Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Cyber Security News
Breaking News Cyber Security awareness Cyber Security News

‘India should learn from Russia and China agreement’ says security expert

India should learn from the recent cyber-security agreement between Russia and China where both of the countries have agreed to not launch cyber-security attack against each other said an Indian cyber-security expert on Thursday.

J. Prasanna, cyber-security expert and one of the founders of Cyber Security and Privacy Foundation (CSPF), an organization which solves the cyber security problems, said that India should join such initiatives as it provides a chance to share information among law enforcements of different countries.  

“The agreement is good for China and Russia,” he said.

“However, such agreements are only possible when both of the sides (countries) have equal capabilities,” said Prasanna. “Similarly, they should have advanced cyber capabilities.”

According to the agreement, which was signed on May 8 and provided by The Wall Street Journal, Russia and China agreed to share information between law enforcement agencies, share technologies and ensure security of information infrastructure.

Similarly, these countries have agreed to not “destabilize the internal political and socio-economic atmosphere," or "interfere with the internal affairs of the state".

The agreement is said to be the result of the revelations about US and Western nation hacking and surveillance operations by former US National Security Agency contractor, Edward Snowden. After the revelations, Russian lawmakers had demanded for tighter control over the Internet.

It is also believed that the agreement shows that Beijing and Moscow support changes to global Internet governance that would reduce the traditional role of the U.S.

Last year, Russian Communication Minister Nikolai Nikiforov said Russia was preparing an action plan as a backup plan in case the segment of the Internet was shut down from outside.

“For Russia the agreement with China to cooperate on cyber security is an important step in terms of pivoting to the East,” Oleg Demidov, a cyber-security consultant at the PIR Center, an independent think tank focusing on international security, told to The Wall Street Journal. “The level of cooperation between Russian and China will set a precedent for two global cyber security powers,” Mr. Demidov said.
Read more »
Featured
Database Leaked Featured

Adult dating site hacked to leak intimate secrets of 4 million users

Hackers have targeted one of the largest online dating sites of the world, Adult Friend Finder to leak personal data of four million users.

The stolen data includes the sexual orientation of the users, their sexual preferences, and might even potentially reveal who are the ones seeking extramarital affairs. The data also includes email addresses, usernames, dates of birth, postal codes and unique internet addresses of users' computers.

The hack is estimated to have affected 4 million users, including users who have requested the site for a deletion of their accounts.The leaked information contain addresses linked to dozens of government and armed services personnel and members of the British Army.

Channel 4 news, who have been actively tracking such incidents of hacking and information release to the Deep web have found a secretive forum in which a hacker nicknamed ROR[RG] posted the details of users of Adult Friend Finder.

Shaun Harper is among those whose details have been published. Harper, who had requested his account to be deleted stated that, "The site seemed OK, but when I got into it I realized it wasn't really for me, I was looking for something longer term. But by that time I'd already given my information. You couldn't get into the site without handing over information. He added, "I thought the information had gone. These sites are meant to be secure."

Mr. Harper has been targeted with a spate of spam emails ever since his information was leaked. Experts are of the opinion that hackers will further sift through the leaked data to zero down on potential blackmailing targets.

FriendFinder Networks Inc, the owner of Adult FriendFinder have already started working with law enforcement to investigate the matter and have assured customers of strong action in case they are affected.
Read more »
Hacking News
Bank Hacking DDOS Attacks Hacking News

Distributed Denial of Service(DDOS) attacks

A well-known Indian security news portal was targeted on May 21st morning by a DDOS attack. 2 hours before the attack the company tweeted "NSA planned to hijack Google App Store and plant malware on all Android Apps" and provided a news link. Whether the DDoS attack and this tweet are connected is an interesting speculation.

But the larger and more critical question is the vulnerability of digital assets. One would naturally assume that they had a robust defensive strategy in place. But, the DDoS attack which has brought down the portal suggests otherwise.

There has been series of hack and DDOS attacks on major corporate, Telecommunication and net banking portals.

“Today the digital assets of a knowledge or service based company has more value than its tangible physical assets. It’s imperative that they think beyond ready made security tools from the market and move towards employing security professionals who can provide customized security audit. “ says J.Prasanna of Cyber Security and Privacy Foundation.

"Even going to the police will be of not much help since these attacks are sophisticated and originate from different geographies. Very few have the forensics capability to make a credible case in a court." says SreeRam, the Police KravMaga instructor who is also part of a singapore based security company.

Both agree that … “with India's increasing clout in world trade and balance of power tilting gradually towards Asia, asymmetric warfare tactics like cyber terrorism will be relied more frequently to dent the credibility of the nation. As on date, India does not seem to have the aggressive posture as a deterrent.”
Read more »
Hacking News
Breaking News Hacking News

Telstra reveals security breach in Pacnet's IT network

Australia’s biggest telecoms company Telstra revealed that the corporate IT network of Pacnet, the company acquired by it  on April 16 this year, has been hacked.

This breach came into light shortly after it finished the acquisition of Pacnet Limited, a Singapore and Hong Kong based telecommunications provider that offers data center services to multinational companies and governments in Asia-Pacific Region.


The telecom company cited that the investigations have revealed that a third party had accessed  Pacnet’s corporate network through a SQL vulnerability and led to the hacking of admin and user testimonials.

 “We immediately addressed the security vulnerability that allowed access to the network, removed all known malicious software and put in place additional monitoring and incident response capabilities that we routinely apply to all our networks.”, Mike Burgess, Chief Information Security Officer, Corporate Security and Investigations of Telstra quoted in an announcement.

It was also clarified by Telstra that the Pacnet corporate IT network is not connected to it and there has been no proof of any activity on Telstra’s network.

"We have had no contact from the perpetrators so we don't know the reason behind it or who was involved,”,quoted Burgess.

The telecom company has stated that it will now talk to its customers to make them aware of what has exactly happened in the breach and how is the company responding to it.
Read more »

Millions Of Home Internet Users Vulnerable To Attack Due To Security Flaw in Verizon


Millions of new home Internet connections for the telecom giant Verizon, after they purchased AOL for $4.4 billion. But vulnerability in its service may have put millions of their Internet customers at risk.

According to the BuzzFeed News, vulnerability in Verizon’s service allows anyone to view any of its 9 million home internet customers simply by visiting its website with a spoofed IP address, through which anyone can obtain password resets and gain full control over accounts.

To exploit the vulnerability, all you need is Firefox plug-in, which uses IP address in the header of emails,  and can be easily sussed out by savvy hackers.

The Verizon’s customer support website uses Computer’s IP address to identify the users, it recognizes the IP address that it is looking for, and  automatically display things like your location, your name, your phone number, and your email address. And that’s enough  to take control of a Verizon account.

Joseph Bernstein, BuzzFeed News Reporter wrote on his blog post that “It took me only two downloads, copy and pasting some information from an email, and a few interactions with Verizon customer support. It was just a matter of following step-by-step instructions. In other words, if you can follow a recipe, you could have probably gotten a Verizon password reset.”

 The security loophole were fixed after being notified by BuzzFeed News.
Read more »
Android Vulnerability
Android Vulnerability

Address bar in Android browsers can be spoofed to lead to phishing attacks


Most of the time people identify malicious websites based on the URL in the address bar. A new vulnerability allows attackers to spoof that URL in android Stock browser and trick users into supplying sensitive information to phishing websites.

The vulnerability is an issue the Android Lollipop as well as prior versions. The problem is caused due to the fact that the browser fails to handle 204 error "No Content" responses when combined with window.open event, thereby allowing hackers to spoof the address bar.

A proof of concept shows that in case of a site with no content which has been opened with an unpatched Android Stock browser, the users are redirected to a page with the URL "http://www.google.com/csi".

This leads the user to think that it is a secure site hosted on google whereas it is a phishing site. As soon a the users enter the credentials, those are sent to attacker.com.

It was reported to the Android security team by Rafah Baloch, in February. The Android team has released patches for both Kitkat and Lollipop. It is advisable that users contact the service providers to determine whether they have received the updates.
Read more »
E Hacking News
Breaking News E Hacking News

Penn State College of Engineering disables its network after two cyber attacks


The Penn State College of Engineering’s computer network has been temporarily disconnected from the Internet after its system was targeted by two cyber-attacks which were said to be advanced persistent threat and one of which was carried out by a threat actor based in China, using advanced malware.


“This was an advanced attack against our College of Engineering by very sophisticated threat actors,” said Eric J. Barron, President of the Penn State, wrote in a message on May 15.

“University leadership announced that our College of Engineering has been the target of two highly sophisticated cyberattacks. So, as a response, the college’s computer network has been disconnected from the Internet. Our experts expect the network to be back up and running in several days,” he 
added.

The Penn State officials announced on May 15 that FireEye Cybersecurity Forensic Unit Mandian, which was hired by the college, discovered the breach and confirmed that at least one of the two attacks to the college system was from China.

Now, the system has been disabled by the college to securely recover.

“In order to protect the college’s network infrastructure as well as critical research data from a malicious attack, it was important that the attackers remained unaware of our efforts to investigate and prepare for a full-scale remediation,” said Nicholas P. Jones, Executive Vice-President and Provost at the Penn State. “Any abnormal action by individual users could have induced additional unwelcome activity, potentially making the situation even worse.”

The college wrote that it has taken up plans to allow engineering faculty, staff and students to their and to upgrade affected computer hardware and fortify the network against future attack. The outage is expected to last for several days, and the effects of the recovery will largely be limited to the College of Engineering.

 “I encourage all College of Engineering faculty, staff and students to visit http://SecurePennState.psu.edu/ for the latest information about steps they will need to take as the college recovers from the attack. This website also includes general information for all members of the Penn State community, including steps that all can take to safeguard their critical information, above and beyond the protections that already are in place,” Barron wrote.

According to the announcement, the FBI on 21 Nov, 2014 informed the Penn State about the cyberattack of unknown origin and scope on the College of Engineering network by an outside entity.

Soon after, the security experts from Penn State started working on a task to identify the nature of the possible attack and to take appropriate action, including the enlistment of third-party experts, chief of the Mandiant.

An investigation was carried out in every computer networks of the college.

Similarly, the University leadership reached out selectively to key administrators, academic leaders and IT professionals in the college. The IT officials also have taken steps to preserve critical data.

“Penn State should be commended for acting quickly to address these breaches, immediately launching a comprehensive internal investigation into the FBI’s report and retaining leading third-party computer forensic experts to assist in the investigation,” said Nick Bennett, senior manager of Mandiant. “These types of advanced attacks are difficult to detect and often linked to international threat actors which are ‘the new normal.”

According to the announcement, the researchers are yet to find any evidence to suggest that research data or any personal information such as social security or credit card numbers have been stolen. 

However, they have evidence that a number of College of Engineering-issued usernames and passwords have been compromised.

In order to ensure the safety of College of Engineering faculty and staff at University Park and students at all Penn State campuses who recently have taken at least one engineering course, the college has requested them to choose new passwords for their Penn State access accounts.
Read more »
Hacking News
Hacking News

FBI investigating e-billboard hacking

The FBI has been called into action after an electronic billboard was hacked on Peachtree road in Atlanta, according to local report.

While driving down the road on Saturday, commuters saw the image of a man exposing himself, on the billboard. One of the drivers was so disgusted that she called 911 to report the matter.

The owner of the billboard cut the power to it as a temporary measure to bring down the image. Security experts told Channel 2 that hacking into electronic billboards is often as easy as learning a password and does not require too much effort.

The FBI is currently looking into all the servers that could have been used to hack the billboard.
Read more »

Genisis Secure USB Drive - Security Bugs

Cyber Security and Privacy Foundation (CSPF) has recommended people not to Genisis securedrive -  so-called encrypted UBS device which is supposed to be used for storing sensitive data, after it tested the product.

According to the CSPF, when it tested the drive, it found out some flaws which are listed below:

• Anyone can decrypt all files without the PIN and password.
• The encryption is AES and the key is inside the database on the USB (one partition).
• The software code never uses the hardware encryption, it’s only to showcase.
• Anyone could change the pin/password without hardware encryption chip.
• The software code has so many security bugs that allows attackers to hack the drive easily.

The full report can be found here:
http://securityresearch.cysecurity.org/?p=573
Read more »
Cyberattack
Breaking News Cyberattack

Hackers try to attack German parliament Bundestag


The officials of Bundestag, lower house of German parliament, on May 15 confirmed that its IT system has been attacked by hackers.  

Ernst Hebeker, spokesperson at the Bundestag, said in Berlin, that the hackers targeted on the IT systems of the parliament.

He added that the experts, associated with Bundestag administration and the government office for Information Technology Security (BSI) are working to fend off the hackers.

According to Spiegel Online, the IT specialists from the parliament noticed several days ago that someone was trying to gain access to the Bundestag’s internal network in a serious attack.

However, there is no information about, whether any computers containing sensitive information were penetrated or not.

MPs and their assistants from several parties, who were already warned about the attack on Friday morning, were told that the network would be shut down in the afternoon (May 15).

The Bundestag’s computers were temporarily switched off, including systems containing information on the inquiry into spying by the U.S. National Security Agency (NSA) in Germany.

Earlier in January, the Bundestag and Chancellery were attacked from hackers which resulting both institutions paralysed for several hours.

According to the officials, a pro-Russian hacker group in Ukraine claimed responsibility.
Read more »
Data Breach
Breaking News Data Breach

Details of 400,000 users leaked as mSpy is hacked


The mobile spying software service, mSpy has been allegedly hacked and personal data of about 400,000 customers released in the Deep Web.

mSpy, a software as a service product claims to help about 2 million people by helping them track the mobile activities of their partners or kids. The hacking of their servers came to light after KrebsOnSecurity received an anonymous tip with a link to a Tor-based site.

The site contained data about Apple IDs and passwords, tracking data, payment details on some 145,000 successful transactions, pictures, calendar data, corporate email threads, and very private conversations. Also included are emails from the people who have requested services of mSpy.

Sites like these are difficult to be suspended as they are hosted in the deep web, away from the indexing and registration in the regular search engines and can be accessed only via Tor.

While the unknown hackers claim to have data about 400,000 users, the company has not responded to repeated requests for an official confirmation.

It is not clear where the company is based but it seems to be tied to a presently defunct company called MTechnology Ltd. The founders are self-styled programmers Aleksey Fedorchuk and Pavel Daletski. The brand is involved in a trademark dispute with an US based company called Retina X studios that makes a similar product called MobileSpy.

The US courts are generally strict with companies like these, as has been indicated by past incidents and maintain that “Advertising and selling spyware technology is a criminal offense, and such conduct will be aggressively pursued by this office and our law enforcement partners”

While law takes a firm stand on such techniques, what is paradoxical is how the interested users of mSpy, who are mostly concerned parents of kids, have in a bid to keep their children secure ended up exposing their personal details to a world full of predators and bullies.
Read more »
Subscribe to: Comments (Atom)