websites

techblog November 27, 2012

Post Cyber Monday thoughts

Now that the Cyber Monday and Black Friday madness of buying at reduced prices is almost over, we expect to see the spam and scam campaigns related to these events. Every year, in the last week of November the two events bring into our inboxes a lot of spam and scams trying to make use of the buying frenzy of the unaware users. With the continuous growth of the social media websites like Twitter, Facebook and others, we see also a lot of such offers published there as well. The campaigns have started about a week before the Black Friday, trying to lure users to buy various things at unbelievable prices. Now, being in the middle of the week, we are seeing spams containing offers related to various opportunities of reselling the goods which were bought during this time and are not wanted by their owners. Exactly the same is happening after Christmas until middle of January every year. All these have something in common: social engineering and greed. I think that anyone would click on an offer if he sees a product which he wants since a lot of time, but it was too expensive to purchase. If below the…

News September 8, 2012

How to prevent SSL sniffing through fake certificate injection attack?

SSL stands for Secure Socket Layer and is an encryption protocol used to secure the communication on a network. SSL is used to encrypt the segment of network connections and it uses several methods to encrypt the data, depending on the goal which needs to be achieved: asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity. A certificate injection attack misuses the first type of cryptography algorithms: asymmetric cryptographic algorithms. Asymmetric cryptography system requires two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private. If the lock/encryption key is the one published then the system enables private communication from the public to the unlocking key’s owner. If the unlock/decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key. Although in this latter case, since encrypting the entire message is relatively expensive computationally, in practice just a hash of the message is encrypted for signature verification purposes. In order to be able…

quoted, Spam & Phishing May 26, 2011

Email Spam Not the Problem it Once Was for the End-users

IT security expert Avira found during recent surveys of its customers that email spam is still an everyday occurrence, but not the nuisance it once was. Nearly half of all end-users are satisfied with the anti-spam filters on their PCs and laptops, plus many others rely upon their Internet Service Provider (ISPs) to filter messages. The vast majority of users receive fewer than 10 spam emails per day. “The Spam landscape has clearly changed in the last two years with the take down of a couple of major botnets,” said Sorin Mustaca, data security expert at Avira GmbH. “Considering the fact that almost all email providers have a form of spam filtering installed on their servers, end-users receive only what the anti-spam solutions on the servers don’t catch. What really surprised me was that 45% of the users answered that they have an anti-spam solution on their computers and that they are satisfied with it. Overall, there is clearly work to be done within the security industry to get rid of 100% of all spam emails, but progress is being made.” The larger security challenges today include fighting web-based Trojans and spyware that harvest credit card numbers and personal identity…

News, security September 21, 2010

onMouseOver() Twitter security flaw (+Update)

A Twitter security flaw is being widely exploited on Twitter, showing remote content from third-party websites without user’s consent. The flaw uses a JavaScript function called onMouseOver() which creates an event when the mouse is passed over a text or link. Any user can use this flaw to create simple popups, redirect the page to somewhere else, retweet some messages or hide parts of the message. The link has to be constructed in such a way that it starts with http://twitter.com/<text>@”onmouseover=”<code>” The problem is that Twitter doesn’t filter the code, it instead executes it. To overcome the problem, use some 3rd party websites to work with Twitter. These website use the API directly and not the twitter.com website GUI. Another solution is to use the mobile website, which doesn’t seem to have the flaw. Update: Twitter fixed the problem : http://blog.twitter.com/2010/09/all-about-onmouseover-incident.html

quoted, security September 17, 2010

Interview with me in Signal Magazine : “Web Surfers Suspicious”

This is an interview I gave on telephone for Signal Magazine. “… Internet can be a dangerous activity, but the security status of different types of websites is not the same, Sorin Mustaca, data security expert, says. … ” I am a little bit unhappy about this, which I never said: “Mustaca admits that the survey information is more anecdotal than scientific” What I said was: “the interview was made with a random sample of Avira users”. But from experience I know that it can be much worse. 🙂 Enjoy.

News August 28, 2009

Using ping.fm

I have to many services which I like to use: Facebook, LinkedIn, Twitter, this blog and others. But how can I keep them synchronized ? I can’t… because they are just too different. I found by mistake a service which can… It is called Ping.fm and it actually works : I write in one place something and it is automatically posted in all the above websites. This is cool… Expect more infos from me 😉

News, Spam & Phishing May 10, 2008

New article in Virus Bulletin: Delivering reliable protection against phishing websites

I did it again : I’ve written a new article for VB 🙂 Note that you need an account in order to read it. Delivering reliable protection against phishing websites