21st March, 2017
As the online gaming industry continues to expand, hackers are looking for ways to breach into the players accounts to gain access to their personal and financial details. Whether you are a regular player or occasionally spend some time on an online game, you are making yourself susceptible to many potential attacks that can jeopardize your personal identity as well as financial privacy.
Given below are some of the common security risks associated with online gaming and how you can stay protected against them:
Phishing is a scamming technique that involves the use of imitation websites or fake URLs. The hackers send out emails to the online gamers with an aim to defraud them and gain access to their account login credentials or credit card details. The users may be required to click on a link to validate the online gaming account or change their password. The information entered is directly transmitted to the hackers.
To protect against phishing attacks, make sure you do not click on a link in an email. Instead, manually type in the gaming website’s URL to log in to your account and update your account settings.
In this type of attack, the cyber criminals may attempt to cheat the players with in-game resources, paid account upgrades or game characters. The stronger your game characters are, higher will be your chances of being targeted by the hackers. They may offer lucrative in-app purchases or character upgrades to extract your credit card details.
Playing cautiously is important to avoid being a victim of such attacks. Set up two factor authentication and create a strong password to prevent the hackers from breaching your gaming account.
Malicious File Downloads
Online gaming involves several file downloads. To capitalize on this, the hackers may attempt to infect the player’s computer system with malware. They may install fake game updates, anti-cheats, in-game interface tweaks, utility files etc. that contain a malicious code. Once executed, the malware acts as a keylogger as well as records your user name, password, credit card numbers and other sensitive information.
In order to stay safe, you should install an anti-virus software on your device. Schedule a daily scan to identify and remove any keylogger tools or malware files. Also, keep your device updated with the most recent patches and OS versions released by genuine vendors.
For more tips on online gaming security, you can contact Centex Technologies at (855) 375 – 9654.
14th March, 2017
Cyber security has always been a major concern for the finance sector. With the extensive use of computers and innovative technology in carrying out financial transactions, hackers are looking for ways to breach the security of the organization’s internal network. Their purpose may be to inject a malware laden code, steal account credentials, perform unauthorized money transfers etc.
In the present times, cyber attacks are not only becoming more sophisticated but also quite hard to detect. Therefore, it is important for the IT professionals to formulate a coherent strategy to protect the financial institution against different forms of online attacks.
Listed below are some of the major cyber security threats to the finance sector:
Security flaws in the computer’s operating system and software applications provide a backdoor for the hackers to gain access to the network. Once successful, they may be able to store customers’ financial information such as credit card numbers, ATM pins, user IDs, passwords etc., even if they are stored in an encrypted format. Lack of proper security measures, unsecure network configuration and reckless data storage practices can make a financial organization vulnerable to data breach.
Spear Phishing And Whaling
In a spear phishing attack, the hackers send out spam emails that have been disguised to have come from a genuine source. The email is usually crafted in a way that the users are tricked into providing sensitive information to the hacker, such as internet banking password or credit card number. Often, these emails create a sense of urgency and contain an embedded link or attachment.
Taking spear phishing a step further, whaling attacks involve sending emails in the name of the executives and CEOs to trick the finance officials into transferring money to fraudulent accounts.
A Distributed Denial of Service (DDoS) attack is carried out to make a corporate network unavailable to the users. The hackers identify an unpatched vulnerability in the computer to infect it as well as the devices that connect to the system. These computers, also known as bots, are used as a part of the botnet to flood the target system with unauthorized requests, causing it to crash and inaccessible by the genuine users.
For more information on cyber security threats to the finance sector, contact Centex Technologies at (855) 375 – 9654.
7 March, 2017
It is a well-known fact that unsecured Wi-Fi networks are quite unsecure, particularly for banking, online shopping, social networking and other sensitive web browsing. As open wireless hotspots are easily available at restaurants, hotels, coffee shops etc., hackers have found an easy way to breach the security of the network to track the users’ online activities, record information being transmitted and manipulate data.
With multiple security risks associated with Wi-Fi access, there are some common misconceptions that need to be steered clear of in order to stay safe:
Not broadcasting SSID hides your wireless network
A lot of people believe that if they hide their Service Set Identifier (SSID), the hackers would not be able to find and connect to their Wi-Fi network. However, this is not absolutely true. Computer systems that operate on Windows 7 and newer versions display all the wireless networks that are in range, even the ones that do not have an assigned SSID. Additionally, hackers have various tools to acquire a network’s SSID.
MAC address filtering keeps your network secure
Media Access Control (MAC) address filtering is also a common technique of keeping a Wi-Fi network secure. The user can create a white list comprising the MAC addresses of all the computers that are authorized to access the network. Though it does provide security to some extent, hackers can easily spoof the MAC address of the computer systems. With the use of wireless analyzers, they can view the list of all devices in your white list, modify the MAC address of their own device and gain access to the network.
Strong authentication and encryption provide complete protection
Encryption and WPA2 authentication are recommended to prevent hackers from viewing, stealing or manipulating the data being shared on your Wi-Fi network. However, this does not mean that you can completely rely on them. If the administrator does not validate the security certificate while configuring a wireless device, it can leave your network open to several vulnerabilities.
You should disable your router’s DHCP server
Disabling the router’s Dynamic Host Control Protocol (DHCP) server that assigns an IP address to all the devices connected to your network, is also believed to protect against attacks. However, if a hacker has already penetrated your wireless network, he can easily determine the IP addresses that you have assigned. Thereafter, he may create a compatible IP address to gain access to the network.
For more tips and information on Wi-Fi security, you can contact Centex Technologies at (855) 375 – 9654.
27 February, 2017
Mobile applications play an integral part in our daily lives. Right from online shopping, banking, gaming to controlling IoT devices and tracking fitness level, there is an app for almost every task that we perform regularly. Considering the extensive usage of apps, hackers are continually looking for vulnerabilities that can be exploited to initiate an online attack. Therefore, developers need to follow stringent testing procedures to ensure that the mobile apps are secure and do not provide a backdoor to the hackers.
Listed below are some useful application security tips for developers:
Create A Secure Code
There are a lot of vulnerabilities in an application’s source code that can provide an easy access to the hackers. You must make sure that the code you write is absolutely confidential. If possible, encrypt the code so that it cannot be read by anyone who doesn’t have the decryption key. Perform constant source code scanning to test for any vulnerabilities right from the beginning of the app development process.
Secure The Network Connections At The Back End
The web servers accessed by your application programming interface (API) should also have proper security measures in place. Sensitive information transmitted between the app’s server and the user must be protected against eavesdropping. You can consider carrying out vulnerability scan and penetration test to ensure that the data is secure.
Input Data Validations
Input validation is the first line of defense from attacks against your application. In order to design a secure application, you should always test and retest the input entered by the users. It is important to ensure that the data entered is consistent to what the specific form field is designed for. If the data does not match the expected set of value, such as a number in place of alphabets, it may hamper the proper functionality of the application.
Actively Deny Bad Requests
You should be familiar with the types of data and programs accessed by your application. User requests that can potentially jeopardize the security of your app must be actively blocked. Unsupported headers, excessively long URLs, unusual characters and other unlikely requests can be eliminated by using an application firewall.
We, at Centex Technologies, provide complete network security services to the business firms in Central Texas. For more tips to secure your web applications, feel free to call us at (855) 375 – 9654.
21 February, 2017
Deep packet inspection (DPI) can be defined as a technology that is used to scrutinize the contents of the data packets being sent and received on a network. It is a type of packet filtering that is mainly applied to verify if the data is free of Trojans, viruses, malware etc. and is being transmitted in the right format. The technique allows the users to identify, categorize, block or reroute data packets that contain a malicious code.
Deep packet inspection combines the firewall technology with intrusion detection and prevention systems. It is mainly used by internet service providers to monitor network traffic and allocate bandwidth according to the contents of the data packets.
How does deep packet inspection work?
When you share information over the internet, it is converted into a packet with a header that describes the origin, source and type of data. The content of the data packet is usually not monitored. However, when a network provider uses deep packet inspection, the content is thoroughly scanned and recorded to ensure that it is in compliance with the security protocols. This could be related to the presence of a malicious code or suspicious software.
Benefits of deep packet inspection
- It can help to protect against denial of service (DoS) attacks, differential denial of service (DDoS) attacks and buffer overflow attacks.
- Deep packet inspection is used by many cyber security agencies to monitor web traffic, online user activities, regulate malware threats and protect extensive local or wide area networks.
- The ability of DPI devices to inspect data packets meticulously helps to prevent malware from breaching or manipulating a network.
- The data provided by deep packet inspection can also be used for network analytics and bandwidth management.
Potential misuses of deep packet inspection
Despite its numerous advantages, deep packet inspection has many limitations as well. Some of these have been discussed below:
- DPI helps to prevent various hacking attacks but it can be also be used to exploit the same vulnerabilities to breach the security of the target network.
- It requires frequent updates and patch installations to function in an optimal manner.
- It can be used by hackers to track user information anonymously.
- DPI slows down the computer which affects the performance of other applications.
Centex Technologies is a renowned IT security consulting firm in Central Texas. We can help you improve your organization’s network infrastructure. For more information, feel free to call us at (855) 375 – 9654.