Tag Archives: name

Cloud Storage – Great Idea or Security Risk?

This guest post is contributed by my Aussie mate, Jim Hillier. Jim is the resident freeware aficionado at Dave’s Computer Tips. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele… as well as writing for DCT, of course.


“On no, we’ve lost all of little Johnny’s birthday snaps”, the woman cries as she holds her smashed smartphone aloft. With a knowing smile, her husband responds, “Don’t fret dear, they’re all in the cloud”. All is well, peace and harmony reign again.

wps_clip_image-27753

Even less than a decade ago, any mention of “cloud storage” or “data in the cloud” would have almost certainly elicited a puzzled response. Today though, I’d imagine just about everyone would be familiar with the concept. “The cloud”, it’s a rather exotic term which simply means your data is uploaded to and stored on somebody else’s server, essentially on an internet connected hard disk owned and operated by the cloud service provider.

There is no doubt that the advantage of being able to access data from anywhere on any device creates a massive appeal factor, especially for multiple device users. Not to mention the automatic backup element which is clearly demonstrated in the opening paragraph.

It all sounds like a great idea, that is until you start considering what might and can go wrong. Of course, cloud storage providers take the utmost care with your data, at least according to them. They apply top notch security measures including encrypted data transfers. Trouble is, the encryption key is also stored on their machines, which means any of their staff can access those files as can any hacker who manages to break into the system.

I realize every method is susceptible to hackers, whether the data is stored locally or in the cloud. However, which do you think would represent the most desirable target – a local disk containing only your own personal data or a mega database containing data uploaded from thousands (if not millions) of users, all in one place?

Another concern involves the future viability of a chosen cloud storage provider – just ask those who entrusted their data to Kim Dotcom’s Megaupload. What happens to your data if the company is sold, goes bankrupt, or just closes down? Then there’s the scenario where cloud storage providers can simply change the terms of their plans, exactly as Microsoft did recently when the company drastically reduced the amount of data storage available under its free OneDrive plan.

wps_clip_image-14964

I guess though, when it comes to data in the cloud, the greatest concern for most people is privacy. While Microsoft OneDrive openly scans all your files – for illegal content of course, most providers will collect data to share with “trusted third parties”. Naturally, many of these providers need to process sensitive information, such as your name, email address, phone number, credit card details and mailing address, in order to “improve their services”. And Santa Claus visits once a year around Christmas.

Despite the cynicism, I do believe that cloud storage can be decidedly useful and I’m certainly not dismissing the practice out of hand. However, as is the case with many situations… everything within reason.

I would not, for example, store any sensitive data in the cloud, whether encrypted locally beforehand or not. Family photos, life-memories, items which are valuable only to the user and serve no purpose for anyone else… sure, no problem.

Regardless, the important thing to remember is that any backup is preferable to no backup at all. If you don’t fancy storing your data in the cloud, dust off that external drive and use that instead. Works for me.

image

3 Comments

Filed under cloud storage, cybercrime, Don't Get Hacked, Internet Safety, Privacy, Technicians Advise, Windows Tips and Tools

Ashampoo Database Hacked – What You Need To Know

I could spend all day, every day, reporting on nothing more than the latest cyber criminal targeted intrusions into enterprise IT systems.  Two reports from my today’s Tech Net News column illustrate that we are barely scratching the surface of this significant, continuous, and rapidly expanding problem:

European Space Agency website and FTP servers hacked

Dramatic increase in cyber attacks on critical infrastructure

If you’re an everyday reader here, then you may recall that I regularly recommend that you take advantage of the German software developer Ashampoo’s, occasionally offered free application multipacks.

The downside (for some) is, you must register and provide an email address. Additional benefits can be gained by registering as an  Ashampoo member, which includes creating a password.

Unfortunately, Ashampoo has become a victim of a cyber criminal targeted intrusion aimed at their customer database. According to the company:

“Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately.

The stolen pieces of information are data of addresses such as name and e-mail address. Billing information (e.g. credit card information or banking information) is definitely not affected … it is not stored on our system.”

If you have taken advantage of Ashampoo’s offers, then it’s important that you exercise extreme caution with any future emails sent by the company and, any unsolicited email sent by any company, for that matter.

As well, if you have registered as an Ashampoo member, it’s important that you change your account password. Additionally, if you have used the same password elsewhere (you’d be surprised how often this occurs), it’s imperative that you change these passwords immediately.

My thanks to my buddy John B. (a great Scot!), for bringing this unfortunate incident to my attention this morning.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Malware Advisories, Phishing, Tech Net News, Windows Tips and Tools

Your Account Information Has Changed Phishing Attack

image The spam landscape changes constantly with new tactics and new threats evolving, seemingly on a daily basis. A recent tactic which appears to have found favor with cyber criminals is, the limited scale, targeted phishing attack – attacks which are aimed at a particular organization, or a particular industry segment.

Designating specific targets has some obvious advantages for cyber crooks, not the least of which is – most of us don’t get to hear about them. Since the focus is narrow, this type of threat typically slides under the radar and tends not to be reported due to the low numbers involved. Despite the low numbers, this type of attack can be surprisingly effective.

Given that the content is specific to the targeted recipient, the engagement factor, where the potential victim actually opens the email and attachments, is much higher than with a a broad scale shotgun attack.

Here’s a real world example of a current attack:

This week, in conversation with my friend Rod, an Australian antimalware company executive, he mentioned that his group of companies, and product users, had been targeted specifically as the following email samples indicate.

Sample 1:

Subject: Your antivirus.com.au account information has changed

Hello, xxxxx@antivirus.com.au.

We received your request to reset your antivirus.com.au password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.

If you didn’t request that your password be reset, please follow the instructions below to cancel your request.

Sample 2:

Hello, xxxxx a@nod32.com.au.

Please reply to this email message to confirm your subscription to nod32.com.au.

Your email address has been entered for a subscription to the nod32.com.au mailing list. However, your new subscription requires a confirmation that you received this email message and want to join this mailing list.

To confirm that you do want to join click here.

To unsubscribe immediately click here.

Thank you.

It’s obvious from the content, that the crooks involved in this attack have increased the chances of success, by providing the recipient with the opportunity to respond both positively, or negatively. If the recipient responds either way, the crooks win, and the victim loses.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address. It may take a little practice to realize the benefits in adding this precaution to your SOP.

For example, to do this is Gmail

Log in to Gmail.

Open the message you’d like to view headers for.

Click the down arrow next to Reply, at the top-right of the message pane.

Select Show original.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Online Safety, Phishing, spam

SpySkype.C Trojan Wants to Talk to You!

Panda Security’s weekly report on viruses and intruders (1/30/2009) provides details on a recently discovered Skype Trojan classified by Panda as SpySkype.C. The initial objective of this malware is to steal the user’s login details.

According to Panda, the Trojan achieves its ends by convincing the user that a new Skype plug-in, Skype-Defender has been loaded onto the potential victim’s computer. As is common with this type of parasite, user action is then required to complete the infection.

Skype 1

Following the acceptance of the installation of the Trojan, users are instructed to enter their user name and password on a spoofed web page which are then transmitted to the malware’s author.

Skype 2

Luis Corrons, Technical Director of PandaLabs, explains the ultimate objective of the SpySkype.C Trojan is to use the newly infected account to spam the victims Skype contacts through the messaging service. According to Corrons “these messages can include a copy of this malware, or a different example of malware”.

To keep ahead of malware threats, go to Panda Security’s malware information site. For additional information on Skype scams read TechPaul’s Skype — “Windows Requires Immediate Attention”.. Not!

4 Comments

Filed under Don't Get Hacked, Interconnectivity, Malware Advisories, Skype, trojans, VOIP, Windows Tips and Tools, worms

Free Port Analyzers – Defeat Spyware/Botware


Windows XP has a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process, if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type netstat -r to display the contents of the IP routing table and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The netstat -s option shows all protocol statistics.

The netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers. A very good source of information is Steve Gibson’s website, Shields Up, where you can test all the ports on your machine, as well as testing the efficiency of your Firewall. Take the Firewall test; you may be surprised at the results!

If you are unfamiliar with, or uncomfortable with using the command structure, there are a number of free real-time port analyzers available for download.

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Quick Facts:

· View currently running processes along with the full path and file which started it

· View the active TCP Listeners and the processes using them

· View the active TCP and UDP connections along with Process ID

· Double click on a process to view the list of DLL’s

Download at: Download.com

CurrPorts allows you to view a list of ports that are currently in use, and the application that is using it. You can close a selected connection and also terminate the process using it. As well, you can export all, or selected items to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Quick Facts:

· View current active ports and there starting applications

· Close selected connections and processes

· Save a text/ HTML report

· Info on local port name, local/remote IP address, highlighted status changes

Download at: Download.com

1 Comment

Filed under Anti-Malware Tools, Diagnostic Software, Free Security Programs, Freeware, Interconnectivity, Internet Safety, Internet Safety Tools, Online Safety, Safe Surfing, Software, Spyware - Adware Protection, System Security, Utilities, Windows Tips and Tools