1. Ensure that you login to an official site
* Ensure that you login to an official site (eg. http://www.planetcreator.net)

2. Choose passwords that are hard to guess. Avoid using passwords that are:
* the same as your User Name
* the row of letters of the standard keyboard layout (e.g. qwerty1, asdf123)
* closely related to you (e.g. birthplace, date of birth, spouse’s name)
* a dictionary word (i.e. words that can be found in the dictionary)

3. Never reveal your User Name and Password via E-mail
* An official site will NEVER ask you to reveal your User Name and Password through e-mail.
* If you have received an e-mail requesting for your User Name and Password, there is a possibility that is a phishing attack. Do not respond to it and report it to the PlanetCreator SecurityTeam immediately

4. Change your Password frequently

5. Use your personal computer and avoid crowded places.
* Do not use computers in public places (eg Cyber Cafes). Do your online banking on your personal computer
* Never allow your personal computer to do auto-complete or save your password. If you are using Internet Explorer, disable it by clicking Tools > Internet Options > Content > AutoComplete. Uncheck option “User names and passwords on forms” and click on “Clear Password”. Click “OK” to save your settings. In the event being prompted, do not tick the “remember this password” box.
* Avoid crowded places, as it will attract shoulder surfers

6. Equip your personal computer with personal firewall, anti-spyware and anti-virus softwares
* Install a personal firewall, anti-spyware and anti-virus software
* Update the signature pattern files frequently
* Scan your personal computer regularly

7. Never carry your User Name and Password with you
* Do not write down your user name and password in a piece of paper

8. Monitor your account
* Monitor your account closely for any suspicious action

9. Clear your Internet cache
* Clear your Internet cache after you have logged out from visited sites. If you are using Internet Explorer, you can do so by clicking Tools > Internet Options > Delete Cookies and Delete Files

10. Be updated with the current Internet security threats
* Keep yourself updated with the latest Internet threats through PlanetCreator’s SecurityTeam (www.planetcreator.net and mail to admin{at}planetcreator.net)

Explore More

Critical XSS Vulnerability in Ministry of Information & Broadcasting http://www.ddindia.gov.in

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on Ministry of Information & Broadcasting http://www.ddindia.gov.in These are some information from Vulnerability Site http://www.ddindia.gov.in: This vulnerability has been alerted

Read More

XSS The Complete Walkthrough

Author: t0pP8uZz Description: Complete tutorial on XSS methods. Homepage: G0t-Root.net, H4cky0u.org, Milw0rm.com Date: 24/07/07 Chapters: What is XSS? Finding XSS Vulnerbilitys The Basics On XSS Deface Methods Cookie Stealing Filteration

Read More

LDAP Injection Vulnerabilities

LDAP Injection Overview LDAP Injection attacks are not as common as the other types of injection attacks, but if your product uses an LDAP server this must be tested. An

Read More