Every organization is going for virtualization. The main reason being cost cutting and to ensure maximum utilization of hardware resources. Virtualization has revolutionized the data centre and is one of the key foundational technologies underlying cloud computing. This has made Several companies rushing frantically into deploying virtualization solutions both in their private and public clouds, without taking into account the risks involved. But when organizations are going virtualization, the technology has got its own inherent vulnerabilities.
According to semantic intelligence report, July 2013; number of identities exposed by hackers are 86,901,952 this year alone (are you one of them?), how does the hackers able to achieve this? Well, it is simple, the use of social engineering and reverse engineering; the basic thing we do daily when logging-in our accounts with very complex passwords repetitively in numerous account users operate.
“Hackers expect that you’re probably using the same s***ty password on everything you’ve ever logged into because it’s the easiest way for you to use the internet.
For a hacker, this means if they’ve hacked you anywhere, they’ve hacked you everywhere, even if it’s a complex password. Simply, some websites do a crappy job keeping your password a secret from hackers and hackers can grab it from one of these crappy websites and use it on websites that you care more about.
More often than not a hacker wouldn’t be targeting individuals specifically but processing some kind of password dump for fraud or spam of some kind which would include you.
Tips for you:
- Use unique passwords on every site under the assumption that it someday may end up in the hands of someone that will use it on your bank, your email, social networks of choice, etc. It’s annoying and it sucks, do it anyway, and cross your fingers with me that someone will figure out how to fix the internet’s crappy password situation.
- Factor authentications.
- Password managers
Lastly, if you’re one of those really-smart-people that know all this stuff already, make an effort to make sure your family / friends / co-worker’s do too. Getting hacked is the worst.” Forbes, 2013.
 Forbes, 2013. ” What Are Some Computer Hacks That Hackers Know But Most People Don’t?” http://www.forbes.com, Available at: http://www.forbes.com/sites/quora/2013/08/23/what-are-some-computer-hacks-that-hackers-know-but-most-people-dont/. (Accessed on August 27, 2013 @1520 hrs.)
Cyber crooks use this attack method to capture confidential information (password, security codes, credit card numbers etc.) that they can use to their advantage. And the online banking sector is specifically targeted.
“While browsing around, you may come across a malicious site that may convince you to download some freeware. But what you don’t know is that along with the free stuff you can also download a virus or a malware” bullguard.com (2013).
It “infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application.” wikipedia.org, (2013) Continue reading Man in the Browser
mobile malwareLast year alone on Google’s mobile Android platform, Trend Micro detected 350,000 “malicious and high-risk” Android app samples, according to a report by the digital security firm. That’s an increase from the 1,000 samples it saw the previous year. Only 20% of Android device owners use a security app, the company has found. [http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-repeating-history.pdf] Continue reading Malware Threats Rise for Mobile Banking
cyber crime has been hitting the headlines of late. Michaels snowden, the run away NSA agent holed up in Russia has given us a glimpse of the whole new world that we never imagined. For sure i can now conclude that;
“If you did not invent the technology, you never know the devil inside it”, by Kimson Kimathi.
Why do i say this? Well, it is true ” the National Security Agency has had the ability to track cell phones, even when they’re turned off” (informationweek.com,Mathew J. Schwartz | July 25, 2013 09:06 AM).
“This tracking ability was revealed on July 20 by The Washington Post, in an article chronicling the evolution of the NSA’s signals intelligence work in the wake of the Sept. 11 attacks, when intelligence agencies, the military and the FBI created an “insatiable demand for its work product.” Continue reading Can you track a ‘Turned off’ Cellphone?
According to Security magazine http://www.scmagazine.com, there is a new banking Trojan being sold in the cyber-crime underground and could be poised to infect new victims as quickly and effectively as its Zeus, SpyEye and Citadel predecessors”( blogs.rsa.com). the malware is called KINS, the developer is “selling it for $5,000” (csoonline.com, July 24, 2013).