Google has announced today that the 2-step authentication system that was rolled out for Apps users a few months back is going to be available to everyone soon. This system will dramatically increase your account security to hopefully alleviate the risk that your account could be hacked, or your password phished. The set up process will only take about 15 minutes, and makes use of your mobile phone.
In a recent blog post, Webroot warned of a Firefox Trojan that forces the browser to save all login credentials by default and subsequently uses the stolen information to create a new user account (username: Maestro) on the compromised machine. It then sniffs out sensitive user data (data forms and login details) from the Windows Protected Storage Area. The data stolen from here is faithfully shipped out to a server once every minute.
The Trojan's author Salar “Salixem” Zeynali is an Iran-based crimeware hobbyist and heavy metal enthusiast, according to his Facebook profile. With Zeylani choosing his real name above a nom de plume to take credit for the malware, Webroot clearly didn't have to work too hard to get to him.
“His Facebook profile indicates he lives in Karaj, Iran; He sports an emo haircut, and likes heavy metal music and programming. And, apparently, Zeynali writes crimeware for fun, because he doesn’t sell his keylogger. He offers a keylogger creator tool as a free download from the message board he hangs out on,” Webroot's Andrew Brandt wrote in the blog post.
“Unfortunately, there are a lot of people who frequent the same message board Zeynali uses to post his keylogger code, and some of those people have clearly been using the keylogger creator tool Zeynali built to create and distribute Trojans.”
According to Brandt, no AV solution can automatically fix the nsLoginManagerPrompter.js file the Trojan modifies, but it is rather easy to fix manually: download and install the latest version of Firefox on top of the existing installation.
Gmail added a new security feature today to alert users of suspicious activity that may indicate unauthorized access. Gmail already has a feature that lists IP addresses the count is open at, but the information is at the bottom of the page and Google found that most users don’t know it’s there. Now Google will use a banner right up front to alert users proactively of strange activity.
The warning will show a brief description of the activity and link to a list of current and recent sessions identified by IP and geographic location. Google says the warning will only be triggered if the system considers the account to be at risk. For example, if you usually log in from a certain geographic area, then a log in occurs from outside that area, the alert would be triggered. The interface also allows users to change their password if they believe their account is indeed compromised.
We always like to see better security options for users, but it will be interesting to see if Google gets a lot of false positives. Keep an eye out and let us know if you get this warning and what caused it.
Much of our personal and business lives are moving online. Access from anywhere is great but security is, and should be, a concern. Most systems (i.e. a computer or online applications) now require a username and password. Not just any old “passw0rd” but a SECURE one. Yeah, you know that user. Applications are figuring out how to enforce better security practices. Passwords are now tested to make sure they are long enough, weird enough, not in a dictionary, don't include real words, but do include numbers and punctuation. For added beauty, some systems even remember all the passwords I’ve ever used to ensure I don't ever recycle them. Oh, and to make absolutely, positively sure, you may even be forced to change them every few weeks.
This gives a wonderful sense of security, since you are forcing ever changing passwords to be extremely long, utterly complex combinations of case sensitive letters, numbers and symbols that don't contain any words. Even automated brute force methods of guessing will take eons to break into the system. That’s great, right?
It is a disgrace that humans haven’t still got the hang of setting passwords. It seems as though that most internet users have inextricably tethered themselves to a promise of not setting strong-enough passwords, which may force hackers to reconsider their choice of profession for its grueling nature. As you devour more of this story, you will begin to envy hackers for having it stroll-in-the-park easy.
A new study has revealed – rather reiterated - that internet users nonchalantly continue to set unimaginative, fatuous passwords. The study appraised 28,000 passwords that were recently stolen from a U.S website.
Sixteen percent of the users had set their first name as their password. Around fourteen percent chose easiest to recall key combinations, including “1234” and “12345678”. Other users, who apparently don’t rate their mathematical ability highly, chose to steer clear of numbers and settled for passwords such as “AZERTY” and “QWERTY”.
Five percent of the passwords were found to be inspired by popular things and celebrities, including names of movies, TV shows and actors. The strongest password in this category was found to be “Ironman” as it sounds impenetrable.
Three percent of the people reckon passwords are another medium of expression. How else would you explain passwords like “Iloveyou” and “Ihateyou?”