealing with these threats.

How do targeted attacks occur?

How-do-targeted-attacks-occur?

Intelligence gathering: Highly similar to a military reconnaissance mission, this initial phase aims to gain strategic information not only on the intended target’s IT environment but also on its organizational structure. The information gathered can range from the business applications and software an enterprise utilizes to the roles and relationships that exist within it.

Point of entry: As attacks usually target organizations, the delivery mechanism is therefore the most common form of office communication—email. Note, however, that instant-messaging and social networking platforms can also be utilized to entice targets to click a link or download malware. Eventually, establishing a connection with the target is acquired.

Compromise: Armed with knowledge obtained from the intelligence gathering stage and supplementary insights accumulated from prior attacks to a company’s environment, threat actors are able to select and specify the exploits to use on their target. At the end of this stage, a company’s network is infiltrated.

Command-and-control (C&C) communication: After an organization’s perimeter has been breached, continuous communication between the compromised host and the C&C server needs to be preserved. Threat actors use techniques to maintain C&C communication traffic under the radar often either by blending in with legitimate traffic or fully utilizing go-betweens.

Lateral movement: Once assured that there is constant access to the breached network, threat actors then laterally move throughout the company’s network, seeking valuable hosts that house sensitive information.

Asset/Data discovery: Noteworthy assets are identified within the infrastructure then isolated for future data exfiltration.

Data exfiltration: The attack’s ultimate objective is to transmit information from within the target organization’s perimeter to a location the threat actor controls. Data transmission can be done either quickly or gradually wherein information is moved to a staging phase then prepared for exfiltration.

What Can Enterprises Do Against APTs?

By design, APTs are able to evade standard perimeter and endpoint defenses. Industry analysts and experts have made a clear case that an expanded and layered definition of security due diligence is now a must for most enterprises and government organizations. Trend Micro provides a range of solutions that allow organizations to meet these new requirements, combating APTs with the best protection and proactive detection technologies.

Fundamental Defense
Standard perimeter and endpoint security technologies are essential to prevent most attacks and, at their best, may detect or block certain aspects of an APT or a targeted attack. The key factors behind the effectiveness of these products is the provider’s ability to source new threat information and the “time to protect”—how quickly new threat information is made available to the products deployed.

The Trend Micro™ Smart Protection Network™, for instance, provides Trend Micro products with the broadest and most up-to-date threat detection capabilities.4 The Smart Protection Network processes over 4TB of data daily, including daily analyses of over 8 billion URLs, 50 million email samples, 430,000 file samples, and 200,000 IP addresses.
  • InterScan Messaging Security combines the privacy and control of a powerful on-premise gateway software virtual appliance with the proactive protection of an optional cloud-based pre-filter that stops the majority of threats and spam in the cloud.
  • InterScan Web Security combines award-winning malware scanning with real-time web reputation, flexible URL filtering, and integrated caching for streamlined administration and lower total cost of ownership (TCO).
  • OfficeScan maximizes security and performance on physical and virtual desktops, providing the industry’s strongest threat and data protection, built into a single endpoint agent, and deployed and managed together from a single console.
Advanced Protection
Moving beyond fundamental defense is about providing additional security safeguards for sensitive resources and data, whether physical or virtual and whether these reside in the corporate network, the datacenter, or the cloud. Trend Micro can provide a hardened level of protection for the servers and data that are targets of an attack.
  • Deep Security provides a single platform for server security to protect physical, virtual, and cloud servers as well as virtual desktops. Tightly integrated modules easily expand to offer in-depth defenses, including anti-malware, integrity monitoring, intrusion detection and prevention, web application control, firewall, and log inspection.
  • SecureCloud is designed to encrypt and protect data in public, private, and hybrid clouds while also securing data stored in physical and virtual servers. Easy-to use, policy-based key management authenticates the identity and integrity of servers requesting encryption keys and controls when and where your secure data can be accessed.
Real-Time Threat Management
Moving beyond protection to embrace proactive detection capability is the ultimate step in combating APTs and targeted attacks. Specialized threat detection technology can detect “invisible” malware and human attacker activity by examining the content, communications, and behavior of all network traffic then providing actionable insights to aid in immediate containment and remediation.

Vulnerability exploits are a key tool of attackers and a proactive stance to vulnerability detection and timely patching is critical. A systematic approach to vulnerability management and a proactive virtual patching or vulnerability shielding strategy will minimize the window of opportunity for attackers.

These Trend Micro solutions enable you to take the ultimate proactive stance against APTs and targeted attacks:
  • Deep Discovery provides customers with the network wide visibility, insight, and control needed to reduce the risk of APTs and targeted attacks. Deep Discovery uniquely detects and identifies evasive threats in real time and provides the in depth analysis and actionable intelligence needed to prevent, discover, and contain attacks against corporate data.
  • Vulnerability Management Services provides on-demand network discovery, asset prioritization, application and system vulnerability assessment, and remediation tracking in a single software-as-a-service (SaaS) offering.
  • Deep Security deep packet inspection and intrusion prevention system(IPS) capabilities close the window on vulnerabilities and reduce patching costs by providing virtual patching to rapidly shield vulnerabilities without the need to wait for vendor patches or disrupt your standard patch cycles.
Source: A Special TrendLabs primer on APTs – Detecting the Enemy Inside the Network: How Tough Is It to Deal with APTs?
Continue Reading

How to detect and fight malware on your computer

Our computers can caught malware anytime, anywhere. They may not only get infected through unsecured websites and infected removable drives but also when our security system slow downs its performance. You won’t even know that some kind of malware is residing on your computer until you observe some odd behavior of the computer.

The malware of any other virus is a program after all. It also need some space to run itself. That means it needs a share in the processor and the system memory to execute. You can identify it in the running processes in task manager with a strange name that you have not installed. Do not consider that every other program or service running other than from your installed programs is a malware. So, it is better not to go and assess the running programs unless you are a pro user.

Note: Some programs may not show up in running processes. If you find no weird program running on your computer, that doesn’t mean your computer is virus free.

Anti-viruses cannot detect every malicious code and program. In fact many new viruses are being born everyday. As it is impossible to update the virus definitions in real time, anti-viruses cannot give you a full protection.

So there is something else to protect your computer from malware and that is your care. We actually depend on the anti-viruses totally. When we come about any odd behavior, we simply scan our computer again. Scanning computer viruses is a good thing but it needs the user’s attention fully. You have to take care of your own security of data on your computer. For that all you have to do is,

IMPLEMENT layered security for your company in case of security needed for your organization. Use anti-spam, anti-spyware, anti-virus and anti-malware solutions for your systems and network gateways to increase the protection. After all, security means more value for an organization.

IMPLEMENT a firewall for your networks. Firewalls can protect you from malicious inbound and outbound traffics. Setting strong filters for firewall would help you block attacks at the gate only.

KEEP  your software up to date. I don’t know what makes them to fear of, many people afraid to update their computer software, most particular in countries like India. The slow internet in many parts of the country might be a cause. May be they don’t wanted to loose the internet speed by dedicating all the speed up to limit for updates.

Updating software means mitigating security vulnerabilities on your computer. The updated software has very little chance of getting attacked than that of non-updated.

SET strong passwords would make it difficult to hack. A strong password would be of 8 character long and consists of a capital letter, a digit and a special symbol.

A strong password like ‘P@ssw0rd’ cannot be the strong password as it is easily guessable. Feed you brain some strong password exercise. Also choose different passwords for different applications. One hacked password should not give access to the remaining applications & services.

DO NOT share your passwords with anyone nor your computer. Do not make your computer remember you passwords. Hackers can easily gain access to your passwords if once your browser is hacked.

NEVER download stuff from untrusted sites. Never click on the download links from unauthorized sites directly. If you are using IDM as your download manager, set a automatic scan of downloaded objects immediately.

BE CAUTIOUS about the files you get from your friends. Because there are new viruses swaying on the internet from time to time. Check these important instructions to protect yourself from new viruses.

FOLLOW good security practices. Take appropriate precautions while using email and web browsers to the risk of spreading infections. Follow security news updates from various news channels and trusted sources.

A computer alone cannot defend itself against harmful malware and spyware unless your intervention is included. Take care of your computer. Stay safe!

Have you ever suffered the wrath of malware on your computer? How did you fought with it at that time? Share you experiences in comments.
Continue Reading

How to Protect your Computer from ‘Bladabindi’ Virus

Its time for Indian computer users get to know about the new virus in the Indian cyber space named ‘Bladabindi’ that can steal personal information from computers running on windows operating system.

The huge number of windows users in India might be the reason for Indians being targeted. This virus is not new to the world but India. So there are some case studies available about this virus and its behavior that can help us get rid of it before the loss occur. Microsoft provided some information on this virus and ways to identify them on windows PCs.

How ‘Bladabindi’ steals your sensitive information?

bladabindi-virus

‘Bladabindi’ opens a backdoor for hackers to steal your sensitive information like following from your PC:
  • Your PC name, country and serial number
  • Your Windows user name
  • Your PC operating system version
As we discussed previously, Bladabindi can be found in different variants. It can also steal information such as your:
  • Chrome stored passwords
  • DnyDNS information
  • Firefox stored passwords
  • IE 7 stored passwords
  • No-ip/DUC information
  • Opera stored passwords
  • Paltalk credentials
The hacker can also access your camera to steal and record your personal information. Once infected, the virus checks for camera drives and installs a DLL plugin to run it and record the video and sends it to the remote hacker.

Its variants can also be used as key loggers by the hacker. Once infected, it starts recording the key strokes there by sending him your full login credentials. Take look at the following commands that can be executed using ‘Bladabindi’:
  • Capture screenshots
  • Compress data to be uploaded
  • Connect to remote servers
  • Download and run files
  • Exit
  • Load plugins dynamically
  • Manipulate the registry
  • Open a remote shell
  • Ping a remote server
  • Restart your PC
  • Uninstall itself
  • Update itself
This virus can connect to remote servers and can download and install the other malware and viruses. Microsoft have found this Trojan connecting to following addresses:
  • fox2012.no-ip.org
  • jn.redirectme.net
  • moudidz.no-ip.org
  • reemo.no-ip.biz

Identifying ‘Bladabindi’ virus on your computer

Bladabindi virus acts smart when executed. It generally spreads through the ‘autorun’ from the removable devices and unauthorized download files on internet.

This virus tricks you by keeping itself with disguised icon masks that could mislead you into running the program. The list of most common icons it uses for disguising are shown already in previous article.

When run on your computer, the virus copies itself into one of the following locations with a variable name, for example %TEMP%\svhost.exe:
  • C:\Users\<user name>\AppData\Local\Temp – %TEMP%
  • C:\Users\<user name>\AppData\Roaming – %APPDATA%
  • C:\Users\<user name> – %USERPROFILE%
  • C:\ProgramData – %ALLUSERPROFILE%
  • C:\ProgramData – %windir%
The above locations can be accessed through Win+R(Run) by using the common folder variables shown along with them, for example %APPDATA%.

It also copies itself into startup folder to make sure it runs every time when the computer is started. It can be easily identified with a random 32 alpha-numerical name and .exe extension, for example <startup folder>\5cd8f17f4086744065eb0992a09e05a2.exe

To check your startup folders on your computer, go to any of the following locations or simply copy-paste the path and hit enter:
  • C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  • C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
It also changes the windows registry keys to run itself every time when the PC starts. The registry keys that would be modified are as follows:

In subkey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
Sets value: "<32 random alpha-numeric characters>" for example, "5cd8f17f4086744065eb0992a09e05a2"
With data: "%TEMP%\<variable name>.exe"
 
In subkey: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
Sets value: "<32 random alpha-numeric characters>" for example "5cd8f17f4086744065eb0992a09e05a2"
With data: "%TEMP%\<variable name>.exe

It also runs net.exe to add itself to the firewall exclusion list and bypass the firewall of your computer.

Protecting the computers from ‘Bladabindi’

There no such special spell to weed out this virus from your computer. All you have to do is:
  • Update your antivirus definitions.
  • Do not download files from suspicious links.
  • Do not care about anonymous email attachments.
  • Check your firewall settings and keep it safe always.
  • Do not run untrusted files on the computer. Once infected, your data is out.
  • Be careful about pen drives and removable media from your friends. They may not be protecting themselves against this virus.
  • Do not use patched or cracked software.
  • Do not auto-save passwords on web browsers.
  • Do not use IE unless you set automatic updates on your computer  to ON.
  • Do not use Administrator account for general computer usage. If needed open the program(s) by typing the admin password.
Also check the above discussed locations for the suspicious .exe files and other potent malware programs. Scan your computer completely for viruses and malware. Don’t forget to update it before scanning.

Hope the tips help you keeping your computer safe not only from ‘Bladabindi’ virus but also all kind of its variants.

If you have ever experienced any virus attack on your computer, share your experience with us.
Continue Reading

A new virus ‘Bladabindi’ is on fly to Windows computers in India

Cyber security sleuths have found a multi-identity virus, Bladabindi targeting windows computers in India that can steal personal information and use it for executing anti-social and illegal activities.

In this regard, Computer Emergency Response Team(CERT)-India said that it could infect Microsoft's Windows operating system and can spread through removable USB flash drives.

Microsoft malware protection center provides some information about this virus and here by says “The Bladabindi malware family can steal your sensitive information and send it to a malicious hacker. They can also download other malware and give backdoor access to your PC.”

It also recommends to stay updated with the Microsoft's security software definitions and databases. You can do the update thing even if you are using a third party security software to protect your PC. In fact it is mostly recommended to keep your computer and information safe.

How it is created and propagated?

Bladabindi virus can be created using a publicly available tool malicious hacker tool known as NJ Rat.

NJ Rat allows the attacker to choose an icon from the list which mocks a famous software. That means a Bladabindi virus can be found with any icon that can mislead you into running the program on your computer.

Microsoft had keep track of this virus and stacked in some list of the icons mostly used by this malware program. They are as follows:

bladabindi-virus-icons

When the malicious file is run, Bladabindi virus copies itself into the following locations with variable name. It copies into root folder of removable devices and can spread so on. This virus can even spread through all kind of digital devices that have a little memory.

This virus copies itself into the start up folder of windows operating system and runs every time you start your PC. It also makes changes to the windows registry in order to run every time when the computer starts.

It also runs net.exe to add itself to the firewall exclusions and bypass the firewall.
 

How to protect your computer from it?

Update your antivirus definitions and perform a complete scan on your computer. Clean your USB drives and secure your data in it. If needed, format your removable drives and disable ‘autorun’ feature for removable devices on your computer.

Be careful with the suspicious email attachments and web links. They can propagate virally when once accessed(like we have discussed about Facebook latest spam recently).

Also be careful with the pen drives and memory cards from your friends. They might not be protecting themselves with proper security software. To protect yourself and you friends from it spread the word and alert them. Be safe!
Continue Reading

How to Lock Your Computer with your Pen drive

You lock your house and you lock your vehicles when you are away. Why don’t you lock your computers too. You don’t have to buy another lock for that, a pen drive can do it all. Because you don’t want your work get disturbed or your data accessed by someone else when away.
 
lock-computer-withUSB
 
All you have to do is,
  1. Go to www.predator-usb.com and download the locking tool.
  2. Extract & install it on your computer.
  3. Open the program now. It will ask you to define a password and create a key at start up. This is one time reminder and if you want to change the key or password, you have to go to Preferences and change.
  4. Insert the pen drive & click Ok to continue.
  5. A windows with locking options would be popped up. Set the settings according to your security needs. For example, if you set the Read Interval to 10 seconds, the system will be locked if pen drive is not found for 10 seconds.
  6. Once you are done with the settings, restart the application. The application will now start monitoring your computer minimized in system tray. You can see a green dot blipping as long as pen drive is inserted. It goes red when it is removed.
  7. Try removing the pen drive once and test it. You will see a blank screen when it is removed and when inserted again, it asks password to enter. You won’t allowed to access the computer unless you type the right password.

This method of locking your computer have some disadvantages too. Here they are:

  1. You won’t be able to access your computer if the pen drive is lost.
  2. You won’t be allowed to access you computer if the pen drive is corrupted.
  3. You will have to suffer the loss of access to your computer when the USB ports don’t work.

Keep your keys safe! ;)

Continue Reading

How to Find Duplicate Files & Free Up Space on your Computer

Duplicate files actually eat up space on disks. You can free up space on your computer by using simple tools that are available on the internet. One such tool is Easy Duplicate Finder. Watch the video and showing how to download, install and use the tool in finding duplicate files on your computer.

Continue Reading

Microsoft releases fix for IE bug, security patch available for Windows XP also

Microsoft had already notified about the vulnerability that was found in Internet Explorer in their security advisory portal. This bug was found in the IE browser of version 6 to 11 irrespective of the version of the Windows operating system. In this regard, Microsoft had suggested some security measures to the users to keep them secured while browsing.

 

A security patch was developed and the news come alive at late 22 hours i.e., 10:30p.m.(IST) yesterday. It is assumed that most of the computers are automatic updates enabled. For those, who not yet set their computers to receive automatic updates are advised to enable so.

 

If you are manually installing the updates, it is strongly recommended that you apply the update as quickly as possible following the directions in the Microsoft’s security bulletin.

 

Microsoft has made a decision to release security patch for Windows XP too. It is known that Microsoft had already stopped support for XP in the earlier weeks of April this year. In this regard, the announcement of security patch for Windows XP is appreciated by the XP users worldwide who thought that their machines will be permanently vulnerable to the IE bug.

 

ie8 fix in xp

 

Though Microsoft wanted to take the issue of XP for consideration, it is strongly recommended to upgrade to Windows 7 or Windows 8.1 to reduce the future security risks. There is no guarantee that Microsoft would take care of the XP in future any more. The reason behind releasing this patch is that, XP is compatible for running IE8 which is necessarily to be updated during the IE legacy fix.

 

“We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11.” Microsoft says.

 

XP users can’t upgrade IE to the latest version 11.0. as IE8.0 is the last supported upgrade for the decade older operating system. So prepare your computer for upgrade today!

 

You can get the latest updates and news about the bug fix, attend the webcast by Microsoft today at 11:00a.m. PST and 11:30p.m. IST.

Continue Reading

Vulnerability found in Internet Explorer, Could Allow Remote Code Execution

A security vulnerability was found in the Internet explorer and has been brought to notice in Microsoft Security Advisory portal. This vulnerability is a remote code execution vulnerability that may allow the attacker gain complete access of your computer along with the user privileges or rights. If you are accessing the internet explorer with administrator rights on your computer, the chance of getting exposed is more than of a standard user.

On complete thorough investigation, Microsoft will be taking necessary actions to protect their customers by providing a solution through monthly security updates or out-of-cycle security updates depending on the customer needs.

What versions are vulnerable?

IE6,IE8, IE9, IE10, IE11 are vulnerable versions of the browser. Al most all the versions after IE6 seems to have been compromised. There is a chance for the browser versions IE9 or later getting security patched but the IE6 and 8 which comes with Windows XP cannot be. It is a known fact that Microsoft stopped support for XP on April 8th this year.

internet-explorer

Though people hate to upgrade to later versions of Windows operating system after XP, Microsoft seriously stated that it cannot provide the security holes that are found in the most adorable operating system, Windows XP.

Affected Software 
Operating System
Component
Internet Explorer 6
Windows Server 2003 Service Pack 2
Internet Explorer 6
Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 6
Windows Server 2003 with SP2 for Itanium-based Systems
Internet Explorer 6
Internet Explorer 7
Windows Server 2003 Service Pack 2
Internet Explorer 7
Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 7
Windows Server 2003 with SP2 for Itanium-based Systems
Internet Explorer 7
Windows Vista Service Pack 2
Internet Explorer 7
Windows Vista x64 Edition Service Pack 2
Internet Explorer 7
Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 7
Windows Server 2008 for x64-based Systems Service Pack 2
Internet Explorer 7
Windows Server 2008 for Itanium-based Systems Service Pack 2
Internet Explorer 7
Internet Explorer 8
Windows Server 2003 Service Pack 2
Internet Explorer 8
Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 8
Windows Vista Service Pack 2
Internet Explorer 8
Windows Vista x64 Edition Service Pack 2
Internet Explorer 8
Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 8
Windows Server 2008 for x64-based Systems Service Pack 2
Internet Explorer 8
Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 8
Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 8
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 8
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Internet Explorer 8
Internet Explorer 9
Windows Vista Service Pack 2
Internet Explorer 9
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9
Windows Server 2008 for x64-based Systems Service Pack 2
Internet Explorer 9
Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 9
Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 9
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 9
Internet Explorer 10
Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 10
Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 10
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 10
Windows 8 for 32-bit Systems
Internet Explorer 10
Windows 8 for x64-based Systems
Internet Explorer 10
Windows Server 2012
Internet Explorer 10
Windows RT
Internet Explorer 10
Internet Explorer 11
Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11
Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11
Windows 8.1 for 32-bit Systems
Internet Explorer 11
Windows 8.1 for x64-based Systems
Internet Explorer 11
Windows Server 2012 R2
Internet Explorer 11
Windows RT 8.1
Internet Explorer 11

Non-Applicable Software 
Operating System
Component
Server Core installation
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Not applicable
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Not applicable
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Not applicable
Windows Server 2012 (Server Core installation)
Not applicable
Windows Server 2012 R2 (Server Core installation)
Not applicable

What might an attacker do with the vulnerability?

An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit this vulnerability.

In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.

How to fight against the vulnerability?

The Internet explorer on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2 runs in a restricted mode by default which is known as Enhanced Security Configuration. This configuration is a group of settings that are preconfigured and can reduce the user running a specially crafted web content on the server.

EMET(Enhanced Mitigation Experience Toolkit) can manage security mitigation technologies that help make it more difficult for an attacker to exploit the attack. EMET helps to mitigate this vulnerability on Internet Explorer on systems where EMET is installed and configured with Internet Explorer.

An attacker can get the full control of the computer after the exploitation of the attack if you are using the computer with administrator privileges. Users with limited privileges are not effected that much of an admin.  

If you are still using XP, it’s the time to upgrade to Windows 7 or 8. As there are no security updates available to XP, users can  gain full access to your computer’s control and data which can be deleted or modified without any notice to you.

Look out for more information on this vulnerability on Microsoft Security Advisory portal.
Continue Reading