donderdag 9 december 2010

De feestdagen komen er weer aan!

Ook voor internetcriminelen is het weer (zoals elk jaar) feest op de digitale snelweg.

Hieronder een aantal tips welke er voor zorgen dat je er ook deze winter weer warm bij kunt zitten, zonder je druk te maken over deze ongewenste activiteiten.


  • Wanneer je online aan het winkelen bent, controleer dan of je daadwerkelijk op de juiste site zit. Het is beter om zelf het adres van de site in te typen, dan te klikken op links welke naar zogenaamd vertrouwde sites linken.
  • Bij het zoeken naar populaire producten, zorg dan dat je goed op let waar deze zoekresultaten je heenbrengen, anders kom je misschien op plaatsen waar je echt niet terecht wil komen.
  • Controleer bij het doen van betalingen of de URL van de website met HTTPS begint.
  • Houd uw online bankrekening (Zoals PayPal) en betalingen met uw creditcard in de gaten. 
  • Gebruik verschillende wachtwoorden, zodat, ook wanneer uw wachtwoord toch word onderschept, een crimineel geen toegang heeft tot al uw gegevens.


Gebruik vooral je gezond verstand, en ga niet in op aanbiedingen die te mooi zijn om waar te zijn, want dit is vaak gewoon het geval!

dinsdag 30 november 2010

Attending the Virus Bulletin 'Securing Your Organization in the Age of Cybercrime' Seminar

Today, I'd like to talk about my visit to the VB seminar, where a lot of different security related subjects passed by.

Speakers at the event:
  • Bryan Littlefair, Vodafone Group
  • Bob Burls, Police Central e-Crime Unit
  • Juraj Malcho, ESET
  • David Evans, Information Commissioner's Office
  • Graham Cluley, Sophos
  • Alex Shipp
  • Richard Martin, UK Payments Administration
  • Andrew Lee, K7 Computing
  • Martin Overton, IBM

Things like "What is a Botnet" by Bob Burls or "Social Diseases Facebook/Twitter" by Andrew Lee to a technical analysis of the Stuxnet worm by Juraj Malcho. 
All in all, the room was filled with security "brains" who all seemed to know a great deal about their subject.
The most important subject to me, was about Social Networks (or diseases, as Andrew called them :) ) and the dangers to their users. The threat is real, and users fail to accept or understand this. The recent Firesheep addon for Firefox is an example of this. Just sit down at your local McDonald's to enjoy the free public WiFi there, only later finding out, that your login was used to post spam or malicious links on your wall. 
Or worse.. they pretend they are you, and invade your friends private lives, by using the address details of your friends. To prevent Firesheep from "hijacking" your session details, I advise you to NOT use your favourite Facebook/Twitter account on a network you do not know. There is no telling in who is watching you, and everything you do on their network could be monitored.
Also, keeping the above in mind, you might want to think before clicking a link from a friend to a Britney Spears nude video you'd love to see. They could be compromised just as easy.
The bottom line of the seminar; The education of our users will lead to a safer tomorrow. Let yourself be educated!

dinsdag 23 november 2010

A false sense of security

a term seen more and more on the internet. I was curious about it, and asked a few friends what they thought of their computers security. Most of them replied it was okay, and where pretty confident that apart from social networking websites (Like Twitter, Facebook, LinkedIn or the Dutch Hyves) they would not be found on the internet with their real names or (e-mail) address.

So I decided to put this to the test by simply using (almost) everyone's favourite search engine, and putting in their names. After about 5 minutes, I struck gold. I found a very recent list (20th of November) of user names, in the form of e-mail addresses and passwords, dumped from a Dutch gaming website.

My friend's address was one of them.

So, as any curious person would do, you start to try out the addresses to login to the users mailbox. It did not take long to get a successful login, so I called my friend, telling him, that I  "hacked" his mailbox. He was shocked to hear this from me, as he was very confident that this would be impossible because of the security measures he had on his PC.

I asked him why he picked the password that he did, and he explained to me (Since he's a good friend), that it was his pin codes from his bank accounts combined, to form a long password. So not only was his mailbox (and thus a lot of personal information) open to anyone who could use Google, but also, if someone manages to make the link, his bank account.

So even if you protect your own PC as good as possible, making you feel secure, this does not matter, when the websites you share your details with, are not. What is worse, is that a lot of people tend to use the same user name&password combination everywhere, so once one of those websites is compromised, or just not well protected, the bad guys will still be in control of your details.

Now I wonder, how do YOU protect your personal details? Let me know!

vrijdag 5 november 2010

Whitelisting vs. Traditional Antivirus solutions, the future?

During my stay on the SpicyLemon stand on InfoSecurity 2010 in The Netherlands I was asked if we also had a solution that provided whitelisting for the full OS as a security solution, or if this would be something for the future.

I have thought about this kind of security before, but I could never imagine myself using this on my systems as it limits what I want to do. Even if I get the option to "Allow" certain changes to my frozen system, it will kinda beat the whole point of whitelisting since the user is often the problem to begin with.

Maybe this is something for server systems, that do not have a user poking around all the time, but even then, Windows systems will still require updates, so this needs to be allowed on those systems aswell.

I doubt we will see this technology widely used over the next few years as it is too limiting. It might be an addition to the current AV products, and used on servers as an extra layer of security, but it will not replace the current solutions.