How to Stop Bom Sabado Worm? Here is the way!

Everyone whose orkut account has been affected with the Sabado Worm, can use this simple trick to get out of this issue. People whose account is not yet affected, please follow the below steps to keep this worm away from your accounts.

The worm injects a hidden iframe containing a malicious javascript [do not click this] http: //tptools. org/ worm . js [do not click this], which steals the user cookie which contains the password in an encoded form. Even though the attacker does not get to know your password, they can login to your account using your credentials by impersonating the cookie to fool the identification system. 

So a trivial solution is to diable javascript, another solution is to disable iframes or u can take an advanced measure by blocking the domain http : // tptools . org / by editing your hosts file and redirecting it to a safe address, say 127.0.0.1 go to C:>windows>system32>driversetc There is a file named %u2018hosts%u2019. It is a read-only file. Go to it's properties and un-check the read-only option and edit it with you favourite editor. add this line at the end of it 127.0.0.1 tptools.org save it. and then restart your network interface. ( in simple words, just reconnect your internet connection ). Bingo!! the worm%u2019ll became useless!!!! 

Five Reasons Why Android Will Beat iPhone and BlackBerry

While many iPhone users are reporting high satisfaction, it doesn't matter for the long term. The Android platform will crush all other smartphones in both its sheer number of users and vendors.

Neither Apple nor RIM will give up without a fight, but the writing is on the wall for business owners who don't want to be saddled with the 2013 version of the Sony Betamax. RIM is already facing big challenges from the countries like India and S Arabia.

1. Android Rules the Market by Numbers

Sure, Google CEO Eric Schmidt self-servingly told Reuters that 200,000 Android handsets were selling every day--but third-party surveys also routinely show that the platform's momentum is steadily increasing. Thirty-three percent of smartphones sold from April to June were Android handsets, and the system is outstripping RIM (at 28 percent) and iPhone (22 percent), according to the NPD Group. In other words, the American people are voting with their wallets and choosing Android handsets.

2. More Selection and Promotions

The top five Android phones--Motorola Droid, HTC Droid Incredible, HTC EVO 4G, HTC Hero, and HTC Droid Eris--have numerous carriers, including Verizon Wireless, AT&T, Sprint and T-Mobile, according to NPD. Because of the competition among carriers, promotions like Verizon's buy-one, get-one-free, and cut-rate prices will continue to play a significant role in the Android market. For a company having to buy a dozen or more smartphones, this means some serious savings.

3. More Room for Variety and Ideas

While iPhone applications are well-touted, many of Android's apps come straight from Google's gifted engineers, such as Google Goggles, which has image recognition software that can retrieve walking tours or menus. But its apps aren't limited to engineers. Google also developed the open-source App Inventor that allows anyone to create an application for Android. Scary? Perhaps, but the system is definitely open to new ideas--perhaps even one your business can create.

4. Android Is the Innovator

Since Android was developed by Google, many believe that it has a little more tech credibility than other operating systems, but that shouldn't be the only reason to buy an Android smartphone. The idea should be that Android is still relatively new and has some maturing and growing to do before it reaches its apex. Android is still not like the iPhone's walled garden, but it's becoming more functional and user-friendly.

5. Android 2.2 Froyo: A Gift to Your IT Department

No more worries about syncing with Microsoft Exchange, because it's all been ironed out with Android 2.2. The system's new security features, such as remote wipe for administrators, lock-screen timeouts, and minimum password settings, will put critics of previous Android handsets at ease.

While not everyone will love the Android platform, it will soon become the country's mobile OS of choice. You can either choose to embrace it or be prepared to defend why you're holding onto its less popular rival.

Electronic Clearing System of the Income Tax Department, India hacked: Hacker Diverted around Rs 15 crore

The Electronic Clearing System (ECS) of the Income Tax (I-T) Department has been hacked into, jeopardising the functioning of department across Mumbai. On Wednesday, three days after the incident, the I-T department handed over the investigation to the Central Bureau of Investigation (CBI).

Sources revealed that the ECS of the I-T department, which facilitates tax refunds of Mumbaikars has been hacked into. It is believed, the hacker also managed to divert crores of rupees from the system. Following this incident, the entire system that processes income tax payment has been shut down since Monday. To prevent further damage, the department has now changed the passwords of all the senior officers with access to the ECS.

Chief Commissioner of Income Tax, R K Singh confirmed the report, stating, “The matter has been transferred to Central Bureau of Investigation (CBI).”

According to I-T sources, the incident came to light last week when an additional commissioner level officer discovered unauthorised remittance made from his section. The officer informed his seniors about it and investigations revealed the ECS had been hacked into.

“It seems that more than Rs 15 crore has been siphoned off from the ECS. Investigations are on to ascertain the total amount,” an officer from the I-T Department said requesting anonymity.

ECS system of the I-T was launched recently to clear the refunds of taxpayers in bulk and cut down the tedious paperwork. Sources said that the department has cleared the refunds of one lakh more assesses in a short span of a month through ECS.

“The remittance was made by computers. Now, to check the source and officer who has cleared the refunds, one has to manually go through the entire process which will take a really long time,” said an assessing officer from the I-T department.

In a parallel inquiry, the investigation wing of the I-T is also on a trail of bogus PAN cardholders. Sources said a businessman from suburban Mumbai had filed an income tax return with the help of bogus PAN card. The I-T official got suspicious and found that the card was made in the name of two boys. I-T officials interrogated the boys who revealed that they never applied for any PAN card.

Further inquiries revealed that their father’s employers had managed the fake PAN cards in the name of boys. The I-T officials then approached the local police, but police refused to register the offence. Inquiries are still on in the matter.

I-T payment system has been shut down since Monday following the incident

Microsoft confirmed another zero-day vulnerability!!!

Microsoft confirmed another zero-day vulnerability on Monday in a set of software components that ship in a wide variety of the company's products.

The vulnerability resides in Microsoft's Office Web Components, which are used for publishing spreadsheets, charts and databases to the Web, among other functions. The company is working on a patch but did not indicate when it would be released, according to an advisory.
"Specifically, the vulnerability exists in the Spreadsheet ActiveX control and while we've only seen limited attacks, if exploited successfully, an attacker could gain the same user rights as the local user," wrote Dave Forstrom, a group manager who is part of Microsoft's Security Response Center, in a blog post.

An ActiveX control is a small add-on program that works in a Web browser to facilitate functions such as downloading programs or security updates. Over the years, however, the controls have been prone to vulnerabilities.
The new flaw comes just a day before the company is set to release its monthly patches, including one for another zero-day vulnerability revealed earlier this month. That problem lies with the Video ActiveX control within Internet Explorer and is currently being used by hackers in drive-by download attempts.

In cases of especially dangerous vulnerabilities, Microsoft has deviated from its patching schedule and issued one out of cycle.

Microsoft said that the flaw could allow an attacker to execute code remotely on a machine if someone using Internet Explorer visits a malicious Web site, a hacking technique known as a drive-by download. Web sites that host user-provided content or advertisements could be rigged to take advantage of the vulnerability.

"In all cases, however, an attacker would have no way to force users to visit these Web sites," the advisory said. "Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site."

Microsoft issued a list of affected software, which includes Office XP Service Pack 3, 2003 Service Pack 3, several versions of Internet Security and Acceleration Server and Office Small Business Accounting 2006, among others.

Until a patch is ready, Microsoft said one option for administrators is to disable Office Web Components from running in Internet Explorer and has provided instructions.

Why do people write viruses???

Every time when reports of a big new virus or other malware attack hits media, my mind will be out for an answer for the question: Why do people write viruses?

I answer as succinctly as I can, but the question is a deep and complex one. Why do people burglarize homes? Why do people tag buildings with graffiti? Why do they post anonymous hatred on online message boards? Why do they play video games? These questions may sound like they have nothing to do with one another, but you might be surprised how their answers are all related to the topic at hand.

TechRepublic offered an interesting analysis of this issue a month ago but it slipped by me. Fortunately I stumbled upon it this weekend and hope you'll give it a read in order to help shed a little light on a surprisingly complex issue.

So why do people write viruses (and I'll use that term loosely throughout this post as a descriptive for any kind of malware)?

TechRepublic plays it down a bit, but my #1 answer to the question is always the obvious one: For the money. In the old days, a virus designed to erase your hard drive or fill your computer screen with garbage was just a prank (more on that later) but those viruses are quite rare these days. Nowadays, the vast majority of viruses have far more practical ends: They make your PC send spam, they harvest financial information, turn computers into zombies, and extort money out of you directly if you want it deleted. All of these have direct and quantifiable financial goals: Spam is paid for by the message (or the millions of messages) sent. Personal data can be sold on the black market for use in identity theft. It's business, pure and simple -- bad business, to be sure, but all about the cash at the end of the day.

Several of the items on the TechRepublic list get at a secondary reason for virus-writing: They do it because they can. It's the same reason people jump out of planes or drive at insane speeds: It's a thrill, and for a certain subset of programmers, there's a thrill, a laugh, or a power-trip to be had from causing as much damage as possible -- and getting away with it. While most virus writers don't want attention (which can bring serious prison time in the end), a few do, and some underground hackers get off on the notoriety.

Sabotage -- whatever the motivation -- is another common theme in malware creation. Any political issue -- whether it's a presidential election or a Microsoft vs. open source legal spat -- tends to be ground zero for hacker attacks. Denial of service attacks are commonly launched against websites owned by those with opinions unpopular in the hacker community. And that's where your machine comes in: Hackers compromise it with malware to turn it into a DoS zombie.

So, getting the picture? Viruses and other malware are going to be with us forever because they're a digital version of human nature.

Hackers: We can now steal data via electrical outlet!!

A few years ago, the idea of using nothing more than a standard electrical outlet to hack into sensitive computer systems would be the stuff of Hollywood - and far-fetched, eye-rolling Hollywood at that.

I can almost picture the scene: A wily Justin Long taps a few keys on his laptop and we watch the signal race through the power grid to his target, where a hapless government employee types his password into the ultra-secure computer at headquarters. Back with Long, we watch the password show up on his computer screen, as if by magic, thanks to his nifty hacking skills.

It sounds ridiculous.

But it turns out, well, it's basically a reality.

At the Black Hat USA conference later this month, hackers are preparing to unveil their methodology to steal information typed on a computer keyboard using nothing more than the power outlet to which the computer is connected.

The technique behind the exploit isn't as wildly high-tech as you might think, though. Old-fashioned electrical properties are the key to the trick. Here's how it works (in simple terms): When you type on a standard computer keyboard, electrical signals run through the cable to the PC. Those cables aren't shielded, so the signal leaks via the ground wire in the cable and into the ground wire on the computer's power supply.

The attacker connects a probe to a nearby power socket (perhaps in the vacant office next door or a hotel room across the hall), detects the ground leakage, and converts the signal back into alphanumeric characters. So far, the attack has proven successful using outlets up to about 15 meters away.

If you've got a wireless keyboard or are working on a laptop unplugged from the wall, which would make this attack useless, fret not: The hackers have a method for eavesdropping on you too. A simple laser beam -- better than a laser pointer, but not by much -- can be pointed a shiny object on the table where the computer sits, and the beam's reflection is captured by a receiving system. The vibration of that reflection caused by the striking of keys can be analyzed and, as with the electrical outlet system described above, reconstructed into words, since every key produces a unique vibration pattern. All this technique requires is a direct line of sight to the PC and a few hundred dollars worth of equipment.

Be safe out there, folks than be sorry...

Accessing the Computer without an Administrative Password

We all eventually forget one password or the other and such a problem can be so irritating and unpredictable that it can make quite a huge impact. The problem is even more serious when we forget the administrative password to anything, especially our operating system. In most cases the regular user will choose to format the hard disk and then re-install the operating system in order to solve this problem and unfortunately, such an action usually means that some data will be lost along the way. Although it can be impossible at times to access the personal computer if the administrative password was loss, there are some actions you can take in some cases. You will basically need the computer (which really needs to have the possibility to support a bootable CD-ROM) and the Windows CD-ROM.

The first step you will need to take is to modify your personal computer’s BIOS in order to allow booting from the Windows CD-Rom. Next you have to insert the CD in the drive and boot up the PC. Just wait and when the "Press any key to boot from CD" message appears just press any key. Now go through the entire step by step process until you get to the setup screen. This is where you will have the option to repair or install the operating system. You will need to choose repair and Windows Setup will then start a check on your system and start copying files. After this you will notice that the PC will re-boot automatically.

The next step will depend on your operating system. You basically need to open a command prompt after the reboot and resume the setup process. If you have Windows 2000 you have to wait until the part where you see that the OS is registering components and press "Shift + F10". If you have Windows XP you will need to press the same key combination when "Installing devices" appears in the left hand side of your screen. Now we will have a command console open and you can gain access to the Control Panel. In Windows 200 you will need to type "control.exe" and in Windows XP "nusrmgr.cpl". Press the "Enter" key and we now have access to the control panel.

Now just used the tools that are provided in order to reset the password and if you are done just close the control panel by typing "Exit" and then pressing "Enter". Now we will need to allow the repair function to complete as usual. When the operating system starts again you can use the new password in order to log in. There are some circumstances in which you will not be able to access your personal computer but these are rare. If this happens we recommend that you take your hard drive and install it on another computer as slave so that you can save every piece of information you need and then format the entire hard drive. Then you will need to re-install the operating system.

By: Adrian Alexa

Do I need to back up my computer?

Even if you've taken precautions to protect your computer from malicious software, other potential dangers could destroy the information it holds. A power surge, lightning strike, hardware failure, or natural disaster could leave you without your important data or the use of your computer.

Backing up your files can help you avert disaster. Backing up is simply making an electronic copy of files and storing that copy in a safe place. If you back up your files regularly, you can retrieve some, if not all, of your information if something happens to the originals on your computer.

Here are some tips for backing up your computer:

* Use an external hard disk, CDs, DVDs, or other storage medium for your backup copies. Or upload data to an Internet-based file storage service. Whatever you do, don't just copy files to another location on your hard disk.

* Label the medium with the date and time of the backup. Don't erase the previous backup until you have made a new one.

* Back up anything you can't replace easily such as financial information, digital photos, music or programs you bought and downloaded from the Web, and school projects. For these types of files, you can simply copy and paste the file into the backup medium.

* If you use an email program that is installed on your computer (such as Microsoft Outlook), back up important email messages and your email address book. Some email programs include an export feature for backing up important data.

* If you're trying to save time or space when backing up your computer, consider backing up only your personal data. Don't copy programs like Microsoft Outlook or your operating system. They can be reinstalled from the original CDs you purchased or the System Restore CDs that came with your computer.

* If you use your computer occasionally, back up your data once a week. If you use your computer every day, a daily backup of the files you use most often or modified that day is a good idea.

* To be sure you've backed up every file, use backup software. You can find a list of backup products in the website. Your operating system may also include backup features.

* Make sure you have a copy of your operating system on a CD for re installation in case your computer's hard drive fails. If your computer shipped without a copy of the operating system, contact the manufacturer for a copy.

Protecting your computer makes good sense!!!

It can delete important data or programs from your hard disk. It can constantly display annoying pop-up ads. It can slow your computer to a crawl or stop it from functioning. It can even help computer thieves steal your sensitive information and your identity.

It's malware — malicious software. And unless you take steps to prevent it from attacking your computer, you can be a victim of viruses, spyware, and adware. What's even more frustrating is that these programs can be so well-hidden on your computer that you can't find and remove them without the help of an anti-malware program. And in extreme cases, you may have to completely clean your hard disk and reinstall your operating system to rid yourself of these pests.

• Viruses can infect your computer and spread to your friends

A virus is a program that inserts itself into other programs, documents, or email attachments. If you open a document or click a link or attachment in an email, you may download a virus. Once a computer is infected, a virus can do intentional damage, from slowing down a computer by overloading its memory, to destroying important data or programs. The virus may attempt to infect other computers by emailing or instant messaging itself to everyone in your address book.

• Spyware can lurk in other software

Spyware is software that gathers information about you without your knowledge or consent. It "records" what you do with your computer (such as the web sites you visit) by tracking everything you type on your keyboard. Some spyware can even gather email addresses, passwords, and credit card information and transmit it to the company or persons that produced the spyware. The data may then be sold to other companies that use it to display their ads to you, or used by criminals to steal your identity. Spyware is often hidden in other software that is downloaded from the Internet.

• Adware is more than annoying

Adware is software that displays advertising, such as pop-up ads, as you surf the Web. Some adware double as spyware and also collect your personal information without your consent. Like spyware, adware can be installed when you download a program from the Internet or install software from disks. Adware may not disclose its behavior before you install it or may not clearly identify itself as the source of ads.

How to Protect Your PC

Use anti-virus software and keep it up-to-date

If you haven't installed anti-virus software on your computer, do it now. Anti-virus software can detect many — but not all — forms of malicious software before they have a chance to affect your computer. When you purchase anti-virus software, look for one that includes anti-spyware. Most anti-virus software can automatically download updates for you. Check to make sure your software is downloading updates correctly.

Keep all your software up-to-date

You can prevent many problems by regularly checking for and installing updates for your programs, including your operating system, browser, messaging software, and other software. Many programs include a feature that automatically checks for updates. Be wary of clicking links in emails claiming to have updates for your software; it is safer to type the address of the web site into your browser’s Address bar to visit the site directly.

Check your security settings

Most operating systems (such as Windows XP) have a built-in firewall and other safeguards to prevent unauthorized access to your computer. Check your operating system to make sure it's set up so that your computer is protected. Install any security updates or patches for your operating system promptly.

Be careful opening email attachments

Consider turning off the feature in your email programs that automatically opens attachments. If you receive an attachment you aren't expecting, do not open it. Before you open any email attachment — even if it's from someone you trust — scan it using anti-virus software. Most of the online mail service providers automatically scans all email attachments for viruses.


Don't install unfamiliar programs

Think carefully before installing or running new software, such as freeware or shareware programs available online. Only download software from a source you trust. Do not install software if you cannot verify that it's from a trusted source. Make sure you know what the software will do and how it will affect your computer. Malicious software (like viruses and spyware) often masquerade as legitimate and even useful programs. For example, you might be tempted to download a program that claims to keep your computer clock synchronized with an official clock. But if that program contains adware or spyware, it could also display advertising pop-ups whenever you're online or keep track of where you go on the Internet.

Be wary of pop-up and email warnings

Don't believe every warning you read — especially pop-up warnings that you see while you're surfing the Web. Unscrupulous companies use pop-up ads to display false warnings about your computer. Ignore them.

Do NOT click any button in the pop-up (such as a "Close" or "No" button) or the Close box that may appear in the upper-right corner of the pop-up. Closing a pop-up in that way might actually install a virus or other malicious software on your computer. To close a pop-up ad, press Ctrl-W (if you're using a Windows computer) or Command-W (on a Mac computer). You may receive an email warning that claims to be from a computer "expert" warning you of a virus. These are usually hoaxes. Do not follow the steps described in any email unless you're sure the threat is real.

How do I get rid of viruses, adware, or spyware?

If you suspect that your computer is infected with a virus or other malicious software, remove it as soon as possible.

Unlike other software, malware can't be completely removed using your operating system's Add/Remove Programs feature. Some bits of malware may still be hiding on your hard drive, doing its damage behind the scenes. To get rid of malware, use software specifically designed to find and delete it.

Many solutions are available for ridding your computer of malicious software. You can find these programs by searching the Web for virus protection. I would advice Symantec Endpoint Protection as a good anti virus. Whatever software you choose, be sure to keep it up-to-date.

In some extreme cases, anti-virus programs may not be able to remove all malware. It may be necessary to reformat your hard drive and reinstall its operating system. If you're using a laptop computer, installing the operating system from the partition backup may not completely remove malware. Instead, be sure to get installation disks for your operating system from your hardware vendor and use those to reinstall your operating system.

How do I safeguard my password?

Choosing a strong password is just one part of protecting your online account. You should also follow these tips to keep it safe:

* Your ID and password are confidential information. No one will never ask you for your password in an unsolicited phone call or email. Do not respond to any message that asks for your password.

* Do not write your password down. If you must write it down, keep it safe away in a place only you can access. Treat it as if it were cash.

* Change your password if you suspect something is amiss. Change your passwords frequently to keep it much more safer.

* Verify your online account information. From time to time, make sure your information is accurate and that no one has changed your data. If you suspect someone knows the answer to your secret question and any other information asked on the Sign-In Problems page, change them as soon as possible.

* Use care with automatic sign-in. If you check Remember my ID on this computer when you sign in to online account, you're still signed in even after you close your browser.

This feature can be a convenience for you: When you return to the online account, you don't have to re-enter your password. (If you're away from your computer for a while, you may be asked to re-enter your password.)

Do not check the Remember my ID on this computer box if you use a shared computer.

To change the setting of this feature, click the Sign out link on your online account page, and then sign in again, but do not check the Remember my ID box.

* Read the fine print. Before saving your password on any browser, plug-in, or program, thoroughly read the security documentation for that program or service. Depending on the program, your passwords may be available to anyone who uses that computer.

How do I choose my password?

Your password is more than just a key to your online account. If your password falls into the wrong hands, someone can easily impersonate you while online, sign your name to online service agreements or contracts, engage in transactions, or change your account information. So, choose your password carefully and then keep it safe from others.

A password is like a toothbrush: Choose a good one and don't share it. A password can be any length, and can contain spaces, symbols, or numbers. With so many options, you should be able to come up with a password that's easy for you to remember but impossible for someone else to figure out. A password is a secret that only you should know.

Here are some tips for choosing a strong password — one that is difficult to guess.

* Choose a password you'll remember. It should be memorable for you (so that you don't have to write it down or leave it in the open), but difficult for others to guess.
* Avoid using a word. Avoid a complete word from a dictionary (English or otherwise) or a name.
* Use at least 7 characters. The more characters your password contains, the harder it is for someone to guess it. A long but simple password can be safer than a short, complex one — and often easier to remember.
* Use a combination of capital and lowercase letters, numbers, and standard symbols (! @ # $ % ^ & *). Your Yahoo! password is case-sensitive, which means that a capital letter A is different from a lowercase a.
* Don't use personal information that someone could easily figure out. Avoid a password based on information easily obtained about you (like your birthday, your child or pet's name, phone number, license plate number, employer, school name, automobile brand, or street name). Don't use a password you already use for another account, such as your bank account PIN. And don't use your user name in any form (such as reversed, capitalized, or doubled).
* Avoid the obvious. Don't make it easy for attackers by repeating a digit or letter (like "111111" or "FFFFFF") or any other common sequence of characters (like "123456"). Stay away from obvious passwords such as "test" or "password." When you change your password, change several characters; don't just append a number like "2" to the end. And make sure anyone watching you enter your password can't guess it as you type (such as a password typed using a single hand, like "qwerty").
* Put a new spin on a familiar phrase. Pick a favorite phrase or lyric for your password. To shorten it, substitute letters with a number or a standard symbol or remove vowels. For example, "fredsboy" can be made into "Fr3d$boy." Shorten "two tickets to paradise" to "2Tickets2Paradiz," or combine "cat" and "dog" into "cAt!Do8."
* If you use a password generator, be careful. Make sure you can identify and trust the creator of a password management or generator program. Never share any personal information unless you trust the company or person you're working with. Online password-generator programs can help you create a random password that is generally harder to crack but also more difficult to remember.

Protect your privacy by choosing a strong password!!!