Products
Personal Monitor
Record PC users's actions, grab screenshots and passwords
Keylogger
Keystrokes recording software. Keylogger free trial
Hoverwatch
Cell phone and computer spy
Employee Monitor
Access and control the time spent by your workers
Terminal Monitor
Track employee activities on Terminal Server
Free Keylogger
Free keyboard logger keeps track of all typed text

Breaking a password is a matter of seconds

1 March 2013

The time that an average user spends to come up with a password is considerably longer than the time needed to break it. Furthermore, 90% of users’ passwords can be broken within seconds.
These are the results of a research conducted by Deloitte Canada.

The most typical mistakes that users make while selecting a password: use of the same password for different accounts (sites and services), predictable passwords, simple passwords (digital, same letter case, dictionary-based).

Considering today’s growth of available computing power and the possibility of using cluster computing (uniting many computers into a single network for solving a specific computing task), the efficiency of password breaking techniques has increased manifold.

Large companies are already working on additional user authentication method that will be more efficient than passwords in the long run.
It is assumed that these methods will include passwords delivered in text messages, fingerprint scanning and so on. Google, for instance, is working on special RFID tags for user authorization.
The most popular (and, therefore, the least reliable) passwords in 2012 were:

  • password
  • 123456
  • 12345678
  • abc123
  • qwerty
  • monkey
  • letmein
  • dragon
  • 111111
  • baseball
  • iloveyou
  • trustno1
  • 1234567
  • sunshine
  • master
  • 123123
  • welcome
  • shadow
  • ashley
  • football
  • Jesus
  • michael
  • ninja
  • mustang
  • password1

Children’s Online Privacy Protection Rules Revised

15 January 2013

Experts of the U.S. Federal Trade Commission are convinced that the technological progress has reached such a stage that we must revise the rules of protecting children’s online privacy.

This document was adopted in 1998 and obliged ISP’s to provide a certain level of protection for confidential information about children under 13.

FTC believes that most parents today are not fully aware of what information is being collected about their children, where it is stored and for what purpose. This is especially true for social networks, mobile platforms and various applications.

Amendments to COPPA contain several definitions of new terms that appeared since the adoption of the original document. The very notion of “personal data” has also been revised and redefined by including geolocation data, photos and videos.

The full list of proposed amendments is available on FTC’s website.

 

New online service from Refog. Track any device online. Just install the free android spy. And Information from your phones and computers will reflect in your online Hoverwatch account.

The Hackers Army: FBI servers hacked

20 December 2012

A group of hackers called The Hackers Army announced a successful breach of a server belonging to the U.S. Federal Bureau of Investigations (FBI). They claim to have hacked the authentication server and secured access to logins and passwords of FBI employees.

As a proof of this breach, the hackers provided details of server configurations and versions of software used on them, as well as login credentials of several employees.

The Anti-Malware.Ru analytical center has conducted a brief analysis of these data and concluded that “many of these addresses really exist, but it’s impossible to tell right now whether these passwords are valid.”

Traditionally, FBI representatives have not provided any official comments on this matter.

Security Flaw in Electronic Locks Exploited

20 December 2012

The thief entered a hotel room by opening its electronic lock using a special device and stole a laptop. Quite naturally, the police found no evidence of a break-in and none of the hotel’s keys were used. The investigation showed that the lock was opened using a special electronic tool. As the result, the police arrested the 27-year-old Matthew Allen Cook, who had been previously convicted for theft. He was caught trying to sell the stolen equipment.

He entered the hotel room using a security flaw in electronic locks made by Onity. Such locks are used in 4 million hotels around the globe.

The vulnerability was presented at the Black Hat Security conference by Cody Brocious, a security expert who used a sub $50 programming device to demonstrate how any hotel room can be easily opened. The vulnerability exists due to the fact that opened unencrypted ports of the lock allow any device to read device management data from its memory.

The manufacturer of electronic locks who obviously underestimated the value of information security, has been refraining from comments so far.

CIA special unit for social networks monitoring

14 December 2012

For several years now, the U.S. Central Intelligence Agency (CIA) has had a special unit for monitoring social networks all over the world. The official name of this bureau is “Open Source Center”. Its employees are mostly hackers and linguists.

The primary goal of the bureau is the collection, filtration and analysis of information coming from social networks, as well as local forums, TV channels and other mass media. The reports of the bureau go directly to the White House.

Linguists and professional hackers from OSC are capable of filtering millions of posts in Twitter alone and finding information that others don’t have a clue about.
The bureau was created after 9/11 and the official reason for this was, obviously, “war on terrorism”.

RFID at Schools: a Tricky Question

30 November 2012

One of the American schools competing for a 2 million-dollar government grant from the state of Texas has started using RFID (Radio Frequency Identification) tags to control the location of students hoping to improve the attendance rate. According to the school’s administration, this should have a positive effect on the safety of students as well, since they believe that public schools are safe places to be in.
However, students and their parents do not always agree with this opinion. Andrea Hernandez was suspended from classes for a categorical refusal to wear an RFID tag. Her agitation among peers against the use of this technology was also prohibited. The student believes that this new practice violates her right to privacy and infringes her religious beliefs and freedom of expression.
Andrea goes to another school now, while her parents and a group of civil rights activists are trying to sue the administration of the old school that refused to let her continue her education. They may well win the case — personal rights and freedoms have always been prioritized in the US.

Vulnerability in Samsung and Dell network printers

30 November 2012

Neil Smith, an IT security expert, found a hidden embedded program in Samsung printers that makes it possible to remotely connect to them, change settings and manage printing. This is a real backdoor created by the manufacturer for the convenience of technical support experts.

Apparently, the company never disclosed the existence of such functionality. The same kind of program was found in Dell printers, which can be attributed to their mutual manufacturing contracts.

This backdoor uses a modified version of the SNMP protocol that is not visible in the list of connections and continues to work even if the user disables SNMP in the printer settings.

Since the information has been made public, emergence of working exploits for this vulnerability is just a matter of time. Obviously, these exploits will not try to intercept documents being printed, but will aim to execute arbitrary unauthorized code with administrator rights in an external network. Samsung believes that it will be able to release a patch before hackers find a way to create an exploit.

Vulnerabilities in the 3G standard

31 October 2012

Security experts from the University of Birmingham and the Technical University of Berlin have discovered a number of vulnerabilities in the 3G mobile telecommunications technology and managed to exploit them under near-life conditions – they were able to locate a specific phone and capture its exact coordinates.

In the 3G communications standard, the international mobile subscriber identity (IMSI) is not used for security reasons and is replaced with the varying temporary mobile subscriber identity (TMSI).

The scientists used a femtocell (a compact portable cellular base station, a fairly simple device) to find two ways of obtaining the IMSI of a specific device and intercepting its coordinates.

In the first case, they managed to intercept the communications between a device and a base station when they exchanged a pair of IMSI/TMSI values.
In the second case, they managed to intercept the transmission of authentication parameters and a secret session key. After that, they forwarded the signal to all devices in range, including the one being attacked. The synchronization error signal revealed the necessary device.

With this information at hand, one can intercept the exact location of the necessary person even without involving the mobile carrier’s infrastructure. This operation requires fairly simple and widely available equipment, so practical skills and knowledge of standard 3G protocols are the only limiting factors in preparation for such attacks, and obtaining them is essentially just a matter of time.

New online service from Refog. Track any device online. Just install the free android spy. And Information from your phones and computers will reflect in your online Hoverwatch account.

Study: Mobility against Security

21 March 2012

According to a research called “The Impact of Mobile Devices on Information Security” published by Check Point® Software Technologies Ltd., the number of mobile devices connected to corporate networks doubled in 2010-2011. Half of these devices contain confidential information.

The management of 70% of the surveyed companies are confident that it is the use of mobile devices that results in the increased number of data leaks. This mostly happens when devices containing corporate emails (80% of cases), client databases (around 50%) and corporate passwords (around 40%) get lost or stolen.

Corporate users are actively embracing mobile devices and services, thus creating a lot of problems for IT experts responsible for the security of corporate data. Modern standards do not cover new security threads, and yet it’s not reasonable to completely stop using mobile devices, since they give users a number of advantages that boost their performance and provide them with quick and convenient mobile access to corporate resources.

Check Point report highlights:

  • In 94% of companies, the number of mobile devices connected to corporate networks has increased.
  • In 78% of companies, their number has more than doubled over the past two years.
  • The most popular mobile platforms used in corporate networks are:
    1. Apple (30%)
    2. BlackBerry (29%)
    3. Android (21%)
  • 43% of companies believe that Android-based devices pose a serious threat to their information security.
  • The key threats undermining information security are:
    1. Lack of knowledge in the information security field among corporate users (over 70%).
    2. Use of mobile devices for web browsing (61%)
    3. Use of unprotected wireless connections (59%)
    4. Device loss of theft (58%)
    5. Downloading of malicious software to mobile devices (57%).

 

New online service from Refog. Track any device online. Just install the cell phone tracking. And Information from your phones and computers will reflect in your online Hoverwatch account.

USA: 10 years of prison for leaked data

26 January 2012

When the leak was discovered, the programmer was a part-time employee of the U.S. Federal Reserve Bank, which helped him get access to the source code of the software developed for the US Department of the Treasury.

The compromised program, called Government-wide Accounting and Reporting Program (GWA), was developed for monitoring the money transfers made by the US government and reporting to a variety of government agencies and organizations.

Once the leak was discovered, the bank initiated an internal investigation and handed the results over to the police. As the result, Bo Zhang was arrested on January 18.

The FBI did not find any signs of espionage and he was released on bail. The trial will take place on February 17 and if he is found guilty (he is being charged with the theft of government property), he may be sentenced to up to 10 years of prison.

 

New online service from Refog. Track any device online. Just install the sms spy. And Information from your phones and computers will reflect in your online Hoverwatch account.