Archive for the ‘Steal’ Category


1. Secure your WIFI connection

secure your digital life from hackersHome users are particularly prone to leaving their routers open without passwords, in order to make sure that you’re protected check your router settings to verify whether encryption is turned on or not. leaving access unencrypted can be just a minor issue of bandwidth being stolen by unauthorized users freeloading off your connection to more serious cybercrimes like credit card fraud or hacking taking place using your internet connection, which may be traced back to you.

The majority of routers support encrypted connections, support either WEP or WPA/WPA2, always opt for WPA/WPA2 as it’s far more secure. If you have the option hide SSID broadcast, turn that on as well, it basically allows you to make your wireless router invisible to outsiders and they need to know your SSID to access the network.

2. Encrypt your hard drive

secure your digital life from hackersIt’s important to keep your data secure in case of loss of hardware or even theft. An encrypted hard drive basically prevents its contents from being access without the password. It is obviously more important to encrypt thumb drives and laptop drives. Windows 7 Ultimate and Business editions come with a built in hard drive functionality using a software called BitLocker which will encrypt your entire hard drive, but users with Home Premium or Basic users shouldn’t feel left out as there is a free way to encrypt your hard drive using trucrypt.

Mac users can use FileVault to encrypt their folders, and OSX Lion will allow you to encrypt your entire hard drive as well.You can also get hardware encryption which will use fingerprint recognition to unlock data inside the drive like the Lacie Rugged Safe.

3. Keep your software updated

secure your digital life from hackersIt’s a given that you need to keep your operating system, antivirus and web browser up to date in order to protect yourself from exploits, and if you haven’t got automatic update turned on for them, you should do it now.

However a lot of users often overlook other software such as Acrobat Reader, Flash, Java and iTunes when it comes to keeping software updated. It’s important to realize that many of these applications have direct access to the operating system, and an exploit in these applications can be used as a gateway into your system files. Flash and Acrobat are used heavily with web browsers which is the number one source of malware infections.

4. Upgrade your antivirus suite.

secure your digital life from hackersIt’s as important to keep your virus suite updated as much as it is to keep your virus definitions updated. The reason for this is because antivirus software evolve in the way they deal with malware, such as introducing heuristic technologies which identify common traits of viruses, the way they interact with the system and actively block these scripts. This is why having an outdated antivirus software, despite updated virus definitions may not provide the best possible protection. If you’re using an older version of antivirus software you may entitled to discounted upgrades to newer versions.

5. Secure your smartphones

secure your digital life from hackersMany people completely overlook this fact, but smartphones are essentially mini computers which hold swathes of personal information about you. They often hold logins to your facebook/twitter accounts which are set on auto login, online banking and other financial information as well as access to email. If someone gets hold of all these details it can cause a lot of stress and havoc to your life.

It’s vital to keep your devices with password lock activated, additionally you should take some precautionary measures in case you lose your device.

Apple has a very cool security software called Find my iPhone which is a free app by Apple, which lets you track your phone by GPS, lock and remotely delete data from it. You can even use it just to locate your iPhone if you misplace it, causing it to sound an alarm.

For Android users it’s important to stay protected, smartphones are just as vulnerable to viruses as a PC, although the android platform is more prone to them than apple due to the open platform nature of the former. Android phones require antivirus protection, all the popular desktop antivirus brands offer android support as well.

The app store is less prone to malware due to the fact that all apps are vetted by Apple before publishing, although if you’ve jail broken your iPhone, antivirus protection may be something you need to look at.

6. Vet web page links using a link checker

Cyber criminals are using sophisticated strategies to drive users onto their web pages, increasingly innocent websites are being targeted using exploits to find security holes to hack and implant code on them which can launch JavaScript applications and infect computers when users visit the infected site. Link checkers scan links on your search results and optionally other websites and indicate whether links are safe, websites are scanned by their own servers so it does not impair your computer performance. Link checkers are available with most anti malware security suites such as with AVG, McAfee and Symantec.

7. Laptop Security for mobile workers

secure your digital life from hackersLaptops thefts are common, and are easy targets due to their transportable nature. If you work away from your office it’s important to invest in a Kensington Lock. While a lock won’t prevent trained thieves armed with cable cutters, it will prevent opportunistic thieves which is the overwhelming majority of laptop thefts.

It’s also important to keep prying eyes away from your data, always password protect your login, and when leaving your laptop unattended, using the screen lock feature in Windows to prevent unauthorized users from looking at or accessing your information.

If you work with particularly sensitive data a privacy screen may provide an added level of protection, the screen is only viewable to the person sitting directly in front, so people sitting around you cannot look at your screen. Targus and 3M are well known for producing privacy screens for all manner of monitor sizes.

8. HTTPS encryption for websites

secure your digital life from hackersMost people are well informed with the necessity of using https secure connections with online shopping when entering sensitive personal information. However, it can be argued that websites like facebook, twitter, gmail and others hold equally sensitive information about you.

Did you know you can elect to use https secure connections on these websites? For case by case uses, you can insert a ‘s’ after the http on the web address, if there isn’t one already to access the site securely. However if you want to access the sites securely every time you visit, you can login select the option to always use https in the profile settings.

9. Use online backup to keep an offsite storage of your files.

secure your digital life from hackersA great way for mobile workers to keep data kept safe and secure while on the move is to use online backup, this provides great peace of mind if your computer gets lost, as it allows you to recover your files from the cloud. Online backup services like Sugar Sync also provide users with high level synchronization features which can be used as a great time management tool as well, as it keeps data across all your computers consistent and up to date. You can look up various online backup reviews here to compare their features and read up user reviews.

10. Avoid public wifi and public computers.

Using public computers can be incredibly risky as malware and key loggers can be installed to track your keystrokes and cached files in order to gain access to your private information.

secure your digital life from hackersAdditionally, public wifi connections can be risky as the servers can be breached with malware additionally phantom hotspots can be set up which appear like legitimate hotspots, but are actually other ordinary laptops which act as a middleman eavesdropping into the connection.

An example on how cached data can be hijacked to login to your web accounts can be demonstrated using FireSheep.

Thankfully mobile 3G internet connections are becoming more affordable, and are often faster than public wifi hotspots. 3G connections are far more secure, additionally you may be able to tether your Smartphone internet connection to work on your laptop. I hope this article helped you all for sure. And do follow these above 10 steps and secure your digital life from hackers.

Advertisements

Final Fantasy maker Square Enix hacked

Deus Ex Human Revolution image The Deus Ex website was one of those hit. Hackers may have stolen users’ e-mail addresses.

Hackers have broken into two websites belonging to Japanese video games maker Square Enix.

The company confirmed that the e-mail addresses of up to 25,000 customers who had registered for product updates may have been stolen as a result.

Resumes of 350 people applying for jobs in its Canadian office could also have been copied from the web servers.

Square Enix, which makes the popular Final Fantasy, Deus Ex and Tomb Raider games, apologised for the breach.

In a statement, it said: “Square Enix can confirm a group of hackers gained access to parts of our Eidosmontreal.com website as well as two of our product sites.

“We immediately took the sites offline to assess how this had happened and what had been accessed, then took further measures to increase the security of these and all of our websites, before allowing the sites to go live again.”

It is understood that the websites affected were Eidosmontreal.com, run by Square Enix’s subsidiary Eidos, and Deusex.com, a promotional site for the forthcoming game, Deus Ex: Human Revolution.

Scammer’s dream

Graham Cluley, a consultant at security firm Sophos, warned that both leaks could cause problems for the individuals concerned.

“With the e-mail there is a danger that gamers could be e-mailed by someone pretending to be from the company who gets them to click on a link or run some malicious software,” he told BBC News.

“The resumes are a blueprint for identity theft. They have everything that scammers want. The only thing missing is credit card information.”

Mr Cluley pointed out that there was also the potential for huge embarrassment as it was unlikely those who had applied for jobs would want their current employers to know.

Square Enix said there was no evidence that the information had been distributed.

It also emphasised that the company does not hold customers’ credit card data on its web servers.

Mr Chippy

Shortly after the attack, both websites displayed the message “Owned by Chippy1337”, as well as several other known hacker names, including Xero, XiX and Venuism.

However, it appears that some or all of those names may have been misappropriated by the real attackers.

Lara Croft Tomb Raider maker Eidos owned one of the hacked sites. The company is owned by Square Enix

Logs of Internet Relay Chat (IRC) conversations have appeared on the online, which appear to show the perpetrators discussing the hack as they carried it out.

In one section, the individuals taking part wrote: “We put it in the name of chippy1337 and write the names ryan, dfs, xero, nikon, xix, venuism and evilhom3r.

The same person then added the comment, “lol [laugh out loud]”.

Security in the video games industry has been in the spotlight in recent weeks after the hacking attacks on Sony’s PlayStation Network and SOE online multiplayer system.

The personal details of around 100 million users were stolen from the company’s servers.

Investigations into the source of the data breach are continuing, with specialist computer forensic teams and the FBI getting involved.

The PlayStation Network remains offline, more than three weeks after the intrusion was discovered.

follow at xbee30 on twitter


Hackers Steal Data From Simon Cowell’s X-Factor

May. 6 2011 – 7:02 am
Simon Cowell at the National Television Awards...Image via Wikipedia

UPDATE: A spokesperson for Fox says the network is COPPA compliant and blocked people under 13 years of age from registering for X Factor audition information on Fox.com. “This is a matter that we take very seriously,” the spokesperson says.

——-

Cyber criminals have been on stealing spree of late. Not long after the the theft of more than 100 million user account details from Sony, Fox has confirmed that hackers also breached fox.com and obtained a file of details on 73,000 people who requested information about the X-Factor auditions.

The Fox TV show. which is an Americanized version of a British talent program. begins filming today. The winner of the show gets a $5 million recording contract with Cowell’s Syco music label and Sony Music.

A spokesperson for Fox tells me that media reports about the hacking incident incorrectly stated that data for 250,000 people had been compromised and that the correct number was “about 73,000.” They added that the data, which was stolen last week, did not include financial information, social security numbers or user names and passwords.

“We took immediate action to stop the illegal intrusion and began working with federal authorities,” said Gaude Paez of Fox. “We’ve [sent] emails to impacted registrants to notify them of the unauthorised access and providing [sic] them information to help them guard against spam and phishing.”

Carole Therelaut of Naked Security points out that the data breach comes after the X-Factor changed its rules in the U.S. to allow children as young as 12 to enter its competition, unnervingly putting personal data on pre-teens in the hands of faceless hackers.

Cowell’s troubles come amid a wave of cyber security issues making the news this week. In entertainment, the French DJ David Guetta has reportedly employed an ex-Pentagon investigator to look into the theft by hackers of his new single. According to BBC Newsbeat, Guetta says parts of the song “Where Them Girls At” featuring Nicki Minaj were stolen by a hacker who added their own production and posted it online, claiming it was Guetta’s.

Yesterday it emerged that Last Pass, a service that syncs with browsers to let you control a variety of passwords with one master password, had asked its users to change their master passwords after discovering a potential breach to its database. In its latest blog post Last Pass said the issue affects roughly 0.5% of users.  Read PC World’s interview with the CEO of Last Pass here.

Sony is meanwhile offering American customers affected by a massive security breach, $1 million-insurance policies and a year of identity theft protection, according to Bloomberg. It comes after 101.6 million user accounts on Sony’s PlayStation Network and the Sony Online Entertainment network for gamers were compromised by hackers.


Stats › February 2010

click map for a larger version

Published: March 1, 2010

The statistics on this page are for February 1, 2010 through February 28, 2010.

Total Submissions: 17,855

The total number of suspected phishes submitted by the PhishTank community.

Valid Phishes: 9,946

The total number of submissions verified as valid by the PhishTank community.

Invalid Phishes: 526

The total number of submissions verified as invalid by the PhishTank community.

Note: Many phishing emails were offline at the time of submission to PhishTank. Offline phishes cannot be voted on, and therefore cannot be verified.

Total Votes: 69,430

The total number of “is a phish,” “is not a phish,” and “I don’t know” votes made by the PhishTank community.

Median Time To Verify: 08 hours, 08 minutes

The median time it took the PhishTank community to verify submissions as valid or invalid.

Most Active Users

Out of the more than 20,000 members of the PhishTank community, these members were the most active in February 2010.

Note: One member account (PhishReporter) represents an organization, not an individual.

Top 10 Submitters (submissions)
1 PhishReporter (8,209)
2 cleanmx (2,403)
3 propriome (1,381)
4 balomish (721)
5 joewein (459)
6 zender (417)
7 mxlab (360)
8 buaya (217)
9 phishir (188)
10 zender2 (135)
Top 10 Verifiers (votes)
1 stuartgrant (15,029)
2 buaya (12,070)
3 NotBuyingIt (8,069)
4 marcoadfox (7,613)
5 cybercrime (5,166)
6 Aminof (4,477)
7 tetak (4,250)
8 theGeezer (3,040)
9 Jdunnivan (717)
10 mgeide (717)

Phishing URLs

In February, 475 phishes (5% of valid phishes that month) used an IP address (i.e. http://12.34.56.78) and 9,471 (or 95%) used a domain name (i.e. http://example.com).

Top 10 Domains (valid phishes)
1 t35.com (559)
2 altervista.org (522)
3 slaenmex.com (501)
4 express-order.ru (421)
5 udaswy.cz (215)
6 webhosting-solutions.co.uk (134)
7 justfree.com (114)
8 pochta.ru (73)
9 nob2o.com (67)
10 radiosportfm.tg (62)
Top 10 IPs (valid phishes)
1 201.130.79.54 (505)
2 69.10.48.106 (458)
3 66.45.237.212 (438)
4 89.111.176.21 (421)
5 194.67.36.117 (149)
6 206.251.130.233 (135)
7 77.92.91.153 (134)
8 205.134.162.147 (115)
9 67.220.228.213 (113)
10 78.129.205.116 (92)

Networks That Host Phishes

The servers hosting verified phishes are under the responsibility of these networks. PhishTank knows this because it traces phishing Web sites to an IP address. These are the organizations responsible for those IP addresses.

Top 10 Networks Valid Phishes
1 NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC 562
2 MetroRED Telecom Services 505
3 RAPIDSWITCH-AS RapidSwitch 457
4 CENTROHOST-AS JSC Centrohost 431
5 ThePlanet.com Internet Services, Inc. 315
6 iWeb Technologies Inc. 239
7 SoftLayer Technologies Inc. 203
8 OVH OVH 198
9 Limestone Networks, Inc. 176
10 SOVAM-AS Golden Telecom, Moscow, Russia 159

Popular Targets

These are the brands that were fraudulently represented in phishing emails. Targets are identified by the submitter at the time of submission, or determined by PhishTank’s software to the best of its ability. The majority of phishes are not categorized with a target.

Top 10 Identified Targets Valid Phishes
1 PayPal 8,488
2 Internal Revenue Service 772
3 Facebook 715
4 HSBC Group 458
5 Bank of America Corporation 134
6 Tibia 130
7 eBay, Inc. 124
8 World of Warcraft 111
9 HSBC 103
10 Amazon.com 86


Patients who participate in clinical trials expect that their personal information will remain confidential, but a recent study led by Dr. Khaled El-Emam, Canada Research Chair in Electronic Health Information at the CHEO Research Institute, found that the security practices used to transfer and share sensitive files were inadequate.

The two-part study, entitled “How Strong Are Passwords Used to Protect Personal Health Information in Clinical Trials?,” published February 16 in the Journal of Medical Internet Research, showed that the majority of passwords used to protect files are poorly constructed and easily cracked using commercial password recovery tools. Study coordinator interviews indicated that electronic information shared in the context of clinical trials may put personal health information at risk.

“The patients in these trials expect that their personal information will be protected,” said Dr. El-Emam. “This is critical for maintaining the trust of clinical trial participants, and the public in general.”

In the course of the study, passwords for 14 out of 15 sensitive files transmitted by email were successfully decoded. Of these 14, 13 contained sensitive health information and other potentially identifying factors such as name of study site, dates of birth, initials, and gender. File sharing practices were also found to be insecure, with unencrypted patient information being shared via email and posted on shared drives with common passwords.

“Cracking the passwords proved to be trivial,” said Dr. El-Emam. “Choices included passwords as simple as car makers (e.g., “nissan”), and common number sequences (e.g., “123”). It was easy for the password recovery tools to guess them.”

Poor security practices can be harmful to patients participating in clinical trials, who are at risk of being identified and possibly stigmatized by the disclosure of personal health information. There is also a potential for both medical and non-medical identity theft. In the context of international clinical trials, inadvertent disclosure of personal health information is considered a data breach in countries like the United States, which can lead to penalties in some states.

Dr. El-Emam believes that with some effort file sharing in clinical trials can be made secure: “There are protocols and tools that can be employed for secure file sharing. It may take more effort on the part of those who conduct clinical trials, but the alternative would not be acceptable.”

Dr. El-Emam makes several recommendations, including enforcement of strong passwords and encryption algorithms, encrypting all information sent via email including site queries, and minimizing password sharing.

The study was financed by the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Canada Research Chair program.


well to all of u wanting to view the IP address of someone ur chatting with, here is what to do. If u have any problems just ask i will find a way 2 solve it for u.

“We scan the ports where most hacking activities or unauthorized access might take place. We also do regular network monitoring to look for any suspicious activity. We are not perfect at it, but we are like a credit card company looking for some suspicious activity on the network.”

IP catcher script : Steal Someone’s IP Address !

Here is next worth for my Visitors. Most of you may be curious to know how to find the IP address of your friend’s computer or to find the IP address of the person with whom you are chatting in Yahoo messenger or Gtalk. Finding out someone’s IP address is like finding their phone number, an IP address can be used to find the general location where that person lives. Now while most of the tutorials on the net teach you how to steal an ip address via MSN, or any other chat software, in this post I’ll show you how to find IP address of someones computer using script. Using this method for hacking someones ip adress is very easy and effectively, so just follow the steps bellow.

NOTE: This tutorial is for educational purposes only, I am NOT responsible in any way for how this information is used, use it at your own risk.

How to Hack Someones IP Address ?

Alright, I’m gonna give you this script. Register a Free hosting at Byethost.com and follow the steps.

get.php :

$file = “ips.txt”;
$f=fopen($file, ‘a’);
fwrite($f,$_SERVER[‘REMOTE_ADDR’].”\n”);
fclose($f);
?>

File not found

1.) First of all you need to make a new .txt document on the website you’re uploading this to. Name it ips.txt (You can change that in the script aswell where it says $file = ‘ips.txt’; in the second line. Then change the CHMOD to 777.

2.) Now you need to past the script above in to a get.php document, and upload it.

3.) Now you make people visit your site, and they will see only ” File Not Found ” !

4.) To view the IP, you simply add “/ips.txt” after your domain, and you’ll see the IP.