Posted on

Two Step Authentication for your Google Account

Losing control of your gmail account could be a nightmare.

 

Google has an advanced sign-in security for interested users which can prevent anyone else from logging into your account – even if they have your username and password.

 

This is done by configuring your phone to receive a one time password each time you wish to login, thus preventing others from accessing your google account.

 

If you have very sensitive information – including other site passwords – in your gmail account, check out this method at here.

Posted on

Advanced Persistent Threats(APT)?

In this blog post we understand what is an APT and how it is different from a traditional targetted human-hacker attack.

Most people will immediately point to the “persistent” part of the definition as the key differentiator. The normal targeted attackers break in, look around, and immediately target the most valuable found assets. They figure that the faster they get in and out with the treasure, the more money and the less risk they face.

By contrast, APT attackers are there to stay as long as they can. The attackers aren’t trying to steal everything at once. Instead, they exploit dozens to hundreds of computers, logon accounts, and email users, searching for new data and ideas over an extended period of months and years.

Even the treasure taken by APTs is different. The traditional attacker seeks immediate financial gain. They will try to steal identities, transfer money to foreign bank accounts, and more. APT attackers, on the other hand, almost always take only information and leave money untouched. Their targets are corporate and product secrets.

APT often steals large amounts of information each week, collecting it at a centralized computer within the compromised network, before sending it all home in a single archive file (often a tar ball). Many networks run APT bots that collect every new folder, file, and email, then send it home. The victims have an online backup system that rivals what they could otherwise pay for with a legitimate company.

Worse yet, APTs are usually so ingrained into an environment that even if you know where they are, they can be difficult or impossible to move.

Google,Dupont, Walt Disney and the latest addition to this list -RSA Inc have all been hit by APTs

Posted on

RSA Security Inc Hacked-How it Happened

RSA, the security division of EMC and producer of the SecurID systems used by countless corporations (and the Department of Defense), has been hacked. The company sent out messages to its clients and posted an open letter stating that it’s been the victim of an “advanced” attack that “resulted in certain information being extracted from RSA’s systems” — information “specifically related to RSA’s SecurID two-factor authentication products.” The copy of the letter can be found at this link-https://www.rsa.com/node.aspx?id=3872


The worry is that source code to the company’s SecurID two-factor authentication product was stolen, which would possibly allow hackers to reverse-engineer or otherwise break the system.


Initially, it released no details about how the attack was carried out. Now, RSA–which is a unit of storage giant EMC–has gone into some detail concerning how its systems were breached, in a blog post by Uri Rivner, whose title is Head of New Technologies, Identity Protection and Verification. It all started with phishing emails.


Over the course of two days, two groups of emails were sent to a small group of employees, none of them high profile, nor apparently especially senior. Though RSA doesn’t spell out who received them, the emails may well have gone to the human resources department or some other quiet corner of the company. The emails contained an Excel spreadsheet attachment entitled “2011 Recruitment Plans.” Naturally it was created to look just believable enough that one of the employees who received it fished it out of the spam folder to which it was initially directed and opened it. You can probably fill in most of the blanks from here.


The spreadsheet contained a Zero-day exploit that took advantage of a weakness in Adobe Flash, which has since been patched. Through that hole, attackers were able to install anything they wanted on the target machine. They chose a version of a program called Poison Ivy RAT, and in this case RAT stands for “remote administration tool,” a program that is used to control one computer from another in a different location.


Still unexplained at this point: What information was taken, and does it in any way affect the integrity of its own security products? When the attack was first disclosed, the company said that some information about its SecureID products was taken by the attackers. This has led to a lot of questions and speculation by security pros who naturally have to think about the worst-case scenario, and frankly, there are many for which the adjective “worst” would apply.


The big looming question is whether or not the attacker gained access to the seeds–the random keys embedded in each token–that are used to generate the constantly changing numeric codes that appear on the device’s display.


Posted on

PCI DSS Compliance Program undergoes a change

Last week, Visa announced a new Payment Card Industry Data Security Standard (PCI DSS) compliance program that will fuel dynamic data authentication.

 

This will mean that merchants will not need to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS) if at least 75% of the merchant’s annual Visa card transactions originate on smartcard-enabled terminals.

 

Continue reading “PCI DSS Compliance Program undergoes a change”