More than 570 friends and family joined the Facebook page 'RIP Simon Paul Foxley' in the wake of his death.
Cyberspace has become all pervasive. Every facet of a modern life has elements of cyberspace embedded in it. Therefore securing the cyberspace has become a necessity, which can no more be wished away. This space collate the news and views affecting the security of our cyberspace.
31 December 2011
30 December 2011
Wi-Fi Protected Setup easily unlocked by security flaw
Security researcher Stefan Viehböck has demonstrated a critical flaw in the Wi-Fi Protected standard that opens up routers to attack and has prompted a US-CERT Vulnerability notice.
Wi-Fi Protected Setup (WPS) is used to secure access to wireless networks and requires each router to have a unique eight-digit PIN. One mode of use allows a device to connect by just presenting that PIN, opening the way for a client to just try every available PIN. Worse still, the protocol splits the PIN into two halves which reduces the attack time to a couple of hours.
Eight digits should produce 100,000,000 possible combinations, and testing various routers Viehböck found it took an average of around two seconds to test each combination. So brute forcing should take several years unless the router was particularly responsive.
But the protocol used by Wi-Fi Protected Setup reports back after the first four digits have been entered, and indicates if they are right, which means they can be attacked separately. The last of the eight digits is just a checksum, so having got the first four the attacker only then has to try another 1,000 combinations (identifying the other three digits) and the entire PIN is known.
That combination means that our attacker only has to try 11,000 different combinations to find the right PIN, reducing the attack time to a couple of hours.
Kaspersky claims ‘smoking code’ linking Stuxnet and Duqu
Researchers at Kaspersky Lab are claiming to have found proof that the writers of the Stuxnet and Duqu malware are one and the same, and are warning of at least three new families of advanced malware potentially in circulation.
Security experts have been debating if the two code groups are by the same authors, but the evidence has been inconclusive. An analysis by NSS last month suggested that the two were linked, but this might be down to reverse engineering, rather than the original coding.
Alexander Gostev, chief security expert at Kaspersky Lab, said that researchers had examined drivers used in both Stuxnet and Duqu and concluded that a single team was most likely behind them both, based on the timing of their creation and their methods of interacting with the rest of the malware code.
“We consider that these drivers were used either in an earlier version of Duqu, or for infection with completely different malicious programs, which moreover have the same platform and, it is likely, a single creator-team,” he said in astatement.
The researcher's data suggests both were built on a common platform, dubbed Tilded because it uses many files beginning with the tilde symbol "~" and the letter "d." The platform was built around 2007 or later, and was updated in 2010 - possibly to evade countermeasures.
Kaspersky's director of global research & analysis, Costin Raiu, told Reuters that the platform and drivers involved would indicate five families of malware had been made using the platform already, and that others may be in development. The modularity of the systems makes it easy for the malware writers to adapt their creations to new purposes and techniques.
The effects of social media sites on elections
|The Constitutional Court ruled Thursday that using online and mobile media such as Twitter for election campaigns does not violate election law, which will likely boost the use of social networking sites for campaigns next year before the April general elections and December presidential election.|
Under Article 93, Clause 1 of the Election Law, supporters and opponents of a political party or candidate cannot distribute promotional publications including advertisements, greeting cards, photos and documents, and other similar materials for 180 days prior to voting. The National Election Committee had banned social networking site from allowing posts related to elections, and the court was to decide whether to include social networking sites as "other similar materials" banned. In its latest ruling, the court has ruled unconstitutional the ban on using mobile media including Twitter for campaigning, saying freedom of expressing political standing and promoting election campaigns should be guaranteed. Since election law is intended to prevent an imbalance in financial capability among candidates, the court has ruled that online campaigns are legal due to small accompanying costs.
The big principles of election law are to restrain the use of campaign money and free the voices of political standings. This is a positive ruling to allow campaigning through use mobile media, which incurs little cost in that social networking sites offer the most optimal environment. Excess money spent on election campaigns can be prevented by the wise use of mobile media, while corruption involving the gathering of campaign money can also be prevented.
Phishing E-mail Scam Victimize Customers of Chase and Barclays Bank
Currently, the customers of Chase and Barclays Bank are triggered by scammers with phishing e-mails that are presently circulating in Internet, highlights security experts at security firm, GFI Software.
Clients of Chase Bank, headquartered in Chicago, US are recently receiving authentic looking spoofed e-mails and the login page of the bank seeking confidential information through a well-chalked out phishing scam. Once the confidential credentials are provided by the clients, they are automatically diverted to another webpage that seek to retrieve more sensitive details.
On the contrary, clients of Barclays, headquartered in London, UK are receiving e-mails that are warning them of their accounts being suspended on account of too many incorrect log-in attempts.
A well-crafted attachment along with the e-mail unveils innumerable requests for providing confidential data in the name of reactivating the account. To intensify urgency, the crooks even warn the recipients with a time limit within which they are to respond and provide all valuable information.
Once the required confidential data are provided, the user is automatically redirected to the official website of Barclays to erase away the slightest suspect.
The confidential information thus revealed by the crooks is sufficient for the crooks to take over a bank account and celebrate the money.
Phishing Scam Targets New Owners of Apple Products
If you own an AppleID account, be sure to look out for a well-crafted phishing scam that's been going over the past week. The email has targeted Apple users, fooling them into give their Apple IDs and billing information.
Internet security firm Intego says the email was sent to many owners of iPhone, iPod and iMac with the "Apple update your Billing Information" in the subject line.
This is how the phishing scam works:
After the Apple users open the email, they will find a message claiming to have originated from "email@example.com.”
The email will tell the users that their current billing records are "out of date," and it will provide a link to the Apple Store, urging the users to click on that link and confirm their billing records. However, if the users click the link, they will be directed to a fake Apple sign-in page. Users who received the email, said the fake sign-in page is nearly identical to the real sign-in page.
Once the users enter their Apple ID and password, they will be reminded to update their billing account information, especially their credit card information.
Second Person Charged in Emmet County Child Porn Case
EMMET COUNTY -- 72 year old Jerry Francis Battle of Petoskey was charged Thursday with multiple counts of possession of child sexually abusive material and using a computer to commit a crime. Police say he had more than 300 child pornographic videos and pictures on his computer.
Battle is being held in the Emmet County jail on $20,000 bond.
Police say Battle is a registered sex offender who had been living with 50 year old Richard Ruffe.
Ruffe was charged last week with 20 counts of possession of child sexually abusive material and using a computer to commit a crime.
29 December 2011
Facebook status can open door to crime
More than 800 million people are active Facebook users, according to the social media website, and when one user makes a status public, every user can see it.
Around the holiday season when more Facebook users are going on vacation, posting statuses to the public about leaving town can invite crime into their homes.
“If you give somebody the keys to your house, you better make sure they’re responsible to take care of your house,” said Evansville Police Department Detective Kurt Pritchett, who works with cyber crimes. “If you give everybody your information, you’re giving all of them the opportunity to come into your house.”
A 2011 survey of 50 convicted burglars in the United Kingdom, conducted by the Survey Shop, reported that 78 percent of the burglars believed social media sites like Facebook, Twitter and Four Square are useful tools for targeting properties.
28 December 2011
Posting photos online can help criminals track you
Because of metadata, a criminal can find the location of a person who has posted photos on a social media platform or other website from a camera-enabled mobile phone at any time, Bourbon County Emergency Manager Keith Jeffers said.
Metadata are bits of information embedded in images taken with smartphones, webcams and some digital cameras and then shared on public websites. Information often includes the times, dates and geographical coordinates (latitude and longitude) where images are taken. Details such as where a person lives and works and their travel patterns and habits can unwittingly be revealed through metadata.
While the geospatial data can be helpful in a myriad of web applications that plot image locations, it also opens a door for criminals, including burglars, stalkers and predators. It's not a stretch to imagine young teens' images of their ventures to the mall or beach being culled by web predators and meticulously plotted on online maps.
People who want to use information to their advantage only need to enter the latitude and longitude coordinates into a program such as Google Earth to find someone's location.
Thousands warned of charity hacking threat
British companies including BT, BAE Systems, Barclays and HSBC were among the organisations whose details were leaked to the internet, alongside organisations such as Apple, Microsoft, Coca-Cola and Google.
Save the Children and the Red Cross have promised to refund any fraudulent donations, and some charities are worried they will be left out of pocket because of chargeback fees and the administrative burden of returning the money.
Hackers said they next planned to publish the entire corporate database of an online military supply store, and Twitter messages suggested Stratfor was just the first in a long list of targets over the Christmas period.
A tweet from @AnonymousIRC, an account associated with the hackers, said: “#Antisec has enough targets lined up to extend the fun fun fun of #LulzXmas throught [sic] the entire next week.”
Brit police clamp down on websites aiming to dupe Olympics visitors
Police have already shut down around 2000 such websites, which were trying to con people by selling them luxury goods in the name of Olympics. Close eye is being kept on thousands of more such Olympic websites which have come up recently and are trying to endorse their good by deliberately relating themselves to London Olympics which will be taking place next year.
The signature image of five Olympic rings is the most commonly used tool by these frauds on their websites to convince their target consumers. Police officials are ready to tackle any kind of cyber crime, which is expected to hit London Olympics.
Cyber Crime: Man arrested for credit card fraud
LAHORE: The Federal Investigation Agency’s (FIA) National Response Centre for Cyber Crimes has arrested a man allegedly involved in making and using counterfeit credit cards by hacking card holders’ data. The investigators suspect involvement of some NADARA officials in the crime.
An FIA official told The Express Tribune that the accused, Tanveer Iqbal, obtained computerised national identity cards (CNICs) data possibly with help from some Nadra officials, to produce fake credit cards in his name and names of his accomplices. The official said that the criminals used CNICs that were returned to Nadra for correction of spellings, date of birth and address.
The gang members hacked credit cards using data on the CNICs and used them for larger transactions. He said the gang members had a digital device through which they transferred their data on blank credit cards.
The gang used magnetic strip read and writing (MSRW) machine to rewrite data on credit cards.
27 December 2011
'I'll be dead by morning': Terrified mother's Facebook post that saved her and son after being held hostage for five days
A woman used Facebook to seek help after she and her 17-month-old son were held hostage in a house for nearly five days, police said.
Police Sgt. Jon Arnold said the woman hid in a closet with a laptop to post her plea for help on the social networking website, saying she and her son would be 'dead by morning' if they were not rescued from the house in Salt Lake City, Utah. The post prompted someone to call police, who went to the home to check on the woman's welfare, the Associated Press reports.
'Facebook was her only outlet that she had at the home,' Arnold said.
'It just happened that she was able to use it.'
Police arrested Troy Reed Critchfield, 33, and booked him into jail Saturday for investigation of aggravated kidnapping, forcible sodomy, aggravated assault, domestic violence, child abuse, animal cruelty and other charges. Salt Lake County Jail records show Critchfield initially refused to let police in the house.
26 December 2011
Misspelled websites aim to steal information
One Internet security firm is warning that a botched keystroke while typing an online address can give computer criminals a chance to hijack your system.
San Diego-based Websense Inc. has identified as many as 2,000 so-called typosquatters, which use sites that look identical to legitimate ones to capture personal information, launch malicious computer attacks and initiate online scams.
The Internet domains of some of the nation's most popular retailers, including Best Buy, Walmart and Apple, have been targeted so an errant character could take consumers to fake domains without their knowledge.
For instance, a shopper might accidentally land on the domain, wallmatt.com, as opposed to the big-box retailer's actual walmart.com. The site might look like the retailer's home page, but the extra "l" and "t" ensure that you have entered a typosquatter's domain.
Another method used to trick consumers: Spell the retailer's name correctly but misdirect consumers by changing ".org" or ".net" on Web addresses.
According to experts, simply landing on a typosquatter site can enable criminals to infiltrate your computer.
A Websense analysis found that most typosquatting domains lead to a bot network, used to steal passwords and obtain personal information such as financial or banking records. Bot networks aren't obvious and can involve millions of computers.
Another common typosquatting attack involves phishing schemes. Consumers landing on a phony domain instantly are offered online deals, coupons or even free merchandise. Pop-up ads offer fake products and tell consumers to fill out specific forms to claim prizes. In one case, the bogus domains tell consumers they have won an Apple iPad.
Typosquatting sites also can infect computers with viruses. These malicious sites disable systems, leading to debilitating computer crashes. The sites can affect whole networks of computers, either to steal information or to wreak mayhem.
Mystery buyer acquires vatican.xxx web address
The Vatican said on Wednesday an unknown buyer had snapped up the internet address vatican.xxx, a domain combining its name with an extension reserved for pornographic content.
"This domain is not available because it has been acquired by someone else, but not the Vatican," Vatican spokesman Father Federico Lombardi said on Vatican radio.
It was not clear from his statement if the Vatican had tried to acquire the domain in order to prevent future misuse and had been beaten to the punch by the unknown buyer.
Lombardi denied Italian media reports that the Vatican had, like many other organizations including companies, universities and museums, registered the xxx domain to prevent its misuse.
The xxx domains are being launched this month for pornographic content and many organizations have preemptively acquired them so others cannot.
Hackers hit genocide bill author’s website
Hackers have attacked the website of French parliamentarian Valerie Boyer, the author of the bill criminalizing genocide denial that was recently adopted by the French National Assembly.
The hackers posted a Turkish flag and an address to the French government and the Armenians community of the country. The message says that the bill was meant to reap votes in 2012 election.
Ms. Boyer said she called the police after she and her family members received death threats.
On December 22, 2011, French National Assembly passed a bill criminalizing public denial of the Armenian Genocide. If passed and signed into law by the Senate, the bill would impose a 45,000 euro fine and a year in prison for anyone in France who denies this crime against humanity committed by the Ottoman Empire. Following the vote, Ankara recalled its ambassador from France.
New Hackers Attacks Focus on ICloud Users
Hackers are reportedly started to focus on users of the iCloud service of Apple (NASDAQ:AAPL) as they attempt to obtain the log-in credentials of the users, who may be in the middle of preparations for the holidays. Users of the iCloud service are warned of the phishing scams and were asked not to reply to emails that ask for their username as well as their password.
According to reports the scammers will claim to be Apple and recommend users to reply immediately because if they do not do so, their iCloud or their MobileMe accounts will be terminated.
Scammers have also used some words that use terms related to security, such as ‘virus’, on the emails. Other techno-speak words may also be used by the scammers to make the email appear important. These scammers are reportedly trying to scare the users into moving quickly. Reports have reported that a non-existent virus, the DGTFX Virus, was used in recent emails to iCloud users.
The scammers may say that this non-existent virus is all set to be released and the scammers require the username and the password in order to give the iCloud users an upgrade. Users of the iCloud service who receive such an email are requested to delete it immediately along with any other email that claim to be Apple that recommend the sending of the account data of the users.
'Anonymous' hackers hit US security firm Stratfor
The activist hacker group Anonymous says it has stolen thousands of emails, passwords and credit card details from a US-based security think-tank.
The hackers claim they were able to obtain the information because the company, Stratfor, did not encrypt it.
They say Stratfor's clients include the US defence department, law enforcement agencies and media organisations.
The Austin-based company says it has now suspended the operation on its servers and email.
An alleged member of Anonymous posted an online message, claiming that the group had used Stratfor clients' credit card details to make "over a million dollars" in donations to different charities.
Stratfor later announced that it would keep its email and servers suspended for some time.
It also said the disclosure was "merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor".
Anonymous has previously claimed responsibility for cyber attacks on financial institutions seen as enemies of the whistleblowing website Wikileaks.
23 December 2011
Heartbroken musician killed himself after Facebook taunts
A HEARTBROKEN young musician infatuated with a girl online killed himself just hours after being told to "go and die" by cyber bullies on Facebook.
Tormented Simon Foxley, 21, fell for a girl he had never met but his feelings for her were unrequited.
Simon hanged himself after Facebook users hounded him with "heartbreaking" messages - when he attempted to contact the girl who had deleted him as a friend.
The taunts ended with the jibe "go and die" shortly before Simon was found hanged in the wooded area by his devastated dad Graham, 56, and brother David, 18. The talented drummer's family spoke out against cyber-bullying on Wednesday after an inquest into his death recorded a suicide verdict.
His mum Diane, 55, said: “The boys that made those comments to Simon would not have done it face-to-face - it was only because it was over the internet.
Police officer arrested on suspicion of misusing computer
A 25-year-old serving police officer based in Oxford has been arrested on suspicion of computer misuse.
She was arrested yesterday morning by the Force’s Professional Standards Department on suspicion of computer misuse under the Data Protection Act.
A police spokesman said that the woman’s arrest was not connected with Operation Weeting into phone hacking.
22 December 2011
Covert Trojan targets military families' bank account
Online-banking bandits are trying to use conniving emails to pilfer funds from the bank accounts of members of the U.S. military and their families.
The United Services Automobile Association, a San Antonio, Texas-based financial firm that serves current and former military and their families, issued a warningMonday advising its customers to be aware of an "aggressive email phishing scam."
The phony emails, titled "Deposit Posted," appear to come from the USAA; the logo is accurate and includes a four-digit "Security Zone" number that looks similar to the customer's real member number.
Beneath the made-up deposit, the phishing email reads: "Please refer to attached file for more details." Users who click on this attachment would be immediately hit with a dangerous Trojan designed to steal banking credentials.
20 December 2011
Rising cybercrime pushes African governments to take action
New CERTs have been set up in South Africa, Kenya, Morocco, Ivory Coast and Tunisia
Nepal Police arrests Facebook mis-user for Cyber crime
Timilsina 21 was arrested for cyber crime and cyber harassing in context of sending pornographic videos through fake account that came in action after a victim girl launched a complaint against the perpetrator. Timilisina had created number of fake accounts and use to approach girls with the intentions of sexual harassment and exploitation. The police traced his number from facebook account that was posted there.
These days a new viral face book scam is taking its toll where a user clicks in the posted picture on his or her wall and once it’s clicked it automatically posted the same material to friend’s wall with no notification to the user. The facebook user should not worry about this as it’s just an application, where being aware and sharp can save you from huge embarrassment. It’s not a malware. It’s a form of a viral marketing that has been adapted in the news form of SPAM.
19 December 2011
Smartphone Geo-Location Tagging Is A Major Security Issue
Commenting on the ICO’s call for a rethink on location privacy, geo-location tagging security issues are likely to be a major issue in 2012 – and that many users of smartphones are unaware of the potentially serious security consequences of their use of the technology.
Now that most smartphones have native GPS/satnav features, the default setting for most pictures – and videos – taken with these devices is to embed the GPS co-ordinates along with the date and time that the image was taken.
And when smartphones upload these images to the Internet – to portals such Facebook or Flickr – there’s a strong chance they will also upload the GPS data as well. This information could be subsequently misused by third parties, perhaps for stalking purposes, or even cybercrime.
Cybercriminals are now starting to crowdsource information that is available on the Internet – using open source software such as Maltego – and then tying in geo-location data from photos.
China's cyberwar against U.S. is too vital to ignore
China is waging a quiet, mostly invisible but massive cyberwar against the United States, aimed at stealing its most sensitive military and economic secrets and obtaining the ability to sabotage vital infrastructure. This is, by now, relatively well known in Washington, but relatively little is being done about it, considering the enormous stakes involved.
Hackers mostly backed by the People's Liberation Army are trying daily to penetrate the computer systems of U.S. government agencies, defense contractors, technology firms, and utilities such as power and water companies - not to mention the private e-mail accounts of thousands of Americans. To an alarming degree, they are succeeding. In recent years hacks have been reported of the State, Defense and Commerce departments; Lockheed Martin; Google; and the computer security company RSA, which protects critical networks through the SecureID system.
The U.S. response has been slowed by bureaucratic infighting, poor information-sharing and a failure to prioritize the problem above more familiar business with Beijing. The Pentagon has set up a cyber command, but it has the authority to protect only military networks; the Department of Homeland Security jealously guards its prerogative to guard domestic civilian targets. Government agencies often don't share sensitive intelligence with companies, while many companies are reluctant to report on penetrations of their networks; Google has been a rare exception.
Predictably, the Chinese government aggressively denies any involvement in the attacks on U.S. agencies and companies - which makes it difficult for diplomats to pressure for a cease-fire. But an encouraging report in the Wall Street Journal this week said that U.S. intelligence agencies had managed to identify many of the Chinese groups, and even individuals, involved in the cyberoffensive, including a dozen cells connected to the People's Liberation Army.
This should provide an opportunity for the Obama administration to more directly confront the problem. It should demand that Beijing shut down the military-backed groups; if it does not do so, they could be subjected to countermeasures, including sanctions against individuals. Congress could also consider legislation punishing companies connected to the Chinese military if the cyberwar does not cease.Click here to read more ....
RAW gets nod to snoop on calls, emails Provides Agency With Legal Cover In Fight Against Terror
Lawless Internet is crushing U.S. creators
When a gangster breaks into your home and steals your jewelry, investigators find DNA evidence to pursue the crime. But after a Russian-based website rips off a hit song with the click of a mouse or the touch of a keypad, U.S. law enforcement doesn’t even blink an eye.
Dedicated cyber-criminals exploit America’s greatest asset, its creative power, without recourse.
The result: Jobs, small businesses and U.S. exports are forced to walk the plank and drown in a sea of cyber-lawlessness. That’s why Congress needs to pass the Stop Online Piracy Act: to give true meaning and value to our intellectual property rights. The systemic proliferation of online copyright infringement deserves a proportional response from government that is both technically feasible and within reason.
Without the tools to enforce property rights in the physical world, the free market fails to operate effectively.