Why Protecting Copy Right is a Cybersecurity Issue?

If you want to gain unauthorized access to a system, there are two main strategy you could follow, one is to find a zero-day vulnerability in the system and exploit it and if you are lucky enough, then you might get access to the system. Another way is to persuade the user not follow best practices for security and use already known exploit to gain access to the system. Then you won’t need to discover unknown 0-day and you could use already know 0-day. If you ask someone to not use Anti-Virus, not update system and so on. They will raise their guard and wonder why you want them to do this and they might not listen. For this reason, hackers gone for old but useful method and it is software piracy. Well, you might persuade them to use pirate software by telling them, why you are paying so much money for license, get this software for free instead, then they won’t get latest update and why black hackers working on uncover new vulnerabilities and white hackers to patch them, unpatched system will be target for hackers with known vulnerabilities.

Protecting intellectual properties and copy right is not just ethical and legal matter. It is matter of inter(national) security. When we are not fighting against piracy, meaning letting user to buy pirate software. It means, we are open the system over known vulnerabilities which patch is available but because it is pirate, user won’t get them and it leads to what we know as botnet (zombie) and cybercriminals could expand their botnets and use infected systems for their criminal purposes. I am asking governments, will you let your citizen’s system use for criminal purposes? If you really concern about national security, you should fight against piracy and protect copy-right. In addition, based on our human right approach, everyone need to have fair access to legitimate software and programs. Political reasons shouldn’t consider as a mean to block access of people to legitimate programs. You should remember, when they don’t have access, they will go for pirate version and this leads their system to be used for criminal purposes and it makes it harder for good guys to combat cybercrimes.

I am requesting international community for better unification against software piracy. This is no longer matter of legal issue but it is important agenda in cybersecurity. We need to united otherwise we would face new attacks from legitimate users (e.g. DDoS, Malware Distribution, illegal blockchain, etc.)



Protect Windows Against Spectre and Meltdown

You might hear about recently published vulnerabilities which affect chipset and they are known as Spectre and Meltdown. They are affecting microprocessor and unlike previous vulnerabilities which updating operating system would fix the issue, updating operating system alone won’t fix the issue. You will need to update your device’s firmware. If you are using Windows operating system, you will need to do the following tasks:

  1. Check for Anti-Malware update and make sure it is fully updated and is compatible with Windows 10. There are report of certain Anti-Malware products which are facing compatibility issue with the update that fix this security vulnerability. You may check with your Anti-Malware manufacturer’s website and see whether they product is compatible for this update or not.
  2. Check for Windows Update and you should get security updates to fix this issue. These updates released on January 3, 2018. So, if you are checking for update today, you should receive them. You might get other Windows Update and in some cases, you will need to restart your PC before be able to get update. Windows Update will let you know what to do.
  3. Once such Windows Update has been installed, you need to check your PC manufacturer’s support website and install the latest firmware for your device. You have to remember installing firmware is sensitive process and it is better to backup your data and read firmware installation guideline with care, before doing that.

There are report that some devices might not get security update to fix this issue. This is because either their Anti-Virus software is not compatible or there is known compatibility issue with update in their devices. For example, certain devices running on AMD processor report problem with booting and bluescreen and they are in hold while problems are being investigated and update will be released once issues have been fixed. For compatibility issue with Anti-Virus, you need to update your Anti-Virus or wait for update from them. In some cases, you will need to wait for other updates before be able to install the update and in some cases, you will need to wait for firmware update from your PC manufacturer. Meanwhile, before patching all devices take extra cation and be aware of unknown websites and links. These updates also reported to have performance issue in some devices. You may read more about this update on Microsoft Support page. Good news for Microsoft Surface users, you may download this update and firmware will be updated through Windows Update for Surface devices. Microsoft Anti-Malware products including Windows Defender, Microsoft Security Essentials, Microsoft System Center Endpoint Protection and others also are compatible Anti-Malware products.

What We Should Know About Hackers?

As security guy, I get involved with hackers (black, white and gray hats), hacking incidents, security issues and so on. One of the interesting thing is you will see a well reputable company or website get hacked, not because hacker is so smart but the company forgot one of the key security best practices. Here are some notes you should know about hackers and hacking incidents:

  • Gap Between Academic and Industry Security: There are several people doing PhD in area of security and governments spends millions of budgets for academic research and you will see their outcomes on as published paper. Unfortunately, academic research doesn’t have much impact on industry security. They end up with playing with numbers and mathematical formula and makes things complex but they failed to provide a actual solution to industry. For this reason, you will see several university professors who have been hacked by teenage hackers. It is because they have different understanding about security compare to industry about security. In Industrial research things are different. They normally won’t publish their result, because they don’t want hackers to figure out a way to bypass it. Their research will directly adapt into industry. Therefore, if you see a professor or PhD student in security, don’t leave your company to them, you will gain nothing but embarrassment when a teenager takes over your company’s network.
  • We are the smartest Guy: Most people won’t know how hacking works, they just see a guy play with black screen with a lot of codes and then get a lot of data and we will see wow they are cool. Even though, hacking required certain talent and expertise, but not all hackers all that super smart. In most cases, they just know some codes and scripts which is available publicly and they just copy and paste and modify it to get the job done. Because they have a dark screen with some code, they are not super. You should see what they are doing to see whether they are real smart hacker or just someone who is playing with some scripts.
  • I could hack into everything: We know in world of security, nothing is unbreakable. No matter how well you secure your systems, there could be a way to break into it. But it doesn’t mean every hacker could hack into everything. They required to have expertise in certain areas and they need to try and do research to figure out how to hack into your system. And they might get more failure than success or they might not be able to hack into your system at all.
  • Linux is the most secure operating system: Several people mentioning, we are migrating to Linux, which is absolutely WRONG. If you have any friend or you know any hackers, just ask them about hacking Windows or Linux. If you are hacker yourself, you will know what I am saying. Hacking Linux is a lot easier than hacking the latest version of Windows. Just have a try on it. It doesn’t mean there is no way to hack a Windows but to do that, you need to spend a lot of effort and normally, you couldn’t hide your identity after hacking. This is one of the reasons that top secrets servers and systems like NSA, US Army, NATO, CIA, FBI, Europol and so on all running on Windows.
  • No one ever knows about my hacking: Sun won’t stay under the cloud for too long. Even the best and most professional hackers have been discovered by authorities and internet is not just free place without any trace and detection. In the other hand, authorities are getting new tools to better discover cybercrimes and hacking incidents. Therefore, if you are a black hacker who hack into companies and damage them, it is better to switch to become white hackers who help companies securing themselves and be a good hacker, otherwise, you won’t have a nice future.


Hacking is interesting journey, if you want to be a hacker, try to be a good one. Try help companies with their security issues. If you are a black hacker, you may also switch to become good guys.

Better Protection with Windows Mobile

Software developers prefers to work on a platform which is very popular and for this reason, nowadays several developers prefer to develop application on Android and iOS devices. Android is very popular but is not secure. I am always recommending Android users to update their device and install Anti-Virus software. Android is not fundamentally secure and when it was being develop, security wasn’t the top priority of the project. The main agenda for the project was a light platform to run on small devices. Then when it becomes popular, security consider the key component for Android but it still failed to provide a secure platform while still malwares are able to get into Google Play and apps could be installed from third-party and install malware. There is security team in Google who are working on securing Android but still foundation of Android is not secure. Apple’s iOS provides a better security and it is secure out of the box, but still it has some security flaws and it is expensive so there are people who couldn’t afford buying it due to price. There are other platforms like Blackberry which provides a fair secure platform but there aren’t reliable development environment and are not popular among developers.

The final option would be Windows Mobile, it has secure foundation which is a lot more secure than Android and more secure than iOS. It has been engineered securely and there wasn’t any report of widespread malwares and hacking in this platform. Developers who have been working on Windows Mobile, enjoy a safe and reliable platform and they are assure that their application run on a platform which hackers couldn’t get in easily and there is a powerful engineering behind it. With recent development of Windows 10, there is concept of Universal Windows Platform (UWP) which you could develop an application and target it for Windows 10 (which there are millions of people using it) and use the same code with a bit of modification run it for Windows Mobile and other Windows Devices (if it meets hardware requirements). For these reasons, it would be wiser for developer to work on UWP app where they develop app for most popular operating system for personal computers which is Windows and have it run for Windows Mobile with few changes on code.

Using this method, they would make sure their app runs on reliable and secure platform and there is not much worry about the device get hacked and data stolen. In Android, even if you follow all best practices for security, your device still could get hacked and when operating system has been hacked, all applications are at risk. You won’t face such issue in Windows Mobile in most cases. This way, you could motivate your users to purchase devices which are more secure and this way you could protect your applications. In any case, you will need to develop app for Windows 10, why not spend a bit of time for Windows Mobile too?

This is important if your applications deal with financial and personal data. So, this is call for action for developers. We are asking developers to develop applications for Windows Mobile to protect us against modern threats and they don’t need spend a lot of time doing that, instead they could go for UWP. This way we could protect millions of users worldwide.


Windows Defender Exploit Guard Will Succeed Microsoft EMET

I explained about Microsoft EMET which is really cool tool against 0-days. It doesn’t completely protect you against all threats but it makes your system stronger and you have better protection against exploit. Whenever I visit any user or I want to check any system, I also add Microsoft EMET into it. Last year, we heard a news that Microsoft EMET is going to be discontinued. But I would like to announce good news that Microsoft EMET will be succeed with Windows Defender Exploit Guard. This is feature will be available in upcoming version of Windows 10 and it will be build into Windows, so you don’t need to install it and it will have more features and functionalities.

I am strongly asked you to prepare to upgrade your Windows 10 devices to the latest build and you will get better advantage against 0-days and better control over application security. So, if a developer wasn’t following best practices to secure the application, we could add some restriction that application and makes it harder for hackers and cybercriminals to gain access to our system. You may read more about this new feature on here.


How to Protect Your Home Wireless Network?

Hacker and Cybercriminals interested in hacking Wi-Fi network. It is much easier since they just need a Wi-Fi connector and they don’t need to connect their device to a physical cable. If they have right tools and right skills, they could use laptop, tablet or even a mobile phone to hack into wireless network. There are some tips, which we could follow as home users to protect ourselves against Wireless hacking.

Encryption Protocol and Passwords: There are protocols to encrypt connections like WEP or WPA, if you look into encryption algorithm in your modem, you could check them and see which one is supported and is more secure, normally WPA2 is more secure than WEP and WPA. The enterprise standard would use digital certificate which is more secure but for home user you might need to use simple and cheaper way of encryption which is password. You should look into your modem specification and see what standards are supported and use the most secure one. Then you also need to select strong password. It should be long and complex. Normally, I suggest to create a long and complex password and save it in notepad and put it into a flash memory and paste it in your connected devices and save password. It is good idea to change your password regularly at most every 90 days.

Number of Connected Devices: In some routers, you may set the maximum number of connected devices. In this case, you could count how many devices are being connected to router and set that as maximum number of connected devices. So let say, if you are connecting 6 devices to the Wi-Fi router at the same time, if someone else tries to connect, the connection will be rejected (unless you have fewer number of devices connected at that time e.g. 5 devices).

MAC Address Filtering: MAC address is the physical address on devices, on some routers you may set MAC filtering , where you could set MAC address of your devices which are being connected to router and set rule that only accept devices which match the same address and reject the rest.

Hide SSID: If you already used Wi-Fi, you might have seen that when you turn on Wi-Fi, you will see name of access points. This is actually their SSID, in some routers you may set to hide this name. So when you turn on Wi-Fi, you won’t see the name of your access point and you have to manually type it and then it will be asked for password.

Guest Wi-Fi: Let say someone is visiting you and you want to grand him or her access to your Wi-Fi. Some Wi-Fi routers has Guest Account and normally you should leave it disable and only enable it when guest is coming. This account would create some restriction on the guest user and protect access against your own internet access and you could set some limitation like amount of time allowed to use Wi-Fi or bandwidth limit.

Router Login Page: In order to make any changes to the router, you should login to the router page. It is recommended to change the default username and password for login. Some routers has ability which you could set to only allow access through LAN and block access from Wi-Fi, make sure you set this option. In addition, you should set to only grand access from local network and block remote access. This basically means, you could only change router setting when you physically connect through direct LAN connection.

Reduce Signal Frequency: Above methods would provide great helps to stop hackers, for example hiding SSID, would hide your router from cybercriminals, MAC filtering, block external device access to router, strong password will stop bad guys against hack your router. However, hackers always working on ways to bypass these and there is a way when no one could hack into your router unless they are close to your router. It is by set frequency of connection. When you reduce frequency of signals, you only could connect to your router when signal is within range or you are close to your router. It is recommended to place your router in location where you could get signal inside your home but you are unable to get signal outside your home. In this case, only if someone manage to get into your home, then he or she is able to connect to your Wi-Fi.

It is also recommended to enable Wi-Fi logging and check log files regularly to check for suspicious activities.

Have a safe Wi-Fi connection.


Update Vaccinates your PC against Ransomwares

After recent ransomware incidents, I received several messages from users who are super worry about current incidents and about futures malwares. I tell them one thing, you don’t need to be super-duper computer expert to protect yourself, the only thing you need to do is to update your PC and Anti-Malware software and nowadays, it is as easy as stay connected to internet and you will get the latest updates. For example in Windows 10, when you have default setting, you just have to connect to internet and Windows will protect you by updating Windows and Windows Defender automatically. If you have any other Anti-Malware software, normally it also get updated automatically. PC which have been infected with ransomware and are getting infected right now, are facing this problem, because they are not update. Update act like vaccinate for malwares and update could detect and remove them. If you really care about security and protecting yourself against malwares and ransomwares, they make sure update Windows, Anti-Malware software and everything.

In general, security researchers all over the world, are trying to find new threats and find ways to detect and remove them and if there are other malwares similar to the one which has been detected, they create ways to detect unknown but similar malwares. They effort on detecting and removing these malwares are being released as definition updates through update mechanism. In the other world, security engineers in Windows team also research about new and unknown threats and vulnerabilities in Windows and attempt to fix and protect these vulnerabilities and mitigate possible vulnerabilities in future and they release security fix through Windows Update.