Showing posts with label hackers. Show all posts
Showing posts with label hackers. Show all posts

Tuesday 16 March 2010

, , , , , ,

Never Use These Passwords

No comments  
Never Use These Passwords


Computer security is more important than ever these days and one of the most simple things you can do to protect yourself is come up with a password that is not easy to guess. Sure, it's tempting to come up with something easy for your own benefit; with all of passwords we have to remember these days, you probably find yourself forgetting your passwords if you don't keep careful documentation of them, but an easy password is like an invitation to anyone looking to steal your information.

According to researchers at the University of Maryland's James Clark School of Engineering in College Park, unsecured computers are hacked into over 2,000 times a day or every 39 seconds. Study leader Michel Cukier says it's a lot more common than you think, "Most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities. Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections. The computers in our study were attacked, on average, 2,244 times a day."

Hackers are experts at coming up with passwords. For example, many people use their user name as their password. If you think you're being clever, guess again. 43% of the time, hackers are able to guess passwords by simply guessing that it's the user name. So what other kind of passwords are common and easily guessed? Below is a list of the ten most common passwords:

  1. User Name
  2. User Name with 123 at the end
  3. 123456
  4. the word "password"
  5. 1234
  6. 12345
  7. passwd
  8. 123
  9. test
  10. 1

If any of these sound familiar, you probably need to change your information immediately. In addition, you might want to reconsider your user name if it's one of these top ten common user names:

  1. root
  2. admin
  3. test
  4. guest
  5. info
  6. adm
  7. mysql
  8. user
  9. administrator
  10. oracle

Once a hacker gains access to your computer, any number of things can happen. According to the study, the first things they do are check your software configuration, change your password, check your hardware and software configuration again, download a file, install the downloaded program and run the downloaded program.

But why are they doing this? Often, they are creating a "botnet." A botnet monitors your computer and reports back to the hacker. They can lead to fraud or identity theft, disrupt other networks or damage computer files, and lots of other criminal activity.


Looking for Computer / PC Rental information? Visit the www.rentacomputer.comPC Rental page for your short term business PC needs. Or see this link for a complete line of Personal Computer Rentals.

Thursday 12 November 2009

, , , , , ,

Adobe Flash potentially puts most computers and users at risk

No comments  


According to researchers there is a flaw within Flash that allows hackers to launch silent attacks on websites and users. Adobe hasn't tried to hide the fact that it is true and has suggested that its up to site designers to make sure they design their sites in such a way to prevent the attacks.

"The magnitude of this is huge," said Mike Murray, the chief information security officer at Orlando, Fla.-based Foreground Security. "Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this."

The problem lies in the Flash ActionScript same-origin policy which is designed to limit a Flash object's access to other content only from the domain it originated from, added Mike Bailey, a senior security researcher at Foreground. Unfortunately, said Bailey, if an attacker can deposit a malicious Flash object on a Web site -- through its user-generated content capabilities, which typically allow people to upload files to the site or service -- they can execute malicious scripts in the context of that domain.

"This is a frighteningly bad thing," Bailey said. "How many Web sites allow users to upload files of some sort? How many of those sites serve files back to users from the same domain as the rest of the application? Nearly every one of them is vulnerable."


The problem is that Adobe and security companies are trying to get the word out, but web application designers and programmers aren't listening. A few of the major sites that have actually locked down their servers to protect their users include Microsoft's Windows Live Hotmail and Google's YouTube, but sites like Google's Gmail and even some Adobe sites, still remain vulnerable. The researchers say the likelihood of an attack on Gmail is still very small, its also a very real possibility.

The only current defense users can employ against such attacks is to stop using Flash, or failing that, restrict its use to sites known to be safe with tools such as the NoScript add-on for Mozilla's Firefox, or ToggleFlash for Microsoft's Internet Explorer.

"The best mitigation is to not use Flash," argued Murray, "but we know that that's impossible for most users, since Flash is so widely used on the Web."

"Almost everyone using the Internet is vulnerable to a Web site that allows content to be updated inappropriately," said Murray. "That's not hyperbole, it's just fact. This has the potential to affect any social media site, any career site, any dating site, many retail sites and many cloud applications. That's why this attack is so serious. End users would never know they got exploited."



The best suggestion would be to get the news out about the vulnerability and hope that Adobe gets a patch to fix the problem before the slight flaw turns into a major headache for everyone.