Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Chinese businessman sentenced four months imprisonment by US court

A Chinese businessman has been sentenced to three years and 10 months in prison for conspiring to hack the computer systems of Boeing and other US defense contractors to steal military technical data.

Su Bin, a 51-year-old Chinese national and the owner of a Chinese aviation technology company, was sentenced and was fined $10,000 on Wednesday by US District Court in Los Angeles.

He worked with the two other unidentified Chinese hackers between 2008 and 2014. He instructed both of them on what data to target and transmit to state-owned Chinese companies.

According to the Justice Department, trio managed to stole 65 gigabytes of sensitive information related to fighter jets such as the F-22 and the F-35 as well as Boeing's C-17 military cargo aircraft program.

"Su Bin's sentence is a just punishment for his admitted role in a conspiracy with hackers from the People's Liberation Army Air Force to illegally access and steal sensitive U.S. military information," Assistant Attorney General Carlin said in a statement.

"Su assisted the Chinese military hackers in their efforts to illegally access and steal designs for cutting-edge military aircraft that are indispensable to our national defense."

He admitted to taking part in the crime for financial gain, prosecutors said.

The Chinese government has repeatedly denied any involvement in hacking.


Read more »

Pokemon Go Everywhere


Pokemon Go, a mobile version of the 1990s game from Nintendo Co. has become an instant hit and the most downloaded app on both Apple and Android phones.

The gamers are going gaga over it because it has everything they have ever wanted and dreamed as children, it’s worth leaving the house. Even non-gamers are talking about it.

It’s more than just a game because it has brought people together. It’s rare that a video game or imagination dominates the national conversation on social media which is why its success has inspired copycats to launch duplicate versions of the mega game. It’s more than just a major game release. It’s a phenomenon.

Pokemon Go brings together two key features: the location-mapping common to many apps, and augmented reality, or AR, which overlays a virtual world on the real one. After downloading the app, players navigate an animated version of Google Maps, searching for Pokemon characters to capture and add to their team.

The technology comes from Niantic Inc., a company founded by Google and spun off last year. In 2013, Niantic created Ingress, in which opposing teams capture “portals” based on real-world landmarks. Then Niantic teamed up with Nintendo and created Pokemon Go, which became an international phenomenon, despite being released only in the US, Australia and New Zealand.

But the game has brought much confusion with its rise as its unprecedented growth makes more and more headlines. The free-to-play augmented reality game has been linked to injuries, robberies, lost jobs, love connections, pleas from police, the discovery of a dead body and a $7.5-billion US surge in Nintendo's market value — among other things.

The game downloaded has some privacy concerns also. The creators of the game can read your e-mails since you have to sign in with your Google account. The reason behind this is that the game asks for full access to your Google account, something which is not on other apps and games.

Despite the cons of the game, it’s hard to ignore the raging excitement among the smartphone users.

Video games have long had a bad rap for keeping kids inside. Smartphones are turning an entire generation into anti-social zombies and couch potatoes. But Pokemon Go requires couch potatoes to get off the couch until they get tired or there battery doesn’t die off.
Read more »

Megaupload all set to be relaunched in 2017


Five years after it was shut down by the US Government, internet tycoon Kim Dotcom could be bringing back Megaupload.

Dotcom said he is planning to introduce Megaupload 2.0 streaming service in January 2017, marking five years since the US government raided his house and took down the original site amid piracy accusations.

“Megaupload comes back on January 20, 2017, the 5th anniversary of the raid. It will be better than the original and it will feel like home,” Kim Dotcom tweeted.
(pc-google images)

 Dotcom revealed that original Megaupload users will get their accounts back and have additional premium privileges along with expanded storage capacity and no data-transfer limits.

It was also hinted that the virtual currency bitcoin would be used in some way on the site, though it wasn’t stated exactly how.

The use of Bitcoin might be crucial for the new giant file-sharing service after PayPal’s decision to blacklist Dotcom-founded MEGA due to the website’s “unique encryption model.”

Kim Dotcom’s legal troubles began when an FBI-led investigation rendered charges of internet piracy and money laundering against Dotcom and his partners. The tycoon and three other colleagues were arrested on January 20, 2012.

Dotcom, who has New Zealand residency, has denied charges of internet piracy and money laundering and has been fighting extradition to the United States.

Megaupload was founded in 2005. The site’s popularity quickly surged, leading to over 150 million registered users and 50 million daily visitors at its peak. Megaupload has even reached the top 13 most frequently visited websites.
Read more »

Dallas Police Uses 'Robot' To Kill Shooting Suspects

(pc-google images)
For the first time in the history of American law enforcement, the Police department in Dallas has used a bomb-carrying robot to kill someone.

City police chief David Brown told the media that officials saw no other option to avoid any further danger after sniper fire killed five Dallas officers. Brown said the decision protected police officers on a night when their lives were at greater risk than usual.

“We saw no other option but to use our bomb robot and place a device on its extension for it to detonate where the suspect was,” Brown added.

This is not the first time a robot designed with other functions in mind has been used as a weapon, but this kind of repurposing has until now been limited to the military.

Peter Singer, a strategist and senior fellow at the New America Foundation who writes about the technology of warfare, said he believed this was a first. “There may be some story that comes along, but I’d think I’d have heard of it,” he said. Singer also said that he was “in no way, shape or form condemning” the DPD’s (Dallas Police Department) decision.

The “bomb robot” used is assumed to be the DPD’s bomb-disposal unit, a wheeled, remote-controlled (as opposed to autonomous) robot with a manipulator arm on top. “When there’s a suspected explosive device, a suspected IED, you have this device with a robotic arm and a gripper on it,” Singer explained.

Dallas police have not identified the kind of robot used nor whether the explosive was improvised or something the department had long planned for an emergency.
Read more »

Fiat Chrysler Automobiles first to offer bounties to hackers

One year after  Fiat Chrysler Automobiles's Jeep was made into the headlines for car hacking concerns, now they have  become the first full-line automaker to launch a public bug bounty program to hackers who identify potential vulnerabilities in their vehicles.

“There are a lot of people that like to tinker with their vehicles or tinker with IT systems,” Titus Melnyk, senior manager of security architecture for FCA in the United States, said in a statement. “We want to encourage independent security researchers to reach out to us and share what they’ve found so that we can fix potential vulnerabilities before they’re an issue for our consumers.”

The announcement of the program comes as cars become more complex and prone to hackers as the new initiative reflects the rapidly increasing convergence of connectivity technology and the automotive industry, FCA said.

The program  is managed by Bugcrowd.com, and offering payouts ranging from $150 US to $1,500 US.

According to the FCA US, the Bugcrowd program will help them in:

  • identify potential product security vulnerabilities;
  • implement fixes and/or mitigating controls after sufficient testing has occurred;
  • improve the safety and security of vehicles and connected services;
  • and foster a spirit of transparency and co-operation within the cyber-security community. 


“Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer,” added Melnyk. “Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all.”

Last year, FCA had to recall 1.4 million Jeep Cherokees in order fix a software hole that allowed hackers to wirelessly break into some vehicles and electronically control vital functions.

Read more »

YouTube videos can be used to hack your smartphone


With the fast changing world, hacker’s intentions are no longer old to hack your bank password or pin numbers. They have changed with time and the new hunt is for your data which can prove as a gold pot.

Most of us hold various personal photographs in our smartphones but if they are sensitive, it can make a hacker rich overnight and be used against you. However, it is believed that to access this data the hacker needs physical access to the phone. Not anymore. A simple malicious code sent to your smartphone can get him all he wants without your knowledge.

This time hackers have found the most used way to get access on your smartphone, by leveraging the YouTube to hack mobile devices. Those funny animal videos on YouTube might not be as innocent as they seem initially.

Voice recognition software in YouTube videos could leave your phone exposed. The attack only takes a few hidden voice commands. Distorted voice commands hidden in certain otherwise-innocent videos can carry out malicious operations.

A team from the University of California, Berkeley, and Georgetown University have developed the means to compromise a mobile device using hidden voice commands embedded within a YouTube video. The voice recognition software can make it easier to hack devices, even when spoken words are mangled to basically sound like they're coming from a demon. The hidden voice commands used by the attack are ‘unintelligible to human listeners but which are interpreted as commands by devices.’ For example, the voice could tell your phone to open a URL that exposes it to malware.

The attack works when you are watching the tainted video on your PC, laptop, TV, tablet or smartphone. This mangled voice is picked by your smartphone, if left open to listening to voice commands even when locked.

If the voice commands in the video are picked up by the target victim’s smartphone, the AI from Apple’s Siri or Google Now can clean out the unwanted sounds and execute the commands by the mingled voice. Once these commands are deciphered by the voice-based assistants, they are executed. Such an attack can command the AI on the smartphone and instruct it to download and install malware, which can eventually allow the hacker to gain control of the smartphone.

The researchers will present the threat at the USENIX Security Symposium in Austin, Texas next month, including the defences against the threat that they evaluated.

Meanwhile, it's been revealed that nearly 10 million Android phones have been infected with HummingBad malware, also known as Shedun, which generates fake clicks for adverts, among other things.
Read more »

SWIFT has unveiled new measures to tackle hackers

Hackers had sent fraudulent payment instructions on the messaging network, Society for Worldwide Interbank Financial Telecommunication (SWIFT), used by the banks. On Monday, they announced its new defense against hackers.

SWIFT said that they hired two outside cyber security firms, BAE Systems and Fox-IT, to reinforce in-house expertise, and has set up a team to share cyber defense "best practice" among its customers.

In February, Bangladesh central bank's interface was hacked by thieves using SWIFT's network, which is a pipeline for transferring funds and the backbone of international finance.

According to the reports, hackers  sent payment instructions to the Federal Reserve Bank of New York, telling it to transfer $951 million from Bank Bangladesh's account to accounts in the Philippines. However, most of the transactions were blocked but four went through, amounting to $81 million that remains missing.

SWIFT, a Belgium-based co-operative owned by its users, had already unveiled measures to tighten up security.

SWIFT Chief Technology Officer Craig Young said, " Information from banks that have been subject to fraud attempts was crucial for identifying new malware."

"We therefore continue to remind customers that they are obliged to inform SWIFT of such incidents as soon as possible, and to proactively share all relevant information with us so we can assist all SWIFT users," Young said in a statement.

The company said that, "In addition SWIFT has published an inventory containing some of the specific malware used in reported attacks, as well as indicators of compromise (IoCs) that SWIFT has developed to assist other customers in detecting threats operating in their environments." 
Read more »

With darknet,banned drug supply market hits a new high


Internet is making drug marts like Silk Road 3.0, Darknet, AlphaBay,Crypto, Dream Market ,Agora Marketplace. Market and  supply  illegal and banned drugs to your doorsteps very easily.

Darknet is most famous amongst them. It cannot be accessed through regular browsers,it can only be accessed through Tor, browser that masks location and activity.

Here you can easily find Malana Cream which is very difficult to find even in the places it is produced..

To get an access to the darknet market you just have to download an encrypted browser, type any drugs name into the search box, press 'enter', and listings mentioning rates, quality and quantity along with pictures of the 'product' start popping up.

This highly encrypted world ensures you leave no digital footprints for investigating agencies. Messages can't last longer than a month. Payments are made through bitcoin, a digital currency that doesn't need a third party like a bank or government. But for deliveries, vendors use the traditional and most reliable means to transport drugs the snail mail

According to the UN's latest World Drug Report, which notes that the use of online marketplaces has "increased in recent years, cannabis continues to be the most cultivated, produced, trafficked and consumed drug worldwide. It is the third highest-selling drug, after Ecstasy and LSD, on the darknet."


Read more »

"Your Smart Watch Can Divulge Your ATM Pin"

(pc-Google Images)
Are your smart devices that smart to not give away your secrets? Well, a recent study reveals that they are not and might give away your personal information, including your passwords or ATM pins.

Scientists from the Stevens Institute of Technology and Binghamton University say that if you combine data from embedded sensors in wearable technologies, such as smart watches and fitness trackers, with a PIN cracking algorithm; you have an 80% chance of identifying a PIN code from the first try and an over 90% chance of cracking it in 3 tries.

Led by Professor Yingying Chen from the Stevens Institute of Technology with the assistance of four graduate students: Chen Wang, Xiaonan Guo, Yan Wang and Bo Liu, conducted 5,000 key-entry tests on three key-based security systems, including an ATM, with 20 adults wearing a variety of technologies over 11 months.

"This was surprising, even to those of us already working in this area," says Chen, a multiple-time National Science Foundation (NSF) awardee. "It may be easier than we think for criminals to obtain secret information from our wearables by using the right techniques."

"There are two kinds of potential attacks here: sniffing attacks and internal attacks. An adversary can place a wireless 'sniffer' close to a key-based security system and eavesdrop sensor data from wearable devices. Or, in an internal attack, an adversary accesses sensors in the devices via malware. The malware waits until the victim accesses a key-based security system to collect the sensor data”, added Chen.

Yan Wang from Thomas J. Watson School of Engineering and Applied Science at Binghamton University who is a co-author of the study said, “Wearable devices can be exploited. Attackers can reproduce the trajectories of the user’s hand then recover secret key entries to ATM cash machines, electronic door locks and keypad-controlled enterprise servers.”

The team has been able to develop a backward-inference algorithm to predict four-digit PIN codes after obtaining from accelerometers, gyroscopes and magnetometers data from the devices.

The researchers are working on the countermeasures for this problem but suggest that developers "inject a certain type of noise to data so it cannot be used to derive fine-grained hand movements, while still being effective for fitness tracking purposes such as activity recognition or step counts".
Read more »

Twitter CEO Jack Dorsey's Account Hacked By 'OurMine' Hackers

(pc-google images)
Hacker group ‘OurMine’ is in news again. The professional group has now hacked the account of Twitter CEO Jack Dorsey, after previously hijacking the social media accounts of Google CEO Sundar Pichai and Facebook CEO Mark Zuckerberg and former Twitter CEO Dick Costolo.

The group shared a few videos and then sent a tweet that read, “Hey, its OurMine, we are testing our security”, along with a Vine clip that has since been deleted. The tweets were reportedly scrubbed by 3:25 a.m. Eastern, but tech website Engadget grabbed screenshots.

"All of the OurMine messages posted to Dorsey's account (which, as of 3:25 am or so appears to have been scrubbed of the hacker's tweets), came through from Vine”, Endgadget reported.

A warning pops up from Twitter if one tries to access the OurMine website, advising that it is probably not safe, according to the report.

"The link you are trying to access has been identified by Twitter or our partners as being potentially harmful," it said.

In the Zuckerberg and Costolo hack, OurMine accessed Twitter accounts through connected third-party applications or through old or recycled passwords. But in Dorsey’s case, it is suspected that OurMine had access if Dorsey had an old/shared password on his Vine account or somehow connected it to another service that was compromised.

The motivation for compromising Dorsey’s account remains unclear. Though OurMine has laid claim to large thefts, the group’s main goal seems to be harassment.
Read more »

Anti ad-blockers in rescue of the News Media

Ads are the main source of income of any website, but due to the increase in the online ad-blocking tools their revenue came down exponentially.

To counter the effect of the ad-blocking tools publishers and media companies are trying new
softwares known as “anti-ad-blockers”. Software companies are encashing this situation by selling software designed to counteract the effects of ad-blocking.

PageFair, Sourcepoint, Secret Media and Admiral are the companies which are currently providing anti-ad-blockers. All the companies have different algorithm to tackle this situation, but everyone of them promises media companies to help them in recapture revenues lost because of ad-blocking users.

CEO of ad-blocking “revenue recovery” company Admiral, Dan Rua said that, “We really think the free internet is at risk because of ad-blocking, so these types of solutions are needed to turn the tide”.

Admiral, which recently raised $2.5 million to help build its platform, show ads to users with ad-blockers enabled, Mr. Rua, said that webpages are reloaded in a way that they are   undetectable to most ad-blocking software.

Mr. Rua said, "His company is also working on tools publishers can use to encourage visitors to disable their ad-blockers, and to offer users ways to pay for content."

Meanwhile, in March this year, people using ad-blocking software who visited the The New York Times website had this message appearing on their computer screens: “The best things in life aren’t free”. It went on to explain that “advertising helps us fund our journalism.” It gave the visitors to disable their ad-blockers or pay for a subscription.

Read more »
Subscribe to: Comments (Atom)