Do you know what are the most riskiest domains in the web ?

McAfee, a security agency, released its annual, “Mapping the Mal Web” report naming the riskiest domains in the web worldwide. Disturbingly, most of the riskiest domains come from Asia-Pacific region.

The following are the top 10 riskiest domains in the web:

1. Cameroon (.cm) – Cameroon from Africa got in the top list for 2009 overthrowing Hong Kong (.hk) as the web’s riskiest domain for 2008. With a risk rating of 1.1%, Hong Kong dropped to the 34th place this year. It is a small African country bordering Nigeria. It’s the first time that Cameroon entered the list getting the top spot with the risk rate of 36.7%. Most of the time, users mistype .com to .cm making it as the common typo for domains. Because of this, many cyber criminals decides to come up with fake typo-squatting sites redirecting users to download malicious downloads, spyware, adware and others.

2. Commercial (.com) – .com is considered as the most common domain, also getting more and more dangerous as of 2009. It has been in the ninth place in 2008 and grabbing the second most dangerous domain for 2009. It is also the most risky generic top level domain (TLD).

3. China (.cn) – The third spot belongs to China with the risk rating of 23.4% while having a 11.8% risk rate in 2008. McAfee’s report shows that websites registered with the .cn are more related spam sites.

4. Samoa (.ws) – Samoa is in fourth place with a 17.8% risk percentage compared to its security risk of 3.8% the other year. It has been reported that Samoan-registered domains are known risky for its activities like phishing and malicious downloading. Together with China, Samoa stayed in the top 5 riskiest domains since 2008.

5. Information (.info) – With 15.8% risk rate for 2009 and 11.7% for 2008, .info is considered as the most spammy domain because its sites generates a lot of junk mail. Its activity is largely spam related.

6. Philippines (.ph) – Philippines marked the sixth spot with the overall risk level of 13.1% as compared to its 2008’s risk rate of 7.7%. Its registered sites are getting more into spam and phishing than the malicious downloads.

7. Network (.net) – The seventh riskiest domain is the Network (.net) having the risk rate of 5.8% compared to its higher security risk in 2008.

8. Former Soviet Union (.su) – Former Soviet Union joined the top list for the first time, with the 5.2% security risk. Reports noted that its domains are mainly used linking phishing and malicious download activity.

9. Russia (.ru) – Russia is in the ninth place getting a risk rate of 4.6%. In 2008, it has a security risk of 6%. Domains from Russia are distributed for phishing, spam and malicious downloads.

10. Singapore (.sg) – Next to the Philippines belonging to the Asia-Pacific country, Singapore had the tenth place with the overall risk of 4.6%, compared to 0.3% last year. .sg domains were distributed evenly for spam and download activity.

The riskiest domain for malicious downloads comes from Romania (.ro). 21% of its domains are offering viruses, spyware and adware. The Government (.gov) domain is the safest domain for having 0% risk. Japan (.jp) domains got a rating of 0.1% proving to be the safest country domain in the web.

The “Mapping the Mal Web” report just shows how smart the cyber criminals are they quickly change their strategies to attract more victims without being caught. Attackers prefer to target places where it will be cheap and convenient for them to register their sites.

How Can Techie Now Help?

McAfee has named the world’s riskiest domains. With the cyber criminals roaming the web, any domain from any country can be affected by these phishing, spam and malicious downloads. It just proved that it’s really not that safe when it comes to browsing the web. The right thing to do is to make sure that you have a security software ready in your computer for protection. If you are looking for services that can protect your computer, you can trust Techie Now with that. Contact us now for any PC support services like virus and spyware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com

The official website of Spain’s European Union for presidency, www.eu2010es, was hacked where a large picture of Mr. Bean smiling was displayed in the site.

It been a joke in Spain for years now that the British actor, Rowan Atkinson, who played as Mr. Bean, looks really alike to Spain’s Socialist prime minister, Jose Luis Rodriguez Zapatero. El Pais, Spain’s leading newspaper, has published an article against the government handling the economy with the cartoon image showing Mr. Zapatero as Mr. Bean. The problem of unemployment in Spain has increased twice to about 19 percent.

Mr. Zapatero’s official verified that a security breach caused the hack of the website covering Spain’s 6-month presidency of the European Union. Fortunately, the site information is not affected at all. El Mundo, another newspaper from Spain, showed to the public the screenshot Mr. Bean appearing in the official webpage. During that time, anyone who visited the website will receive a “Hi there!” greeting by Mr. Bean. Thousands of users flooded the site to prove if the spoof is true.

How Can Techie Now Help?

It’s easy for cyber criminals to hack websites like what happened to the Spain’s Official European Union Presidency website. It may not have affected the site that seriously but it just proves that websites are not safe with numerous hackers over the web. Also include the computers and its users. For a start, Techie Now can help you when it comes to computer protection. It also offers other PC support services like: virus and malware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com

Alan Claridge of Indiana sued RockYou for data breach after the company admitted that they have lost the personal identification data of their 30 million users because of a hack. The only mistake of RockYou was that they didn’t acknowledge the online attack for almost two weeks after it happened.

How were the personal data of RockYou’s million users lost?

RockYou kept its users’ personal data which are all confidential only in plain-text files or .txt docs. They have failed to protect the personally identifiable information (PII) of their users letting it be accessed by anyone who is capable to hack. No wonder the hacker, “igigi”, didn’t have a hard time exploiting RockYou’s SQL injection vulnerabilities because of its poor coding.

After that attack, RockYou sent a mail to its users, including Claridge, received an e-mail from RockYou saying that their information might have been compromised. But 12 days before that, RockYou already knew its own liabilities and decided to shut down the site. It even published an apology and explanation on the attack that happened on the website.

To prevent this from happening again, RockYou will cooperate with the investigation of the authorities on the illegal breach of its database. They will also encrypt all passwords, evaluate their data security features and upgrade their legacy platform with the standard security protocols. RockYou is sued for nine counts which include negligence, breach of contract, violation of California’s Computer Crime Law, and California’s Security Breach Information Act, among others.

How Can Techie Now Help?

Alan Claridge did the right thing when he sued RockYou for data breach. Regardless of RockYou’s website being hacked, they should still protect customer data and not to have waited for 12 days before informing its users about the hack. You’ll never know but you might be the next victim of these hackers. Protect your PC now! Contact Techie Now for PC support services that you need like virus and spyware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com

If you sent an e-mail in the first few hours of 2010, there’s a possibility that your recipient has not received your e-mail because of the bug hidden in the open source SpamAssassin used by internet service providers (ISP). The rule used to score emails as possibility of being spam was not updated in compiled versions of Apache SpamAssassin 3.2.0 thru 3.2.5.

SpamAssassin is a computer program used for e-mail spam filtering based on content-matching rules. Mike Cardwell found out that a rule named ‘FH_DATE_PAST_20XX’ triggered the program to give a high spam scores to any e-mail, legitimate or not, that has arrived within its header a date beyond a defined point in the future. He searched for the rule in Google and found out that the said issue, #5852, was first identified in November 5, 2008 and was already fixed in June 30, 2009. He is using Debian for his operating system which doesn’t contain the fix needed for that problem.

The rule ‘FH_DATE_PAST_20XX’ was not updated in compiled versions of Apache SpamAssassin 3.2.0 thru 3.2.5 before the New Year started. So any e-mails sent between 2010 and 2099 will automatically have high spam scores. Even though this problem has not directly stopped e-mail, the number of the legitimate e-mails mistakenly marked as spam would have been raised until the service providers detect the problem.

We’ll never know how many e-mails were affected by bug. According to reports, false positives appeared in Sweden, Germany, and The Netherlands. Daniel Axster of CronLab, an open source anti-spam company from Sweden, stated that it would have affected worldwide if it crossed the date line since almost all ISPs use the standard rule set with some modifications.

Axster advised the providers that they should do regular updates for the filters and archive spam monthly or in case of problems. They should also propose a mechanism to end users that will check their filtered emails for false positives. CronLab usually follow these techniques. Customers should store those emails suspected as spam so that the ISP can analyze about it.

SpamAssassin quickly fix the problem and offered a help page on its website as soon as they discover the problem. If you feel that you might have been affected with this bug but doesn’t know how to check it, you just have to press the resend button to send your email again.

How Can Techie Now Help?

The SpamAssassin 2010 bug blocked the emails enabling for other users not to receive emails sent to them. ISP should update their filters regularly. It’s the same as users updating security software for their computers for protection. If you are looking for PC support services like virus and spyware removal, performance optimization, installation and configuration and general repair, Techie Now is here to help you.

www.TechieNow.com

We all have experienced many online threats last year. And as year changes to 2010, the more online threats are changing too. Cybercriminals will be more eager to spread online threats and attack computers to benefit with any valuable information challenging users for security.

Here are some of the predictions that will challenge computer security this year:

1. Spam, Scams on Social Networking and Real-time Sites – A group of security researchers belonging from Websense, Breach Security, IBM Internet Security Systems‘ X-Force, and Symantec agreed that cybercriminals will focus their attacks on social networking sites such as Facebook, MySpace, and LinkedIn, and on real-time social sites like Twitter. When it comes to real-time features, Google, especially Google Wave, as well as Bing will be their target. The attackers enjoy the fact it will take time for others to discover the existence of a malicious link or file. Users may recognize one but still one way or another, there will still be victims.

2. Crime Cloud – Security vendors specifically AVG, M86, and RSA predicted that criminals will be attacking and using use cloud services directly to control attacks. and using them to direct and control attacks. IBM researchers are anticipating to see attackers exploiting more services. Take Amazon AWS for example which already served as a host for a malware command and control server.

3. Malware Hijacking Trusted Sites – Breach Security observes continuous improvements when it comes to compromising trusted sites and infecting them with malware. Numerous incidents of SQL injection has been proven successful in attacking sites. No doubt, it will happen again. Cybercriminals prefer to have a third-party that will distribute their malware.

4. Macs Will Be Compromised – It’s been years now that security companies have been talking about Mac being targeted by attackers for malware. According to Websense, exploitation will happen affecting Safari under Mac OS X which will invite hackers to target the Mac platform. Symantec is worried that Mac users who are not spending money to buy antivirus software yearly will not be protected with such attack. Zscaler still believe that Apple can somehow oblige the company to strengthen its security to surpassed continuous attacks. Many think Macs will be widely affected because of Adobe Flash vulnerability.

5. Search Engine Poisoning and Malvertising – Cybercriminals will exert more efforts on exploiting trusted sites. For them to infect sites, they will make use of search engines and advertisements. They will continue to threaten and weaken search results and enjoy the attention breaking news and events. Google together with Microsoft will assure its users for a safe search and advertising. Of course, they wouldn’t want their users to not trust them.

6. Increasing Number of Bots – Why would cyber criminals waste their time with cloud-hosted malware when botnets can do the same thing? Botnets are better than cybercriminals. It can also be a source of income generating cash for criminals and hijacking other botnets for money. This will cause conflict preventing botnets to grow and attracting security experts and law enforcement. It’s botnets against other botnets. It’s like what happened to Zeus/Zbot being shut down by Bredolab botnet. Symantec claimed that botnets have become the foundation of cybercrime.

7. Piracy Gets Riskier – Microsoft has started making a move to lessen software piracy since last December. They received many complaints from users who buy the pirated version of Windows. IBM researchers are expecting that the continuous use of the pirated software will infection more users will malware.

8. Mobile Security Issue – Smartphones like iPhone and Android-based handsets are like miniature personal computers. They are being used for business purposes. In 2010, Websense predicted that smartphones will be targeted for attacks just like the computers. Nowadays, security vendors either have or are developing a mobile security product service. IBM thinks that mobile attacks will still be limited.

9. Major Insider Theft Scandal Will – It is expected next year that someone who has been in a large organization accessing company data will be caught to be working for or with a cybercrime group. The Identity Theft Resource expected that the number of insider cases will increase because of failure to follow basic workplace security protocols.

10. Clickjacking is Back – According to Zscaler, clickjacking will strike back. Clickjacking is a malicious technique that tricks users to reveal confidential information or take control of their computer while clicking the sites. Jeremiah Grossman of WhiteHat Security and Robert “RSnake” Hansen of SecTheory reveal about the technique in October 2008. Efforts have made to lessen the risk of clickjacking but it is still effective to use especially with a social engineering component.

How Can Techie Now Help?

The above security threats serves as a reminder for computer users to be careful over the web. You’ll never know what security threat you will be into. For now, the best protection is a reliable and updated antivirus software that will keep you and your computer in trouble. When it comes to your computer’s protection, Techie Now is the name you can trust. Techie Now offers PC support services: virus and spyware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com