Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Microsoft update knocks Windows 8 and 10 users offline


Just in time for Christmas, Microsoft pushed an update last week for Windows 8 and 10 that broke the Dynamic Host Configuration Protocol (DHCP) and knocked user offline until they rebooted their systems.

The network connectivity of several European users was broken after a cumulative update KB 3201845, which was released on December 09. It’s not clear if the problem was isolated to Europe or not but Microsoft is displaying a global banner that declares all users with Internet connectivity problems should restart (not shutdown) their hardware.

Virgin Media and Proximus are the latest to confirm the reports on broken DHCP.

DHCP is the protocol that distributes network configuration data to all the relevant devices on the network and handles automatically assigning IP addresses, for example. You don’t need a DHCP server to access the Internet, but most home networks are configured to expect one, and the average user probably isn’t comfortable with the process of mapping out static IPs to each device on the network.

Users who statically assigned their LAN addresses were saved from the knockout but rest others had to either reboot or manually assigned their IP/gateway/DNS servers etc.

Essentially, the PCs cannot automatically pick up their LAN-side IP address, router address and DNS settings from their broadband routers, causing them to drop off the internet and disappear from other devices on their network.

Microsoft do seem to be aware of it and so they’ll probably rush out a hotfix for this but even if they do, the question is how people who are not able to connect to the internet supposed to get it?

The problem can be solved with a simple “ipconfig /release” command, followed by “ipconfig /renew” but some users are also reporting that this fix is insufficient, and a separate set of commands are also needed, specifically: “netsh int ip reset” followed by “ipconfig /flushdns”.

If you configure your box to use static addresses, you should be okay, or you can run the following the commands to reset the operating system's networking components:

“netsh winsock reset catalog
netsh int ipv4 reset reset.log”

Soon a permanent fix should be out by Microsoft.
Read more »

Armed forces software flaws gets patched


Three of the 31 SAP flaws in armed forces and cops software were fixed on Tuesday (December 13) in the ERP giant’s technology for Defense Forces & Public Security.

SAP's Defense Forces and Public Security which is designed for armed forces, police, and aid organisations and SAP Mobile Defense and Security components are susceptible to missing authorisation check vulnerability which can allow an attacker to read, modify or delete data which is not usually critical but it’s important because it comes from armed forces.

SAP for Defense Forces & Public Security uses ERP technology which offers functions such as mapping organisational structures and material and personnel resource planning, accounting and funds management, materials management among others.

Other significant patches in SAP’s December batch include a fix for a directory traversal in flaw SAP User admin Application and a patch for a potential remote code execution bug in SAP business intelligence platform.

SAP released 315 patches throughout 2016, slightly less than in 2015. Cross-site scripting (XSS) remains the most common vulnerability type.
Read more »

Popcorn Time Ransomware Gives Free Decryption Key

(pc-Google Images)
Researchers have discovered a new Popcorn Time Malware which offers free encryption to the victim if he infects two other people using the referral link facilitated by the ransomware.

Spotted by MalwareHunterTeam, Popcorn Time securely encrypts the data on your computer while displaying a fake installation screen, and asks $770 for ransom money. But before you become too helpless and finally decide to give money to the hackers to get the encryption key, it put up condition to allow free encryption for you.

To facilitate this, the Popcorn Time ransom note will contain a URL that points to a file located on the ransomware's TOR server. At this point, the server is down, so it is unsure how this file will appear or be disguised in order to trick people to install it.

Popcorn Time ransomware, currently in development, encrypts files present on the Desktop, My Pictures, My Music, My Documents. It targets every possible file extension you could think. The extension .filock is added to every encrypted file, for instance, myfile.txt becomes myfile.txt.filock after the encryption. After it finishes encryption, it creates two files (restore_your_files.html and restore_your_files.txt) containing the ransom note. It then displays the ransom message automatically.

You can make hit and trial attempts for the encryption key. If you enter the wrong key four times, all of your data will be deleted.
Read more »

Cyber-deterrence to curb cyber-attacks?


Rising cyber attacks across the globe have been a menace and threatening to targets. From 2005 to 2015, federal agencies reported a 1,300 percent jump in cyber security incidents. Recently, Russia was accused of interfering and manipulating the whole US election results by hacking into Democratic Party computers. Then in October several high-profile websites were knocked offline when thousands of internet-connected devices, such as digital video recorders and cameras were compromised by Mirai malware.

It’s high time we think of better ways for addressing these threats. Amid this, the idea of cyber-deterrence has started emerging. Deterrence has long been effective to counter the threat of nuclear weapons, so can it even work against cyber weapons?

Deterrence focuses on making potential adversaries think twice about attacking; firstly, by making them consider the cost of their act and the consequence of counterattack and second is punishment by making sure the adversaries know there will be a strong response that might inflict more harm than they are willing to bear.

Unlike nuclear weapons which are there only in a few countries and only significant resources need to invest in them, cyber weapons can be quickly developed by individuals or small groups and they can be easily replicated and distributed across networks. Cyber weapons are often deployed under a cloak of anonymity, making it difficult to figure out who is really responsible and it also leaves a broad range of effects, most of which is disruptive and costly, but not catastrophic.

However, this does not imply that cyber deterrence cannot work.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defences and establish international norms for cyberspace. The first two of these measures will significantly improve our cyber defences so that even if an attack is not deterred, it will not succeed.

Improving cyber security

If the protection is geared up, the attack will be stopped before the hackers can achieve their goal. For this, login security should be beefed up, data and communications need to be encrypted, viruses and malware need to be fought and software should be regularly updated to patch any weakness found.

A more pressing protection issue today is the shipping and selling of cheap Internet-of-Things devices which lead to many attacks. While some companies like Microsoft, heavily invest in product security, may others do not do so.

Cybersecurity expert, Bruce Schneier advises that regulation should be imposed on manufacturers to put in basic security standards in devices, failing which they should be held liable when they are products are used in attacks.

Employ active defences

Action against attackers can be taken by monitoring, identifying and countering adverse cyberattacks. These active cyber defences are similar to air defence systems. Network monitors that watch for and block hostile packets are one example, as are honeypots that attract or deflect adversary packets into safe areas. There, they do not harm the targeted network, and can even be studied to reveal attackers’ techniques.

Another set of active defences involves collecting, analysing and sharing information about potential threats so that network operators can respond to the latest developments and if any malware is found, they could disconnect the devices from the network and alert the devices’ owners to the danger.

An active cyber defence can often unmask the people behind them, leading to punishment. Nongovernment attackers can be shut down, arrested and prosecuted; countries conducting or supporting cyber warfare can be sanctioned by the international community.

Establish international norms

International norms for cyberspace can aid deterrence if national governments believe they would be named and shamed within the international community for conducting a cyber attack.

It’s difficult to completely get rid of cyberspace but at least the attacks can be minimised to a certain level if strong security, cyber defences and international cyber norms are actively used.
Read more »

One billion affected by Yahoo hack in 2013 alone

Yahoo has confirmed that more than one billion user accounts were hacked in 2013. Yes, you read it right, more than one million, and 2013 hack is separate from 2014 hack in which nearly 500 million accounts were breached.

The company said that there was no breach of bank account details or any payment data, some personal data has been breached like names, phone numbers, passwords and email addresses.

Yahoo which was taken over by Verizon said it was working closely with the police and authorities.
 In a statement the company said, "believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts."

The breach "is likely distinct from the incident the company disclosed on September 22, 2016".
Account users were advised to change their passwords and security questions.

The BBC interviewed  Cybersecurity expert Troy Hunt, "This would be far and away the largest data breach we've ever seen. In fact, the 500 million they reported a few months ago would have been, and to see that number now double is unprecedented.

"Yahoo hasn't attributed the attack to any state-sponsored activity as they did with the previous incident. They've referred to the tampering of cookies, though, which gives us some useful insight into where the vulnerability may have existed in their system."

Read more »

Cyber attacks on rise in Japan


An international hacking group by the name of Anonymous has been actively increasing cyber-attacks in Japan since September.

Last autumn, a number of government websites and other sites came under attack. However, the recent attacks are different from sophisticated cyber-attacks that aim to steal information. Experts have been advising people to calmly take necessary steps in advance.

On the night of September 13, the website of the Hiroshima National Peace Memorial Hall for the Atomic Bomb Victims became inaccessible. Shortly, the hacker group took the responsibility of the attack and posted that the distributed denial of service (DDoS) attacks was launched to protest dolphin hunting.

An official at the memorial hall said in bewilderment, "We have nothing to do with dolphin hunting."

A series of anonymous attacks are believed to have started around 2013 by the name of Operation Killing Bay to protest against Japan's whale hunting and the annual dolphin hunts in Taiji, Wakayama Prefecture. Last year, DDoS attacks made their entry into government websites and infrastructure operators like airports where the websites remained unavailable by sending a huge amount of data to the server.

Police have confirmed that no cyber-attack related website problem was reported from May to August but 29 incidents were confirmed in September, followed by 26 in October. From November 01 to November 27, there were 53 cases, bringing the total from September to November 27 to 108. In December alone, these incidents rose to 56.

"Their aim is not to make websites unavailable, but to promote their presence," said Nobuhiro Tsuji, senior security researcher at SoftBank Technology Corp.

When Anonymous started around 2006, it advocated the establishment of the freedom of the internet and made political appeals through legally permitted activities such as street demonstrations. Currently, however, Anonymous tends to carry out cyber-attacks with the aid of unknown individuals who respond to invitations on Twitter and other websites. Participants are increasingly committing cyber-attacks for fun.

Though the main DDoS attack cannot be defended but measures have recently been developed to mitigate damage.

Some observers point out that such cyber-attack could increase ahead of the 2020 Tokyo Olympics and Paralympics.

It is advisable that companies and individuals remain calm and if attacked, they should respond thoughtfully without overreacting
Read more »

NEC gave cyber defense training to Thailand government officials

NEC Corporation in Thailand provided the cyber defense training to more than 50 government officials from the  Electronic Transactions Development Agency (ETDA) and other government agencies from  6 to 9 December.

The ETDA, is under the jurisdiction of the Ministry of Digital Economy and Society, is one of the agencies responsible for cyber security in Thailand.  ThaiCERT, which is responsible for handling computer Security incidents,  the Computer Security Incident Response Team (CSIRT), is also operated by ETDA.

The motive behind this training was to enhance the abilities of system administrators in government agencies to effectively handle the increasing threat of cyber-attacks by providing simulations of a customer's ICT infrastructure, the practical training enables the cultivation of system administrators with comprehensive cyber defense capabilities.

"We are proud to be selected as a partner for providing cyber defense training programs for government agencies in Thailand," said Takayuki Kano, President, NEC Corporation (Thailand). "Building on NEC's successful track record in the field of cyber security, we look forward to reinforcing our ties with government agencies throughout the world in the cultivation of personnel who defend against cyber-attacks."

The training not only focussed on technical skills in handling a cyber-attack but provided important organizational measures for preventing the spread of damages, including possible instructions for staff and the sharing of information with related institutions.

In April 2015, Japan's Ministry of Internal Affairs and Communications (MIC) and Thailand's Ministry of Information and Communication Technology (now the Ministry of Digital Economy and Society) issued a joint statement announcing that the two countries would expand their existing cooperation in cyber-security and cooperate in the area of mission-critical ICT infrastructure protection. Under this agreement, Japan is expected to contribute to cyber-security in Thailand through a provision of its advanced technologies.

In November 2015, NEC, in collaboration with the Embassy of Japan in Thailand, provided hands-on cyber defense training for government agencies in Thailand through a project commissioned by the MIC. 
Read more »

Legion hacker group: Behind celeb twitter hack

Over the past week, there has been an escalation in the hack of digital accounts of prominent Indians like Rahul Gandhi, Vijay Mallya, Ravish Kumar and Barkha Dutt, which arose the question of political motive behind the hack. But, an unknown group, Legion, had taken the responsibility of all the hacks and overruled the political motive behind it.


Now the hacker group has said that their next target  their next hack would be of sansad.nic.in , and  Indian banking system as there  are major flaws in it, and they do not believe in  a cashless economy, in an online conversation with ET.

"Let me tell you...the banking system of India is deeply flawed and has been hacked several times," said the person who spoke to ET.  During the interview, the person also revealed the names of some of the financial institutions they  have targeted. But ET didn't publish their names.

The first victim  Rahul Gandhi, whose twitter account was hacked, and group tweeted after hacking his account. Soon after this, the officials  of All India Congress Committee took it as an opportunity to blame this on the opposition party. “Truth is that every Indian’s privacy is similarly under attack and the onus lies on the Modi government to do suitable course correction for protecting the privacy of everyone who is on social media,” said Congress leader Randeep Singh Surjewala.

The group  revealed  that they do not have an Indian passport and that they are not of Indian origin.

After hacking multiple accounts they tweeted: "Okay Brothers we're back. #legion. Support our cause to expose the rats in our system."

Read more »

Europol arrests 34 DDoS attackers


Europol and law enforcement agencies from 13 countries around the globe have arrested 34 users of Distributed Denial of Service (DDoS) cyber-attack tools and warned 101 suspects in a major crackdown.

Authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out the coordinated action from December 05-December 09.

Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify suspects in the EU and beyond, mainly young adults under the age of 20, by hosting operational meetings, collating intelligence and providing analytical support. During the raid, different suspects were interviewed, detained and arrested or fined, notifications were sent to parents and house searches were conducted.

Those arrested are accused of paying for DDoS tools like stressers and booters services which flood websites and web servers with a massive amount of data, leaving them inaccessible to users.

Europol's European Cybercrime Centre (EC3) supported the law enforcement agencies in their efforts to identify suspects in the European Union and beyond.

Since the emergence of Mirai IoT botnet, there has been a noticeable increase in DDoS attacks.

The authorities urged teenagers to use their skills for good and quit conducting DDoS attacks.

Steven Wilson, Head of EC3, commented: “One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose.”

The raids came after European Commission Servers and Deutsche Telekom suffered a series of massive DDoS attack a couple of weeks ago.
Read more »

Get tips on cyber security in five different languages

Cyber Security  awareness is minimal in India. Cyware, a cyber awareness platform has started  a new service to educate Indians about the cyber-security in five different languages through SMS and Whatsapp.

 In a statement released by the company, they said that they  have launched this service "free" of cost   after witnessing the  emerging challenges of "Cyber Suraksha"  faced by common man in India just after effect of  demonetization.

"In India, people keep the same default ATM card pin as provided by the banks and never change it. The cyberculture in India is such that for many people PIN does not stand for 'Personal Identification Number' rather they treat it as 'Public Information Number'," Akshat Jain, Co-Founder of Cyware said.

"Cyware is using commonly used messaging services like SMS and WhatsApp to make common people aware about cyber security hygiene. Cyware wants to bring change by educating people about do's and don't's  of Cyber Suraksha," he added.

To get the tips about the  cyber hygiene  through SMS  just needs to  give a missed call on toll-free number 7676610000.

While, to  activate the service  through  WhatsApp, add the same number on  your phone and send   Whatsapp message  'START'.

The subscribers of this service  will  receive security tips daily, and they can even know how  to safeguard their online banking, debit and credit cards, e-wallets and other digital assets from cyber criminals.

This cyber  security  service is currently available in English, Hindi, Kannada, Malayalam, Tamil and Telugu and soon will be launched in other languages too.





Read more »

Indian government needs to worry about rising cyber-security


The demonetization drive by Indian Prime Minister Narendra Modi struck at a time when banks in the country are still in the process of updating their security architecture for online operations. Now with the cashless motive of the government, more and more people are making use of plastic money and e-wallet which increases the risk of cyber attack all the more. Banking sector thus faces the challenge of fending off cyber attacks in the wake of rising digital transactions.

Paytm, a digital wallet platform, has registered a 435 per cent rise in its traffic and a 1,000 percent jump in online recharges in the two days following a ban on high-value currency bills. Another mobile wallet Ola Money has reported a 1,500 per cent increase in recharges across the 102 cities of its operation since the day.

In today’s tech era, our digital identities are immensely linked to our actual personas.

Last week, a handful of personal and institutional twitter handles and emails were hacked. Cyber fiends also broke into the official website of main opposition party, Congress and hacked the twitter handle of party’s vice-president, Rahul Gandhi. The repeated cyber invasions prompted senior leaders to question digital safety at a time Modi has been urging his fellow citizens to go cashless.

Incidents like this have happened across the world, hackers have been brought to book, hackers have got away.

While people are mostly looking at these as mere Twitter hacks, an intrusion into the virtual social existence and email accounts of a person exposes the personal data as well and it can be an attack on the person’s identity, personality, private life and more dangerously, financial profile.

While the nation is still not questioning these hacks as a society, it poses a bigger threat to the future of cyber security and it is scary that our society is happy to live with a constant threat to our digital security.

Do we really have a robust banking network spread inclusively in all parts of the country as has been claimed by our finance minister, Arun Jaitley? India still isn’t prepared to imbibe the language of technology in day to day life but the policy has forced people to resort to e-banking mode.

Despite India’s prowess in information technology, a major worry is that most banks and financial institutions have until recently underestimated cyber-security as a threat. Just a simple SMS from a bank stating your bank balance could end up being a key to exploiting you, email access is like opening the entire door.

Data and information security are particularly weak in India. Many firms take months before undertaking the required security upgrades. There is a need to upgrade cyber-security infrastructure as data from the National Crime Record Bureau (NCRB) shows a 69 per cent increase in cyber-crimes in recent years.

To top all the risk is the weak policy of government against cybercrime which needs to be strengthened if Mr Modi really needs to develop India as a strong cashless country. Even misuse of a digital wallet should be dealt with in the toughest way to send a message that cyber security is not something that can be messed with.
Read more »
Subscribe to: Comments (Atom)