Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Twitter Tightens Security

December 2, 2013 by  
Filed under Security

Comments Off on Twitter Tightens Security

Twitter Inc said it has put in place a security technology that makes it harder to spy on its users and called on other Internet firms to do the same, as Web providers look to thwart spying by government intelligence agencies.

The online messaging service, which began scrambling communications in 2011 using traditional HTTPS encryption, said on Friday it has added an advanced layer of protection for HTTPS known as “forward secrecy.”

“A year and a half ago, Twitter was first served completely over HTTPS,” the company said in a blog posting. “Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy.”

Twitter’s move is the latest response from U.S. Internet firms following disclosures by former spy agency contractor Edward Snowden about widespread, classified U.S. government surveillance programs.

Facebook Inc, Google Inc, Microsoft Corp and Yahoo Inc have publicly complained that the government does not let them disclose data collection efforts. Some have adopted new privacy technologies to better secure user data.

Forward secrecy prevents attackers from exploiting one potential weakness in HTTPS, which is that large quantities of data can be unscrambled if spies are able to steal a single private “key” that is then used to encrypt all the data, said Dan Kaminsky, a well-known Internet security expert.

The more advanced technique repeatedly creates individual keys as new communications sessions are opened, making it impossible to use a master key to decrypt them, Kaminsky said.

“It is a good thing to do,” he said. “I’m glad this is the direction the industry is taking.”

Source

‘Ransomware’ Malware Threats Increasing

February 13, 2011 by  
Filed under Computing

Comments Off on ‘Ransomware’ Malware Threats Increasing

A particularly nasty type of attack named”ransomware” is on the rise, with antivirus vendor Symantec seeing at least three new variants appearing in recent months. Such attacks often use viruses to not only steal a person’s sensitive or financial information, but also to disable hard drives and demand money to restore them.

“Threats that use extortion can be some of the most aggressive and, in some cases, offensive viruses encountered,” said Symantec security researcher Gavin O Gorman in a blog post.

Unfortunately for computer owners, attackers continue increase the sophistication levels of their ransomware. For example, GPCoder.G, which first appeared in November 2010, is a small (only 11 kilobytes ) piece of malware which, if executed, searches a hard drive for files with specific extensions, relating to everything from videos and Microsoft Office files to images and music. It then encrypts the first half of all files found, using a symmetric RSA encryption algorithm and a random key. The random, private key is then encrypted using a public key. “Without the private key from this key pair, it is not possible to obtain the symmetric key in order to decrypt the files,” said O Gorman.

To get the private key, the ransomware victim must forward the encrypted symmetric key to attackers, who decrypt and return it. Unfortunately, aside from restoring the encrypted files from a backup, “there is no way to bypass this technique,” he said.   Read More….