Guard Privacy & Online Security News & Information

Guard Privacy & Online Security Home : Guard Privacy Blog Home : February 2008

February 1, 2008 11:52 - Bush Orders NSA To Spy On US Agencies

President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems.

Under the new guidelines, the NSA and other intelligence agencies can bore into the internet networks of all other agencies. The Bush administration pulled off this spy expansion by pointing to an increase in the number of cyber attacks directed against the US, possibly from foreign nations.

Until now, the government's efforts to protect itself from cyber-attacks by hackers, organized crime and foreign governments trying to steal sensitive data, have been relatively piecemeal.

The Office of the Director of National Intelligence (ODNI) will spearhead the effort around identifying the source of these attacks, while the Department of Homeland Security will protect systems and the Pentagon will concentrate on retaliation.

There has been a string of attacks on networks at the State, Commerce, Defense and Homeland Security departments in the past year and a half. U.S. officials and cyber-security experts have said Chinese Web sites were involved in several of the biggest attacks back to 2005, including some at the country's nuclear-energy labs and large defense contractors.

Allowing a spy agency to monitor domestic networks is worrisome, said James X. Dempsey, policy director of the Center for Democracy and Technology. "We're concerned that the NSA is claiming such a large role over the security of unclassified systems," he said. "They are a spy agency as well as a communications security agency. They operate in total secrecy. That's not necessary and not the most effective way to protect unclassified systems."
See the full article

To reference this entry please copy the url in this link: (Permalink)

February 7, 2008 21:19 - MySpace And Facebook Users Now Threatened By Malicious Hackers

FaceBook and MySpace users are vulnerable to hackers because of a software flaw, resulting from a failure in software used to upload images.

Symantec have issued a warning that an ActiveX flaw exists in image uploaders that have been widely distributed to MySpace and Facebook users... so, if you have been uploading photos or videos, you could be at risk.

Symantec warned that an attacker exploiting the ActiveX vulnerability could inject malicious code into the PC of anyone who has installed an uploader containing the flaw on their PC, enabling attackers to take control of the PC.

One likely attack scenario may involve hackers using phishing emails to lure MySpace and Facebook users to malware sites and then exploiting the ActiveX flaw in the uploader on the user's computer to gain control of the unit or steal the user's data.

It appears Facebook and MySpace have identied a solution and are working to individually alert users of any additional steps that need to be taken to ensure user security.

Learn more about hacking

To reference this entry please copy the url in this link: (Permalink)

February 20, 2008 21:44 - Beware Of The Growing Threat Of Keyloggers

As more and more of us conduct our financial transactions online, our personal details are at risk from a carefully located keylogger. In fact, any individual or organisation that accesses, inputs or stores private information is at risk.

By discovering user names, passwords and encryption codes from innocent users, keyloggers open up a world of extremely valuable information to thieves. Email addresses, instant messaging usernames, financial data and other sensitive details are all vulnerable to a keylogging attack.

Keyloggers are, therefore, ideal tools for stealing personal information and industrial espionage, damaging business relationships and financial reputation.

So how do keyloggers end up on our computers? Traditionally, keyloggers have been pieces of software which can be installed on a computer through a virus or as spyware. An example is the fake e-greetings card which, when opened, directs your browser to an exploit server. This server checks for web browser patches and if there is a vulnerability, it downloads a keylogger.

Fortunately, software keyloggers are easy to detect. Anti-virus software and spyware blockers will prevent Trojans and spyware entering the system in the first place.

Unfortunately, as software keyloggers get easier to identify, criminals are increasing their use of hardware keyloggers. The first type is a small device installed at the back of a PC between the keyboard and its connection to the machine. It has a memory capacity that allows up to two million key strokes to be recorded - representing about five year's worth of typing for the average computer user. However, these keyloggers are easy to find ... providing you know where to look.

The second type of keyloggers are those that are built into the keyboard. Thieves will either replace the keyboard completely or dismantle it, insert a keylogging device, and re-assemble it. Unfortunately, the chances of visual or manual detection are almost zero.
For more information on surveillance spyware

To reference this entry please copy the url in this link: (Permalink)

January 2008 « 


RSS Feed For This News

Guard Privacy Blog Home | Archives | Guard Privacy... Hot New Topics | Internet Privacy & Security Risks... News! | Spyware & Spyware Blockers... News! | | Guard Privacy From Spyware | Guard privacy With Anonymizers