Cyber Squatting


The issue with cyber squatting is a large one as each year the websites loose a considerable amount of money due to this process. This practice of taking the large part of the domain completely unethically is not at all a new matter however. There are a lot of cases that took place before as well as at present. This form of theft which is also a kind of cyber crime, has become, as a result, a major problem in the website making industry, the domain industries as well as the companies are suffering great loss because of this kind of rapid theft and as a result they are looking for useful remedies to this problem.

There are a lot of things and matters that are linked with the case of cyber squatting. As there are a lot of companies that are coming to the field of expansion, they are finding the existing market as a very congested one. In this kind of market expansion can not be done except facing with a great many trouble. As the offline market has become too crammed with a lot many companies the competition that has been built has stopped the normal expansion of the companies. The competition in the offline has pushed the companies to look for other avenues of expansion. In this respect the companies are thinking for the alternative options for promotion and marketing.

The Online market, as can be seen now, is a vast place where the companies can have all the space that they require for their promotions. At the same time the companies can also make their own websites for making their expanded online. They can make the advertisements and promotions of their brands online as well as they can also launch the new products online which will attract more and more customers online. However, for that matter there are a lot of domains selling service providers who can help in this matter. To run the website, the companies generally have to buy the domains. Here comes the option of cyber squatting.

There are people, extremely proficient in the networking works that do this kind of cyber crime. Now that that more and more people are being proficient in advanced networking they are finding new ways, ways that are not proper, to do the business. There are companies as well who indirectly promote this kind of cyber crime as they buy these domain spaces in considerably lower prices and then set their websites there. But because of this the companies find it very problematic to utilize the full space of the website. At the same time the domain selling companies are facing huge loss as the space that they are buying for the domains are getting used by the unnamed recipients who are not paying. In the last one year only there are a lot of losses that have been suffered by the website making companies as well as the clients. Such losses, if the continue then very soon the companies have to give up their service threatened by the cyber squatting.

Open DNS Security


Open DNS’ security is one of the unknown forces that are relentlessly working to maintain cyber security. Open DNS is the gears of the internet that keep it running. Every day over 80 billion queries processed through Open DNS. It can be used for both personal and corporate purpose. There are the useful features of Open DNS and its working ways that should be known to an individual for better understanding.

Various features

Open DNS uses the infrastructure that by now subsists on the internet. There is no necessitating establishing equipment or hardware. There also isn’t any software to uphold. Any piece of equipment that may be used no issue where in the world it is used will have the benefits of Open DNS security. The fortification is without a doubt worldwide. Any protocol that is accessed will be protected. Plenty of features come with this precaution. The network prevents access to infected sites. Sites such as ones that contain malware or viruses will be avoided. Even Scam sites such as phishing sites will also be prevented.

One of the most effective hacking methods is to bring into play of botnets. Botnets are any number of a plentiful corporation or classified computers that are used to send spam or carry viruses themselves. It is more or less until the end of time done without the user’s acquaintance. Open DNS can save from harm the computer from increasingly being used as a botnet.

The system is becoming more and more interactive. An individual can set his computer to pass up certain types of content entirely. Content such as porn sites or large spam sites can be filtered. This is especially useful for parents to make use of for their adolescent’s computer. Innovation in Open DNS security permits its user’s to observe their global activity from the cloud storage platform. An individual can scrutinize his global activity and perceive any discrepancies or suspicious behavior. It’s automated, so it allows an individual to immediately identify targeted attacks.

Usual working of DNS security system

When it comes to cyber security often, prevention is not enough. The ability to detect an attack before it happens is becoming more and more of necessity. Recently, Open DNS has been implementing very advanced methods to accomplish just that. Most cyber discrepancies give off sound waves. These are detectable, and they can be identified as an attack. Each virus or another type of attack gives off a sort of chirp. The ability to detect them allows Open DNS to see them before they attack. By the time they do the damage is too great to be repaired.

The sound wave detection technology has proven to be extremely accurate. Over hundreds of these compromised domains, every single hour is detected. Over one-third of those are undetectable by most other antimalware scanners. Most attacks that start on against other DNS servers don’t work with Open DNS servers. It is highly sophisticated and is all the time being updated and enhanced to keep up with the ever-growing threat from hackers.

Conclude

Most customer reviews of Open DNS are overwhelmingly positive. The state of the art security and the ability to filter content makes it very beloved in between internet users. Its user base is growing, and so far it leads in serving 2% of the world’s internet user’s.

Hackers on Phishing Mission Target Shared Hosting Servers


Phishing Campaign

Nowadays phishing is more famous buzz word. It is the way to collect confidential information which exists online. These data includes credit and debit card details, passwords and many more. These records can be accessed by illegal methods. This comes in practice across the world.

Connection between Shared web hosting and Phishing Campaigns:

Hackers or cyber criminals target those websites which are hosted on shared web servers. Many reports have advised that cyber crimes and phishing campaigns are easy to carry on shared hosting sites
. A famous anti-phishing group has confirmed that half of the total operations took place in the last 2 to 3 years. User can follow the detailed statistics on legitimate phishing survey reports.

Anti-Phishing Working Group (APWG):

APWG uses advanced tools to monitor some phishing activities on website. One of senior member of APWG has stated that shared plans are not 100% perfect. Therefore, cyber criminals update the configurations manually on such servers to display phishing pages from a specific subdirectory of the website. Hackers are aware about the concept that many websites can be hosted on a single shared server.Exploit Many SME’s have transferred websites from shared hosting to Dedicated Servers and Virtual Servers. As a result for this all web hosting providers are focusing on safety measures.

APWG Alliance:

Popular Anti-Phishing Working Group has connection with 2000 organizations. All are from various parts of the world. These connections are from many sectors such as telecommunication companies, financial institutions, ISPs, trade groups, security vendors, law enforcement firms and government agencies. These sectors are tied up to monitor cyber crimes and phishing activities. They have also provided associated details. Organizations have shared full records on phishing attacks. IT department accepted that shared web hosting is targeted by cyber criminals. Cyber investigators stated that these techniques can be traced easily with some advanced tools.

Therefore, APWG recommended leading hosting providers against hacking process for safety measures.

Cloud Security – Guidelines for Enhanced Cloud Architecture


Data Center Knowledge

With bulk growth of cloud, it is clear that many organizations are giving some kind of cloud model to optimize their business. Big cloud service providers are doing great job around security, some areas are there for improvement within private data center. Smaller cloud providers ensure always integrity of client base. Three important points are there to consider:

  • Cost of data breaches increased : To break downward trend over past two years, both organizational cost of data failure or stolen record has increased. Cost of data breach for an organization represented in study increased from $5.4 million to $5.9 million.
  • Malicious attacks result in highest per capita data breach cost : Consistent with prior reports, ex filtration or data loss resulting from malicious attack produces highest cost at an average of $246 per compromised record. Both system glitches and employee mistakes results in much lower average per capita costs $171 and $160 respectively.
  • A probability of material data breach is shown by result over next two years involves minimum of 10,000 records is nearly 19 percent.

Areas need for improvement in cloud security aspects in terms of creating cloud platform:

Checking for port openings : If its a small organization, will be bit easier. But in case of large cloud organizations, if anyone has multiple data center points and different firewalls to manage. How well anyone keep his eye on port controls, policies and resources are distributed? Network, port and security policy mis-configurations are causes for failure. If anybody has heterogeneous security architecture, there are some tools help in monitoring security appliances from different manufacturers.

Improper position of Hypervisors and VMs outside-facing : In many cases, a VM should face externally facing or in DMZ a hypervisor needs to be positioned. It is difficult to take extra care by these kinds of infrastructure workloads. Other internal resources are interacted or not. Network policies are controlling access to Hypervisor and VMs. Hypervisor of user has access to lot of critical components within his data center. If it will not be locked down properly then host-level access can be dangerous.

Portals, databases and applications not locking down properly : User can have best implicit server, hypervisor and data center architecture but if some holes are there in application then they have other problems as well. Some big failures may happen because an application was not patterned and database was not locked down properly. These applications are proved via cloud so this can’t be overlooked especially.

What users are monitoring externally vs internally : Monitoring and visibility are important to keep secure cloud and data center architecture. Management and Log correlation allow user to catch subject quickly and isolate them to network segments, VMs or physical server. Users are allowed to control flow of information granularly by security tools within own ecosystem. So that user can specify one server communicates over a particular vLAN pointing to a specific port on a unique switch. Data can be encrypted internally and externally. This key is capable to monitor all process and automate responses. Not only better visibility is created but also security model will be more proactive.

Lot of moving parts is there in cloud. Like gears, complex workloads are allowed to be delivered by all these parts, work together for variety of users spanning the world. Cloud adoption will be growing continuously. By testing and monitoring own cloud and data center environment and applying best practices of security, users will be prepared for anything that comes in way.

Shellshock bug – BASH


Introduction:

Shellshock-bugRight now, security professionals are jostling to fix security flaw that has come to known as Shellshock. It is also known as Bashdoor and is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Bash, short for Bourne-Again Shell, is the default shell in Ubuntu and it is a free piece of software that is now built into more than 70 percent of the machines that connect to the Internet, which consists of routers, servers, computers, some mobile phones and even everyday items like refrigerators and cameras.

Why do we need it and what is Bash?

Bash is an interpreter that allows you to orchestrate commands on UNIX and Linux systems, typically by connecting over Telnet or SSH. Bash is also able to function as a parser for CGI scripts on any web server. It’s been around since the late 80s where it evolved from earlier shell implementations and is extremely accepted. There are additional shells out there for UNIX variants; the thing about Bash though is that it is the default shell for Mac OS X and Linux which are apparently well established operating systems.

What is the bug that is discovered?

Most considerably, there is no validation required when exploiting Bash via CGI scripts.

The risk centers around the ability to arbitrarily define environment variables within a Bash shell which state a function description. The problem commences when Bash continues to process shell commands after the function definition resulting in what we would classify as a “code injection attack”.

Who is vulnerable?

Macintosh, as well as a many other web servers running operating systems such as Linux.
Computers will be actually vulnerable if they invoke Bash in an unsafe way. This is true of numerous web servers and it is held, that different types of network services could also be vulnerable. But it will take a while for security experts to audit various pieces of software to check for vulnerabilities.

Many IOT (Internet of Things) devices run embedded Linux sharing with Bash. All these devices have already been shown to demonstrate serious security vulnerabilities. Bash shells are also present in many more general devices, for e.g. our home routers.

What should be done for Protection?

First and foremost thing as an end user is to keep an eye for your platform’s software latest update that they are rolling out, and to install it as soon as possible when it is available. The bigger worry is the devices with no easy patching path, for example router.

In short, the advice to consumers is this: always be alert for latest security updates, predominantly on OS X. Also be on alert for any information you may get from your ISP or other providers of devices you have that run embedded software. Be very cautious of emails instructing you to run software or requesting information. Avoid logging into untrusted wifi networks as malicious wifi router could use the bug to hack into users’ laptops and mobile devices.

Most of the heavy lifting needs to be done by security professionals, not the end user as for the majority component; servers are more vulnerable than users’ own computers.

How can attackers take advantage of this vulnerability?

Bug can be used to hack into helpless servers. Once inside the server, attackers could steal user data, deface websites and engage in other forms of harmful activity.

There is a fair chance that hackers will make use of the weakness to generate a worm that automatically swell from vulnerable machine to vulnerable machine. The consequence it will lead to will be a botnet, a network of countless numbers of machines which are compromised, that function under the control of a single hacker. These botnets — which are often produced in the wake of major vulnerabilities — can be used to steal confidential data or to propel spam, contributing in denial-of-service assault on websites.

As this is being written security professionals are racing to update their server software before the hackers have time to attack it.

How much time will it take to fix the problem and how difficult it is?

From a technical perception, the fix is not that difficult. A part of fix has already been made available, and a complete fix will be out as soon as possible.

The most complicated part is as Bash is embedded in a huge number of different devices, it will take extensive time to locate and fix them all. For example, many personal wifi routers run web servers to enable users to configure them using a web browser. A number of of these devices may be vulnerable to a Bash-related attack. And regrettably, these devices do not have a straightforward or automatic mechanism for upgrading their software.

Hack The Hackers


Why hack?

Hacking has become a spine-chilling menace in the IT world and before we move on to steps to prevent the same we must know about the basics of hacking. The modification of the features of a system is part of what hacking is about.  Via technical effort hackers cause manipulation of the standard behavior of a network and the systems which they are connected to. One reason why the cyber criminals hack websites is to have access to a server which is untraceable and what keeps the demand graph going high is the constant detection of hacks by website owners. Mailing out of spam’s through the mail servers of the websites is another reason for hacking.

Then and now

In the good old day’s emails were the whole sole agents from where malicious code was propagated but changing times have taken hacking to an all new level wherein websites are targeted to be the primal agents from where the dirty work is accomplished and the nasty code is distributed. Conventional wisdom may make users think that the plethora of adult or gambling websites floating the world wide web is the hub of such activities but the truth is farfetched from this since nowadays small business enterprises are the ones whose websites are abused the most, and the worst part being that the website owners themselves are unaware of their contribution. Even blogs or news sites are epicenters for nefarious hacker activity.

Modus operandi of hackers

Hackers may be able to enter websites via backdoors like URL querystrings and input forms like search, login or user input textboxes that has communication with a database. Bogus characters can be entered into the URL query strings which can be interpreted as an SQL and execution through an innocent database may result in breakdown of the website. This breakdown could cause error messages which may yield sensitive private information about the database. In this way they can have access to the structure of the database and maps or footprints of the columns’ and tables used in the website can be created. Having access over the database the hacker may erase sensitive information, cause virus infection or even steal sensitive data like credit card numbers. Websites which run by SQL databases are most hacker attack prone.

Some vital steps to make your websites impermeable to hacking

  1. Conduct regular scans on your website for any anomalies or unexpected changes
  2. The encryption of sensitive information must be done via SSL certificates.
  3. Security loopholes and other vulnerabilities can be identified by using a penetration tester.
  4. Contingency planning: Just in case, of a hacker attack must be there. Data backups, specially, in case of websites with dynamic content is a must do.
  5. The coding principals must be secure and up to the mark
  6. All the software’s including the web server software’s must be patched and updated.
  7. Keep a strong password. Obvious passwords or passwords which can be easily guessed give an easy entry to the sharp hackers. For example a password which has question marks, exclamation marks and other special characters must be kept. Also ensure that you are not using the default password. While logging into unsecured protocols like http and ftp over public Wi-Fi networks intercepting of passwords is a risk, so try minimizing the same.
  8. Downloading of Random plugins must be avoided and plugins should only be downloaded from authentic trustworthy websites.
  9. Access to hosting accounts via viruses, key logger or Trojan, which may have been planted while you were visiting a seemingly innocuous website, is also a possibility. Antivirus software’s must be updated to keep the pc free from such attacks.
  10. Go to sites like sitelock which have daily monitoring tools to identify vulnerabilities, detect malware and scan for viruses.
  11. Keep platform and scripts up to date and also look for security plugins that prevent against hacking attempts.

These are just a few steps which you can take to protect yourself from the malicious intent of the hackers but are a humble beginning. Keep your eyes open to newer mechanisms to safeguard yourself by constant research and updating of your knowledge. Best wishes for the safety of your website.