Social Engineering

 Social Engineering

Social engineering is a technique used to deceive people to break security standards at companies they work for. Social engineers try to gain the confidence of people there are trying to attack. They attack personal at a company who has authorized access to certain information and this all compromises the company’s security as well as their network vulnerability. Social engineers master the art of convincing people and how to read their minds and use this to their advantage.

How are organizations at risk from social engineering?

The general populations of workers don’t understand how crucial it is to keep their passwords and user names save from anyone. Some of them share information to people they just met in order to be friendly or because they are so used to helping people and it’s in their nature to do so.

A study that has been conducted has shown that many employees leave their usernames and passwords on sticky notes on their work tables which can be easily copied or stolen.

Works accounts can be hacked in from anywhere from any access point and they might notice the impact of what the hackers have done slowly or immediately in the following months.

Employees should realize that even the garbage they throw away might contain important information that may be just what certain people are after for.

Social engineers may even use the details that they have accumulated and pretend to be you on a certain number of websites which is a form of identity theft.

How are hackers able to pull off their tricks?

One of the predominant tricks or scams they carryout are the way in which they pretend to be an employee or user of the system. Acting as an important user a hacker can gain vital access by posing as a higher-lever manager that may need the use of certain computers and documents. This is where normal employees get tricks in believing that the “hire-level” manager is for real and don’t ask questions.

Another way of getting information from people is phishing which involves sending a large amount of emails that may seem legit and this trapes people into surrendering information . These emails may lead a user to respond back to the email or is directed to a website where they are asked to enter in personal information, such as back account , id , credit card number and many more personal information.

Vishing is a technique used where social engineers call the victim to get personal information.

The hacker usually hack certain institutions to get a list of people they need to phone.

These calls may seem legit as if they are from your bank and are usually prerecorded messages that tell the user to dial another number where the hackers request personal information.

One way of solving this problem is establishing frameworks and employee level and they should be trained on the various levels of how these people will do anything to get what they need in order to access certain files and documents. Employees should be able to identify what information is important to keep save and protected and what type of questions that are being asked may sound suspicious.

The virus I did research about: Exploit.CVE-2014-1761.Gen Virus

Exploit.CVE-2014-1761.Gen Virus

Introduction

Outside attackers gain access by using a computer virus Exploit.CVE-2014-1761.Gen to gain access to systems, then spread amongst systems that are connected and removable drives. Exploit.CVE-2014-1761.Gen can also record online actions and browsing history and personal data.

Exploit.CVE-2014-1761.Gen is recognized as a Trojan virus which targets at damaging worldwide computers and stealing important information from users. It is designed by cyber criminals to attack computer users who visit unauthorized websites, sponsored links and free downloads.

Body

The Trojan virus affects the computer; it runs automatically as a background program. The virus infection takes advantages of system vulnerabilities to deliver malicious codes to the computer without the users knowledge.

It affects the system terribly and drops risky files to the computer secretly. Exploit.CVE-2014-1761.Gen is put together with potential threats and makes changes to system files. Users often complain that they get stuck and frozen up when browsing web pages, watching videos and playing games. The virus causes a computer to have a slow performance and bypasses security protections so its stays undetected.

It is designed by cyber criminals and distributed through those doubtful websites and other unauthorized online resources. The nasty computer infection messes up the victimized computer and makes great troubles to users online activities. Trojan triggers pesky redirection during your Internet browsing tasks and displays numerous popups on users browser. It may help some extensions get into the computer casually.

Symptoms of Similar Trojan Infection:

- This virus can escape from most antivirus protection and get itself installed on computers especially with Windows operating systems.
- It can cause constant stuck or even blue screens on the infected computers.
- Computer users will experience constant security pop ups on the computers which may not truly represent the status of the PCs.
- Certain malware or spyware may be prompted by these fake security pop ups which will end up scamming money.
- Sensitive data like privacy can also be stolen and taken advantages by cyber criminals.

AFFECTED SOFTWARE:

·         Microsoft Word 2003 Service Pack 3

·         Microsoft Word 2007 Service Pack 3

·         Microsoft Word 2010 Service Pack 1 (32-bit editions)

·         Microsoft Word 2010 Service Pack 2 (32-bit editions)

·         Microsoft Word 2010 Service Pack 1 (64-bit editions)

·         Microsoft Word 2010 Service Pack 2 (64-bit editions)

·         Microsoft Word 2013 (32-bit editions)

·         Microsoft Word 2013 (64-bit editions)

·         Microsoft Word 2013 RT

·         Microsoft Word Viewer

·         Microsoft Office Compatibility Pack Service Pack 3

·         Microsoft Office for Mac 2011

·         Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 1

·         Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2

·         Word Automation Services on Microsoft SharePoint Server 2013

·         Microsoft Office Web Apps 2010 Service Pack 1

·         Microsoft Office Web Apps 2010 Service Pack 2

·         Microsoft Office Web Apps Server 2013

INFECTED SYMPTOMS:

When you search something on online, Exploit.CVE-2014-1761.Gen redirects you to malicious sites, displays annoying ads to you.
Exploit.CVE-2014-1761.Gen may make your PC be full of vulnerabilities
Exploit.CVE-2014-1761.Gen makes your computer run slowly, eats up a big part of system resources
Your personal data like bank account and passwords would be in high risk of exposure to the open;
You may not be able to use any legit programs on your computer, they will be disabled by this Exploit.CVE-2014-1761.Gen. You can see the pop ups windows and you can do nothing to it.

Conclusion

To regain a clean computer, PC users need to deal with the Trojan infection manually and immediately.

In order to remove exploit.cve-2014-1761.gen manually you need to have technical knowledge first then only you can remove it manually as it requires the knowledge of system files and registry files and if you don’t have any idea about this then trying manual methods can lead you to more problematic situations and one wrong file deletion can make your system completely unusable.

Internet Content Filters on Computers

Internet Content Filters on Computers

Internet control software is used to protect or limit users from accessing certain websites.

This software determines which content should be displayed or blocked and can provides different types of access to specific users with different levels of authorization. Internet content filters can be used in many ways, for example parents can protect their children from viewing explicate content and restrict access certain websites. Employers can use this software to allow their employees to access only a certain number of sites and some of the internet content filters also include monitoring software which allows administrators to view what employees are viewing.

Blocking websites in a work or study environment is also a good; since this gives users the ability to just focus on their work in which they came to do and blocks them from wondering off. This is also good for if the company or person who is providing the internet service to the users only has a certain bandwidth available. Another advantage is that it protects from or decreases the chances of hackers, malware, viruses, and any other malicious attacks from attacking the computer or allowing unauthorized programs to install.

A shocking stats came in 2008 from Snapshot Spy website where they said that as much as 

·         40% of Internet use in the workplace isn't business-related

·         64% of employees say they use the Internet at work for personal tasks

http://www.simplewallsoftware.com/tips/disadvantages-of-employee-internet-filtering

Sometimes internet filters are a hindrance to certain people, because they feel like they need to be able to browse the internet freely or just have more access. The disadvantage of internet content filter is that sometimes it blocks a website just because of one or two inappropriate keywords. The downfall of certain content filters is that sometime it can’t detect keywords to pages and to websites that are in foreign languages.

Employees or students who bypass these blocked websites they can be fined or be given a warning because when they entered an agreement with the company or university they accepted all policies and conditions. The monitoring software is these content filters can easily detected when users are tampering with blocked website and this allows administrators to detect and warn these users.

 In my conclusion I think that it’s good to block certain websites and only allow a few people to have full privileges based on their position. For students I believe that a certain bandwidth should be allocated to each student and that all the websites should be available for them. Students are the inventors of today and how would they be able to view certain things if they are restricted. I myself is a student, and I often need to download certain products or be able to go online using certain applications, and when I try this there is where I get restricted.  The university has already given me a limit on my bandwidth and I think that since they have given me this limit they may just as well have opened it freely for me to use since I can only use it for so much!

Risk Management Study

Risk Management Study

Risk management of computers involves the steps to protecting IT systems and data that provides value to people and organizations.  This involves protecting it from any disasters that can occur such as human error or natural disasters. Vulnerability assessment is a way of identifying how vulnerable systems are to an attack of any sort.

Asset identification is identifying which asset need to be protected.  I have a desktop pc so the following I would list as items I need to protect: LCD monitor, Case, Key Board and Mouse. Most important is the case since it’s the main item from which everything else is dependent on and which an item that is difficult to replace.  Threats may damage my computer include threat agents such as people (Espionage, Extortion, Human Error and Theft) and natural disasters (Fire, Flood or Earthquakes). There are also chances of hardware and software failures and utility interruption.

Weaknesses that might expose my system to an attack include the following: Trail version of anti-virus that will expire soon and since it’s a trail version not all security features are enabled to protect the system. There is a chance that an attacker might hack or steal information through the network since the network I’m regularly connecting to isn’t that secure because it’s a public network.  Where I am staying is also not that safe since I stay at a university accommodation here have been many report that students laptop’s and other devices have been stolen.

Taking all of this into account there would be a great loss to me if any of my items are damaged (software or hardware) or stolen since and as an IT student I really depend on these items to get my work done.

 Risks will never be reduced till a point where there is no risk. Risks can be reduced to have a small impact on a user’s system or items. My computer for example can be protected in the following ways: A lock can be placed on my door to limit the changes of the attacker having all the necessary tools to come inside my room. I can also purchase a full version of my anti-virus to try and have maximum protection over my files and the way I brows the internet.  There is not much or nothing I can do about a natural disaster since I don’t have the necessary tools to protect any of my belongings from it.

 DoS Attacks

In a DoS (denial-of-service) attack the hacker or group try to flood the network with so much traffic that it becomes slow or inaccessible for legitimate users. They do this by  taking control of many computers (botnet)  and targeting them all against a certain network .

When this happens attackers prevent you from accessing your email, social networking sites and other services.  Servers can only handle a certain number of requests so if it becomes flooded then user’s requests won’t be processed.

DoS attacks target sites that are of a high profile such as banks, companies and even government websites and they send so much traffic that their servers can’t respond to legitimate traffic.  Denial-of-service attacks are considered violations of the Internet Architecture Board's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers.

Here are a few methods of how these attacks are carried out.

• Ping of Death - bots create huge electronic packets and sends them on to victims
• Mail bomb - bots send a massive amount of e-mail, crashing e-mail servers
• Teardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result
• Max out the processor's usage, preventing any work from occurring.
• Trigger errors in the sequencing of instructions, so as to force the computer into an unstable state or lock-up.
• Crash the operating system itself.

Here is one example of a DoS attack on a large scale:  July, 2009: Unknown vs. United States & South Korea.

For three days in July, 2009, the web sites of South Korean’s largest daily newspaper, a large-scale online auction house, a bank, the country’s president, the White House, the Pentagon and U.S. Forces Korea—to name a few—came under DDoS attack as upwards of 166,000 computers in a botnet unleashed wave after wave after wave of a data-powered onslaught. Some believed operatives at North Korea’s telecommunications ministry were to blame, using a backdoor for the infamous Mydoom worm of 2004, but this has never been proven. 

If there a signs of a DoS attack that is happening a network administrator can limit the number of traffic the server receives. This way can even block the legitimate users. Network administrators can try a find out where these attacks are coming from and try to filter and block these attacks. Firewalls can be configured to block the DoS attacks.

 Bibliography 

http://computer.howstuffworks.com/zombie-computer3.htm

http://www.webopedia.com/TERM/D/DoS_attack.html

https://www.us-cert.gov/ncas/tips/ST04-015

http://searchsecurity.techtarget.com/definition/distributed-denial-of-service-attack

http://www.thedailybeast.com/articles/2010/12/11/hackers-10-most-famous-attacks-worms-and-ddos-takedowns.html

 Zero Day Attacks

Introduction

Zero-day attacks or threats refer to attacks that exploit previously unknown software vulnerabilities.

Software vendors do know about theses vulnerabilities in their software and hackers use this to their advantage to gain access to an application. Hackers exploit the vulnerabilities before the vendor become aware of it this is known as a zero-day attack.

Zero day attacks can include the following attacks such as malware, spyware or allowing unwanted access to user information. These attacks can lead to a person or company losing money or data and their clients and them not trusting them or their products.  Vulnerabilities can come from simple mistakes such as a network or application not programed in the correct manner.

Today many zero day attacks are on web browsers.
FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks.  The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11. Microsoft is warning Internet Explorer users about active attacks that attempt to exploit a previously unknown security flaw in every supported version of IE. The vulnerability could be used to silently install malicious software without any help from users, save for perhaps merely browsing to a hacked or malicious site.

There a various way in which users can protect themselves from these attacks and limit the vulnerabilities.

Users can install anti-virus software and have it perform scans regularly and update it frequently. Look for software patches at the software vendor website and setup your operating system to automatically receive updates for all your software. Users should also allow approved software to run on the operating system this also limits they vulnerability. A zero-day threat is also known as a zero-hour attack or day-zero attack.

Bibliography

Anon., 2013. Software Vulnerability Control. [Online]
Available at: http://www.comptechdoc.org/independent/security/recommendations/secsoftwarev.html

Bradley, T., 2014. Free Vulnerability Scanner Software. [Online]
Available at: http://netsecurity.about.com/od/freesecuritytools/a/aafreevulnscan.htm

FireEye , 2014. Internet Explorer Versions 9 through 11. [Online]
Available at: http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html

krebsonsecurity, 2014. Microsoft Warns of Attacks on IE Zero-Day. [Online]
Available at: http://krebsonsecurity.com/2014/04/microsoft-warns-of-attacks-on-ie-zero-day/

Norton, 2014. Vulnerabilities. [Online]
Available at: http://us.norton.com/security_response/vulnerabilities.jsp

Techopedia, 2014. Zero-Day Threat. [Online]
Available at: http://www.techopedia.com/definition/27451/zero-day-threat

Technology Student

Technology Student 

Hello everyone I am a student studying at the University of Johannesburg and studying Business Information Technology. I created this blog to express my feelings about technology and mainly just posting interesting articals I need to do for homework. Having a blog to post my articals is a good way for me to store online the homework I submitted and just to increase my knowledge of technology. This helps me to be more active on my PC and knowing more about the technology industry. I'm currently in my third to second year in my studies and have learnt allot of the technology industry so far.

For the next few posts on this blog I plan to post some of my assignments and home works that I have submitted. This will mostly be communications network related since this is the only theory module i'm doing now. I'm also doing programming and I'll maby post some programming related articals or just some fun websites on where to learn or download programs.

I really love playing computer games so, yes I will posts some trailers and links to game reviews and stuff.