Archive | Opinion RSS for this section

With the Rise of Coding, Comes the Rise of Malware

I’m sure you might have read recent articles about how coding is going to be the ultimate skill in the coming years. Seems like this might as well be true, so it’s being pushed with the various online schools being developed (the list is getting exhaustive). With this huge rise of training comes a huge rise of smarter hackers and malware writers.

What is it about malware that seems so attractive? Money, fun, damage, etc.? We can get a glimpse of reality when we see the statistics on antivirus vendor websites, some say a million new samples are added weekly. Many of these issues arise out of the violence of society or the outward shame that is inflicted upon other people through the art of cyberbullying, hacking, and other threatening tasks.

What’s more is that when we study these aspects, we get a sense that most malware is targeting our wallets, stealing our identities. We need better protection. This is a call to someone who can make better, user friendly operating systems. If you know how to code or are training, please make sure to use it for good. You could in fact become a lot more rich making top security software than becoming a hacker – stealing and risking it all.

What’s better for you? Helping or hurting? Good wallet or prison time? Make your choice. Better humanity through an act of good will. Get out there and code for the good! Make a difference! BE THE DIFFERENCE!

Don’t be afraid to try new things. Set impossible goals. Shoot yourself into the future of technology and skyscrape the world over with your amazing new security software.

Something’s gotta give! And if something doesn’t happen soon, our threatening internet culture could begin to control us and steal our money. We’ll have a very unfair world by then. What if we impose CISPA? That’ll make a lot of people happy but also a lot of people mad.

What more can be helped for our cybersecurity problem? Feel free to comment and leave your suggestions.

Get Alternative Software for Adobe Reader

Are the latest band of exploits too challenging for you? Want something different? Tired of updating Adobe Reader once to twice a week?

Here is a short list of PDF viewers, the best alternatives for Adobe Reader.

  • Sumatra PDF

    This program is extremely lightweight, easy on resources, and fun to use for its ability to get the job done. Open a PDF.

  • Foxit Reader

    Free, lightweight – Foxit Reader is a great alternative for Adobe Reader. Although not as thin on the resources or fast like Sumatra, Foxit sure has a lot to offer. How about text converter, highlighting, or even integration with DocuSign services? Awesome!

  • Nitro PDF Reader

    This is similar to Sumatra. Nitro has some other features to offer, including free editing tools. This does have a bit of a pokey interface, like Adobe Reader can be sometimes, but still looks slick!

There you have it! Good luck!

Second Opinion Malware Scanners: Why buy one?

Second opinion malware scanners are the best key in managing vulnerabilities. What a regular antivirus or internet security program doesn’t find or catch, the second opinion malware scanner can catch. This is an integral part of a defense-in-depth method, which is a very good idea in maintaining the security of your computer AND your identity. ID theft is one of the biggest security problems on the internet today, but luckily thanks to many anti-malware companies, there are ways to avoid these types of problems.

Second opinion malware scanners do not interfere with other antivirus/internet security software. If they do, rarely, the support team at each company are dedicated to helping you solve that issue pretty fast. These types of programs are engineered to work alongside an antivirus and internet security program.

The following is a short list of second opinion malware scanners. I only recommend two of them, because they are the best, and because I’m an affiliate:

  1. Malwarebytes’ Anti-Malware Pro (MBAM Pro)

    Overall, this program is a powerhouse against malware. It provides the best secondary protection mechanisms with IP blocking functionality. Also, allows you to protect the MBAM interface with a password. It keeps hackers out, and the user is allowed in. It also provides priority database updates, excellent customer support, and lightning fast scanning technology. This comes at a lifetime price of only $24.95 (USD), which means once you buy it, you don’t pay anymore fees ever again!
    Try Malwarebytes, the Leader in Malware Removal
  2. Hitman Pro by Surfright

    Now, this program, Hitman Pro, is a different story. It provides a behavioral scan for malware, which checks programs and files for typical malware/virus-like behavior. If it thinks it is a threat, the program alerts you asking you to remove it. It also uses the cloud to enable itself to scan your computer with the newest data from all antivirus companies about zero-day threats. This program is best known for its ability to find kernel-mode rootkits, and its ability to remove even some of the toughest malware. What could be better? Buy Hitman Pro Today!
  3. Zemana Anti-Malware
    This program is a bit newer in the market, and not as well known as the above two. However, it is a competitor in the anti-malware field, and deserves a mention nonetheless. From the vendor: “Zemana Anti-Malware is a second opinion scanner designed to rescue your computer from malware (viruses, trojans, rootkits, etc.) that have infected your computer despite all the security measures you have taken (such as anti-virus software, firewalls, etc.)”.

The issue in encryption: Why it will not solve our security problems

The issue in discussion today is whether or not encryption is really that important in computer security, when it comes to the issues people face today (in security). The biggest issue faced in encryption is that even if every piece of info in an enterprise, intruders could still access it.

There are many issues faced in encryption. Many speculations occur like the following when it comes to encrypting data (and why there is a need for a backup method):

  • Encrypting every piece of information does not always mean the data is totally secure.
  • If a user can access the data, so can the intruder.
  • Users and even applications must be able to access data in unencrypted form to use it.
  • Web apps will still suffer SQL injection.
  • It will not stop Java exploits.
  • Only if a user can access the device he/she is on, if the device is stolen, the data is no longer secure.
  • If the least bit of personal/business information is leaked, a hacker has at least a small means to try to crack passwords.

So, the biggest concern, it seems, that even if data is encrypted doesn’t make it completely secure. The best way to truly secure data is working with a defense-in-depth method of securing machines, as it seems to be a way of making the hacker work hard to get to the data. By that time, the hacker would question whether the hack would be worth it.

If this post would appear to help you save money, by providing tips to secure your data, please consider a donation.

 

Rakshasa Case Study: Really Undetectable?

By Jay Pfoutz
Editor

Apparently, the new showy security threat is Rakshasa… At Black Hat Las Vegas, this new security technique was unveiled.

This new malware by researcher Jonathan Brossard is apparently ‘impossible to disinfect’.

Now, FIRST OF ALL!! – Anything created with man’s hands can be destroyed. I’d like to see this opinion last: undetectable, can’t be disinfected, etc.

The paper on Rakshasa can be found here. It describes a hardware backdoor. Unbeknownst to this artist researcher, companies like Kaspersky or ESET have already begun to craft hardware antivirus drivers. So, this backdoor hardware malware scheme is a bit late, but maybe just in time, too.

Will it be used? Who knows. That’s the scary part!

It is realistically a BIOSkit, a rootkit that infects the BIOS of the computer. What’s wrong with this…? It can be easily disinfected by flashing all of the devices of the computer, which apparently would be infected.

However, this malware has not been tested in an enterprise-based beta, which means just because it worked on a couple of machines does not mean it would work on any other computer. Impressive? Yes! But, not at all scary, yet.

What makes me more shocked, is that people will actually believe that this malware will not be able to be disinfected. But, this is the turnaround: it can be! This is nothing more than a BIOSkit, and we have seen BIOSkits removed in our leagues many times.

But, then again, people commonly believe rootkits are impossible to be removed too. Look…we proved them wrong!

By inflicting code signing for BIOS, just like all other hardware driver signing, can easily keep it blocked. Also, if BitLocker evolves in Windows 8 and further technologies, it could easily secure the OS. Also, things like device encryption, could be taken to a new level.

This is not a new vulnerability, and Brossard agrees.

I’m sure we’ll have more on this story as it develops in the future. Stay tuned to seCURE Connexion!

%d bloggers like this: