Windows: Password Security Scanner from NirSoft is a program that does what its name suggests: Scans the passwords in Windows applications (Microsoft Outlook, Firefox, Internet Explorer, and more) and displays security information about the passwords—without actually showing you the passwords.
Thus, you can use the utility to audit password strength on others’ computers or your own. Password Security Scanner displays the password’s length and also the number of: numeric characters, lowercase letters, uppercase characters, non-alphanumeric characters, non-English characters, and repeating characters. It also assigns a password strength rating from 1 (very weak) to over 45 (very strong).
It’s a portable program that can also scan passwords in Windows VPN/dialup, MSN/Windows Messenger, and Windows Live Mail in addition to the applications above. (More applications coming in future versions.)
Handy whether you’ve got several PCs to check or just want to quickly audit your own passwords.
View source…
FAKE ANTI-VIRUS software is now the leading earner for cybercriminals, a security expert has said. Sometimes called scareware, it’s designed to trick unsuspecting people into thinking their computer is infected with a virus and offers to clean their PC for a fee.
“The biggest moneymaker on the internet used to be porn. Today it’s the pop-up virus scam. Some gangs are making a million per week,” said Ed Gibson, formerly with the FBI and Microsoft, now a director at PricewaterhouseCoopers in the US.
Scareware can appear when a person receives a spam e-mail encouraging them to click on a link and the software is downloaded without their knowledge. In other cases, search results for popular subjects such as recent news events are “poisoned” so that links appearing near the top actually lead to sites hosting malicious software.
Typically, a message pops up on the person’s screen telling them their computer is infected and they have to download software to fix the problem. Costing anywhere between $30 and $50 (€21 and €35), the software is designed to look like a genuine anti-virus product and appears to scan the machine and fix the problem. Even Apple Macs, long considered to be immune to most computer viruses, are now being targeted by attackers, and fake anti-virus is their weapon of choice.
Scareware takes advantage of the principle that a little knowledge is a dangerous thing: it relies on people having some awareness that they need to protect their PCs from threats, and the likelihood that some will instinctively respond to a prompt to remove any virus without checking whether the claim is bogus.
Read more…
Updated The attack on a second law firm with a history of involvement in copyright litigation has turned out to be something of a damp squib. Anonymous extended its fight against organisations supporting anti-piracy efforts to solicitors Davenport Lyons on Thursday night, with plans to flood its website with spurious traffic and carry out a defacement.
The move is the latest phase in a campaign dubbed “Operation: Payback Is A Bitch”, which began over the weekend with successful DDoS attacks against the websites of the Motion Picture Association of America and the Recording Industry Association of America (RIAA), before proceeding to less successful assault against the British Phonographic Industry (BPI). The campaign is a retaliation against the use by Bollywood studios of a firm called Aiplex Software, which launches DDoS attacks on Torrent sites that fail to respond to takedown notices. Aiplex was among the early targets of the attacks.
These assaults moved onto the website of solicitors ACS:Law on Tuesday, briefly taking it offline. The law firm sends threatening letters to alleged copyright infringers urging them to pay £500 or risk being taken to court.
Read more…
The gist of this column lately has been that threats of “cyberwarfare” waged through the public Internet are the stuff of Hollywood schlock and patriotic pulp fiction. But there are other ways to wage electronic war, and they tend to be more terrifying precisely because they’re tougher to fight.
Siemens announced in July that a malicious bit of code called Stuxnet could spread on USB thumb drives and try to lift industrial secrets from its clients around the world. It’s the first large-scale worm of its kind, an act of sophisticated industrial espionage that indicates the real future of electronic warfare.
“Stuxnet,” according to PCWorld, “marks the first time that someone has targeted the factory floor” with a software virus.
The Munich-based Siemens corporation specializes in “automated systems,” from fire alarms to robotic factories to power grids. This worm in particular went after a Siemens industrial software suite called WinCC. A company spokesman said WinCC is used by “thousands” of plant managers worldwide, and the worm reportedly found its way — without causing major damage — into 14 plants in Germany, Indonesia, India, North America, the United Kingdom and (primarily) Iran.
Read more…
In an offense called “Operation Payback,” members of the Internet collective Anonymous have organized what seems to be anti anti-piracy movement. Dubbed by Torrent Freak as the ”protest of the future” the group has been pretty busy over the past 36 hours launching DDoS attacks on the MPAA, Indian anti-piracy site AiPlex Software and today both RIAA.com and RIAA.org. The attacks are apparently in retaliation for comments the CEO of Aiplex software made about his firm being hired by the film industry to take down The Pirate Bay.
The original call to arms below:
How fast you are in such a short time! Aiplex, the bastard hired gun that DDoS’d TPB (The Pirate Bay), is already down! Rejoice, /b/rothers, even if it was at the hands of a single anon that it was done, even if ahead of schedule. now we have our lasers primed, but what do we target now?
We target the bastard group that has thus far led this charge against our websites, like The Pirate Bay. We target MPAA.ORG! The IP is designated at “216.20.162.10″, and our firing time remains THE SAME. All details are just as before, but we have reaimed our crosshairs on this much larger target. We have the manpower, we have the botnets, it’s time we do to them what they keep doing to us.
Read more…
Following a call to arms yesterday, the masses inhabiting the anonymous 4chan boards have carried out a huge assault on a pair of anti-piracy enemies. The website of Aiplex Software, the anti-piracy outfit which has been DDoSing torrent sites recently, is currently down having been DDoS’d. They are joined in the Internet wasteland by the MPAA’s website, also currently under huge and sustained attack.
Don’t mess with the Internet they say. Well, actually stronger terms than that are often used, but the end result is the same. When people get organized on the Internet, very strange and powerful things can happen and in few places can this be more true than on the 4chan message boards.
Sometimes things need sorting out, and what better way than getting hundreds of thousands of anonymous users of this notorious message board to work together to achieve it. If they’re not trying to bring down Scientology, they’re teaching foul-mouthed pre-teen girls a lesson or using their combined forces to destroy the lives of stupid bankers who think it’s ‘funny’ to throw cats in the trash.
Yesterday two new targets hit the radars of ‘Anonymous’, the faceless and powerful hordes who carry out 4chan attacks. The beauty is that anyone can join in the action, 4chan ‘membership’ is not even required. People wishing to participate can simply load up their Low Orbit Ion Cannon (LOIC) and enter the IP address they want to attack. The resulting assaults are massively distributed making defending against them almost impossible.
Yesterday’s target one was everyone’s favorite Indian anti-piracy company, AiPlex Software. A completely unknown entity until a couple of weeks ago when they stupidly admitted to DDoSing uncooperative torrent sites (then unsuccessfully trying to backtrack), it seems their rise to fame came at a price.
Read more…
Reducing software piracy by 10 percentage points in four years would inject a whopping USD 142 billion into the global economy, create nearly 500,000 new jobs and generate close to USD 32 billion in new tax revenues for governments, a new study has revealed.
The study – The Economic Benefits of Reducing Software Piracy – carried out by the Business Software Alliance (BSA) and the leading market research firm IDC, says that achieving the 10-point reduction in piracy in the first two years of the same four-year period could boost the economic benefits another 36 per cent.
US, the world’s largest software market, could add more than 25,000 jobs, nearly USD 38 billion in new economic activity and USD 6.1 billion in tax revenues by reducing piracy 10 points in four years.
It could boost the new spending and tax revenues another 38 per cent by achieving the piracy reduction in half the time, the report said.
The BRIC markets (Brazil, Russia, India and China) could add nearly 328,000 new jobs, almost USD 29 billion in new spending and more than USD 6 billion in new taxes by reducing piracy 10 points in four years.
“They could boost the spending and taxes another 32 per cent if they achieve the reduction in two years,” the study said.
European Union countries stand to add more than 61,000 new jobs, nearly USD 43 billion in new consumer and business spending, and close to USD 13 billion in new tax revenues by reducing piracy 10 points in four years.
Read more…
A highly lauded privacy tool designed to help Iranian activists circumvent state spying and censorship has been disabled after an independent researcher discovered security vulnerabilities in the system that could potentially expose the identities of anonymous users.
Users have been instructed to destroy all copies of the software, known as Haystack, and the developers have now vowed to obtain a third-party audit of the code and release most of it as open source before distributing anything to activists again.
Haystack is designed to encrypt a user’s traffic and also obfuscate it by using steganography-like techniques to hide it within innocuous or state-approved traffic, making it harder to filter and block the traffic. Despite its nascent status, Haystack got widespread media attention, including from Newsweek recently.
The tool is still in development, but an initial diagnostic version was being used by “a few dozen” activists in Iran when security researcher Jacob Appelbaum, a U.S. volunteer with WikiLeaks, discovered vulnerabilities in the source code and implementation of the system that could potentially place the lives of activists at risk.
Austin Heap, one of the tool’s developers, has faced sharp criticism from Appelbaum and others for failing to vet the tool with security professionals before distributing it for use. The media have also been criticized for failing to properly examine the system before praising it as an option for activists.
“The more I have learned about the system, the worse it has gotten,” Appelbaum said. “Even if they turn Haystack off, if people try to use it, it still presents a risk…. It would be possible for an adversary to specifically pinpoint individual users of Haystack.”
Read more…
VERO BEACH, Fla. — SpectorSoft Corporation, the worldwide leader in Internet monitoring and surveillance software, today released a new product for consumer and corporate remote monitoring and surveillance: eBlaster Mobile. The first release of eBlaster Mobile, available for purchase at www.SpectorSoft.com, works with RIM BlackBerry® devices. It records all of a user’s call logs, mobile email, and text activity, and can be installed and configured within minutes.
eBlaster Mobile allows you to remotely monitor the activity of anyone using a BlackBerry that you own, but don’t use, such as one you’ve given to a child or assigned to an employee. All recordings are organized into an easy-to-read Activity Report that is automatically sent to your email address as frequently as you choose. With eBlaster Mobile, you’ll be notified of all:
* Email Activity – Get transcripts of emails sent or received through one or more personal mail accounts setup on the BlackBerry Internet Service (including @aol, @gmail, @hotmail, @yahoo, and @carrier.blackberry.net) and company messages sent through a BlackBerry Enterprise Server. Even when a user deletes an email, eBlaster Mobile will keep a copy of that message for review.
* Text Message Activity – Receive transcripts of text message conversations – every word that was typed on both sides of the conversation. You can receive immediate notification of text messages, regardless of whether a message was deleted from the phone.
* Voice Call Log – See when and who they are calling and for how long. Find out if your children are talking on the phone during times when you have asked them not to, such as when they are supposed to be doing homework or after bedtime. Or, determine if your employees are using a company phone to make or receive too many personal phone calls.
Activity Reports are delivered to your email address as often as every 30 minutes or as infrequently as once a day. eBlaster Mobile Instant Notification keeps you “in-the-know” by forwarding you a transcript of every message sent and received. Settings can be changed remotely via a web interface any time you are viewing an eBlaster Mobile Activity Report, eliminating the need to gain access to the BlackBerry to change the email address where reports and notifications are sent, alter how frequently they’re sent, or change the activities to be recorded.
Read more…
![]( "Spam, Keyborad, Cyber, Phishing, Scam,")
A federal magistrate judge has recommended that Microsoft be given ownership of 276 internet addresses used to control “Waledac,” a massive botnet that the software company has been working to bring down.
The recommendation by Magistrate Judge John F. Anderson of the US District Court for Eastern Virginia is a victory in Microsoft’s experimental campaign to wrest control of one of the net’s biggest menaces. The effort, which commenced in February, has combined technical and legal maneuvers in an attempt to disrupt Waledac, which was once one of the 10 biggest botnets and a major distributor of spam.
Just a few weeks after the launch of Operation b49, as Microsoft dubs the takedown, as many as 90,000 zombie PCs lost contact with the command and control channels used to send malware updates that keep them infected. It was the result of a novel move, in which Microsoft lawyers sought a temporary order that seized control of 277 domain names used to administer the channels.
“To date, we have seen virtually no reemergence of Waledac traffic,” Jeff Williams, principal group program manager for Microsoft’s Malware Protection Center, wrote on Wednesday. “This puts the Waledac takedown among a very few successful efforts to shut down a botnet without having it re-emerge.”
Read more…
ST. PETERSBURG — Facial recognition technology was pioneered by the Pinellas County Sheriff’s Office almost a decade ago. The software can glean an uncooperative suspect’s name from a photo. Officers from Tampa Bay to Miami and Jacksonville to Tallahassee are using it.
The St. Petersburg Police Department is up next.
The City Council has approved spending $88,400 to give the city’s officers and detectives the same digital capabilities that many Tampa Bay law enforcement agencies already enjoy.
Using the sheriff’s software and database, St. Petersburg police will be able to match a suspect’s face against photos of more than 7.5 million offenders from across the United States.
It’s one of the nation’s largest such databases, used routinely by deputies in Pinellas, Pasco, Hillsborough and Hernando. Now Assistant Chief Dave DeKay said St. Petersburg wants to see what it can do with the system.
“We liked what we heard about it and thought we’d try it out in the field and see how it works,” DeKay said.
“We don’t know where it will lead to, but if it helps us identify people quicker, if it helps us get more names, if it helps us check surveillance photos for more investigative leads, it’s going to benefit us,” the assistant chief said.
Read more…
PRINCETON, N.J. — Payments processor Heartland Payment Systems Inc. on Wednesday said it will pay $5 million to Discover Financial Services Co. to resolve issues between the companies related to a 2008 data breach.
Hackers installed spying software on Heartland’s computer network in 2008, giving them access to data including account numbers, expiration dates and in some cases customer names on the systems that process Visa, MasterCard, American Express and Discover Card transactions. The company revealed the problem in January 2009.
Heartland said Wednesday the deal with Discover marks its final agreement with a card brand related to the incident.
According to a recent regulatory filing, Heartland had previously reached breach-related settlements totaling $114.7 million. That included a $3.5 million payment to American Express, $59.3 million in payments to Visa and several banks, and $41.4 million to MasterCard Worldwide.
Heartland shares closed Wednesday trading up 69 cents, or 4.9 percent, at $14.84. Discover shares ended
the session up 65 cents, or 4.5 percent, at $15.16.
View Source…
