It would take about 9trillion years to crack my password 
What about yours?
Anyhow, if you want to test your password security, visit is the ‘How Secure Is My Password‘, and see how your password ranks 
The site also prompts if you are using a common password that most of the users use!
We all know about the free antivirus by Microsoft. Now there seems to be a fake one too… Microsoft is warning users about a new threat – Fake version of, the Security Essentials. The fake anti-virus, known as Security Essentials 2010 is actually a trojan Win32/Fakeinit, which installs itself to detect cases of breaking at random infected errors, saying they are infected.
“It’s normal to see criminals mimic the Security Center. So I inevitably have a fake anti-virus masquerading as something similar to Essentials. Only I’m amazed to have taken so long, “said David Wood, an expert in Microsoft Malware Protection Center.
Once active, the program pretends to monitor the machine finding several viruses that exist on the operating system. While cleaning the system, it asks for the User to buy the full version of the product.
Microsoft analysts says:
“As always warned, our product can be downloaded and used free of charge for customers using genuine copies of Windows. So a product that mimics our solution and still asks payment does not mean good thing, “.
Another trick performed by the threat is to change the wallpaper on your computer, which shall display a message saying the system is infected. Some changes in the registry can easily prevent the Users from changing the wallpaper.
The company asks for your customers to download only from trusted sites. Another way to protect yourself is to keep your security software updated with the latest definitions of all threats.
Facebook joins hands with Mcafee to provide 6months of free antivirus to Facebook users.
This partnership between Facebook and Mcafee gives you 6 months of free protection for your PC. If you’re on Facebook and looking for an antivirus to protect your PC, the current promotion on the social network can do for you.
If you want a free copy of the Mcafee antivirus software, just become a fan of McAfee’s official page on Facebook and you can get a free license for a period of 6 months of the McAfee Internet Security. Visit the McAfee fan page and get your copy now .
Its really simple, all you have to do and how to become a fan of McAfee said, and then click on the tab page called “Protect Your PC“: After selecting your country, you will automatically be directed to the page of the McAfee servers and start the process, thereby ensuring the security of your computer for 6 months.
Facebook also recommends that you install updated security software, which you can now get at no cost through this partnership.
Also here is some important security tips \ info from the Facebook Blog post, regarding the Mcafee Partnership:
“
“
Have you tried it yet? If not, why? And if yes, how does it work for you? Post your comments below …
Techcrunch is reporting that twitter has been hacked again and this time it’s by the so called ‘Iranian Cyber army’!! I’ve tried accessing twitter and its giving me an ISE. I’ve been watching the trends on Google and found that this was a RED hot volcanic.
The news spreading like wild fire around 10PM PST time…. Here is a screenshot of the Google trend on twitter attack.
Although twitter posted an update that this issue caused due to “Twitter’s DNS records being temporarily compromised but have now been fixed.”
There are many websites which host malwares (unknowingly) but they look like pretty nice and authentic sites in order to trap the visitors. Google Safe Browsing tool is a tool developed by Google which helps you to test a website which you think may not be authentic or has malware hidden in the source codes.
In order to check if your site has an suspicious code or malware then, you just need to type the following in your browser address bar –
http://www.google.com/safebrowsing/diagnostic?site=[website url].
For example we checked our site by going to http://www.google.com/safebrowsing/diagnostic?site=thesharath.com
Blogging is fun! BUT some hackers take advantage and try to hack sites. If you are a wordpress based blogger, then there is a plugin for WordPress that I recommend. It helps find potential viruses, javascript and iframe injections. The plugin is called WordPress Exploit Scanner.
Always upgrade to the latest version of wordpress, most security loop holes are fixed in the latest version of wordpress. And make sure you choose popular plugin rather than being a daredevil to test a new plugin you found on the internet.
First things first, Here is couple of things that you need to do if you think that your website is hit by malware.
When looking for badware\malware on your site, especially badware due to hacking attacks, please remember to check the source code of your site as it is currently hosted on your web servers.
Always choose a good ads publisher to earn money. We believe in Google Adsense for our revenue, it easy to setup, fast and customizable and more than it’s entirely safe and doesn’t spread malware through ads scripts.
Always moderate comments and remove clickable links posted in the comments of your articles.
Two common types of injection attacks:
<Iframe> tags are one of the many kinds of HTML tag codes that can be used as part of the source code that creates a website. An iframe creates a small window on a webpage so that another page can load inside the embedded window. Iframes are not always used for nefarious purposes; one frequent use, for example, is to embed remotely hosted dynamic content such as online maps into web pages. When used by malicious attackers, an iframe can be made so small that it is invisible, and the visitor to the infected page never knows that another page is also loading in the tiny iframe window.
If you see code for an iframe with width=“0” and height=“0” in the source code of any page on your website, you have found an invisible iframe. Iframes are most commonly inserted at the very top or the very bottom of a web page’s source code. A good first place to check for iframes is before the initial tag that starts a web page’s standard code, or after the final that ends a page’s code.
Obfuscated code or scripts are designed to be hidden within the normal code for your site, so they can be hard to detect. The code is written specifically to prevent automated tools from discovering its purpose. The most commonly obfuscated kind of code is javascript, which is used to add functionality to many websites.
Encrypted code is harder to find, because there are no set patterns. However, encrypted code will look like a block of unintelligible text. Normal javascript uses a syntax based on actual English words. Encoded or encrypted text appears in a site’s source code as completely unintelligible blocks of letters, numbers, and symbols.
While most hacking attacks focus on html code, it is also possible for bad software itself to be uploaded onto a poorly secured site. Bad software can include unknown executables (such as files that end in .exe, .bat, .cmd, .scr, and .pif), javascript files, or even images uploaded to your site without your knowledge. Sometimes attackers will simply use your website to host badware and link to it from other victim sites. One method for detecting whether you are hosting bad software on your site is to download all of your source code from the live website onto a virtual machine and scan it using anti-virus and anti-spyware programs.
How do you remove malware?
Remove the bad software from your website and don’t make it available for download again unless you can be sure that it is no longer badware. You can learn more about what makes a piece of software badware in our guidelines. If you are the creator of the software in question, StopBadware may be able to offer recommendations for bringing your software into compliance with our guidelines.
Remove all malware links from your website.
Remove all ads that link to malware. If you use an ad network, this may mean removing all the network’s ads from your site until you can be sure the network is clean. You may also want to contact your ad provider and let them know that one or more of their ads is causing badware to be linked from your site.
How does your search engine result get impacted?
Google always wants its users to feel safe when they search the web, and they’re continuously working to identify dangerous sites and increase protection for our users. A warning message appears with search results we’ve identified as sites that may install malicious software on your computer:
Google will not crawl\index and information from your site (which is bad for you). Hence no content from your site will show in the Google search results gradually.
For more information, visit http://www.stopbadware.org/. Also, Google maintains an Online security blog called Google online security blog, read it for more information.
I thought Google only bombs people who have miserably failed. But guess not! When you search for ‘Who is failure’, Obama turns out to be on the top list!
I don’t think there was any active campaign to linkbomb Obama to the top for these words, so I think this is fallout from the long-standing “miserable failure” googlebomb that was impacting his predecessor, President George W. Bush…
Obama won the Nobel award for peace keeping and is the worst failure? Ok Google time to change your search algorithm …
If you want to read more about the Google linkbomb or Google bomb, see searchengineland page here.
Mozilla announced that the recent update of the .NET Framework Assistant which was updated during the recent auto updated had serious security vulnerability, and Microsoft is recommending that all users disable the add-on.
The popup announcing this said that the ‘following addons have been known to cause stability or security issues with Firefox and hence will be disabled.’ Thanks, Mozilla team, for hitting the kill switch and hopefully this will get Microsoft to release a patch sooner.” Mozilla explains on its security blog that they have gotten in touch with Microsoft. In the mean while Firefox team has put the blocklist entry live immediately. (Some users are already seeing it disabled, less than an hour after the Mozilla team added it to the blocklist!)
How does this attack work? “All that is needed is for a user to be lured to a malicious website,” Microsoft said. Triggering this vulnerability involves the use of a malicious XBAP (XAML Browser Application).
Microsoft says “The flaw is a bad one, but users who have installed the MS09-054 IE update, released Tuesday are protected from this attack, “regardless of the attack vector,”
To protect users who may not have installed Microsoft’s patch, Mozilla is automatically blocking two add-ons: the Microsoft .Net Framework Assistant and a related plugin called the Windows Presentation Foundation.
It was revealed that 10,000+ Hotmail accounts were compromised and all of the usernames and passwords of these accounts were posted online. It was a major security and scam issue, but it was thought to only affect Hotmail users.
Unfortunately, Hotmail was only the beginning. Google has now confirmed that thousands of Gmail accounts were compromised by an “industry-wide phishing scheme.” According to the BBC, the login data of over 30,000 Hotmail, Gmail, Yahoo, AOL, Comcast, and Earthlink accounts have been posted online.
Phishing attacks are designed to steal your password. Here are the signs that it’s not real:
1. Google, Yahoo or Microsoft won’t ask you for your password in an email. No legitimate company will. Ever. Don’t give your password to anyone via email.
2. Even if it contained a link to a Google, Hotmail, Yahoo-looking site that asked for your password, I would be skeptical. There are some phishing sites that look very convincing.
3. It doesn’t make sense. Google, Yahoo, AOL or Microsoft has a ton of data storage capacity, they won’t be running out of space or asking your password.
Related: 10 tips to stay safe on twitter!