Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Cisco India Introduces 3 Cyber Security Initiatives

(pc-Google Images)
Cisco India has announced three new initiatives to help the country build a transparent and secure digital infrastructure environment.

Cisco will open a new Security Operations Centre (SOC) in Pune which will provide services in monitoring and management to comprehensive threat solutions and hosted security that can be customised.

The company’s Cisco Cyber Range Lab in Gurugram will provide specialised technical training workshops to help security staff build the skills and experience necessary to combat new-age cyber threats.

Cisco's global Security & Trust Organization (S&TO) and Cisco India announced the formation of Cisco S&TO-India that will help the government shape the national cyber-security strategy and initiatives.

Meanwhile, Cisco and Ministry of Electronics and Information Technology's (MeitY) Indian Computer Emergency Response Team (CERT-In) signed a Memorandum of Understanding (MoU) in the presence of Electronics and IT Minister Ravi Shankar Prasad.

"In light of rapidly evolving cyber tactics and shared risks in cyberspace, the need to work side-by-side with industry partners on pressing cyber-challenges becomes increasingly important. We are happy to have Cisco collaborate with us to enhance the security of India's digital infrastructure," said Prasad.

Cisco's "Active Threat Analytics" provides round-the-clock monitoring and advanced-analytics capabilities combined with industry-leading threat intelligence and expert investigators to rapidly detect advanced threats.

Cisco will also provide 24-hour service for customers regardless of time zone. "As India digitises, security will become fundamental to seizing the unprecedented opportunities for businesses, cities and citizens. Cisco is committed to enable a digital-ready infrastructure and security everywhere. Today's cyber-security announcements reaffirm Cisco's long-term commitment to India," added Dinesh Malkani, President, Cisco India and SAARC.

"By 2020, the Indian digital payments industry will grow 10 times and mobile transactions will grow 90 per cent per year by 2020. As of 2016, three new Indians join internet every second and by 2030, one billion Indians will be online so digital security is paramount," Malkani added.
Read more »

New York Financial Regulator Delays Cyber Security Rules

(pc-Google Images)
The New York Department of Financial Services (NYDFS) will delay the effective date of their proposed cybersecurity regulation until March 1, 2017. Earlier the anticipated deadline was January 1 for banks and insurers doing business in the state to comply with controversial cyber security rules.

Banks and insurers have been fighting for an extension of the compliance deadline and other changes ever since the regulator formally unveiled the proposed rules in September.

Banking and insurance industry representatives raised their objections that included the fact that ‘The rules did not distinguish between small and large financial institutions and would possibly conflict with future U.S. government cyber security rules.’

The original proposed regulation met with significant resistance, including reportedly more than 150 comment letters. Many of the comments identified the proposed regulation as highly prescriptive and lacking allowance for Covered Entities to make risk-based decisions on certain important technology matters.

A number of comments also requested the ability to distinguish between small and large Covered Entities in structuring cybersecurity programs based on size and risk. Some comments expressed concern that inconsistencies with federal and other state regulations, which are anticipated in the future, would make compliance highly complicated.
Read more »

Turkey Blocks Tor Browsing Network

(pc-Google Images)
For years, Turkey has been known as a nation to suppress dissent and journalists, and now it is turning its attention towards the freedom of internet access.

Turkey has blocked direct access to the Tor anonymous browsing network as part of a wider crackdown on the ways people circumvent internet censorship.

Internet advocacy group Turkey Block recently confirmed that the Tor anonymity network has been blocked in the country.

In a statement, Turkey Block said, "Our study indicates that service providers have successfully complied with a government order to ban VPN services."

The free virtual private network (VPN) has exploded in popularity in recent years as countries expand their cybersecurity laws to allow for them to have an increased ability to snoop on unsuspecting citizens in the name of state security.

Users of commercially available VPNs – typically used by people within a country to watch or read content not legally available in their own country – have also been affected, as per Turkey Blocks.

Tor is an anonymity service that conceals the browsing footprints of users when they go online. Tor uses a sophisticated protocol of encryption and random bouncing of packets through connected networks in order to hide the user's location.
Read more »

Critical flaws in PHPMailer leaves millions of websites vulnerable

A security researcher has discovered a critical vulnerability in the PHPMailer that might affect millions of websites users making them vulnerable to remote exploit.

It is being estimated that more than 9 Million users worldwide are affected by this vulnerability named as CVE-2016-10033, which affects PHPMailer. It is one of the most popular open source PHP libraries used to send emails.

There are millions of websites who uses  PHP and popular CMS, including WordPress, Drupal, and Joomla which currently use the PHPMailer for sending emails.

The CVE-2016-10033 affects all versions of the library before the PHPMailer 5.2.18 release.

The flaw was discovered by the security researcher  Dawid Golunski who works in  Legal Hackers.  “An independent research uncovered a critical vulnerability in PHPMailer that could potentially be used by (unauthenticated) remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application,” Golunski explained.

“To exploit the vulnerability an attacker could target common website components such as contact/feedback forms, registration forms, password email resets and others that send out emails with the help of a vulnerable version of the PHPMailer class.”

The expert has confirmed that he will soon provide the details of the CVE-2016-10033 vulnerability.

Golunski has informed about the flaws to the developers which they promptly fixed the PHPMailer 5.2.18. He also plans to publish an advisory as a proof-of-concept exploit code and video PoC of the attack.

Read more »

Ransomware cases rises exponentially in Singapore

The year 2016 has seen an exponential rise in ransomware cases around the world. In Singapore alone,  17 cases of ransomware were reported in the first 11 months this year, up from just two in 2015, the Cyber Security Agency (CSA) said.
Ransomware attacks mean when a hacker is successful in encrypting the user's  files or lock a user's computer and then he demand money from the user in order to regain the access to his own files or computer. 
According to one of the firms who got badly affected by ransomware was a subsidiary of maritime supply chain management company BH Holdings. The company got affected when two of its staff members tried to open an email attachment from an unknown source, recounts IT executive Roberto Ang. "They double-clicked on it, and they could not open it. So they thought that it's just some file that cannot be opened. So they just ignored it and continued working.
"Then after half a day, they started to find that they cannot access some of the files, and these had a weird extension."
 Mr. Ang. noticed that something is wrong when, "I saw that there was a text file inside the encrypted folder that showed that it was ransomware, asking for payment to decrypt the files."
The company refused to pay the ransom of US$1,000 (S$1,447). Instead, their technical team tried to rebuild  3,000 infected files with data of the accounts and stocks from hard copy files.
Attackers are more interested in targeting big businesses rather than individuals as they have more critical and important information rather than any individual and that would compel them to pay up a ransom, an expert told Channel NewsAsia.
Tarun Kaura,  security advocate at Symantec explains this scenario. "Let's say I'm an HR professional in a specific enterprise, and I've been given a target for a recruitment drive. I have to hire a few people - it's important because there are deadlines," he said. 
"If I go on public social websites saying I'm hiring ... someone (an attacker) can craft an email sending a maybe a resume or information on a talent pool that I would want to look into. That's how they go after certain departments or people in an enterprise - by being more relevant and contextual to a business."
So how you should protect yourself from ransomware attack? Mr. Kaura gives advice to the common people, before opening any email just look at the header of the email and scrutinize its contents. "If you see a bit of ambiguity in that in terms of how it's been named and where it's coming from, which domain it's coming from, it is easy for a consumer to figure out that this mail is not coming from a legitimate source.
"You should take a step back and see ... let's not click everything that comes to you."

Read more »

Kids' hi-tech toys threat to cyber security

Gifting hi-tech toys for your kids?  Beware of these hi-tech toys that are very easily available in markets. They have inbuilt Wi-Fi, cameras, and apps that could be easily connected to your home network.

A member of Colorado Cyber, Molly Wendell said that  "There are some really cool smart toys, smart-enabled toys, Wi-Fi-enabled toys like little dolls that talk back to you or listen to you.The toys could be listening to your child or recording video or recording the voice of your child."

This ability will help hackers to hack into your home computer network and access your bank statements online, credit cards and even medical records.

According to the chief information security officer at TeleTech Holdings (TTEC) in Englewood, Colo, "There is the tradeoff between the security and privacy of your family and the coolness of the toy," said Sam Masiello.

Some of the toys are intelligent enough to record and translate the conversation,  so it helps the manufacturers in selling the information to advertisers, Masiello said.

"If it overhears you really want to buy a new car, it might send it over to car manufacturers," he said. To solve this problem, many of the toy companies has privacy deal with customers,  promising whatever a toy hears or stores is protected.

It is recommended from the cyber experts that you should keep changing your home Wi-Fi passwords often.

"We have young kids, so we definitely don't get toys with Internet," said Adam Rutan of Lakewood, Colo.


Read more »

200 Million Data Enrichment Records For Sale on Darknet

(pc-Google Images)
Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. Details of this incident came to Salted Hash via the secure drop at Peerlyst. The data was first vetted by the technical review board at Peerlyst, who confirmed its legitimacy. Once it was cleared by the technical team, a sample of the data was passed over to Salted Hash for additional verification and disclosure.

The person offering the files claims the data is from Experian, and is looking to get $600 for everything. However, sources at Experian said that they were made aware of this data breach last week, and investigations determined that it wasn’t their data.

“We’ve seen this unfounded allegation and similar rumors before. We investigated it again – and see no signs that we’ve been compromised based on our research and the type of data involved. Based on our investigations and the lack of credible evidence, this is an unsubstantiated claim intended to inflate the value of the data that they are trying to sell – a common practice by hackers selling illegal data,” Experian said in an emailed statement.

There are 203,419,083 people listed in 6GBs worth of records. The profiles include PII such as a person’s name, full address, date of birth, and phone number, but because it’s enrichment data - the records also include more than 80 personal attributes.
Read more »

Third Hacker Arrested In JP Morgan Breach Case

(pc-Google Images)
A third suspect alleged to be responsible for the 2014 JPMorgan Chase data breach, which resulted in the compromise of data linked to more than 83 million customers has been arrested.

32-yr-old Joshua Samuel Aaron was arrested at JFK International Airport after waiving extradition and asylum in Russia "to responsibly address the charges”.

Aaron, aka “Mike Shields,” was one of three men indicted in November 2015 for the massive hack and fraud scheme.

Aaron, a U.S. citizen, had been living in Moscow. He, along with co-defendants Gery Shalon and Ziv Orenstein, who were both arrested by Israeli authorities in July 2015 and extradited to the U.S. in June 2016, face charges that include securities fraud, wire fraud, market manipulation, identification document fraud, aggravated identity theft and money laundering.

The trio has been accused of ripping off the data of more than 100 people, and then using it in schemes such as stock manipulation that generated hundreds of millions of dollars in illicit gains.

The Chase breach resulted in the compromise of contact information, including names, addresses, phone numbers and email addresses, linked to 76 million households and 7 million small businesses.

According to a press release from the US Attorney’s Office of the Southern District of New York, the JPMorgan caper represents the largest theft of customer data from a US financial institution in history.
Read more »

Cybercriminals Make As Much As $20,000 in Bitcoin ((Per Month

(pc-Google Images)
There has been a continuous spur in the cases of cybercrimes in recent times. And for those who don’t know why, there is a major reason behind these acts. It is that the cybercriminals manage to make a decent amount of money each month at others’ expense.

The researchers have spent a lot of time studying and tracking the actual cybercrimes, activities on forums and analyzing the behavior of those involved in these activities over the last few months. The report, complete with a chart of hierarchy in cybercrime syndicates was released last month.

Per Recorded Future’s report, about 20 percent of cybercriminals are highly resourceful and they make 10 times the amount other 80 percent of their peers make per month (about $20,000 per month). For a handful of them, it may go as high as $50,000 to $200,000.

The potential involvement of former law enforcement officials in the cybercriminal network enables the hackers to breach the data easily. Moreover, their familiarity with the investigative techniques used by law enforcement agencies may prove handy to cybercriminals.

Most individual cybercriminals do not have any prior criminal records and are very careful when it comes to hiding their online identity, making it even harder to catch them.

The report advises companies to not inquire about cybersecurity testing solutions on dark net forums as hackers may find their infrastructure to be attractive targets. Instead, companies should seek help from reputed cybersecurity providers.
Read more »

Cerber Ransomware spreading through exploiting Web Browsers

A fresh ransomware campaign is spreading over the internet which is circulating Cerber ransomware. This campaign is capable of infecting a large number of systems.

A team of security researchers at Heimdal Security research has found that this ransomware could not only affect individual internet but could heavily damage enterprises. A member of the research team, Andra Zaharia revealed that  “targeting companies’ databases to maximize profits from the ransom, so this is another reason to take additional precautions.”


The main motive behind this campaign is to basically try to exploit weaknesses in the internet browsers like Silverlight, Internet Explorer, Edge and software like Flash Player.

According to the reports of hackread, "The campaign starts with infecting genuine websites through injecting malicious script, which is actually the Nemucod generic malware downloader. The script then redirects the traffic to a Cerber gateway called Pseudo Darkleech. It is a kind of malware infection that adds a strong clouding layer so that detection could be avoided. Nemucod is used in this campaign because it can easily run Cerber ransomware. Remember, Nemucod was recently used in another campaign in which hackers were using images on Facebook Messenger to drop Locky ransomware. However, it was firstly identified in December 2015 as a “Trojan downloader.”

This campaign is totally different from the other ransomware campaigns as in this ransomware there are several types of malware.

The cyber criminals aim to make the infection resistible to all the antiviruses in the mean time it completes the encryption of the data present on the computer, and when data encryption is complete, the victim is asked to pay the ransom, which ranges from 1.24 BTC (bitcoins) to 2.48 BTC, equivalent to $1,068 to $2,136 as per the latest BTC rates.

Cerber ransomware was discovered three months ago.

There is no way to keep oneself protected from the ransomware, just never download files from an unknown email and always keep a backup of your data.
If you are the victim of this ransomware then contact ‘No More Ransom,’ an anti-ransomware portal that recovers encrypted data for free. 
Read more »

Nasscom-DSCI unveil security roadmap for 10 years

(pc-Google Images)
To make India a global platform for cyber security-related requirements, The National Association of Software and Services Companies (Nasscom) & Data Security Council of India (DSCI) launched the Growing Cyber Security Industry, Roadmap for India report.

The report defines a roadmap for the next 10 years that will grow the cybersecurity market in the country.

"For India to become a global cyber security hub, a list of 16 initiatives has been formulated by Nasscom-DSCI. Effective programme roll-out and strategic vision realisation will require disciplined management of the 16 key initiatives suggested by the report," said R Chandrashekhar, President, Nasscom.

Nasscom envisages the Indian IT industry to achieve a size of $350-400 billion by 2025.

“India should aspire to build a cybersecurity product and services industry of $35 billion by 2025, and generate a skilled workforce of one million in the security sector, to cater to the rise in global demand”, said the report.

With cybersecurity products constituting a $38 billion market in 2015, network security will emerge as the most attractive product segment by size, while security and vulnerability management has the highest growth prospects across various geographic regions.

"India being a primary hub for growing smartphone penetration and digitisation, it is imperative to build a robust cyber security products and services industry in the country," Nasscom stated.
Read more »
Subscribe to: Comments (Atom)