TheOne

VirusBulletin este o revista dedicata securitatii IT, cu prima aparitie in anul 1989. Din 1991 a organizat anual conferinte la care participa elita producatorilor de produse de securitate IT. In plus, testele sale comparative pe programe antivirus au devenit un standard recunoscut de toti producatorii. Pe site-ul oficial sunt disponibile doar rezultatele testelor antivirus pe setul de virusi ITW (virusi foarte raspanditi), insa testul complet pe un set de virusi de tip zoo (restul virusilor, cu o raspandire mica sau medie) este accesibil doar celor care se aboneaza la revista. Iata ca pentru luna aprilie 2014, rezultatele testului au fost publicate mai tarziu din motive obiective (reorganizarea VB la nivel global). Acesta a inclus 35 de produse de securitate, dintre cele mai utilizate la nivel global si a fost realizat pe un sistem de operare Windows 7. Au picat testul: Avast! Free Antivirus (virusi ITW ratati), Baidu Antivirus (virusi ITW ratati si alarme false), MSecure (alarme false), PC Pitstop PC Matic (virusi ITW ratati si multe alarme false), QuickHeal Total Security (virusi ITW ratati) Iata si detectia produselor testate (selectie a celor mai utilizate): Agnitum Outpost – 72 % Avast! Free Antivirus – 81.4% AVG IS – 98.9% Avira Free Antivirus – 98.3% BitDefender Antivirus Plus – 98.3% BullGuard – 99% Emsisoft – 95.2% ESET Nod32 – 88.2% G Data Antivirus – 99.7% Kaspersky IS – 90.2% Microsoft Security Essentials – 77.8% Panda Cloud AV – 95.5% Qihoo 360 IS – 98.4% Tencent PC Manager – 98.6% TrustPort – 98.9% ZoneAlarm ISS – 87.3% Cum vi se par rezultatele, avand in vedere ca sunt singurele recunoscute unanim de toti producatorii si deci cele mai obiective? Iata si graficul comparativ al detectiei totale – detectie proactiva: Pentru alte detalii legate de acest test accesati: https://www.virusbtn.com/virusbulletin/archive/2014/04/vb201404-comparative#id4819421 -> Sursa: Rezultatul testului antivirus VirusBulletin – aprilie 2014. Avast! si Emsisoft au picat.

UP!

O noua tulpina de malware greu detectabil este capabila de deturnarea unor portaluri web cunoscute, cum ar fi Yahoo si Gmail, pentru a primi comenzi de control. Ceea ce face troianul IcoScript atat de neobisnuit este faptul ca malware-ul utilizeaza propriul limbaj de programare pentru a se conecta automat la un cont de e-mail. Acel cont a fost creat de catre hackeri pentru a lansa comenzi catre computerele infectate. Accesul la servicii de webmail este rareori blocat in retelele companiilor si, prin urmare, troianul poate primi si executa comenzi fara a fi observat. Expertii in securitate de la G DATA au numit malware-ul Win32.Trojan.IcoScript.A. O analiza detaliata a fost publicata in revista de specialitate Virus Bulletin. Trojanul infecteaza computerele cu sisteme de operare Windows Malware-ul inselator, numit Win32.Trojan.IcoScript.A, a cauzat probleme inca din 2012, fara a fi descoperit. Troianul, un sistem modular de administrare de la distanta (RAT), infecteaza computerele cu Windows. Alte programe malware de acest gen se autoinjecteaza, de obicei, in procesele aplicatiilor, iar software-ul antivirus nu are nici o problema in a detecta aceasta metoda. IcoScript, pe de alta parte, abuzeaza de interfata COM (Component Object Model) pentru a debloca accesul la Internet Explorer. Printre altele, interfata COM permite dezvoltatorilor sa scrie plug-in-uri pentru browser. Aceasta functionalitate pune la dispozitia programatorilor de malware un loc ascuns pentru a compromite browser-ul, fara a fi observat de catre utilizator sau de protectia antivirus. Ulterior, datele de pe computer si din retea arata ca niste date complet normale de navigare. Mai mult decat atat, autorii de malware nu trebuie sa-si faca griji cu privire la setarile din retea; ele pot fi acceptate, deoarece au fost configurate in browser. “Acest malware adaptabil si variabil, care incorporeaza activitatile sale in fluxuri de date regulate, creaza dificultati majore departamentelor de securitate si sistemelor de protectie IT,” spune Ralf Benzmuller, sef al G DATA SecurityLabs. “Malware-ul demonstreaza inca o data cat de bine studiaza dezvoltatorii de malware mecanismele de aparare.” IcoScript utilizeaza in mod abuziv serviciile de webmail pentru a prelua functiile de comanda IcoScript functioneaza prin utilizarea Internet Explorer pentru a abuza de servicii de webmail, cum ar fi Yahoo, pentru a prelua functiile sale de comanda si control. In scopul de a accesa e-mail-urile incarcate in casuta postala, IcoScript a fost echipat cu propriul sau limbaj de programare. Acest lucru ii permite sa execute actiuni automate pe paginile portalurilor web. IcoScript.A realizeaza acest lucru prin deschiderea portalului de e-mail Yahoo, conectarea la acesta si preluarea e-mail-ului. Cauta codul de control al e-mail-ului, care este apoi transmis catre programul malware ca o comanda. E-mail-ul poate fi utilizat si pentru a trimite date din retea.”Acest proces nu este limitat doar la Yahoo, ci poate functiona la fel de bine pentru numeroase portaluri web, cum ar fi Gmail, Outlook, etc. Chiar LinkedIn, Facebook si alte retele sociale ar putea fi utilizate in mod abuziv in acest scop,” explica Benzmuller. Virus Bulletin, o baza solida în industria de antivirus Analiza a fost publicata in revista britanica de IT, Virus Bulletin, sub titlul “IcoScript: Utilizarea Webmail-ului pentru a controla malware-ul”. “IcoScript este un malware foarte neobisnuit. Suntem incantati ca articolul nostru a fost publicat in aceasta revista de renume si privim acest lucru ca pe o recunoastere a cercetariilor intreprinse de echipa noastra. Virus Bulletin este un element determinant in industria de antivirus in care si-a castigat o reputatie excelenta prin informarea independenta, obiectiva si profesionala despre programele malware de-a lungul anilor,” spune Benzmuller. O versiune HTML a intregului articol este disponibila pe website Virus Bulletin: https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript sau in format PDF: https://www.virusbtn.com/pdf/magazine/2014/vb201408-IcoScript.pdf -> Sursa: Malware camuflat: botneti controlati prin webmail

Bitdefender introduce WearON, o func?ie de interconectare a telefonului cu accesoriile inteligente Bitdefender introduce tehnologia de securitate recunoscut? pentru performan?? la nivel global, în domeniul accesoriilor inteligente. Astfel, noul Bitdefender Mobile Security & Antivirus integreaz? func?ia WearON, un modul de protec?ie pentru ceasurile inteligente ce folosesc Android Wear, care ajut? utilizatorii s? g?seasc? mai u?or telefoanele chiar dac? acestea au tonurile de apel ?i SMS dezactivate. WearON poate declan?a o alert? pe telefon de la distan?? ?i va aten?iona posesorul ceasului inteligent prin vibra?ie dac? acesta se îndep?rteaz? periculos de mult de telefon. Modulul va fi integrat în aplica?ie prin simpla actualizare a noului Bitdefender Mobile Security & Antivirus asigurând o protec?ie complet? ?i o m?sur? în plus de ap?rare în situa?iile de pierdere a telefonului mobil. “Bitdefender abordeaz? securitatea din toate unghiurile posibile pentru a asigura protec?ia total? în toate situa?iile. Integrarea accesoriilor inteligente în sfera de ap?rare a utilizatorului adaug? o nou? fa?et? securit??ii cibernetice – un scut portabil de ap?rare pentru a împiedica pierderea sau furtul smartphone-urilor”, a declarat C?t?lin Co?oi, Chief Security Startegist Bitdefender. Noul Bitdefender Mobile Security&Antivirus protejeaz?, de asemenea, confiden?ialitatea datelor utilizatorului cu App Lock, o func?ie lansat? recent, care permite posesorilor de smartphone s? blocheze accesul la datele sensibile prin introducerea unui cod PIN pe aplica?iile dorite. Noile func?ii se adaug? unei game de instrumente de protec?ie ce include scanarea la instalare, modulul Anti-Furt, func?ia de Consilier de Confiden?ialitate sau serviciile de antivirus ce au la baz? cea mai eficient? linie de software antivirus. Noul Bitdefender Mobile Security & Antivirus este disponibil la https://play.google.com/store/apps/details?id=com.bitdefender.security. -> Sursa: Bitdefender introduce WearON, o func?ie de interconectare a telefonului cu accesoriile inteligente

La inceput nici eu n-am inteles exact despre ce e vorba. Cum sa furi bani dintr-un interfon? "Codul de intrare" De cand plm exista cod de intrare la interfon? WTF...

Ma decat sa aruncati aiurea cont-urile alea de filelist p-aici, mai bine cine are nevoie ii trimite-ti in PM...

Network security practitioners rely heavily on intrusion detection systems (IDS) to identify malicious activity on their networks by examining network traffic in real time. IDS are available in Network (NIDS) and Host (HIDS) forms, as well as for Wireless (WIDS). Host IDS is installed via an agent on the system you are monitoring and analyzes system behavior and configuration status. Network IDS inspects the traffic between hosts to find signatures of suspicious behavior and anomalies. Wireless IDS identifies rogue network access points, unauthorized login attempts, encryption-level in use, and other anomalous behavior. There are many options for open source IDS tools if your budget for buying new tools is tight. Asset inventory and vulnerability management go hand in hand with IDS. Knowing the role, function, and vulnerabilities of your assets will add valuable context to your investigations. AlienVault Unified Security Management (USM) includes IDS integrated with asset discovery and vulnerability scanning so you can quickly get all the information you need to respond to incidents. AlienVault’s Network IDS shows you the overall status of your network for a management view: Best practices for Network IDS: Baselining or profiling normal network behavior is the first step for IDS deployment. Determining what’s “normal” for your network allows you to focus on anomalous and potentially malicious behavior. This saves you time and brings real threats to the surface quickly for remediation. Placement of the IDS device is an important consideration. Most often it is deployed behind the firewall on the edge of your network. This gives the highest visibility but it also excludes traffic that occurs between hosts. The right approach is determined by your available resources. Start with the most obvious placement of the device, then over time you can provide additional IDS focus into less obvious areas. You should also consider having multiple IDS installations to cover intra-host traffic You need to properly size your IDS installation by examining the amount of data that is flowing in BOTH directions where you wish to tap. Be sure to add overhead for future expansion. False positives occur when your IDS alerts you to a threat that you know is innocuous. An improperly tuned IDS will generate an overwhelming number of false positives. Establishing a policy that removes known false positives will save time in future investigations and prevent unwarranted escalations. Tuning your IDS to report as few false positives as possible will make your life much easier, as you can focus on the more important issues with the least distraction possible. AlienVault USM reduces false positives through the fidelity of its correlation rules. The AlienVault research team has a deep understanding of the data sources entering the correlation engine. This insight allows them to create accurate correlation rules based on actual behavior seen in the wild, as opposed to just guessing what you *might* have integrated like other products have to do. Furthermore, when alarms do occur, USM provides the rich context needed to make the determination of validity. You can spend less time swiveling in your chair from console to console, and focus on the incident. Next, let’s look at best practices for Host IDS: The default settings for which files to watch are not enough. The defaults for HIDS usually only monitor changes to the basic operating system files. They may not have awareness of applications you have installed or proprietary data you wish to safeguard. Define what critical data resides on your assets and create policies to detect changes in that data If your company uses custom applications, be sure to include the logs for them in your HIDS configuration As with Network IDS, removing the occurrence of false positives is critical The AlienVault USM Host IDS overview screen, shows OSSEC agent information: Finally, let’s examine best practices for Wireless IDS (WIDS): Like physical network detection, placement of WIDS is also paramount. Make sure you are watching in the right places. Placement should be within the range of existing wireless signals Record and inventory existing Access Point names and whitelist them When it comes to finding the threats in your environment, you need intrusion detection systems everywhere on your network. AlienVault Unified Security Management (USM) includes IDS fully integrated with asset discovery, vulnerability management, behavioral monitoring and Security Information and Event Management (SIEM) to tie it all together. Learn more about AlienVault USM: Free 30-day trial Interactive test drive (no download required) 3-minute overview video On-demand product demo -> Sursa: AlienVault Releases Intrusion Detection Systems (IDS) Best Practices

If you have jailbroken your iPhone, iPad, or iPod touch and have downloaded pirated tweaks from pirated repositories, then you may be infected by “AdThief” malware, a Chinese malware that is now installed on more than 75,000 iPhone devices. According to a recent research paper published on Virus Bulletin by the Security Researcher Axelle Apvrille, the malware, also known as "spad," was first discovered by security researcher Claud Xiao in March this year. Till now, AdThief aka Spad malware has hijacked an estimated 22 million advertisements and stealing revenue from developers on the iOS jailbreak community, Axelle Apvrille says. The malware allegedly infects iOS jailbroken devices by disguising itself as Cydia Substrate extension, presents only on jailbroken Apple devices, when a malware infected Cydia package is downloaded and installed by the unsuspecting user. Once installed, the malware modifies certain advertisements displayed on your iOS devices in an effort to redirect all the revenues to malware developer. In short, if you download or install a free ad-supported iOS app from the App Store, all of the cash generated by that app goes to the cyber criminal behind AdThief rather than the app’s developer. Adthief has targeted advertisements from 15 popular mobile advertising networks, including Google’s AdMob and Mobile Ads, AdWhirl, MdotM, and MobClick, four of which were based in the US, two in India and the remainder in China. The security researcher was able to identify the targets because the hacker mistakenly forgot to remove identifying information from the code. Further investigation allowed Apvrille to identify the coder who ran a blog providing details of various Android hacks, a Github and inactive Twitter account. Researcher located a Chinese vxer Rover 12421 who admitted writing the AdThief code but denied propagating it. According to the researcher, the number of infected devices by the malware is small if compared to the figure of iOS devices in use, attackers likely generated significant revenue with an estimated 22 million advertisements hijacked. The most important thing about this particular hack is that there is no way to find out if your device is infected by AdThief malware, because it runs in the background and is almost impossible to detect. Users of unmodified iOS devices need not to worry as they are safe from this malware infection. Users of jailbroken Apple iOS devices are recommended to avoid downloads from untrusted repositories. Always be careful about adding new sources, and also be suspicious of those sources that promise pirated downloads of paid apps or tweaks. -> Sursa: 'AdThief' Chinese Malware Infects Over 75,000 Jailbroken iOS devices

Sectiunea aia a fost creata cu cap, nu doar pentru aia care vor sa faca post-uri aiurea. Deci nu se va sterge nimic, oricum daca faci un thread prostesc, fara sens primesti warn/ban in functie de situatie.

Google has been involved in several controversies including among the companies that was claimed to cooperate with US surveillance agencies on their global data-mining programmes, and just yesterday the popular Media tycoon Rupert Murdoch labeled Google worse than the NSA, saying “NSA privacy invasion bad, but nothing compared to Google.” Now another, but already known controversy over the Internet giant has raised many concerns over privacy of users who carry their smartphones with them. We all have sensors in our pockets that track us everywhere we go i.e. Smartphones. GOOGLE TRACKS YOU EVERYWHERE YOU GO Today, with the help of these sensors, Google is tracking our every foot steps and placing a red dot on its map to keep track of users’ records, Junkee.com reports. “You can yourself check your every move from here. You just need to log in with the same account you use on your Smartphone, that’s it. The map will display all the records of everywhere you've been for the last day to month on your screen,” Elizabeth Flux, editor of Voiceworks magazine wrote. You can check your Location History Here. LOCATION TRACKING - A WORRYING ISSUE Location is one of the most sensitive elements in everyone’s life. Where people go in the evening, at vacations - every data is a part of one’s private life and the existence of that data creates a real threat to privacy. The absence of notifying users only means an ignorance to the privacy of users. However, your records goes to the Google only if you have enabled ‘location services’ in your smartphone devices. If you have disabled this service in your phone then you will find no location data on the map. Infact, if users disable their devices’ location service, apparently it somehow go switched back ON, if in case, any app wants access to their GPS location. So, it’s quite difficult to remain at the safer track. In 2009, MPs criticised the Internet giant Google for its "Latitude" system, which allowed people to enable their mobile to give out details of their location to trusted contacts. At the time MPs said that Latitude "could substantially endanger user privacy", but Google pointed out that users had to specifically choose to make their data available. WHY TRACKING Google track on users, long been said, for the purpose of targeted advertisements. But tracking opens the door to surveillance not only by advertisers but governments as well. Many third parties already track smartphones and tablets by picking up their user data for various purposes, mostly commercial or ad-related. Advertisers and retail stores can record location data about users in order to either serve certain location-related ads, or to better customize store layouts to maximize in-store impulse purchases. TURN OFF LOCATION SERVICE But, If Privacy matters you a lot, then turn Off location service on your device, and better avoid those apps that ask for your location data. To disable the location service, select Settings > Privacy > Location and then untick the box next to Use my location. After former NSA contractor Edward Snowden revealed about the Global Surveillance programs, Privacy has become an important issue for every individual. Despite implementing any ‘privacy’ settings, all our personal information is being collected and stored somewhere. -> Sursa: Google Map Tracks Your Every Move. Check Your 'Location History' to Verify It

Fa exact ce-ti place tie, nu e neaparat ca tatuajul ala sa insemne ceva pentru tine, si eu am vreo 7 tatuaje doar 2 insemna ceva pentru mine, un scorpion asa sunt de zodie si scrisul "My angel is my mother" restu sunt tatuaje care le-am gasit pe net si mi-au placut... Trebuie sa te gandesti ca o persoana o sa-ti zica "nu-mi place tatuajul tau" nu poti sa te caci in gustul omului. Asa ca fa-ti ceea ce-ti place tie, tu il porti nu altu'. Daca tot vorbeai de IT:

Kaspersky Lab descopera ca vulnerabilitatea zero-day exploatata de Stuxnet inca ameninta utilizatorii Expertii Kaspersky Lab au publicat raportul realizat in urma cercetarii “Windows usage and vulnerabilities“, derulate in vara anului 2014. Conform concluziilor raportului, vulnerabilitatea CVE-2010-2568 a fost descoperita in anul 2010, in acelasi timp cu faimosul vierme cunoscut sub numele de Stuxnet. Programul malware care exploateaza aceasta vulnerabilitate este folosit si astazi pe scara larga si reprezinta o amenintare considerabila la adresa utilizatorilor: 19.000.000 de utilizatori s-au confruntat cu aceasta vulnerabilitate intr-un interval de opt luni, din noiembrie 2013 pana in iunie 2014. CVE-2010-2568 reprezinta o bresa in securitatea comenzilor rapide din Windows, ce permite atacatorilor sa incarce un fisier arbitrar DLL fara ca utilizatorul sa stie. Aceasta vulnerabilitate afecteaza Windows XP, Vista si Windows 7 precum si Windows Server 2003 si 2008. Ea a fost exploatata si de Stuxnet, viermele detectat in iunie 2010, cunoscut pentru faptul ca a condus, se pare, la distrugerea fizica a echipamentului de imbogatire a uraniului de la centralele electrice nucleare din Iran. In toamna anului 2010, Microsoft a lansat o actualizare de securitate care corecta aceasta vulnerabilitate. In ciuda acestui fapt, sistemele de detectare ale Kaspersky Lab inca inregistreaza milioane de instante de malware care exploateaza aceasta vulnerabilitate. Dintr-o analiza pe tari, a reiesit ca intervalul cu cele mai multe detectari a fost noiembrie 2013 – iunie 2014, cele mai vizate tari fiind Vietnam (42,45%), India (11,7%), Indonezia (9,43%), Brazilia (5,53%) si Algeria (3,74%). In mod remarcabil, aceeasi cercetare indica faptul ca Vietnam, India si Algeria se afla pe lista tarilor cu cele mai multe descoperiri ale CVE-2010-2568 si printre tarile fruntase ca numar de utilizatori de Windows XP. Acest sistem de operare se afla pe primul loc la numarul de descoperiri ale CVE-2010-2568: 64,19% din detectari au fost raportate de pe computere cu Windows XP. Windows 7, in prezent cel mai utilizat sistem de operare din lume, se afla pe locul al doilea, cu 27,99% de descoperiri. Pe urmatoarele locuri se afla Windows Server 2008 si 2003 cu 3,99% respectiv 1,58% de descoperiri. Expertii Kaspersky Lab subliniaza faptul ca, in acest caz, numarul mare de detectii nu inseamna neaparat un numar mare de atacuri. Din cauza modalitatilor distincte in care este exploatata aceasta vulnerabilitate, este imposibil sa faci o diferenta clara intre cazurile in care produsele Kaspersky Lab au protejat utilizatorii de atacuri reale cu malware care exploata CVE-2010-2568 si cazurile in care produsele au detectat comenzi rapide (shortcuts) vulnerabile, generate automat de un vierme anume. Numarul mare de detectii CVE-2010-2568 demonstreaza ca, la nivel global, inca exista numeroase computere vulnerabile la atacuri de malware care exploateaza aceasta vulnerabilitate. Expertii Kaspersky Lab presupun ca majoritatea acestor detectii provin de la servere care nu sunt intretinute adecvat, care nu au actualizari regulate si nici o solutie de securitate; aceste servere ar putea fi preluate de viermi care utilizeaza malware ce exploateaza aceasta vulnerabilitate. Urmandu-si procedura automata, aceste programe de malware creeaza comenzi rapide (shortcuts) periculoase intr-un folder de acces general; de fiecare data cand un utilizator protejat de o solutie Kaspersky Lab care are acces la folder acceseaza o asemenea comanda rapida (shortcut), programul periculos este detectat. „Aceasta situatie creeaza un risc permanent de infectare cu malware in organizatii in care aceste servere vulnerabile inca sunt operationale,” spune Vyacheslav Zakorzhevsky, Head of the Vulnerability Research Team la Kaspersky Lab. „Recomandam managerilor IT sa acorde o mai mare atentie la actualizarea software-ului pe computerele din companii si sa utilizeze instrumente adecvate de protectie impotriva amenintarilor cibernetice,” incheie Vyacheslav Zakorzhevsky. Pentru a minimiza riscul atacurilor, expertii Kapersky Lab recomanda actualizarea regulata a programelor software folosite, stergerea celor neutilizate si instalarea unei solutii de securitate fiabila, echipata cu tehnologiile potrivite pentru a contracara atacurile. De exemplu, sistemul Automatic Exploit Prevention al Kaspersky Lab este construit pentru a contracara tentativele de exploatare a vulnerabilitatilor necunoscute ale produselor software prin intermediul detectarii euristice, iar eficacitatea sa este confirmata de catre cercetatorii independenti. Tehnologia este incorporata atat in produsele Kaspersky Lab destinate utilizatorilor individuali, catsi in produsele pentru companii precum Kaspersky Internet Security Multi-Device, Kaspersky Small Office Security si Kaspersky Endpoint Security for Business. Mai multe informatii gasiti pe securelist.com. -> Sursa: Kaspersky Lab descopera ca vulnerabilitatea zero-day exploatata de Stuxnet inca ameninta utilizatorii

Gama de produse 2015 de la Kaspersky a fost lansata curand si iata ca puteti testa in amanuntime timp de 3 luni de zile Kaspersky Anti-Virus 2015, printr-o promotie speciala Accesati link-ul de mai jos pentru a beneficia de promotie: Antivirus 2015 Kaspersky gratuit pendant 3 mois ! -> Sursa: Kaspersky Anti-Virus 2015 – 3 luni licenta GRATUITA

OFF: Nu mai judecati omul aiurea, el macar isi da silinta sa faca ceva, voi ce faceti? Frecati p&$a in fata unui monitor. Vedeti un moderator/admin sa comenteze gen " ce blog nasol ai "? NU frate ca aia au CAP! ON: Bravo man! Continuia, nu te lua dupa ce zice lumea, fa ce crezi tu ca e bine! Aici va fi mereu unu sa-ti zica " Vai ce inutil e blog-ul tau" EDIT: Te ajut eu cu un domeniu + hosting zilele astea. 1 an de zile ai gratis! O sa-ti trimit pm! Iti dau ajutorul asta doar pentru ca vreau sa mergi inainte cu proiectul tau!

Te rog, incearca sa nu faci posturi inutile. Nu am cerut parearea nimanui. Citeste cu atentie si ai sa vezi ca nu e cum zici tu. Fiecare are rostul ei.

Eu nu vad alte thread-uri... arata-mi tu te rog. Mersi.

Conform concluziilor la care a ajuns compania americana Hold, aproape 1,2 miliarde de date inregistrate referitoare la conturi si care constau in nume de utilizatori si parole, sunt susceptibile a fi fost furate de un grup de hackeri rusi. Se crede ca aceste date au fost sustrase de pe 420.000 website-uri, care au ramas necunoscute pana la momentul actual. Tranzactiile cu date de autentificare pe conturi de email sau portaluri de cumparaturi online sunt o afacere extrem de profitabila pentru infractori. Valoarea de piata a acestui tip de date depinde de calitatea datelor inregistrate puse in vanzare. In urma unor analize a structurii preturilor de pe forumurile economiei subterane, G DATA estimeaza ca valoarea acestor inregistrari se apropie de 12 milioane de euro. Datele verificate pot sa aduca chiar o valoare semnificativ mai mare atacatorilor. G DATA ii sfatuieste pe utilizatorii de Internet sa-si schimbe imediat parolele folosite pe cele mai importante portaluri web precum, servicii de email, online shopping sau servicii de plata, si sa respecte masurile de siguranta. Un anumit tipar folosit de utilizatori, este foarte periculos in cazul furturilor de date: utilizatorii de Internet folosesc adesea aceeasi combinatie de nume de utilizator si parola pentru a accesa un numar diferit de website-uri, lasand astfel descoperit un front larg de site-uri vulnerabile la atacuri in fata atacurilor. Ce reprezinta o parola sigura? Multi utilizatori isi creaza parole care sunt bazate pe detalii personale, pentru a fi mai usor de reamintit. Este un lucru pe care si atacatorii il anticipeaza. Adesea, parolele formate din numere scurte sunt usor de ghicit, prin simpla incercare de tastare a zilei, lunii sau anului nasterii victimelor. Alta metoda comuna de ajutare a memoriei este folosirea de nume de animale de companie sau ale partenerilor de viata, si este usor de folosit de catre atacatori. Combinatiile de majuscule, litere mici si numere sunt mult mai sigure. Parolele sigure constau in cel putin opt caractere ce contin litere mici, majuscule si cifre. Spre exemplu, daca cineva ar insira primul caracter al fiecarui cuvant, fiecare cifra si fiecare semn de punctuatie din urmatoare fraza: “Astazi, 11 august, am creat o parola sigura constand din 15 caractere”, ar crea urmatoarea parola: A,11A,acOpscD15C”. Verificare de securitate pe trei niveluri de la G DATA: Protectie antivirus: In multe locuinte sunt folosite dispozitive diferite pentru navigare pe Internet. Acesta este motivul pentru care utilizatorii ar trebui sa verifice securitatea tuturor dispozitivelor existente, desktop-uri, laptopuri, telefoane inteligente sau tablete. Toate dispozitivele ar trebui sa fie protejate de solutii moderne si actualizate de protectie antivirus. Sistemele de operare si celelalte aplicatii: Toate actualizarile de securitate ale sistemului de operare si ale programelor instalate ar trebui sa fie descarcate si instalate fara intarziere. Aceasta va inchide bresele existente de securitate si va proteja in cazul viitoarelor atacuri. Schimbarea parolelor: Utilizatorii afectati ar trebui, ca pe langa schimbarea parolelor de la casutele de email sa-si creeze parole noi pentru toate conturile care au legatura cu casutele de email, de exemplu, magazine online, conturi de online banking, platforme de socializare media sau website-uri de licitatii de vanzare. In special, pentru nu se stie sigur daca datele nu au ajuns in mainile infractorilor prin intermediul conturilor de email compromise. -> Sursa: Furt de date colosal: cat de mult valoreaza datele tale pentru infractori

Analiza Kaspersky Lab: 52% dintre companii sunt dispuse sa investeasca in protectie suplimentara pentru tranzactii financiare Conform unei analizeintreprinse de Kaspersky Lab in colaborare cu B2B International in 2014, la nivel european, 52% dintre companii sunt dispuse sa investeasca in software dezvoltat special pentru protejarea tranzactiilor financiare, utilizand fie componente instalate pe propria infrastructura, fie servicii furnizate de o terta parte. Conform analizei Kaspersky Lab, securizarea informatiilor de plata si a tranzactiilor financiare reprezinta o prioritate pentru companii: o treime dintre companii (34%) plaseaza protectia acestor informatii in top trei prioritati pe anul viitor, pentru managementul IT. Aproape jumatate dintre participantii la studiu considera ca organizatiile lor au nevoie de securitate sporita atunci cand este vorba despre tranzactii financiare. Companiile mai mari sunt mai dispuse sa investeasca in cele mai bune tehnologii de securitate. In ceea ce priveste companiile cu mai mult de 5.000 de angajati, 62% dintre respondenti au declarat ca sunt dispusi sa plateasca mai mult pentru un serviciu de securitate premium, comparativ cu 49% dintre respondenti din segmentul companiilor mai mici. Analiza include si frecventa cu care infractorii cibernetici sustrag informatii financiare de la companii: organizatiile participante la studiu, care au pierdut informatii din cauza atacurilor cibernetice, au admis ca le-au fost furate informatii legate de plati. Respondentii au afirmat ca pierderea acestor informatii era cel mai rau lucru care li se putea intampla. Expertii Kaspersky Lab au descoperit recent o campanie de fraudare care vizeaza clientii unei banci europene mari, campanie in care infractorii au interceptat datele financiare ale clientilor si, in interval de o saptamana, au furat mai mult de jumatate de milion de euro din conturile acestora. Este important ca managerii companiilor sa ia in considerare protectia multi-platforma, avand in vedere ca 40% dintre companii afirma ca realizeaza tranzactii importante de pe dispozitive mobile. „Clientii sunt dispusi sa investeasca in protejarea tranzactiilor lor, iar incidenta mare de furturi de date financiare relevata de studiul nostru este inca un motiv pentru care protectia eficienta merita investitia,” spune Ross Hogan, Global Head la Fraud Prevention Division din cadrul Kaspersky Lab. „Furnizorii de servicii financiare ar trebui sa implementeze solutii de securitate integrate care ajuta la prevenirea fraudelor, maximizand eficienta serviciilor si optimizand experienta utilizatorului. Aceste nivele de protectie vor permite furnizorilor de servicii financiare sa evite pierderile de bani si problemele de reputatie care rezulta din incalcari ale securitatii datelor si sa obtina castiguri in plus prin atragerea de noi clienti, oferind totodata servicii de calitate clientilor deja existenti,” incheie Ross Hogan. Pentru a oferi o astfel de protectie, expertii Kaspersky Lab au dezvoltat platforma Kaspersky Fraud Prevention pentru companiile cu profil financiar sau care intreprind activitati de comert electronic. Kaspersky Fraud Prevention poate proteja orice dispozitiv al consumatorului, indiferent de sistemul de operare, fie ca acesta este Windows, Mac, iOS sau Android si poate detecta tranzactiile ilegale din cadrul infrastructurii companiei. In plus, platforma include servicii de informare si instrumente care permit companiilor de servicii financiare sa-si dezvolte o protectie solida in aplicatiile de mobil, cu ajutorul tehnologiilor avansate Kaspersky Lab, pentru a preveni fraudele cibernetice. -> Sursa: Analiza Kaspersky Lab: 52% dintre companii sunt dispuse sa investeasca in protectie suplimentara pentru tranzactii financiare

Panda a lansat noua generatie de produse 2015, ce includ noul motor antivirus denumit XMT. Acesta a obtinut recent rezultate excelente in ultimul test AV-Comparatives.org. Panda Internet Security 2015 contine Antivirus, Firewall, Process Monitor, USB Vaccine, Wi-Fi Monitor, Rescue Kit, Parental Control, Data Shield, Application Control, Safe browsing, si Virtual Keyboard. Acum il puteti avea gratuit timp de 90 de zile accesand link-ul: http://acs.pandasoftware.com/Panda2015/IS/174079/PANDAIS15.exe -> Sursa: Panda Internet Security 2015 – 90 de zile licenta gratuita

Avast! anunta lansarea versiunii BETA de testare pentru produsele lor de securitate: avast! Free Antivirus, avast! Antivirus Pro, avast! Internet Security si avast! Premier Antivirus. Iata care este lista modificarilor: HTTPS scanning Now, we are able to detect and decrypt TLS/SSL protected traffic in our Web-content filtering component. We are using our own generated certificates that are added into the Root Certificate store in Windows and also into major browsers. This feature will protect you against viruses coming through HTTPs traffic as well as adding compatibility for SPDY+HTTPS/ HTTP 2.0 traffic. You can tune/disable this feature in the settings section. Home Network Security Scan your home network for vulnerabilities (wifi status, connected devices, router settings, factory passwords, etc.). This is quite a new approach as we are trying to discover potential problems not isolated on the particular device only, but in the entire network of devices you use or connect to the Internet from. SecureDNS (this feature is active in the paid versions only) We are introducing a new provider which guards against unprotected DNS/DNS hijack on a router/client (including unsecured networks, public ones, etc.). Smart Scan Integrated all on demand scans into one (Antivirus, Software updates, Home Network, GrimeFighter). One scan, different results and recommendations. New Support System Easy contact for paid users to submit a ticket with all info included automatically. Improved knowledge base for free users. Help is completely online and is more up to date. General bugfixing This covers a lot of stability & performance changes in all components (but the main focus was traditionally on the network & engine components). Pentru a descarca si testa noua generatie de produse accesati link-urile: http://files.avast.com/beta9x/avast_free_antivirus_setup.exe http://files.avast.com/beta9x/avast_pro_antivirus_setup.exe http://files.avast.com/beta9x/avast_internet_security_setup.exe http://files.avast.com/beta9x/avast_premier_antivirus_setup.exe -> Sursa: Avast 2015 Beta – Descarca si testeaza noile produse de securitate

Sunt ok, doar ca la script-ul de Follow dupa ce face primu follow, iti da "No items in this network for now. Please try later."

Salut RST, cum spune si titlu, cumpar like-uri REALE doar pe Italia, astept PM-urile voastre cu oferte, evitati sa dati reply la thread spunand oferta, etc. Nu vreau sa ca thread-ul asta sa devina o taraba. Multumesc! Cu respect msff.

A new survey looks at what makes hackers tick -- and for most, it's not money or glory. When most hackers are infiltrating computer systems, the last thing on their mind is getting caught, according to new data. In fact, despite many highly publicized arrests, 86 percent of hackers believe they will never face repercussions. Password protection software firm Thycotic published the results of a survey on Thursday that looks at what makes hackers tick. The firm interviewed 127 self-identified hackers during Black Hat 2014 earlier this month and came up with some surprising details. For one, hackers' impulses don't appear to be financially motivated. More than half of those surveyed said their actions were driven by fun or thrill seeking, while only 18 percent were after money and 1 percent wanted notoriety. Twenty-nine percent of the hackers interviewed identified themselves as hacktivists that were interested in exposing the truth. Just yesterday, a group of these types of hackers breached the St. Louis County Police computers to publish dispatch tapes detailing the shooting of unarmed teenager Michael Brown. With 86 percent of hackers thinking they won't get caught and 80 percent of hackers either launching attacks for the thrill of it or a desire to unveil the truth, Thycotic founder and CEO Jonathan Cogley believes many of these hackers don't believe what they're doing is wrong. "They're probably thinking, 'I didn't do any damage and I didn't profit from it,'" Cogley told CNET. And, even if they do get caught they'd say, "'my intent was curiosity.'" So, what types of tactics are these hackers using? According to Thycotic, they're continuing with tried and true methods, such as phishing and spoofing. In the survey, 99 percent of respondents said these tactics are still effective. "It comes back to the basics, they're not looking for the next crazy zero-day attack," Cogley said. "So many of them are happy using attacks that were used 10 years ago." Another conclusion from Thycotic's survey is that hackers appear to fear their own kind. According to the survey, 88 percent of respondents believe their own data is vulnerable to breaches or online theft from other hackers. As the world has moved increasingly online over the past couple of decades, there has also been an uptick in hacks and breaches. Not only have hacktivists flooded the web with sensitive information from governments and corporations, but also major websites and retailers -- like Target and Neiman Marcus -- have been the victims of data breaches. Source -> Vast majority of hackers believe they're above the law -- survey - CNET

Scuze ca fac offtopic, dar au fost destui care erau vechi pe RST si aveau chiar V.I.P si tot au dat teapa.. deci putin conteaza vechimea.

Doar pe Italia ai? Si cat ceri.