Windows 8 is the next big target for Cyber criminals?

Criminals go where the money is. And if this means they have to cope with a new, more secure version of Windows, that’s just what they will do. In many cases they attack the user and not the OS. Via phishing and other techniques users are tricked into revealing information or installing a malicious program. So if you upgrade, don’t rely solely on Windows to protect your system: Remain vigilant and watch out for phishing scams.

Windows 8 should provide improved security against malware and exploits compared with earlier versions of Windows, at least for a while. Now that the underground market for attack and malware kits is much more competitive than three years ago, it is likely that Windows 8 specific malware will be available quicker than Windows 7 specific malware appeared. Systems running the new Unified Extensible Firmware Interface are still vulnerable to MBR-based rootkits, just as previous OS versions were, according to one research company. On the day of Windows 8’s release, the firm announced for sale to its customers the availability of a zero-day vulnerability that circumvents all new security enhancements in Windows 8 and Internet Explorer 10.

Big-Scale Attacks
Destructive payloads in malware have become rare because attackers prefer to take control of their victims’ computers for financial gain or to steal intellectual property. Recently, however, we have seen several attacks some apparently targeted, others implemented as worms in which the only goal was to cause as much damage as possible. We expect this malicious behavior to grow in 2013. Whether this is hacktivism taken to a new level, as some claim, or just malicious intent is impossible to say, but the worrying fact is that companies appear to be rather vulnerable to such attacks. As with Distributed Denial of Service (DDoS) attacks, the technical bar for the hackers to hurdle is rather low. If attackers can install destructive malware on a large number of machines, then the result can be devastating.

An inside or outside attacker who has elevated privileges on the network for a long time could time-bomb many systems on multiple sites. This effect is likely worse than what is covered in many disaster recovery plans, so the IT staff may have to make some updates. The priority is to keep the business running, which is best achieved by having production networks, SCADA systems, etc. completely separated from the normal network, preventing them from getting hit in the first place. Then there will be a massive loss of data to deal with because users just love to store their data on their local machines. One challenge will be to reinstall thousands of machines while ensuring that the time bomb doesn’t resurface. Technologies that may prove useful include remote management features that are independent of the state of the PC and its OS, but these features will need to be tested before an incident happens.

All measures to detect and block these persistent threats should also be effective against the preliminary steps of such attacks, while the attacker tries to gain and elevate access. Remote application control would prevent servers and key systems from being affected unless an attacker has already taken full control of the update process, which can be determined by carefully monitoring who does what on the management systems. To keep the loss of data to a minimum, a reliable network backup process needs to be in place, as well as backing up local data and blocking attackers from shredding data on shared drives and folders on the network.

Mobile Threats

Malware shopping spree
Once criminals discover a profit-making technique that works, they’re likely to reuse and automate it. For example, Android/Marketpay is a Trojan horse program that buys apps from an app store without user permission. We’re likely to see crooks take this malware’s app-buying payload and add it to a mobile worm.

Buying apps developed by malware authors puts money in their pockets. A mobile worm that uses exploits to propagate over numerous vulnerable phones is the perfect platform for malware that buys such apps; attackers will no longer need victims to install a piece of malware. If user interaction isn’t needed, there will be nothing to prevent a mobile worm from going on a shopping spree.

NFC worms
Phones with Near-Field Communications (NFC) enabled are becoming more common. As users are able
to make “tap and pay” purchases in more locations, they’ll carry their digital wallets everywhere. That flexibility will, unfortunately, also be a boon to thieves. Attackers will create mobile worms with NFC capabilities to propagate (via the “bump and infect” method) and to steal money.

Malware writers will thrive in areas with dense populations (airports, malls, theme parks, etc.). An NFC enabled worm could run rampant through a large crowd, infecting victims and potentially stealing from their wallet accounts.

Block that update!
One of the advantages that a mobile service provider (as opposed to Microsoft, for example) has in fighting malware is that once the cell company recognizes malware it can automatically push an update to customers to clean their devices. This works on phones that have not been rooted (or unlocked) by their owners. For mobile malware to stick around for a long time, it will have to prevent updates. Putting an app on a store that does nothing more than download external malware which locks the phone from communicating with the cell provider will achieve this.

How to download your entire Facebook Account Data ?

Facebook allows its users to download their Facebook data in a single zipped file. The data includes your profile details, entire wall, messages, notes, contacts, and of course videos and photos.

First, log in to your Facebook account, and select “Account settings” from your “Account” menu:

Now click mouse on “Download Copy of your Facebook data“:

You’ll be asked for your password, Facebook will further authenticate you by asking you to identify some people on some photos of your friends. Just give their names etc.

Facebook will then generate the archive containing your data, and send you the download link per mail.

Once you download your archive, extract it, and open the “index.html” file.

Caution: Please keep this data safe as to protect your privacy or simply delete it after reading.