Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

More UK web users to become techie in 2017

The British Investigatory Powers bill states that all communications will suffer the lack of privacy online. The Internet Service Providers will need to collect data as to their users which will include include each person's browsing history, user names and passwords, location data, billing information, address, device identifiers and volumes of data exchanged. Such data will be available to the authorities upon request. GCHQ and MI5 will also have the freedom to collect information towards protecting national security.

This will turn users towards Tor and the Dark Web so that they can remain anonymous while surfing the web and almost everyone sensitive to internet privacy will become a security expert in 2017 because without security, they will no longer be able to guarantee their privacy.

In 2015, it was revealed in the course of court proceedings that UK intelligence agencies had been unlawfully monitoring conversations between lawyers and their clients in cases against the state. According to the Interception of Communications Commissioner's Office, police spied on more than 100 journalists and almost 250 sources between 2011 and 2014.

Tor is free and open source software, able to offer an anonymous path on the internet.Users can also maintain their anonymity by hardware usage like Edward Snowden did by creating an i-phone case which detected data leak.

The government responded by passing this bill in March 2016 which received Royal Assent after being passed by the House of Lords in November 2016, putting their activities on a statutory footing. 

The IP Bill makes bulk interception - tapping and storage of phone calls, emails and other communications - explicitly legal. As security services increasingly cannot acquire the data they want through these methods - because messages on phones are more commonly encrypted - they will also be empowered to use a new method, "bulk equipment interference", or more commonly said as hacking.

After the Royal Queen gave her assent to the bill, it will now start hindering with others privacy and wreak havoc. At the beginning of 2017, the new legislation will come into full effect.

It is unclear yet if this attempt of UK government is going to work practically or not. But a similar attempt failed in Denmark after seven years of implementation where it helped in only one investigation. So Denmark stopped this legislation in 2014.

The UK government is yet not thinking about the adverse repercussions of this decision which can expose all the data if a massive hack takes place and all the information can get into the hands of powerful online villains.

As the limitations grow larger by the day, new solutions will emerge to satisfy the needs of the public.
Read more »

France's Presidential election could be next target for hackers

After witnessing a cyber attack on US Presidential election, France is not leaving any stone unturned to protect its Presidential election from hackers.

France's Defence Minister Jean-Yves Le Drian admitted that their website was the subject of 24,000 cyber-attacks last year. But due to efficient security services the attack was warded off, and the minister praises his team, "tarnishing the image of the ministry as well as strategic attacks – harassment, surveillance, espionage – and even attempts to disrupt our drone systems", he said. "Thankfully, our defenses were sufficient and none of these attacks were successful."

He mentioned that every year these kind of attacks were doubling. His main concern was this year's presidential elections that could be aim for many hackers around the world.

In an interview with French weekly Le Journal du Dimanche, Le Drian said that French civil infrastructure such as water, electricity, telecommunications and transport, as well as against French democracy and the media are at risk of cyber attacks. To prevent this he has initiated step to set up a cyber-operations headquarters, Cybercom, which will employ 2,600 "digital soldiers" by 2019 and receive support from an additional 600 cyber experts.

He said that France is very well capable of defending itself against cyber attacks but also  able to strike if necessary, "France reserves the right to respond by all means it deems appropriate,” he said. “That could be through the cyber arsenal at our disposal but also by conventional means. Everything would depend on the effects of the attack."



Read more »

Website of Military of Venezuela hacked

The Official website of Military of Venezuela has been hacked and published on the website Pastebin.com by a user named Kapustkiy on 8 January 2017.

The hacker targeted the official website  (www.esguarnacpuntademata.mil.ve) and the Twitter account linked to this website (@GNBesguarnaccli).

According to the post on pastebin.com, the hack was carried out to protest against the President.  Kapustkiy wrote on his blog, "In protest against Nicolas Maduro .''  In his post he further wrote, "WE ARE NEW WORLD HACKERS.  EXPECT US: GREETINGS TO: ownz - cyric - shadow - prophet - sadfurry - gustavo" and also posted the link to their website (www.newworldhackers.com).

The hacked database includes the personal information like full name, telephone number, email id, their ethnicity, military unit. The compromised file contains the 2189 entries.

Recently Venezuela is facing a crisis as its murders and lynching is increasing at an alarming rate.

Approximately one person is being lynched every three days as frustrated residents have taken justice into their own hands and they usually take revenge on suspected criminals.

A crime monitoring group reported that mob killings have become a generalized phenomenon across the country, with 126 deaths reported in 2016 versus 20 last year.

"Due to being repeated victims of crime for more than a decade, and the feeling of not being protected, many people have decided to take justice into their own hands," The Venezuelan Observatory of Violence (OVV), which monitors crime said in its latest annual report.

OVV in its report said that last year, lynchings of suspected murderers and rapists were relatively uncommon, but this year angry crowds have increasingly attacked petty criminals too, with police often turning a blind eye.

Venezuelans have long suffered alarming levels of violent crime, in part because of the widespread availability of guns, inadequate policing and a bribe-riddled justice system.

A crushing economic crisis has added fuel to the fire in crime.

Read more »

Kaspersky AV users exposed to attacks

Google’s security engineer, Tavis Ormandy has discovered a vulnerability in the Kaspersky antivirus program’s interception of HTTPS traffic which coincides with its own certificate to scan for web threats.

Security vendor Kaspersky Lab updated its antivirus products to fix an issue that exposed users to traffic interception attacks as they are open to TLS certificate collisions. Kaspersky used only the first 32 bits of an MD5 hash in its SSL proxy packaged anti-virus product.

Before websites started moving to HTTPS encryption, antivirus or other web analysis tools could just look at the traffic as it was coming into the browser. However, that’s not possible anymore with websites that have encrypted their traffic.

Like other endpoint security products, Kaspersky too installs a self-signed root CA certificate on computers which it calculates on the basis of the 32-bit key of the serial number of the original certificate presented by the website and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers. This is similar to how man-in-the-middle attacks happen. However, the difference is that presumably, the users are aware of this happening when they enable the web scanning option.

The major problem is that the 32-bit key is very weak and by re-using it, an attacker could easily craft a certificate that matches the same key, creating a collision and intercepting the traffic of multiple sites when Kaspersky users would access them.

Ormandy also reported that Kaspersky sometimes got certificate errors for mismatching commonNames and even after the Project Zero security researcher received the acknowledgement from the security vendor on November 01, the exploit could still be exploited.

However, both the flaws were amended by Kaspersky on December 28.

Ormandy tweeted, "If you're not being attacked, you would see random errors. A MITM [man in the middle] can send you packets from where you were expecting."

Kaspersky Lab pointed out that there is an additional check being performed on the domain name in addition to the 32-bit key. This makes attacks harder, but not impossible.

It’s likely that most users aren’t aware the antivirus software can see their traffic, though, because not everyone is aware of all the intricacies of antivirus and security technologies. Therefore, this “solution” to encrypted web threats may unnecessarily put most users at risk when they don’t know what they’re doing. Some security experts believe that no antivirus program should be allowed to do TLS interception of all web traffic.
Read more »

Illegal activity increasing on the Dark Web

The Dark web is becoming darker day by day. Illegal sale of weapons to drugs has been exponentially increased, while most of the deliveries are done by innocent postal workers who don't have any idea, Radio 1  Newsbeat investigation has found.

During an investigation, Newsbeat found that "millions of pounds of drugs are bought online every day" and is being delivered by the innocent  UK postal workers.

When Newsbeat spoke to delivery staff, they admitted that they "definitely handled suspect packages" but there was "nothing they could do".

Royal Mail clarified that they don't knowingly carry any illegal items in its network.

Most of the users access the dark web via Tor browser, which protects the user's identity and online activity from any kind of surveillance.  It's a key route to illegal trading on the dark web.

How Newsbeat investigated into the matter?

They ordered MDMA, cannabis and former legal high Spice on the dark web using virtual currency Bitcoin.

They received the package within a week. After that, they collected the drugs and gave them to a government-approved lab for testing and destruction.
.
A Royal Mail spokesperson said: "Where Royal Mail has any suspicion that illegal items are being sent through our system, we work closely with the police and other authorities including the Medicines and Healthcare products Regulatory Agency to assist their investigations and to prevent such activities from happening."

"Unless there are massive raids on markets any time soon" causing "a loss of consumer confidence", this "hidden" drug market will keep growing, says Chris Monteiro, an independent cybersecurity expert, and researcher.

"Talk of better prices and improved purity will continue to spread and eat away at the offline market," he explains.

And he adds: "Government and police are more interested in data breaches and weapons [than drugs]."

According to data from the Global Drug Survey [GDS]."About a third of people said they'd broaden their drug-using repertoire," says Dr. Adam Winstock, from Kings College and GDS, he also mentioned that "millions of pounds of drugs are bought online every day".

Read more »

Russia did not hack Vermont electric utility


Recently reports of Russian hackers penetrating U.S. electricity grid through a utility in Vermont went viral, much before the investigation into the case could begin.

The investigation by officials began on December 30, when the Vermont utility reported its alert to federal authorities some of whom told The Washington Post that code associated with the Russian hackers, dubbed as ‘Grizzly Steppe’ by the Obama administration, had been discovered within the system of an unnamed Vermont utility but later that evening, the Burlington Electric released a statement identifying itself as the utility in question and saying the firm had “detected the malware” in a single laptop. The company said in its statement that the laptop was not connected to its grid systems.

The Post also immediately made corrections to its article and added an editor’s note explaining the change but not before other media outlets too, spread the news like a fire across the world.

An anonymous official disclosed that Russians did not actively use the code to disrupt utility operations. Initially, the broad list of internet addresses led Burlington Electric to believe that a compromised laptop was the victim of a Russian attack. However, upon further investigation, it appeared to have been infected by a common hacker toolkit not connected to the Russian attacks. Many users use Tor internet anonymity service. A list of pseudonyms for the attackers included “Powershell backdoor,” which is a type of attack, not a specific attacker group.

U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI is continuing to investigate how the malware got onto the laptop.

The latest report has at least temporarily put to bed a news story that rankled many in the security community, including the most fervent believers that the Democratic National Committee was hacked by the Russians and underlines problems many have with a joint Homeland Security.

The penetration of the nation’s electrical grid is significant because it represents a potentially serious vulnerability. Government and utility industry officials regularly monitor the nation’s electrical grid because it is highly computerised and any disruptions can have disastrous implications for the function of medical and emergency services.

Such incidents illustrate how effectively false and misleading news can ricochet through the global news echo chamber through the pages of top-tier newspapers that fail to properly verify their facts.
Read more »

Trump Questions US Intelligence Agencies Over Russia Hacking Review

President-elect Donald Trump has supported Wikileaks founder Julian Assange and doubted on the claims of US intelligence agencies that Russia was involved in cyber attack during the presidential campaign.

He took to twitter to show his anguish: "The "Intelligence" briefing on so-called "Russian hacking" was delayed until Friday, perhaps more time needed to build a case. Very strange!"

Trump has repeatedly refused to accept the investigation done by the several agencies like  FBI and CIA believe that it was Russia who directed hacks against the Democratic Party and the campaign of its presidential candidate Hillary Clinton.

Before this, he tweeted in support of the Julian Assange: "Julian Assange said "a 14-year-old could have hacked Podesta" - why was DNC so careless? Also said Russians did not give him the info!"

At his New Year's Eve Party, Trump said that it is very “unfair” for the Obama administration to allege Russia’s involvement in the cyber attacks “if they don’t know” for certain that the Kremlin was involved.

“I know a lot about hacking. And hacking is a very hard thing to prove. So it could be somebody else,” Trump said.

“I also know things that other people don’t know, and so they cannot be sure of the situation,” he added.



Read more »

Indian, Pakistani hackers indulge in cyber war

As the world was engrossed in the celebration of New Year, hackers from India and Pakistan welcomed the year by indulging in the cyber war. Indian hackers allegedly infected three Pakistan airport websites with ransomware to avenge hacking of the official website of National Security Guard (NSG) by their counterpart in Pakistan.
The group known as 'Alone Injector' had posted some offensive content on NSG's official homepage. Later, remedial action was processed by National Informatics Centre.
A Pakistani hacking group,’ Kashmir Cheetah’ had also attacked the official website of Cochin and Thiruvananthapuram airports on December 28 which were later restored by cybersecurity officials.
A message posted on the websites read: “Website stamped by Kashmiri Cheetah. HACKED. Team: Pak Cyber Attackers. We are Unbeatable. Mess With The Best. Die Like The Rest.” The group was also responsible for the hacking of AIIMS Raipur’s website earlier this year.
In retaliation to both the attacks, Indian hackers on Monday (January 02) had claimed to have hacked Islamabad, Peshawar, Multan International and Karachi airport websites and injected them with ransomware malware which denied the owners to access them.
“We have hacked Islamabad, Peshawar, Multan International and Karachi airport website,” Indian hackers were quoted as saying by mail online India on Monday.
The hackers demanded bitcoins (virtual money) in exchange for unlocking it but an Indian hacker was quoted as saying that though last time they donated the money from unlocking the files to needy kids, but this time they won’t share the key.
Indian hackers have warned both Pakistani hackers and the government against attacking India in future.
“We have many other important Pakistan websites under our control, but they will be compromised only if Pakistan tries to open an attack against India,” said one of the Indian hackers.
Experts believe the hacking of airport websites can be used to get out crucial information about flights, which can have serious consequences.
This hacking group in past had infected the Pakistan government systems using a malicious programme, taken control over hundreds of computers and locked its complete data, making it inaccessible. The hacking group also leaked details of Pakistan army officers and banking details.
India’s weak cyber security infrastructure has been repeatedly questioned by the experts and the country ranks in top 10 in cyber crimes.
In 2013, the website of the Customs Department of the Indira Gandhi International Airport was hacked allegedly by a Pakistani hacker. He broke into the server, removed the content on the homepage and uploaded an image along with an audio file of a song.
Such fights are common but now the intensity of such attacks have increased by many folds.


Read more »

Smart electricity meters may be highly insecure against hackers


During a talk at 33rd Chaos Communications Congress Netanel Rubin, a senior vulnerability researcher presented his findings on the failings in the security of commonly deployed smart meters which can be misused by hackers who can cause fraud, explosions and house fires.

The utility companies need to do protect consumers against the ‘dangerously insecure’ smart electricity meters which are installed everywhere around the world accounting to around 100mn installation.

The meters are designed to treat their owners as attackers as a result of which the physical security of smart meters is very good. If the owner could control it, they could use it to defraud the power company about their electricity usage but if an attacker gains control over it, they can cut power to a home or even cause catastrophic overload leading to exploding meters, they can even jack up one’s bills and that fantastic physical security means one can't readily reprogram the meter to tell it to ignore the remote instructions that seem to be emanating from a privileged user at the power company. If you can override the power company's instructions, the power company is vulnerable to your shenanigans, and since power companies are the primary customers for smart meters, the meters are designed to protect them at your expense.

Addressing the conference in Hamburg, Rubin warned that the attackers could also see whether a home has expensive electronics and can have power over all the smart devices in the home connected to the electricity which means they have also control over the software and that they can rob someone without even stepping into a house.The network security model of smart meters starts from the inherently flawed Zigbee protocol, long understood to be difficult to secure, and goes downhill from there, with half-hearted and sloppy implementations of Zigbee's second-rate security. Smart meters rely on the insecure GSM protocol, incorporate hard coded administrative passwords and use keys derived from six-character device names.

The UK department of Business, Energy and Industrial Strategy said: "Robust security controls are in place across the end to end smart metering system and all devices must be independently assessed by an expert security organisation, irrespective of their country of origin."

Rubin is almost certainly not the first person to discover these vulnerabilities but the security researchers who uncover these security bugs are routinely silenced by their in-house counsel, because laws like Section 1201 of the DMCA -- and EU laws that implement Article 6 of the EUCD -- allow companies to sue (and even jail) anyone who reveals a flaw in their digital locks.

Rubin warned that in the future sharp increase in hacking attempts will take place. Adding, “Utilities have to understand that with great power comes great responsibility.”

Rubin said many of the warnings were not hypothetical. In 2009 Puerto Rican smart meters were hacked en masse, leading to widespread billing fraud, and in 2015 a house fire in Ontario was traced back to a faulty smart meter, although hacking was not implicated in that.

Smart meters come with benefits, allowing utilities to more efficiently allocate energy production, and enabling micro-generation that can boost the uptake of renewable energy. For those reasons and more, the European Union has a goal of replacing 80% of meters with smart meters by 2020.
Read more »

Stronger cyber security should be India’s new year resolution


In 2017, India should prepare itself to tackle an ever increasing number of cyber security threats.

Digitalisation provides organisations with opportunities to grow and innovate but it also brings a new world of risks.

In 2016, the issue of cyber breach became a concerning topic after incidents of twitter accounts being hacked, health data being stolen and debit cards being compromised began making rounds and yet no major step was taken to meet the threats.

In this era of digitisation, when people and devices connect, astonishing opportunities emerge for hackers. Globally, we connect 30 million new devices to the internet every single week. Every second more new Indian connects to the internet and four new devices connect to the network. Today, connected devices are generating almost 300 times more data than all the people connected to the internet which have a larger impact on our daily lives by the way healthcare is provided, cities are managed and manufacturing and other critical infrastructure is managed.

After the transition of services from cash to digital, all the electronic networks which enable business innovation, generates insights and creates customer experiences should be protected. From retail banking to digital payments, companies that seize the digital opportunity need security everywhere to limit the risk of sensitive data compromise.

The Delhi police force has already started the process of setting up a security operation centre (SOC) estimated to cost Rupees 75 crore to save itself from such attacks by Pakistan and Chinese hackers and the Ministry of Home Affairs (MHA) has approved the proposal. As many as 79% of chief information officers plan to increase their spending on network security over the next 12 months. The police’s intranet and data centre contain a lot of information related to terrorists and terror activities which if leaked can pose a threat to national security.

Last year, cyber hackers from China, Pakistan, Sweden, Singapore, the U.S, Russia and Dubai had attacked Indian networks.

But a new legislation needs to be brought out on data breach disclosures and privacy protections which are applicable country wide. Today, if an online retailer’s system is breached an credit or debit information is taken, the retailer is not compelled to report it. Doing so may only hurt its brand. For an individual, this means that if their card data is stolen and unauthorised charges are made, they have no way of knowing where the breach occurred. There are no clear liability laws for such cases, so depending on the individual’s bank, they may or may not be liable for any money that is stolen. The laws need to be brought in place so that attackers can deter before bringing such acts in execution. There is an urgent need to set up a security operation centre for detection and prevention of threats. Cyber attacks on Indian companies doubled in 2015 according to PwC.

Earlier, a draft by RBI measure to limit the liability of customers in case of data breaches went through a public response phase in August, but yet RBI hasn’t issued any regulation. The RBI did also put out a notification titled “Cyber Security Framework in Banks” that specified several guidelines and best practices and imposed a reporting obligation on the banks. Though the banks had reported 19 incidents from June to October, the guidelines state that only ‘unusual’ incidents need to be reported which leaves a lot of discretion to the banks to not report incidents.

Digital transformation and Digital India require a strong cyber security foundation—a foundation that will enable companies and governments in India to have the confidence to implement digital processes and technologies that fuel innovation and growth. Without it, business and government leaders may hesitate to start digital projects.
Read more »

Chinese Hackers Charged Of Breaching U.S. Law firms

(pc-Google Images)
Three Chinese citizens have been accused of hacking the networks of U.S.-based international law firms and using information from those firms to conduct insider trading, making more than $4 million from the scheme.

In a statement, U.S. Attorney Preet Bharara said the hackers targeted around seven firms involved in acquiring, or being acquired by, other companies.

Prosecutors said that beginning in April 2014, the trio obtained inside information by hacking two U.S. law firms and targeting the email accounts of partners at the firms who worked on high-profile mergers and acquisitions.

(Preet Bharara/ pc-Google Images)
"This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals," said Preet Bharara in a US Department of Justice release.

According to the U.S. Securities and Exchange Commission, the three men posed as IT professionals, listing themselves as such in brokerage records.

One of the accused, Iat Hong, a resident of Macau, was arrested by local authorities on Dec. 25 and is awaiting extradition proceedings. Thirteen charges are being levelled against the alleged hackers Hong, Bo Zheng, and Chin Hung — including computer intrusion and insider trading. The U.S. government is seeking the extradition of Hong, prosecutors said. Hung, 50, and Zheng, 30, are not in custody, authorities said.

(pc-Google Images)
The attacks, which occurred in 2014 and 2015, targeted the email accounts and data of law-firm partners, aiming to gain sensitive information about the acquisitions.

In a case, the group allegedly compromised a law firm that was advising a company contemplating purchasing Intermune, a U.S.-based drug maker. After stealing 40 gigabytes of data from the law firm, the three men began purchasing Intermune shares. After the company announced it would be purchased by Roche AG on Aug. 25, 2014, the men sold the 18,000 shares for a profit of $380,000, according to the U.S. Attorney’s statement.
Read more »
Subscribe to: Comments (Atom)