|
|
August 27th, 2008 by Shlomo Touboul
Tags: Facebook, Gatekeeper, Malware, Phishing, Security, Spyware, Virus, Yoggie
The internet has been buzzing the last couple of weeks regarding the “Facebook virus” that started to spread around.
That’s natural, the Social Web, Web 2.0 and Facebook specifically have been the hot internet subject material in the last couple of weeks. Practically everyone is on Facebook these days.
And now Facebook is used to spread viruses! Scary right?
 Well.. The truth of the matter is that technically, Facebook is not exploited in any way. Yes, it’s a convenient platform for a virus to work with, but the virus is not using any vulnerability in Facebook itself.
The Facebook Virus is really a great example of how a virus, and a relatively simple one at that, can infect so many people by using a series of multiple attack tactics and a lot of “social engineering“.
The attack begins with a classic Phishing email attack. Many people are spammed by emails luring them into clicking a link claiming to be to Facebook.
Clicking on the link takes you to a Phishing Web site that looks exactly like Facebook, and even has a very similar domain name.
The user is asked to login, and enters his username and password credentials.
At that moment the trap has sprung and the attacker has complete control over the victim’s Facebook, since he can login as the user. This victim is “patient zero” in a sense.
The next step is the attacker logs into the victim’s Facebook and sends a message to all the victim’s friends – Providing a link to a “funny video”.
The Website looks almost exactly like YouTube and the user tries to play the video, triggering a message saying that the Flash player needs to be updated.
The user than downloads the “Flash player update” which is the actual payload of the whole attack – This is the malware. This malware, or spyware that opens your computer up completely and herds into a botnet.
To summarize:
While Facebook does indeed provide a great platform for viral distribution, the technical methods by which attackers reach their victims are anything but new. It’s simply an elegant combination of “good old” Phishing and social engineering. Each step could have maybe been detected by a clever user, but the combination of them works better on the target. The same spyware link could have just been sent in an email – but very few people would have clicked it. What makes it stronger is that a known and trusted friend on Facebook sent it. Moreover, you don’t just download anything, it’s simply a Flash update file that you need in order to see that great funny movie.
So nothing special technically here, but a great example for social engineering techniques.
This is how can you protect yourself from this attack:
1. Since the attack, as described above, is composed of several consecutive smaller attacks, your defense should be multi-layered as well. This attack can be stopped by your security measures in several different points. The phishing email can be detected as such and blocked, the phishing Web site can be detected as such and blocked and the spyware application itself can be detected by an anti-virus and stopped. You should have all these measure in place.
And how do we at Yoggie implement this? Simple. Yoggie’s products cram 12 different security applications to run inside the device. You have multiple engines protecting you transparently. This attack would be blocked at multiple different steps by Yoggie devices. Moreover, the attack itself was first detected and reported by Kaspersky, which is the anti-virus engine that Yoggie uses inside.
2. Make sure all your security measures are up to date!
This is super important – It’s not enough to have security measure in place. The security applications you use must always be updated otherwise they are useless.
In a worst-case-scenario, when your security measures would have failed to detect the Facebook attack at any other point – An updated anti-virus would already be familiar with the spyware’s signature and stop it dead in its tracks.
And how do we at Yoggie implement this? Even simpler. All Yoggie’s products automatically and transparently update all the different engines running inside. EVERY 5 MINUTES. And the user doesn’t even feel it is happening.
3. The most important and simplest advice is this – Never EVER click on anything before careful consideration. I can’t stress this enough. It can be a link in an email message. A link in an instant message. A Web link in Facebook. Always be suspicious of such links. Always check the browser’s status bar before actually clicking the link, to make sure the URL you will get to is indeed where you want to go.
Note: this post is based on researching the reported information online and not by first-hand analysis of the virus.
Tags: Facebook, Gatekeeper, Malware, Phishing, Security, Spyware, Virus, Yoggie
Posted in News, Security | No Comments »
August 13th, 2008 by Shlomo Touboul
Tags: Security
Yoggie Security Systems, being a security company, is part of a very serious industry. We pride ourselves at trying to provide the best products that will provide the best security for our customers. As such, we are constantly monitoring and researching the latest news in the security world and, as everyone knows today, the risks are there. New threats, vulnerabilities and attacks are discovered daily. Economically, both corporations and individual consumers lose billions of dollars annually due to security-related damages. But, one must be aware that there is also a lot of FUD (Fear, uncertainty and doubt) spread around by sensationalists.
Case in point: Just last week amazing headlines started to appear around the net. Headlines like:
…and others, similar in tone.
In a nutshell, the reports described a Windows Vista “super-vulnerability” announced in the Black Hat security conference going on right now that essentially can load and run any code on your browser. Moreover, the vulnerability was described as so powerful and low-level that no fix is possible for this.
This created a brief storm of buzz describing just how disastrous this super-hack is and how Windows Vista is completely dead now. (And I quote from one site “Expect that chairs to be flying over at Microsoft HQ about this…”).
This whole story made the rounds for a couple of days until finally it died down when some bona fide security researchers examined the actual report and explained that the discovery is far from the beast that was described.
One great article that explains this was published yesterday by Ed Bott, titled Windows security rendered useless? Uh, not exactly.
What Ed wrote, in short, is that the discovery made by Sotirov and Dowd does indeed exist but it can only work on computers that have been exploited previously. Bottom line? It’s far from the security risk presented initially.
Another great explanation of this was published by Peter Bright at Ars Technica, titled The sky isn’t falling: a look at a new Vista security bypass.
And here is where I get to my point. The security risks out there on the internet do exist. There is no need to invent non-existent ones as there are more than enough real threats out there.
The second point? Don’t immediately jump to conclusions over any headline, let true security researchers examine the actual technical papers before screaming the sky is falling.
Tags: Security
Posted in Security | No Comments »
July 10th, 2008 by admin
Dear friends,
As those of you following the news from Yoggie know, we’ve announced an exciting new product, the Gatekeeper Card Pro.
While the features are the same as the Gatekeeper Pico ones, the form factor is the exciting thing about it – You simply slide it into your ExpressCard slot of your laptop, and VOILA, you actually have a miniature dedicated security computer running INSIDE your computer, protecting it.
There’s another very exciting aspect to the release of Gatekeeper Card Pro – The hardware platform architecture has been updated and improved.
Yoggie has invested a lot of resources and effort to improve its products. And with the launch of the Gatekeeper Card Pro, Yoggie also releases the first product with a new and improved hardware architecture.
Among the many changes, the 2 major ones are:
- CPU changed from Intel PXA to Freescale i.MX31
- RAM changed from SDRAM to DDR
The result of this improvement of architecture leads straight to some serious performance gains.
We’ve created a benchmark lab here in Yoggie, and created a special Yoggie Index that reflect just how powerful and fast a Yoggie device is.
The existing Yoggie products are working at a 1X level (Which is of course very fast as is).
Gatekeeper Card Pro works at 4X performance!
That’s a very major improvement we’re all very proud of.
Yours truly,
Shlomo.
Posted in News, Security, Yoggie | 1 Comment »
May 27th, 2008 by Shlomo Touboul
Tags: Blog, News, Yoggie
Dear friends,
As you may have noticed– The Yoggie CEO Blog has had a major facelift.
We’ve moved the blog infrastructure to Wordpress, which is better suited for blogging than the previous infrastructure and the blog look and features were also renovated to something that we believe is friendlier and more fun.
Let us know what you think!
Yours truly,
Shlomo
Tags: Blog, News, Yoggie
Posted in News, Yoggie | 4 Comments »
May 20th, 2008 by Shlomo Touboul
Tags: Card, Gatekeeper, News, Pro, Security, Yoggie
Dear friends,
It’s been a while, but was well worth the wait. The biggest news from Yoggie this month is the announcement of the Gatekeeper Card Pro.
The Gatekeeper Card Pro is what the entire Yoggie team has been working very hard on for the last few months and it is very exciting for me to finally be able to offer this revolutionary new concept to the world.
The Gatekeeper Pico was introduced last year and immediately enjoyed a lot of attention, the concept being so revolutionary yet simple to understand: Having a dedicated Linux-powered miniature computer protecting your Windows computer from the outside. This provides our users with better security, better computer performance all in a very complete and easy-to-use package.
And now Yoggie introduces the Gatekeeper Card Pro which simply slides into your laptop’s ExpressCard slot and you don’t even see any physical change in your laptop whatsoever.
With the Gatekeeper Card Pro Yoggie now actually offers a practically invisible security min-computer inside your computer that protects you at all times.
Yoggie is already offering to pre-order the Gatekeeper Card Pro today and get it immediately when it is available next month for a special price.
And by the way, Yoggie has announced this exciting new product, as well as the opportunity to pre-order, in the Yoggie Newsletter which already has thousands of subscribers. I invite you to join our newsletter in order to periodically receive concentrated updates on new products, new version updates and other interesting Yoggie news.
That’s all for today- As always, I look forward to receiving your comments and questions.
Yours truly,
Shlomo.
Tags: Card, Gatekeeper, News, Pro, Security, Yoggie
Posted in News, Security, Yoggie | 2 Comments »
November 15th, 2007 by Shlomo Touboul
Tags: Card, Gatekeeper, News, Pro, Security, Shlomo, Yoggie
In this Blog I will make the maximum effort to be available to you.
You may be a Yoggie customer, fan or just interested in a new way to secure computers. I can’t guarantee to answer all your questions, but will try to respond quickly.
So, I’ll start today with two questions I am asked all the time, since I started Yoggie: (i) How did you come up with Yoggie idea? And (ii) Why did you name it Yoggie?
After being in the security industry for over 10 years, working for IT groups and making their corporate network more secured, I realized that the entire security landscape is dramatically and quietly changing. This is true for both corporate IT and the average PC user. I had the same vision during late 1995 when I decided to start Finjan Software. At that time, Java was introduced and it started a major technology shift which created new needs for security tools. I believed that Java is not only inventing a new programming language but introduced the concept of distributed computing for the ordinary user and ordinary system. Almost 10 years later, the trend of abandoning desktop computers in favor of laptops is creating a new era in computing security. During 2006 most companies purchased more laptops than desktops. During 2007 private consumers followed the trend. The reason is simple: Laptops cost at the same as desktops, and laptop are more reliable, come with a built in UPS, can easily be moved from one room to room and can easily be taken on vacation. In addition, the widespread availability of wireless connectivity makes the internet available at almost any location - Starbucks, Airports, Hotel Lobbies etc.
IT organizations invest huge portions of their precious budgets to make corporate network safe. The increasing trend of mobile computing allow corporate laptops to connect to many kinds of network infrastructures. The laptop is no longer just connected to the well protected and safe corporate network, protected by a rack full of security applications. Now you grab your laptop off your desk, leave the IT security rack behind and connect your laptop through public networks available almost anywhere.
These huge public network are definitely nowhere nearly as safe as the corporate network. They’re actually not safe at all. When a traveler connects a laptop to the hotel room network, the laptop shares the same physical infrastructure with everyone in the same hotel. Even if the hotel does invest the necessary money to secure the hotel network (which they usually don’t), how can one trust all the other hotel guest to share same network with him? The days where every hotel room will have its own firewall or other security means, are not in the near future.
How about sharing same IP cloud with all the other wireless network users under the cloud? Here it’s even worse as anyone who physically stays within your wireless network range, shares the same physical network with you. The bottom line: the mobility revolution we are all enjoying now, also presents the biggest security threat. The security used today to secure laptops is something that was never designed to meet these challenges. Current systems base their security on software tools. This means that we first allow the attack to reach the operating system on our computer, run side by side with our precious applications and data, and then try to fight it back. This leaves no room for a glitch or mistake. I will talk more about this, in my next Blog columns. Today I will only mention that Yoggie was created in order to properly address, for the first time, the challenge of increased mobility by using a distributed solution based on integrated hardware and software. This solution will be very integrated, stop the threat before it even reaches our computer, isolate our computer from the physical layers of the hosting network, will not consume CPU or memory from our computer and will not pop up confusing messages about weird security events happening on our computer. Nor a solution that keep our computer busy with long and heavy duty security updates. Enough patches on my computer : )
As for the name, well I cannot say I have a long story for the name, it’s very simple: I loved the name as soon as it popped up in my head. Later, I learned that Yoggie is a perfect match. It relates to a Yoga guide, someone that helps you stay calm regardless the difficulties life presents or how tense reality can be. This is the company mission and one of the values we would like to provide to our customers - Stay calm, focus on what your doing, Yoggie will take care for your security worries in a better way than ever and without any bother to you at all.
That’s all for today. I look forward to receiving your comments and questions.
Yours truly,
Shlomo.
Tags: Card, Gatekeeper, News, Pro, Security, Shlomo, Yoggie
Posted in News, Security, Yoggie | 31 Comments »
|
