Displaying the information which is useful for your friends to search you online is equally important to limiting the visibility of the information which is more personal, which let the hackers hack your page quiet easily. Following are the few tips which helps you to make you profile page of Facebook more secured.

Besides, all the privacy setting you made for your profile there are few things which cannot be hidden by any user, that is they will be displayed for every profile. They are called as Publicly Available Information (PAI) according to Facebook, which includes full name, profile picture, gender, and networks. These things are commonly visible to any facebook user.

However, you can reduce the visibility of the remaining information by making the necessary settings. Let us see how to choose the options that makes your profile more secure.

• It is always better to use your full names which are hard for others to guess, but are easy for friends to recognize. It also limits the search results related to your usual name. Coming to the settings, ‘Search for me on facebook’ is available so that you can choose the people who can search for you. It is better to go for ‘Friends only’ if you want yourself limit to your friends.
• ‘Send me friend request’ – this option doesn’t make much difference because unless you accept the request of that person you cannot view your information. So, choose ‘any/every one’ or ‘friends of friends’ since the final decisions rests on you.
• ‘Send me a message’, ‘See my friends list’, ‘See my education and work’, See my interests and other pages’- reserve these rights only for your friends by choosing ‘Friends only’ in order to make your information more secure.
• Finally ‘see my current city and home town’ – it is better to choose ‘only me’ or not entering that info is better.

These are the few recommendations which can help you secure your account.

Related Links:
Facebook covers

The software vulnerability and the updates
The updates are too technical to understand. But in simple words – a software, like the windows or the browser, is made of millions of lines of programming code. The more the features in the software, the more it adds upto to the programming code. Errors are inevitably made, while typing out these millions of lines or patching them to work together, thus leaving vulnerabilities in the software. Hackers, these days, have become more sophisticated in finding out these vulnerabilities proactively. The software vendor also works proactively to patch up the vulnerability before the hacker exploits it. These patches are released as security updates of the software.

Increasing number of updates
For the lack of a better metric lets compare the number of security bulletins released for Windows between January and April in the past 3 years, respectively. It was 16 in 2009, 29 in 2010 and 34 in 2011. As you can see, they kept increasing every year. This is not the case with just Windows. A typical Windows user will be using the following applications in common:

• Mozilla Firefox
• Mozilla Thunderbird
• Adobe Flash
• Adobe Reader
• Java Console
• Google Chrome
• And then an antivirus or a PC protection software

And all these applications are as vulnerable as the Windows itself. And their vendors are also as proactive to release patches. And every time each of them releases an update the user will have to first download it from Internet and then patch it up with the main application. Of course each of them has a user friendly mechanism to update, but do you know what it takes to patch them all? Apart from time taken to patch, they will also consume your broadband till they are downloaded and the CPU memory till they patch up. The average sizes of each of these software updates and the number of times they were released this year are as follows:

• Mozilla Firefox – 1.6 to 2.8 Mb (Updated 4 times in 2011 till date)
• Mozilla Thunderbird – 1.6 to 2.8 Mb (Updated 3 times in 2011 till date)
• Adobe Flash – 2.0 to 3.0 Mb (Updated 4 times in 2011 till date)
• Adobe Reader – 10.0 to 18.0 Mb (Updated 1 time in 2011 till date)
• Java Console – 17.0 Mb approximately (Updated 2 times in 2011 till date)

Windows updates range from 17 Mb to around 900 Mb and above. Google Chrome is little tricky to measure. It is even little creepy to have an application like Chrome that connects to its maker, downloads and patches up – all by itself, without even the knowledge of the user. But it still consumes your broadband and CPU memory.

The antivirus or PC protection software updates are little different from the above. They download security definitions everyday. Few vendors like Norton Internet Security, provide real time updates which keep updating more than 10 times a day. However, if all the software applications installed in your PC are perfect, why will one require to maintain a PC protection software or update its definitions daily.

Overall, we can see that lots of time and energy of the user is consumed here, apart from the broadband. In previous year, a report released by Secunia says that a typical Windows user patches for every 5 days. The days might remain the same, but the amount of time taken has definitely increased. Few times, multiple updates may come up within one week itself.

More and more people are finding it uncomfortable to track and do the updates continuously. Where could be the actual problem? Are the hackers getting intelligent or the software vendors getting stupid? Whatever it may be, the updates job is very exhausting and getting even worse.

Adobe also reported to have heard about a malware exploit, through a Flash (.swf) file embedded in a MS Word (.doc) or MS Excel (.xls) file delivered as an email attachment, targeting the systems running on Windows OS. So make sure you are not opening attachments from unknown emails until you update flash.

The new versions for various platforms are as follows:

• For Windows, Macintosh, Linux and Solaris OS – 10.3.181.14
• For Android – 10.3.185.21

The Flash player for Chrome has been updated via the new version 11.0.696.68. Other users can use Flash Player Download Center to get the latest version. For Android users, the update is available in Android market place.

Adobe rates the severity of the vulnerabilities as critical and recommends to update newer versions at the earliest possible.

To verify your Adobe Flash Player version
Launch your browser and open this link – http://kb2.adobe.com/cps/155/tn_15507.html OR http://www.adobe.com/software/flash/about/

Flash player is installed as a plug-in in each individual browser. If you are using multiple browsers like Firefox, Chrome and IE, make sure you verify Flash version in each and every one of them. Follow the above step to do so for all your browsers.

Recommended reading:
Importance of Updating Adobe Flash Player

As a reply to the claims on pwn of Chrome, security researcher Dan Kaminksy said that if VUPEN used vulnerability in Flash to bypass sandbox, then it is not the Chrome hack alone. Another security researcher from Google Tavis Ormandy said in a Twitter post that “VUPEN misunderstood how sandboxing worked in chrome, and only had a flash bug.” Google is still researching on VUPEN claims.

The new Chrome version addresses two high risk security vulnerabilities – corrects integer overflows in VSG filters and bad casts in Chromium WebKit glue and the bug fixing of Flash player plugin. Google also added the new ClearSiteData API in Chrome, so that users can manage and remove Flash cookies (Local Shared Objects).

The vulnerability is found to be impacting all Windows based computers running 32 bit as well as 64 bit OS. The vulnerability was exploited by just making the user visit a specially prepared web page containing a sophisticated code that will execute various payloads to ultimately download and start any program. The program runs silently without even crashing Google Chrome after executing the payload. The program launches outside the sandbox but at medium integrity level. However, most malware today doesn’t necessarily need to have a high integrity level to run.

As the vulnerability is not publicized, Chrome users can stay out of panic.

The following are top countries hosting phishing websites in first part of 2011 (i.e., January 2011 to May 2011):

1. United States
2. Canada
3. Egypt
4. Germany
5. UK
6. Netherlands
7. Russia
8. South Korea
9. France
10. Brazil

The intense evaluation of IP addresses in China and Eastern Europe seems to be the major reason for the shift in cybercrime activities to Canada. Canada has now jumped to #6 position in the world, in terms of hosting cybercrime, from #13 in 2010.

The anti-spam law, been introduced in Canada recently in December 2010, will come into effect from September 2011. It was the last of the G8 countries to introduce its very own anti-spam law, which addresses a number of online threats, including spyware, malware, pharming, phishing and even gives individuals the private right to sue spammers.

You may also like to read
Top Countries Hosting Phishing Websites – 2010
Emerging Malware Trends
Technical Tips to Prevent Phishing

With the robust and genuine software and hardware security applications the cost of computing is going too high. The vendors are no more struck in pleasing their consumers with just the usability features. They have tightened the technology and even releasing numerous updates though they seem overwhelming to their customers. In this kind of situation, finding out new vulnerabilities in software and them trying to exploit them with viruses and trojans are not viable for the hackers. It is here where they figured a new strategy – exploiting the weakest link of a sturdy technical security system. Guess who? The human of course… It can be the administrator of the PC or a corporate network. Even luring a small employee of a corporate network into downloading something infects the network.

Kevin Metnick, a security consultant, mentions in his CSEPS Course Workbook that it is much easier to trick someone into giving a password for a system than to spend the effort to crack into the system.

Social engineering explained
The concept of Social Engineering is to directly trick the user of the computer to download malware or to reveal sensitive information under the auspice that they are doing something perfectly innocent. The task is too simple and many fall out for it for the lack of awareness on the scams being played on.

With a world class antivirus that gets 1st rank in all AV-tests and a best team releasing realtime AV definitions everyday or a robust firewall from the industry leader, is simply not helping the administrator of the computer. Because it is himself who is infecting the PC. The job of the attacker is to simply lure him to do it. However, it may not be downloading malware that the attacker wants every time. He may just lure the user into giving away some sensitive information. It ranges from SSN to credit card number.

The hacker hijacks a genuine domain or creates a genuine-looking one by himself. It is a part of website spoofing. Once the user enters the domain they are either lured into providing their personal details or download something. Selling scareware is also a part of social engineering. In fact Google reported that 90% of all domains involved in distributing fake antivirus software used social engineering techniques.

Why your antivirus can’t keep up?
Each hacker holds a number of domains under him. If one is identified and taken down, the other goes up. The malware mutation used here is also rapid. Though you have the latest version of antivirus called Internet security suite, it may be too late before the vendor identifies and releases a fresh virus definition. Microsoft has gathered information about few billions of downloads over the past two years, and roughly 1 out of every 14 program downloads are later identified as malware. In few cases, just clicking on the background of the malicious site will initiate a download.

Anti social engineering: Should it be from your computer and AV or You?
You computer security is only as robust as your security awareness. Any computer, be it running on Windows XP, Vista or Windows 7, the software will not allow any data to enter your system unless you permit it by initiating its download. And if somebody tries upload any corruptive data to your system, it wouldn’t work because you never initiated it in the first place.

The popular browsers today are designed not to download blindly anything, even if it is initiated by the user himself. The browser does its job perfectly by alerting the user with details of the initiated download. (You might remember the classic pop up of the browser with a OK and Cancel options on it.)

But the hacker is clever enough to give a set of instructions including a message saying “You will receive a warning about this control. Ignore the warning and click OK”. The user unaware of the situation clicks OK and downloads the malware. The PC is now infected under the full authorization of its administrator.

In other situation, the user might get an email saying its from his bank (email spoofing from the hacker) informing that he has withdrew a huge amount from his account and a link to site what looks like his banking website. The scared user is now tricked into typing his account details and the password. In the next few hours, the account gets emptied by the hacker.

Most of the social engineering techniques run in the same way. Agreed that genuine antivirus is required to protect your PC, but it is not designed to tackle situations like this.

Here are few tips that help you help from preventing social engineering to some extent:

• The awareness of the user is the key here. Keep yourself updated on the online scams.
• Avoid using administrator privileged account for PC, unless for updating the security patches.
• Beware of unknown websites and emails that prompt you for personal information.

Most of the people fall victim for social engineering tactics either out of stupidity or greed. And unfortunately, we don’t have patches or hot-fixes for either of them. The person should also have a proper mindset to deal with social engineering tactics. A mature person is less likely to get enticed and fall for online scams.

What seems interesting here is the fix for Windows Internet Name Service, which allows the NETBIOS devices to communicate on the network. As per the bulletin MS11-035, the flaw in WINS (Windows Internet Name Service) enables malformed WINS packets to allow remote code execution attacks. The flaw is on both Windows Server 2003 and 2008 servers, but only if they are running WINS. Most of the servers these days are not running WINS anymore, as it is not considered as safe as DNS. It is not even installed by default on these operating systems. Thus, the update is for only those who installed it manually.

Another bulletin MS11-036, releases patch for two vulnerabilities in MS PowerPoint that could allow remote code execution attacks if a user opens a malicious ppt file. Though the attacker is limited to the locally logged on user’s privileges, it is important to patch this up too.

Overall, 3 vulnerabilities are taken care of with the 2 security bulletins released on this Patch Tuesday.
People who read this also read
Why Should We Run Windows Updates Regularly?

It then prompts the victim to complete activation by calling one of the numbers listed on the screen and get a code. It even says that the phone call is free of charge. However, the call is not free and the victim is charged a hefty bill for the call. The hacker is paid for the call via a technique called short stopping, which involves rogue phone operators routing expensive calls to cheaper countries.

The victim is given the unlock code after 3 minutes of waiting on the call. The unlock code is found out to be 1351236 always. So, the victims can directly use this code number to unlock their PCs without calling the phone numbers.

The ransomware came into radar screen of security researchers in 2009, where a Vundo Trojan is found to encrypt all personal files and the users are asked to pay for the key to decrypt them. The earliest form of scareware just used to make people pay for useless software and fake antivirus. The hackers were able to make it sophisticated enough to hold a PC for ransom. Apart from encryption, the ransomware might just block access to all the applications of the system, asking the user to buy a license in order to fix the problem. The hacker might even entice with a 30-day-money-back guarantee message, which is false.

Techniques used to install Ransomware:
Ransomware is just one kind of malware. So all the methods been used to install it in your PC are similar to that of any virus or trojan infection. However, the actual talent of the hacker lies in making the victim to pay the ransom. Heavy techniques of social engineering are used here. The following are a few techniques used by hackers of ransomware:

• Spam emails with malicious files. The malicious files contain code that exploits the vulnerabilities in the software applications. The code then takes control of the PC denying the access to applications and files.
• The exploitation of the vulnerabilities in browser due to opening malicious web pages. Then an in-line adult advertisement, is shown in every web page the user opens. It covers main part of the web page which the user can’t get rid off. The text written on the banner will be in a foreign language. The user is also asked to send SMS to a premium rate phone number, to get special code that will make the ad disappear and also receive access to an archive of explicit videos.
• The user visiting a spoofed site may suddenly see a message that his PC is infected and to download a tool to get rid off it. The downloaded file actually contains ransomware.
• A malicious .dll file is smuggled into the PC, which manipulates the working of parental controls or Web content filtering features of the PC. When the user tries to open even legitimate sites like Youtube, Facebook, etc from browser, a message in red background is displayed saying: “Restricted Site! This web site is restricted based on your security preferences. Your system is infected. Please activate your antivirus software.” The domains will be allowed to access only of the user purchases a fake AV from the hacker.
• Another technique includes manipulation of the master boot record, preventing the booting into operating system. A message is displayed saying that the access to the PC is blocked and the user is asked to visit a site. In the site, he will be asked to pay for getting back access to the PC. However, in such cases, the user can just bypass the prompt and restore the master boot record. Rescue disks are very much helpful in these cases.
• An Instant messaging worm is found to block access to the Facebook account in the infected PC. The message looks as if Facebook itself has blocked the account. The victim is asked to complete answers for a survey within a short period of time. Amid of the survey the victim is tricked to subscribe premium rate services on their mobile phones.
• Adult websites are main hub for the malware downloads. For example, a piece of ransomware identified as WORM_RIXBOT.A, was downloaded over 137,000 times from a single adult website, in December alone. This worm prevents users from accessing their desktops and asks them to send a text message to a premium number in order to receive unlock code.
• The recent Japan earthquake also triggered few ransomware infections. The emails sent to the users contain links to fake news articles from where the malware installs in the PC. Then the access to the desktop is seized with a message claiming to be from Federal police saying that some illegal activities are discovered on PC and pay some fine within the given time of they don’t want their hard drive erased.
• The recent technique of ransomware involves display of a windows reactivation message. The victim is given a toll-free phone number for getting the reactivation code. However, the call will not be free and the hacker is paid indirectly from the victim’s pocket.

In most of the above instances, the files on the hard drive are encrypted. For decrypting the files, a private key is required from the hacker. In such cases, the users must plug off their PC, immediately after seeing the encryption message to stop further encryption of files. This makes sure to save at least some amount of data from getting encrypted. The hard drive should then be removed and installed as a secondary drive in another PC to copy unaffected files into some other storage device. Regular backups are key here to minimize the impact. The encryption can then be cracked down with the help of some security expert.