IT Crate Tutorial, Tips, Technology NewsWebsite Design and Development Company

A new study from security research firm Sophos finds that malware and spam attacks delivered through social networks rose significantly in 2009, and Facebook is perceived as the most dangerous social net of them all. At the same time, however, many businesses see social networking as a prime marketing tool that they’re hesitant to ignore.

Social networking sites are a threat to online security, and Facebook is the worst offender, a report from Sophos states.

The number of businesses hit by malware and spam attacks through social networks rose by 70 percent in 2009, the report found. More than 72 percent of businesses believe employees’ behavior on social networking sites could endanger security.

The issue of social networks is rife with contradictions — although social networking sites help malware authors spread their attacks rapidly, they have also been instrumental in spreading knowledge of disasters and political turmoil worldwide.

Facebook’s attitude is typical of the dichotomy plaguing the issue. On the one hand, it has tied up with McAfee to improve users’ security; on the other hand, company cofounder Mark Zuckerberg has recently stated that he thinks the desire for privacy online is fading.

The Sophos 2010 Threat Report

Over 2009, companies widely adopted social networking techniques such as blogs and social networks like Facebook and MySpace to connect with customers and spread the latest company news or product offerings to the public, according to the Sophos report.

About 2 percent of all online clicks in 2009 through 4,000 Cisco (Nasdaq: CSCO) Web security appliances were on social networking sites, Sophos found. Facebook alone accounted for the majority — 1.35 percent. “The business world would be foolish to ignore such a high level of activity and such a potentially lucrative resource,” the report reads.

However, that lucre comes at a cost: 61 percent of respondents to a survey Sophos conducted in December 2009 believe that Facebook is the worst security threat of all the social networking sites. More than 72 percent of the respondents to Sophos’ survey believe that employees’ behavior on social networking sites could endanger the security of their business.

Social network logon credentials have become as valuable as email addresses because people are more likely to open a message when it appears to come from a friend, Sophos warned. People should be wary of what information they post on social networking sites, Sophos said.

Creatures of Light and Darkness

Like just about everything else, social networking sites are a mix of bad and good elements. Although they can constitute a threat to security, they also provide valuable outlets for business to connect with their customers. Salesforce.com (NYSE: CRM) and Google (Nasdaq: GOOG) both allow application developers using their platforms to create Facebook apps, for example.

Further, social networks are often leveraged for the greater social good. Facebook and Twitter, for example, were instrumental in raising awareness of the outcome of the Haiti earthquake and in efforts to raise funds for that disaster.

Twitter and Facebook were also instrumental in disseminating knowledge of the Iranian election in May of 2009; the Iranian government clamped down on some social networking sites prior to the election, sparking protests from the opposition.

On the other hand, many Facebook users have been scammed when they responded to fake emails from friends asking for financial help, a common grift used by Facebook hackers.

Facebook is itself torn by the contradictions. On the one hand, it’s working hard to improve users’ security. “We work regularly with others across the industry to identify and respond to potential threats to our users,” Facebook spokesperson Simon Axten pointed out. “We’re constantly working to improve our systems and processes.” That work includes teaming up with McAfee to integrate a scan and repair tool into Facebook’s own security processes.

However, social networking sites are fighting an uphill battle. “Security is an arms race, and our teams are always working to identify the next threat and build defenses for it,” Axten told TechNewsWorld.

On the other hand, Facebook CEO Mark Zuckerberg stirred up a hornet’s nest recently when he said, in effect, that the importance of online privacy online is fading.

The contradictions around social networks in general, and Facebook in particular, are perhaps best summed up by independent security researcher Gadi Evron in a post on Trend Micro’s (Nasdaq: TMIC) Dark Reading blog: “Facebook, by its nature, is one of the worst security menaces ever created,” he wrote. “But its security team is top-notch.”

Oh, Squishy Humans

Social networks have become so woven into the fabric of our lives that many businesses now face a distinct disadvantage if they turn a blind eye to them or forbid staff to access them. “Not only will your workers circumvent your block and participate surreptitiously, but also your competitors will sneak an advantage and get closer to your customers,” Graham Cluley, senior technology consultant at Sophos, told TechNewsWorld.

His suggestion: Companies need to secure their users’ computers, educate their staff to use social networks more securely, and lobby the social networking sites to implement better security.

“Implement a solution that scans every Web page and link that your users click on,” Cluley explained. “Run security awareness seminars that explain how different kinds of attacks work on social networks.”

However, technology can only provide a basic level of protection. “The weak point isn’t the technology. It’s the squishy human sitting in front of the keyboard or the touchscreen,” Cluley said. “If attackers can fool users into believing that they are the users’ Facebook friends, many people will find themselves victims of social networking attacks.”

Recently, a friend of mine congratulated me for selling one of my wildlife photos. When I asked him what he meant, he sent me a link to a site that was prominently using a shot I had taken of some wolves. The problem? I had never given the site owners permission to use my photo, which they had “borrowed” from my Flickr page. I asked them to remove the photo, and they did–but not everyone out there is so reasonable. You can watermark your photos to prevent this sort of thing from happening. But is there any way to find your photos online to see they’re being used inappropriately?

It turns out that there are a couple of ways to keep an eye on your photos.

Your Photos Are Vulnerable

Before we go any further, though, allow me to emphasize that whenever you post a photo on the Internet, there’s a potential for theft. There is no way to completely protect a photo from being used without your permission. Even if your Web page uses a special script to disable the right-click “Save picture as” command, a determined photo borrower can simply take a screen shot of the Web browser. The only way to absolutely secure your photos? Never share them online.

Reverse Image Search

Suppose you have posted some photos on a photo sharing site, and you’re curious to see if someone has absconded with them. What you need is a way to perform a reverse image search–where a smart search engine looks for a photo by detecting identical content within the image itself, rather than keying on file names or metadata, which are easily changed.

That might sound like science fiction, and in fact it’s pretty close. But I’ve found a Web site out there, TinEye, that can actually perform reverse images searches today.

To use TinEye, you can upload a photo from your computer or point the site to a Web page that already hosts the photo. TinEye then returns a list of sites using the same image.

TinEye is far from perfect. It often identifies photos that are similar to–but not exactly the same as–the source image. Worse, TinEye’s database of photos represents only a fraction of what’s available on the entire Internet–so if you get zero results, that doesn’t mean your photo isn’t being repurposed out there somewhere.

A new zero-day bug has hit Windows 7. Here’s how to keep it from harming your PCs.

It was a notable accomplishment when Windows 7 was not impacted in any way by the vulnerabilities addressed in the six Security Bulletins released by Microsoft for the November Patch Tuesday. It would be even more impressive if Windows 7 proved invulnerable to the zero-day exploit that hit the next day.

This newly found bug was discovered by Laurent Gaffie and details were posted on the Full Disclosure mailing list. Microsoft is investigating the reported flaw which basically crashes a Windows 7 system when exploited. The issue is in the SMB (Server Message Block) protocol that forms the backbone of Windows file sharing. When triggered, the flaw results in an infinite loop which renders the computer useless.

Windows 7 zero-day bugTyler Reguly, Lead Security Research Engineer with nCircle, explains “Exploitation of this vulnerability occurs when a user attempts to browse to Windows Share hosted on the malicious server. On Windows 7, the DoS (denial of service) will occur as soon as you type ‘\\\’ in the search box. ”

The vulnerability actually impacts both Windows 7 and Windows Server 2008 R2. There are currently a couple different proof-of-concept exploits circulating, but there are no reported attacks in the wild at this point. Because the flaw only enables an attacker to crash the system, and doesn’t provide any unauthorized remote access that could lead to compromising information or performing other malicious activities, the odds of the exploit being actively used by attackers is fairly slim.

With some SMB-based bugs, you can minimize the risk of exposure by blocking SMB traffic at the router or firewall–essentially making sure that no outside source would be able to attack systems on your network. Blocking TCP ports 135 through 139, and port 445 will prevent outside SMB traffic from entering the network.

With the firewall blocked, the threat still exists internally, but ostensibly the systems on the internal network should be more trusted than those on the Internet and hopefully nobody on the internal network would intentionally launch such an attack. You could block those ports on the internal network as well, but then systems would be unable to access file and folder shares on the network.

With this particular bug though, the firewall will not protect you completely from outside attacks. Reguly says “There is an Internet Explorer-based attack vector. By including a file stored on a share in the HTML of the web page the flaw can be triggered. But, once again the result is a denial of service.”

Until Microsoft completes its investigation of the issue and releases a patch, you will just have to be vigilant about avoiding suspicious or malicious links on web pages. Because of the limited value of a DoS for the attackers, odds are good you won’t see any attacks from this.

Microsoft has described Windows 7 as the most secure operating system it has yet developed but ‘most secure’ doesn’t mean impervious. Windows 7 is still significantly more secure than Windows XP, but news of the Windows 7 vulnerability certainly overshadows the fact that Windows 7 wasn’t impacted on Patch Tuesday.

Almost a third of the customers who have installed Microsoft’s free Security Essentials software have been found to be suffering from major malware infections.

Microsoft, which launched the free Security Essentials package for Windows in late September in eight major markets, revealed the figure as it prepares to roll out the software in China.

“What we’re seeing in the early downloads is that well over 30% of people who are downloading it are requiring a fair amount of cleaning,” said Amy Barzdukas, general manager, Internet Explorer and consumer security at Microsoft.

Delivering the opening keynote at RSA Conference Europe in London, Barzdukas also noted that the problems experienced by consumers varied widely by area.

“In China, we see a lot of malicious browser modifiers. In Brazil, there’s a lot of password stealers. In Korea, there’s a lot of polymorphous viruses. There’s no one size fits all in consumer security any more than in enterprise security.”

Microsoft’s move into the consumer security space has been controversial, with critics variously arguing that Microsoft will reduce competition in the security sector and that it should concentrate on making its core operating system more secure. However, Barzdukas said that Windows itself was only a small part of the problem.

“Fewer than 15% of the vulnerabilities that are being exploited today are in the browser or the OS. Instead they’re going into third party software and add-ons.”

Barzdukas also took a pot shot at Google’s rival browser Chrome, claiming that features of its design made it less secure than Internet Explorer 8.

“As you type in that omnibox, every keystroke that you type is sending a packet to Google.”

A new scareware campaign is putting a nasty twist to those online scams that try to frighten you into purchasing worthless antivirus protection.

PandaLabs virus hunter Sean-Paul Correll has discovered an attack that not only bombards you with obnoxious sales pitches – it also prevents you from opening any of your applications until you make a purchase. “It’s a major leap,” says Correll. “We have not seen this before.”

Six months ago, promos were being circulated for something called “FileFix Pro.” This particular scam began by encrypting files stored in the My Documents folder of the victim’s PC. Pitches would then follow to buy FileFix Pro to decrypt the files.

But this ongoing attack, promoting “Total Security 2009,” is much worse. It looks similar to the fear-based promos for Virus Remover 2009, SpywareGuard 2008, XP AntiVirus and other worthless security products, triggering fake scans showing your PC to be riddled with viruses. But it goes a step further by locking out access to all other applications. When you click on any other application a text balloon appears above the clock in the lower left corner of your desktop. You then get steered back to pitches to buy Total Security 2009.

Your machine is now unusable. You won’t be able to open Microsoft Office, your favorite online game, or even your antivirus clean up tools. The only thing you can open is Internet Explorer – so you can navigate to the Total Virus 2009 shopping cart page. There you can use Visa or MasterCard to pay $79.95 for a standard version. You may also opt to spend another $19.95 to purchase “premium” tech support services. Once the payment clears, you receive a serial number to activate TotalVirus. You can then open your other applications.

Correll surmises that scareware purveyors are becoming more aggressive because the lucrative scam – in which sales affiliates can earn six figure monthly incomes — may be getting saturated with practitioners. “They may not be making enough money, or maybe they want to make more money,” says Correll