I refer you the following link. http://www.scmagazine.com/arab-facebook-logins-posted-by-israeli-hacker/article/224338/

You will see from the article the United States is going after these crooks. The most important thing to take from this is, it is possible for you to be giving away the bank with out knowing it.

Please read the article:

http://news.techworld.com/security/3306298/zeus-trojan-gang-busted-for-money-smuggling/

Today on FoxNews.com article titled “Study: U.S. Must Bolster Security Against Cyberattacks” The author suggest that we are not doing enough to protect the U.S and Corporations. The author states “The impact has increased in magnitude, and the potential for catastrophic collapse of a company has grown.” The author also suggests that a company could be taken down.

INSA, suggests the U.S. needs to develop strategies beyond “Patch and Pray.”

In my environment, we are seeing more and more reports of bot-nets. These bots are yet to be realized in their severity. To me, they (bots) are like sleeping giants, when awaken could cause the kind of catastrophic loses corporations and countries have yet to see.

This is a question I have asked myself these last couple of weeks. I have wondered if others have had this question as well.

While it is difficult to track a bot-net on your computers. It is however something ever internet user needs to be aware of. Bots are thought of as a tool which give a bot command centers access to your computer resources. The command center can sell their / your computer resources to the highest bidders. The highest bidders can then use your computer to send out spam or attack other networks.

In the last couple of months bot-nets have become traffic of interest with the ISP’s. There are a few companies that are working with the ISP to monitor this traffic. With their assistance ISP are now starting to notify customers’ of their potential bot infections.

A bit of background as I understand it to be. The companies who are working with the ISP are monitoring the Command Centers. These command centers are shooting out packets to the bots that they control and when they get a reply back to the command center they are still considered live. Now also as I understand it, these bot will not have to communicate daily to be under the command centers control. This is what makes it very difficult to find these bots.

So what is the difference between a BOT, Malware or virus. This is not an easy question to answer. As these all can reflect the same kind of traffic and can be mistaken for the same things.

While I do not find any reports that show that there are any current issues with that port being used to conduct a DOS (denial of service) or any other major issue, it is still using a service that was blacklisted in the 1990s. This blacklisting took place because of the relaying of data that was unencrypted. This means that if someone wanted to obtain a username and password it would not be too hard to do so. In my professional opinion any software or equipment that opens up port 23 is a liability.

While on the phone today with LINGO, one of the providers of the VOIP service, I am seeing as vulnerability on port 23. They informed me that they recognized the issue and have started using a new device to eliminate the port being opened. The new device is the Linksys SP2102 model.

Any Lingo customers that were installed prior to June 2009 that do not have the Linksys SP2102 should contact their customer service and make arrangements to have the new model shipped to them.

While I am on the subject, Security, I would recommend anyone who is using any equipment behind a DSL or CABLE modem do a scan of their network to ensure they are not subject to any vulnerability. Ports that are opened up that would be a major concern would be FTP, SSH, TELNET, NNTP, SMTP, POP3. Any ports that are open should be questioned. You can find information by contacting your service provider or by researching with Google (www.google.com.)

To run a scan of your network you can download software called NMAP. They have a windows version and it is free. Refer to the help files to figure out how to conduct the scan. (http://nmap.org/download.html)

Following is the response that I have received from LINGO TECH SUPPORT via emails

“Thank you for contacting Lingo Technical Support.

We have reviewed your mail and from the information provided we understand that you want to know few technical information about lingo service.
Since we are sending Linksys device for the new customers. By default port 23 is permanently blocked in that device. We don’t have any access to telnet your device using port 23.Lingo service is a voip service so it uses the voip ports in the range of 1024-1030, 5060-5065, 10,000-20,000 UDP ports.
Please contact Technical support for additional assistance at 1-888-Lingo99 (546-4699) option-2 and we will be glad to assist you.

We look forward to helping you with any servicing needs in the future.

Sincerely,
Lingo Technical Support”

I am happy to see that LINGO recognized this issue and has worked to protect their customers.

This is yet another of the vulnerabilities windows has to deal with. It seems to never end.

While I do not want to be like Chicken Little and say the sky is falling. I do want to get the word out that if you are running windows you will need to be sure to patch your operating system.

This will be a good time as well to discuss the need for all computer users to make sure they are running security software on their computers. Security software should include an antivirus, firewall and some kind of malware / spybot scanning tool.

This is also a good time to point out that you should not click on links that you get in a spam email. This is important to remember as the common link with this new vulnerability is the links in spam that people are clicking. This click is most likely going to take you to the infected sites that are giving a hacker control of your computer.

Windows users please see Microsoft for the patches needed to protect your computer.

http://www.msnbc.msn.com/id/31766751/ns/technology_and_science-security/

Do not fall prey to these ploys. If indeed you have lost your money in the stock game, or you have your thousands of dollars in a saving account that is not paying any interest. You will not make any money on these ploys. In fact you will, potentially lost what ever money you have left in your account.

McAfee’s annual “Virtual Criminology Report” says that 873 money mule recruitment Web pages were detected in Britain in the first half of 2008, This was reported to be a 33 percent increase over the first half of 2007.  That data was compiled by APACS, the United Kingdom’s payment-industry trade group.

McAfee is not the only one warning of this rise in trends. Panda Security, a Spanish software vendor, found that  job-related messages hit a new record of 0.31 percent of all spam in October 2008. This is nearly a tripleing the August 2008 numbers. It was also reported that recruiting money mules had rose 1.8 present in October. The rate in August 2008 was 0.5 percent.

As we go forward we will likely see these numbers increase.

I see a lot of computers on my network that are using SSH. I am of the opinion that if you are not a network administrator you probably should not be running any servers. What happens is “dynamic customer A” installs an SSH server on his computer and somewhere down the road forgets about it. Now, several patches have been released and months have passed. It now becomes a vulnerability to customer “A” and to the ISP that is providing the service. Along comes a naughty character who scans the network at 1 AM. Finds Customer “A” is running the long forgotten SSH server and “Brute forces” his way into the computer. Once in, he can access all the logs, set up mail servers and at the least reak havick to the client. A few days later Customer “A” is shut down by their ISP for millions of emails that have been generated from their network. Once briefed, the customer can be reinstated. and in most cases has no idea what allowed the spam to be sent through their network.

Long story short, if you are going to be playing with servers on your computer/network. Be leary about letting them be seen outside of your network.

Security steps should include Firewall, Antivirus, Trojan or spy ware scanners. It is also important to keep your software patched. Usually these are put out by the software developer.

Also, in the article from MSNBC, it talks about the possibility of other countries spying on the UNITED STATES and potentially of taking the internet down. These countries were not named. However, when Russia invaded Georgia, Georgia accused Russia of performing a cyber attack at the same time they invaded the country. There are many opinions on this. However, I feel that in this day and age. An invading country is going to have the ability to take down the network of a nation and bring their government to a halt.

The lesson to learn here is that security on the internet starts with us. Each user and each computer that is connected to our network needs to be secure. Take the steps mentioned and do your part to protect our great nation.

http://www.msnbc.msn.com/id/27216425/

http://www.msnbc.msn.com/id/27090461/