fbpx

Though Yahoo is a legitimate search engine, if it isn't your preferred site, it can be frustrating to have it continuously pop up every time you open your internet browser. But, you can easily resolve the issue -- here's how.

yahoo.jpg

If your default search engine keeps changing suddenly to Yahoo, your computer may have malware

The problem can likely be attributed to malware — specifically, the Yahoo search redirect virus. This virus works by rapidly redirecting your browser to an intermediary site (or sometimes to multiple sites) and then depositing you onto the Yahoo site. Any revenue then generated via clicks made on Yahoo will direct some revenue back to those intermediary sites. The hackers responsible for the virus also use it to collect your data and track your internet activity. 

So it's not Yahoo's fault, but it is an issue you need to clear up. You don't want to be forced to use Yahoo by malware that can track you and potentially harm your computer. 

flash.jpg

Beware of suspicious pop-ups like this one asking you to update Adobe Flash; these can be vehicles for the Yahoo redirect virus. 
Steven John/Business Insider

There are many ways your system can contract the redirect malware, but the solution is the same for most browsers: reset your browser's settings.

How to reset Safari browser settings

1. With Safari open, click the word "Safari" at the top left bar on your screen, then click "Preferences."

2. Click the gear wheel for "Advanced" and make sure the "Show Develop menu in bar" box is checked.

advanced.jpg

If “Show Develop menu in menu bar” is not selected already, click the box. 
Steven John/Business Insider

3. Click "Develop" in the top task bar, then click "Empty Caches" in the dropdown. 

4. Now click "History" from the top taskbar and clear all search history.

5. Finally, go back to "Preferences" and click "Privacy," then hit "Manage Website Data…" and "Remove All" on the pop-up window.

Now restart Safari and you should be all set.

How to reset Chrome browser settings

1. Open Chrome and click the three dots at the top right of the browser, then click "Settings."

google.jpg

Make sure you are logged into your account before trying to change settings. 
Steven John/Business Insider

2. Scroll down and click to expand the "Advanced" section, then click "Restore settings to their original defaults" under "Reset settings." 

3. Click "Reset settings" on the popup window to confirm.

Wiping your browser settings will clear all cookies and extensions and reset your search engine, new tab page, startup page, and pinned tabs. It will not erase your saved passwords, history, or bookmarks. Restart Chrome and off you go.

How to reset Firefox browser settings

1. Open Firefox and then click "Help" and then "Troubleshooting information."

2. Click the button that says "Refresh Firefox." 

3. In the popup window, click "Refresh Firefox" to confirm.

Your browser should now be clear of any malicious add-ons. 

[Source: This article was published in businessinsider.com By Steven John - Uploaded by the Association Member: Jay Harris]

Categorized in Search Engine

Scraping the Dark Web using Python, Selenium, and TOR on Mac OSX

Warning: Accessing the dark web can be dangerous! Please continue at your own risk and take necessary security precautions such as disabling scripts and using a VPN service.

Introduction

Finding Hidden Services

Method 1: Directories

Method 2: Snowball Sampling

Environment Setup

TOR Browser

VPN

Python

Pandas

pip install pandas

Selenium

pip install selenium

Geckodriver

Firefox Binary

Implementation

from selenium import webdriver
from selenium.webdriver.firefox.firefox_binary import FirefoxBinary
import pandas as pd
binary = FirefoxBinary(*path to your firefox binary*)
driver = webdriver.Firefox(firefox_binary = binary)
url = *your url*
driver.get(url)

Basic Selenium Scraping Techniques

Finding Elements

driver.find_element_by_class_name("postMain")

driver.find_element_by_xpath('/html/body/div/div[2]/div[2]/div/div[1]/div/a[1]')
driver.find_elements_by_class_name("postMain")

Getting the Text of an Element

driver.find_element_by_class_name('postContent').text

Storing Elements

post_content_list = []
postText = driver.find_element_by_class_name('postContent').text
post_content_list.append(postText)

Crawling Between Pages

for i in range(1, MAX_PAGE_NUM + 1):
page_num = i
url = '*first part of url*' + str(page_num) + '*last part of url*'
driver.get(url)

Exporting to CSV File

df['postURL'] = post_url_list
df['author'] = post_author_list
df['postTitle'] = post_title_list
df.to_csv('scrape.csv')

Anti-crawling Measures

captcha.png

driver.implicitly_wait(10000)
driver.find_element_by_class_name("postMain")
import pandas as pddf = pd.read_csv('scrape.csv')
df2 = pd.read_csv('scrape2.csv')
df3 = pd.read_csv('scrape3.csv')
df4 = pd.read_csv('scrape4.csv')
df5 = pd.read_csv('scrape5.csv')
df6 = pd.read_csv('scrape6.csv')
frames = [df, df2, df3, df4, df5, df6]result = pd.concat(frames, ignore_index = True)result.to_csv('ForumScrape.csv')

Discussion

[Source: This article was published in towardsdatascience.com By Mitchell Telatnik - Uploaded by the Association Member: Deborah Tannen]

Categorized in Deep Web

An unlikely competitor enters the search engine market as Verizon Media launches its privacy-focused OneSearch.

OneSearch promises not to track, store, or share personal or search data with advertisers, which puts it in direct competition with DuckDuckGo. It’s available now on desktop and mobile at OneSearch.com.

What differentiates Verizon Media’s OneSearch from DuckDuckGo, a more established privacy-focused search engine, is the ability for businesses to integrate it with their existing privacy and security products.

In an announcement, the company states:

“OneSearch doesn’t track, store, or share personal or search data with advertisers, giving users greater control of their personal information in a search context. Businesses with an interest in security can partner with Verizon Media to integrate OneSearch into their privacy and security products, giving their customers another measure of control.”

Another unique offering from OneSearch is its advanced privacy mode. When enabled, OneSearch’s encrypted search results link will expire within an hour.

OneSearch’s advanced privacy mode is designed for situations where multiple people are using the same device, or if a search results link is being shared with a friend.

The full array of privacy-focused features offered by OneSearch include:

  • No cookie tracking, retargeting, or personal profiling
  • No sharing of personal data with advertisers
  • No storing of user search history
  • Unbiased, unfiltered search results
  • Encrypted search terms

Although it doesn’t sell data to advertisers, OneSearch does rely on advertising to keep its service free. Rather than using cookies and browsing history to target ads, OneSearche’s contextual ads are based on things like the current keyword being searched for.

OneSearch is only available in North America on desktop and mobile web browsers, though it will be available in other countries soon. A mobile app for Android and iOS will be available later this month.

[Source: This article was published in searchenginejournal.com By Matt Southern - Uploaded by the Association Member: Jay Harris]

Categorized in Search Engine

The lawsuit against Amir Golestan and his web-services provider firm Micfo is shedding light on the ecosystem that governs the world of online spammers and hackers, a Wall Street Journal article said on Monday (Feb. 17).

In this first-of-its-kind fraud prosecution of a small technology company, Golestan is facing 20 counts of wire fraud in a suit brought in the U.S. District Court in South Carolina. Golestan and his corporation have pleaded not guilty.

The alleged victim is the nonprofit American Registry for Internet Numbers, based in Centreville, Virginia. The company is in charge of assigning internet protocol (IP) addresses to all online devices in North America and the Caribbean, which in turn allows devices to communicate with one another online. The case revolves around IP addresses.

This is the first federal case that brings fraud allegations to internet resources. It could end up defining “new boundaries for criminal behavior” with the confines of the largely undefined internet infrastructure.

People are largely assigned an IP address automatically when it comes to getting online with a cellphone or internet service provider. IP addresses, however, are the online equivalent of home phone numbers and are “key identifiers” for authorities going after online criminals.

In the May Micfo suit, the Justice Department alleges that Golestan established shell companies to fool the registry into giving him 800,000 IP addresses. He then leased or sold the IP addresses to clients, he said and the complaint indicated.

His clients were reportedly Virtual Private Networks — VPNs — which enable users to maintain anonymity online. VPNs could be used for online privacy protection or to shield the identity of fraudsters and cybercriminals. They can be used to transmit illicit content or for online thieves to hide their tracks.

As Micfo amassed VPN clients using the illegitimately-obtained IP addresses, a lot of traffic — some being criminal — filed through its network without a trace, according to government subpoenas directed at Micfo and reviewed by The Wall Street Journal.

Golestan and Micfo are not charged with being part of or even aware of illegal activity transmitted via VPNs across Micfo’s servers. The DOJ charged him and the company with “defrauding the internet registry to obtain the IP addresses over a period of several years.”

Prosecutors said Golestan’s alleged scheme was valued at $14 million, which was based on the government’s estimated value of between $13 and $19 for each address in the secondary market, according to the court complaint.

Born in Iran, Golestan, 36, started Micfo in 1999 in the bedroom of his childhood home in Dubai before emigrating to the U.S.

Even though the concept of smart cities is still largely under development, cybercriminals are waiting in the wings to begin laying virtual siege to infrastructure that the high-tech, highly responsive urban areas envisioned for the not-too-distant future.

[Source: This article was published in pymnts.com By PYMNTS - Uploaded by the Association Member: Bridget Miller]

Categorized in Internet Privacy

PortSwigger Web Security has released its annual rundown of the best web hacking techniques of 2019.

The 10 methods, chosen by a junction of community and expert panelists, are defined, predominately, by breathing new life into once dated techniques.

Collective research that succeeds in fixing some of the web’s more precarious holes is also the reasoning behind the chosen picks and cream of the crop from 2019.

Take the third place entry from researchers Ben Sadeghipour and Cody Brocious – work that develops on existing knowledge in the field of Server Side Request Forgery (SSRF) to show how this technique can be adapted and applied to server-side PDF generators using DNS rebinding.

Check out Sadeghipour’s presentation from DEF CON 27 for the full lowdown.

As XSS vulnerabilities have entered mainstream awareness, cross-site leaks (XS-Leaks) have started to garner the attention of the researcher community.

It’s therefore no surprise to see the second podium for this year’s Top 10 given to the collective effort in developing this type of attack, which was first documented over a decade ago but has since evolved to include an ever-growing list of variants.

Whether it’s pushing forward research through Eduardo Vela’s introductory tutorial to the subject, or the team effort behind publicly listing known XS vectors, the use of the technique has not gone unnoticed – nor is likely to disappear any time soon.

Just last week, Japanese researcher Takashi Yoneuchi unveiled what he’s calling ‘blind regular expression injection’ – a theoretical exploit that would fall under the XS-Leak family, and yet another indication that researchers have only just scratched the (attack) surface.

But the number one spot in 2019 went to the researchers that quantified the real-world impact of web cache deception (WCD) vulnerabilities for the first time.

“We were certainly surprised to take the top spot,” the team, which included Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu, Bruno Crispo, Engin Kirda, and William Robertson, told The Daily Swig.

“We developed a methodology and built an infrastructure to perform large-scale experiments on hundreds of popular websites and found 37 exploitable instances.”

Building on the original WCD technique initially documented by security researcher Omer Gil, the ‘Cache and Confused’ team additionally showed how the method could be altered in multiple ways to perform a successful attack.

“We hope that this number one spot can help our work garner more attention from the wider security community and pave the way for speedy development of defences,” they said.

“In the meantime, we strive to educate the internet community on the fact that web cache attacks are often system problems, and they need joint effort from server operators and web cache vendors to mitigate.”

Community favorite

Despite bounties earned being no concrete measure of web hacking success, HTTP desync attacks, a technique that revives the once feared HTTP request smuggling method, brought security researcher James Kettle $90,000, partly for its achievement in compromising PayPal’s login page… twice.

Presented initially at last year’s Black Hat USA, Kettle was awarded the Community Favorite in the Top 10 – a clear winner for shedding light on the inconsistencies of the HTTP request protocol with finite simplicity.

While hesitant to make predictions on what the list means for future developments in both web security and offensive hacking, James Kettle, head of security at PortSwigger and one of the lead panelists involved in curating the Top 10, finds certainty in the rising difficulty of breaking things in today’s online landscape.

“The interesting thing this year, is that we’re seeing the top entries are increasingly collaborative, in that, the top three are the work of multiple different researchers, which build on the prior work from prior researchers,” Kettle told The Daily Swig.

“We really saw companies reacting more to the web vulnerabilities that were discovered in 2019.

“We saw Amazon release a new locked down version for their EC2 metadata end point, which is clearly related to the SSRF threat, and browser XSS filters getting removed [Edge and Chrome] is a partial result of XS-Leaks.”

Web hacking hit list

PortSwigger’s Top 10 Web Hacking Techniques of 2019 received 51 nominations, all of which were put forward by the infosec community.

The Top 10 was selected by a panel consisting of Nicolas GrégoireSoroush DaliliFiledescriptor, and James Kettle.

The full list includes:

  1. Cache and Confused: Web Cache Deception in the Wild via Sajjad Arshad, Seyed Ali Mirheidari, Kaan Onarlioglu, Bruno Crispo, and Engin Kirda
  2. Cross-Site Leaks via Eduardo Vela et al
  3. Owning the Clout through Sever Side Request Forgery via Ben Sadeghipour and Cody Brocious
  4. Abusing Meta Programming for Unauthenticated RCE via Orange Tsai
  5. Google Search XSS via Masato Kinugawa and LiveOverflow
  6. All is XSS that comes to the .NET via Paweł Hałdrzyński
  7. Exploring CI Services as a Bug Bounty Hunter via EdOverflow et al
  8. Infiltrating Corporate Intranet like NSA: Pre-Auth RCE on Leading SSL VPNs via Orange Tsai and Meh Chang
  9. Microsoft Edge (Chromium) – EoP to Potential RCE via Abdulrhman Alqabandi
  10. Exploiting Null Byte Buffer Overflow for a $40,000 bounty via Sam Curry

 [This article is originally published in portswigger.net By Catherine Chapman - Uploaded by AIRS Member: Clara Johnson]

Categorized in Internet Privacy

 Source: This article was Published technologyreview.com By Martin Giles - Contributed by Member: Juan Kyser

That’s the view of security expert Bruce Schneier, who fears lives will be lost in a cyber disaster unless governments act swiftly.

Smart gadgets are everywhere. The chances are you have them in your workplace, in your home, and perhaps on your wrist. According to an estimate from research firm Gartner, there will be over 11 billion internet-connected devices (excluding smartphones and computers) in circulation worldwide this year, almost double the number just a couple of years ago.

Many billions more will come online soon. Their connectivity is what makes them so useful, but it’s also a cybersecurity nightmare. Hackers have already shown they can compromise everything from connected cars to medical devices, and warnings are getting louder that security is being shortchanged in the stampede to bring products to market.

In a new book called Click Here to Kill Everybody, Bruce Schneier argues that governments must step in now to force companies developing connected gadgets to make security a priority rather than an afterthought. The author of an influential security newsletter and blog, Schneier is a fellow at the Berkman Klein Center for Internet and Society at Harvard University and a lecturer in public policy at the Harvard Kennedy School. Among other roles, he’s also on the board of the Electronic Frontier Foundation and is chief technology officer of IBM Resilient, which helps companies prepare to deal with potential cyber threats.

Schneier spoke with MIT Technology Review about the risks we’re running in an ever more connected world and the policies he thinks are urgently needed to address them.

The title of your book seems deliberately alarmist. Is that just an attempt to juice sales?

It may sound like publishing clickbait, but I’m trying to make the point that the internet now affects the world in a direct physical manner, and that changes everything. It’s no longer about risks to data, but about risks to life and property. And the title really points out that there’s the physical danger here, and that things are different than they were just five years ago.

How’s this shift changing our notion of cybersecurity?

Our cars, our medical devices, our household appliances are all now computers with things attached to them. Your refrigerator is a computer that keeps things cold, and a microwave oven is a computer that makes things hot. And your car is a computer with four wheels and an engine. Computers are no longer just a screen we turn on and look at, and that’s the big change. What was computer security, its own separate realm, is now everything security.

You’ve come up with a new term, “Internet+,” to encapsulate this shift. But we already have the phrase “internet of things” to describe it, don’t we?

I hated having to create another buzzword, because there are already too many of them. But the internet of things is too narrow. It refers to the connected appliances, thermostats, and other gadgets. That’s just a part of what we’re talking about here. It’s really the internet of things plus the computers plus the services plus the large databases being built plus the internet companies plus us. I just shortened all this to “Internet+.”

Let’s focus on the “us” part of that equation. You say in the book that we’re becoming “virtual cyborgs.” What do you mean by that?

We’re already intimately tied to devices like our phones, which we look at many times a day, and search engines, which are kind of like our online brains. Our power system, our transportation network, our communications systems, are all on the internet. If it goes down, to a very real extent society grinds to a halt, because we’re so dependent on it at every level. Computers aren’t yet widely embedded in our bodies, but they’re deeply embedded in our lives.

Can’t we just unplug ourselves somewhat to limit the risks?

That’s getting harder and harder to do. I tried to buy a car that wasn’t connected to the internet, and I failed. It’s not that there were no cars available like this, but the ones in the range I wanted all came with an internet connection. Even if it could be turned off, there was no guarantee hackers couldn’t turn it back on remotely.

Hackers can also exploit security vulnerabilities in one kind of device to attack others, right?

There are lots of examples of this. The Mirai botnet exploited vulnerabilities in-home devices like DVRs and webcams. These things were taken over by hackers and used to launch an attack on a domain-name server, which then knocked a bunch of popular websites offline. The hackers who attacked Target got into the retailer’s payment network through a vulnerability in the IT systems of a contractor working on some of its stores.

True, but these incidents didn’t lead to loss of life or limb, and we haven’t seen many cases involving potential physical harm yet, have we?

We haven’t. Most attacks still involve violations of data, privacy, and confidentiality. But we’re entering a new era. I’m obviously concerned if someone steals my medical records, but what if they change my blood type in the database? I don’t want someone hacking my car’s Bluetooth connection and listening to my conversations, but I really don’t want them to disable the steering. These attacks on the integrity and availability of systems are the ones we really have to worry about in the future because they directly affect life and property.

There’s been lots of discussion in the US this year about cyber threats to critical infrastructure like power grids and dams. How serious are these?

We know that at least twice, Russian hackers have turned off power to bits of Ukraine’s grid as part of a broader military campaign. We know that nation-state hackers have penetrated systems at some US power companies. These hacks have been exploratory ones and haven’t caused damage, but we know it’s possible to do so. If there are military hostilities against the US, we should expect these attacks will be used. And the US will use them against our adversaries, just as we used cyberattacks to delay the nuclear programs in Iran and North Korea.

What implications does all this have for our current approach to computer security, such as issuing patches, or fixes, for software flaws?

Patching is a way of regaining security. We produce systems that aren’t very good, then find vulnerabilities and patch them. That works great with your phone or computer because the cost of insecurity is relatively low. But can we do this with a car? Is it okay to suddenly say a car is insecure, a hacker can crash it, but don’t worry because there will be a patch out next week? Can we do that with an embedded heart pacemaker? Because computers now affect the world in a direct, physical manner, we can’t afford to wait for fixes.

But we already have very strict security standards for software that’s used in sensitive cyber-physical domains like aviation, don’t we?

Right, but it’s very expensive. Those standards are there because there’s already strong government regulation in this and a few other industries. In consumer goods, you don’t have that level of safety and security, and that’s going to have to change. The market right now doesn’t reward secure software at all here. As long as you, as a company, won’t gain additional market share because of being more secure, you’re not going to spend much time on the issue

So what do we need to do to make the Internet+ era safer?

There’s no industry that’s improved safety or security without governments forcing it to do so. Again and again, companies skimp on security until they are forced to take it seriously. We need government to step up here with a combination of things targeted at firms developing internet-connected devices. They include flexible standards, rigid rules, and tough liability laws whose penalties are big enough to seriously hurt a company’s earnings.

But won’t things like strict liability laws have a chilling effect on innovation?

Yes, they will chill innovation—but that’s what’s needed right now! The point is that innovation in the Internet+ world can kill you. We chill innovation in things like drug development, aircraft design, and nuclear power plants because the cost of getting it wrong is too great. We’re past the point where we need to discuss regulation versus no-regulation for connected things; we have to discuss smart regulation versus stupid regulation.

There’s a fundamental tension here, though, isn’t there? Governments also like to exploit vulnerabilities for spying, law enforcement, and other activities.

Governments are certainly poachers as well as gamekeepers. I think we’ll resolve this long-standing tension between offense and defense eventually, but it’s going to be a long, hard slog to get there.

Your book largely focuses on the US. Do you think it will take the lead here?

I focus on the US because it’s where the major tech companies are located and it’s the regime I know best, but I do talk about Europe a fair bit as well. The European Union is the regulatory superpower on this planet right now. I think it’s going to advance further and faster than the US. In the US, I look more to the states, and specifically Massachusetts, New York, and California.

I also think there will be international treaties and norms that put some of our connected infrastructures off-limits to nation-state cyber attacks, at least in peacetime. We urgently need action at all levels now, from local to international. My biggest fear is that there will be a cyber disaster and that governments will rush headlong to implement measures, without a lot of thought, that won’t solve the problem.

Categorized in Internet of Things

 Source: This article was Published techworm.net By Payel Dutta - Contributed by Member: Linda Manly

You sign up with one of the best email service providers and you get ready to launch the campaign you’ve been working on. You believe that this undertaking will generate good revenue for your business, and you expect to have it done as soon as possible. But then…you are taken by surprise. When you upload your mailing list, your progress comes to a halt. You are told to verify your email address, and you do not know what to do. In fact, some small business owners will give up at this point and turn to other digital marketing strategies available on the market.

However, you do not need to worry, as you can easily find a great email address verification service provider on the internet. What you need to know is that regardless of the service provider you decide to work with, email verification doesn’t have to break your bank, neither does it have to waste a lot of your time. It is a quick process that is geared towards improving your marketing efforts.

Have you been yearning to learn about email address verification? Below is everything you need to know about it.

Understanding email address verification – what is it?

Basically, this is a process that ensures that all the email addresses in your mailing list are connected to a legitimate, active inbox. Simply put, this is a process that guarantees all the messages you send have a safe destination to reach.

Why is email verification necessary?

You might be tempted to think that when you fail to verify your email list, nothing will happen to you. In fact, some misleading blogs and websites will tell you that hiring a professional email address verification service is a waste of time. Well, believe this at your peril.

If you skip this process, your digital marketing strategy that incorporates email marketing will be deemed to fail. Below are some of the things that expert email verification service providers like Zero Bounce protect you from:

  • Miserable marketing results

When you kick off your email marketing campaign, you believe that it will reach as many people of possible, and you will get the best sales for your goods or services at the end of the day. However, if the emails you are sending the messages to are not valid, you will end up accomplishing dismal results.

If you have many emails bouncing back, it means that your deliverability will be adversely affected to a great extent. This means that even those email addresses that are valid will not receive your well-intended messages.

Also, if any emails are not valid, it means that you will not get reliable metrics when measuring the success of your email marketing campaign. Your goal should be to make a connection with your target audiences. Getting a good email address verification service should not be an option, it should be at the helm of your priority list.

  • Money wastage

Email service providers will charge you depending on the number of subscribers you have. This means that the higher the number of subscribers, the more the amount of money you will pay. Therefore, if you keep invalidated lists, you will bear a recurring waste which is not worth in the first place.

  • Account suspension

Yes, spam monitors, email security services, as well as internet service providers have policies for undelivered messages, unsubscribes, and spam complaints. Therefore, if your mailing list is unmanaged, your account might be suspended on grounds of the three mentioned above.

Verifying your email address will minimize the number of undelivered messages; hence your account will be safe from suspension.

Reasons why you have many invalid email addresses

Below are some of the reasons why you have very many risky emails in your mailing list,

  • The people in your mailing list stopped using the email addresses a long time ago
  • Your list is full of role addresses, e.g., This email address is being protected from spambots. You need JavaScript enabled to view it.
  • You failed to validate the emails when filling out the web forms; hence there are lots of typos. The ZeroBounce API can help you here by verifying email registrations in real time.

Even the best marketers of all time have risky emails in their lists. Therefore, do not over-blame yourself when you find them. Just know how to remove them for better performance proactively. Also, proceed with care when choosing the right email address verification service, and your campaign will never fail to yield results.

Categorized in Internet Privacy

Source: This article was usa.kaspersky.com - Contributed by Member: Barbara Larson

Even though computers have become a constant feature of modern life, many people still don't realize the enormous risks that come from constant interaction with technology. 

Computer viruses are one of the oldest forms of malware — in other words, malicious software designed to do harm — but their ability to avoid detection and replicate themselves means that these programs will always be cause for worry. Understanding just what a virus can do to your computer is the first step to securing your system and protecting your family from attack.

A Computer Virus' Potential

The only real qualification for a piece of software to be labeled a "virus" is that the program has the ability to replicate itself onto other machines. This means that not all viruses pose a direct threat to your computer, but often even latent viruses will allow cyberthieves and hackers to install more damaging programs like worms and Trojans. 
Regardless of the intention of the computer virus, the program will take up some system resources while it runs. This slows down your system, even bringing your computer to an abrupt halt if the virus hogs enough resources or if there are many viruses running at the same time.

More often, the computer virus has some kind of malicious intent, either written into the virus itself or from the other pieces of malware that the virus installs. This software can take a number of harmful actions, like opening up a back door to the computer where hackers can take control of the system, or stealing confidential personal information like online banking credentials or credit card numbers. It could also direct your Web browser to unwanted, often pornographic, sites, or even lock the computer down and ask for a ransom to open it back up again. In the most severe cases, viruses can corrupt important computer files, rendering the system useless. Windows OS products are often targets of these types of vulnerabilities so be sure you're secure whether you are running the newest OS , XP, or Windows 8 - security is essential.

How to be a Savvy Computer-User

So with all the damage that a virus can do, you're sure to wonder how you can protect yourself and your family from these threats. The first step is the most obvious, and it all comes down to using your computer in a smart way. 
Ensure all your programs have the latest version of antivirus software installed. This is especially true for things like your operating system, security software and Web browser, but also holds true for just about any program that you frequently use. Viruses often take advantages of bugs or exploits in the code of these programs to propagate to new machines, and while the companies that make the programs are usually quick to fix the holes, those fixes only work if they have been downloaded to your computer. 


It's also important to avoid taking actions that could put your computer at risk. These include opening unsolicited email attachments, visiting unknown websites or downloading software from untrustworthy websites or peer-to-peer file transfer networks. To ensure that the entire family understands the risks, these procedures should be taught to everyone, and children should have their Internet use monitored to ensure they aren't visiting suspect websites or downloading random programs or files.

How to Install Virus Prevention and Detection Software

The next important step in protecting your computer and your family is to install trusted computer security software that can actively scan your system and provide virus protection. You should be warned, however, that not all security solutions are the same. 
Free antivirus software abounds on the Internet, but much of it isn't robust enough to offer complete protection or updated frequently enough to be of much use. Horrifyingly, some of this free software doesn't do anything at all and instead installs viruses, adware, spyware or Trojans when you try to download and install the program. 
If the price is a factor, the best option is to find a competitively priced Internet security solution that offers a free antivirus trial, so that you can see the software in action, and how your computer responds after being cleaned, before you make a purchasing decision. 
The hardest part about all of this is that while each day many threats are neutralized, more are then created in their place. This means that as long as there's an Internet, computer viruses will continue to be a problem. Ignoring the issue or thinking that it won't affect you is a sure way to get your computer compromised, and put your family's information or peace of mind at risk.

Categorized in Internet Privacy

Source: This article was published insights.speakwithageek.com - Contributed by Member: Deborah Tannen

What Is Micro-VPN?

Micro-VPNs are the smaller quantum of VPNs, at the level of an application or collection of applications. These are known as trusted applications; each of these trusted applications has a token that is authenticated before the tunnel is opened for the user utilizing a Micro VPN.

VPN And Security Concerns

In today's IT world, many workers often use their personal devices to get their work completed. This turns out to be a time-saving process for employees and company. Even though these devices help them, there are critical security concerns that arise with using your own device.

An old-style VPN approach is the most commonly used remote connectivity among organizations, to check emails and documents by an employee. The VPN tunnel that is established is device-wide, and once they are connected, any application on the personal device can navigate this tunnel, and get access to corporate resources. This means that if the employee’s device is infected with malware or malignant applications, these can potentially gain access to the tunnel. The above said security downside can be avoided, through the use of micro-VPNs, which are specific to an application instead of a device.

Security Advantages

The following are the certain advantages of using micro-VPN:

  • Takes virtual private network client from the device to the application and authenticates the user.
  • Provides access to specific corporate content without having to do a full-scale VPN on the device.
  • Acts as a security wrapper for the mobile device around an enterprise application by providing a token for successful VPN tunnel.
  • Administers mobile control policies on the application that connects to the corporate network.
  • The micro-VPN application and the corporate network can see one another; however, remaining of the device is not opened to/accessible by the client network. In addition, the user cannot access company resources from the non-enterprise application.

Citrix Solutions

Citrix XenMobile’ product, NetScaler Gateway, is based on the idea of micro-VPNs through logical VPN tunnels. NetScaler Gateway helps in creating different TCP sessions for different applications automatically.

Currently, micro-VPNs are one of the trustworthy solutions that can be deployed by the IT departments on employee’s devices to avoid exposure to unknown elements.

Find out today why you may need a VPN with help choosing the right VPN Provider.

Categorized in Internet Privacy

The Internet is massive. Millions of web pages, databases and servers all run 24 hours a day, seven days a week. But the so-called "visible" Internet—sites that can be found using search engines like Google and Yahoo—is just the tip of the iceberg. Below the surface is the Deep Web, which accounts for approximately 90 percent of all websites. As noted by ZDNet, in fact, this hidden Web is so large that it's impossible to discover exactly how many pages or sites are active at any one time. This Web was once the province of hackers, law enforcement officers and criminals. However, new technology like encryption and the anonymization browser software, Tor, now makes it possible for anyone to dive deep if they're interested.

 

Defining the Deep/Dark Web

There are a number of terms surrounding the non-visible Web, but it's worth knowing how they differ if you're planning to browse off the beaten path. According to PC Advisor, the term "Deep Web" refers to all Web pages that that are unidentifiable by search engines. The "Dark Web," meanwhile, refers to sites with criminal intent or illegal content, and "trading" sites where users can purchase illicit goods or services. In other words, the Deep covers everything under the surface that's still accessible with the right software, including the Dark Web. There's also a third term, "Dark Internet" that refers to sites and databases that are not available over public Internet connections, even if you're using Tor. Often, Dark Internet sites are used by companies or researchers to keep sensitive information private.

While many news outlets use "Deep Web" and "Dark Web" interchangeably, it's worth noting that much of the Deep is actually benign. Everything from blog posts in review to Web page redesigns still in testing to the pages you access when you bank online are part of the Deep and pose no threat to your computer or safety at large. As CNN Moneyillustrates, big search engines are like fishing boats that can only "catch" websites close to the surface. Everything else, from academic journals to private databases and more illicit content, is out of reach.

Access

Most people who wish to access the Deep Web use Tor, a service originally developed by the United States Naval Research Laboratory. Think of Tor as a Web browser like Google Chrome or Firefox. The main difference is that, instead of taking the most direct route between your computer and the deep parts of the Web, the Tor browser uses a random path of encrypted servers, also known as "nodes." This allows users to connect to the Deep Web without fear of their actions being tracked or their browser history being exposed. Sites on the Deep also use Tor (or similar software such as I2P) to remain anonymous, meaning you won't be able to find out who's running them or where they're being hosted.

Many users now leverage Tor to browse both the public Internet and the Deep. Some simply don't want government agencies or even Internet Service Providers (ISPs) to know what they're looking at online, while others have little choice—users in countries with strict access and use laws are often prevented from accessing even public sites unless they use Tor clients and virtual private networks (VPNs). The same is true for government critics and other outspoken advocates who fear backlash if their real identities were discovered. Of course, anonymity comes with a dark side since criminals and malicious hackers also prefer to operate in the shadows.

Use and Misuse

For some users, the Deep Web offers the opportunity to bypass local restrictions and access TV or movie services that may not be available in their local areas. Others go deep to download pirated music or grab movies that aren't yet in theaters. At the dark end of the Web, meanwhile, things can get scary, salacious and just plain...strange. As noted by The Guardian, for example, credit card data is available on the Dark Web for just a few dollars per record, while ZDNet notes that anything from fake citizenship documents to passports and even the services of professional hit men is available if you know where to look. Interested parties can also grab personal details and leverage them to blackmail ordinary Internet users. Consider the recent Ashley Madison hack—vast amounts of account data, including real names, addresses and phone numbers—ended up on the Dark Web for sale. This proves that, even if you don't surf the murky waters of the Dark Web, you could be at risk of blackmail (or worse) if sites you regularly use are hacked.

Illegal drugs are also a popular draw on the Dark Web. As noted by Motherboard, drug marketplace the Silk Road—which has been shut down, replaced, shut down again and then rebranded—offers any type of substance in any amount to interested parties. Business Insider, meanwhile, details some of the strange things you can track down in the Deep, including a DIY vasectomy kit and a virtual scavenger hunts that culminated in the "hunter" answering a NYC payphone at 3 a.m.

Real Risks

Thanks to the use of encryption and anonymization tools by both users and websites, there's virtually no law enforcement presence down in the Dark. This means anything—even material well outside the bounds of good taste and common decency—can be found online. This includes offensive, illegal "adult" content that would likely scar the viewer for life. A recent Wired article, for example, reports that 80 percent of Dark Web hits are connected to pedophilia and child pornography. Here, the notion of the Dark as a haven for privacy wears thin and shores up the notion that if you do choose to go Deep, always restrict access to your Tor-enabled device so children or other family members aren't at risk of stumbling across something no one should ever see. Visit the Deep Web if you're interested, but do yourself a favor: don't let kids anywhere near it and tread carefully—it's a long way down.

 Source: This article was published usa.kaspersky.com

Categorized in Deep Web
Page 1 of 7

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media