27 December 2012

Bank loses Rs 1 crore in online fraud

MUMBAI: Not just individual savings accounts, even the accounts of banks are no longer safe. A local bank, which had a current account in another bank, fell prey to online fraud when Rs 1.05 crore was siphoned off from its account through Real-Time Gross Settlement (RTGS).

Even the police were stunned at the way the fraud took place as various security features are involved in an RTGS transaction. The customer is issued temporary password for each transaction. An RTGS payment is initiated only after the customer gives a written request for the same.

According to a police officer, the fraudsters managed to break into the bank's online security apparatus and within an hour transferred the Rs 1.05 crore into 12 different accounts through RTGS. The money was immediately withdrawn from those accounts.

Click here to read more ....

27 November 2012

Xtreme RAT malware targets US, UK, other governments



The hacker group that recently infected Israeli police computers with the Xtreme RAT malware has also targeted government institutions from the U.S., U.K., and other countries, according to researchers from antivirus vendor Trend Micro.

The attackers sent rogue messages with a .RAR attachment to email addresses within the targeted government agencies. The archive contained a malicious executable masquerading as a Word document that, when run, installed the Xtreme RAT malware and opened a decoy document with a news report about a Palestinian missile attack.

...
After analyzing malware samples used in the Israeli police attack, security researchers from Norway-based antivirus vendor Norman uncovered a series of older attacks from earlier this year and late 2011 that targeted organizations in Israel and the Palestinian territories. Their findings painted the picture of a year-long cyberespionage operation performed by the same group of attackers in the region.
..........

Click here to read more ......

19 November 2012

Georgian police chiefs cuffed in cyber spy plot

By Phil Muncaster

Several senior police officials and the former deputy interior minister of Georgia have been arrested on suspicion of spying on former opposition leaders and attempting to influence the result of October’s parliamentary elections.
The arrests come after new prime minister Bidzina Ivanishvili’s coalition swept to power at the election, ending the nine-year rule of the government of president Mikheil Saakashvili, who remains in his post until October 2013.
The 11 interior ministry officials and former deputy interior minister and current vice mayor of Tbilisi, Shota Khizanishvili, are accused of hacking their opponents’ PCs to illegally obtain personal information. Phone taps of calls between leaders of Ivanishvili’s Georgian Dream coalition are also alleged, AFP reported.


Click here to read more ......

30 October 2012

Youth uses uncle’s debit card to ‘purchase’ his own phone online

It was a smart crime involving a smart phone that was caught on the web. A youth, who used his uncle’s ATM/debit card to buy his own cell phone from a shopping website, was caught by the cyber crime cell, Hazratganj a couple of days ago. He had posted his Samsung Galaxy S-III for sale on the shopping website — www.ebay.in — that facilitates online sale and purchase of mobiles, gadgets and other stuff.

Complainant RS Srivastava (the youth’s uncle) received an SMS alert on his cell phone at 5.27pm on October 4 that his SBI account debit card had been used for purchase of a phone worth Rs. 25,000.

Click here to read more ......

Facebook used to kidnap, traffic Indonesian girls

DEPOK(INDONESIA): When a 14-year-old girl received a Facebook friend request from an older man she didn't know, she accepted it out of curiosity. It's a click she will forever regret, leading to a brutal story that has repeated itself as sexual predators find new ways to exploit Indonesia's growing obsession with social media.

.......

The man, a 24-year-old who called himself Yogi, drove her an hour to the town of Bogor, West Java, she said in an interview. There, he locked her in a small room inside a house with at least five other girls aged 14 to 17. She was drugged and raped repeatedly - losing her virginity in the first attack.
After one week of torture, her captor told her she was being sold and shipped to the faraway island of Batam, known for its seedy brothels and child sex tourism that caters to men coming by boat from nearby Singapore.
.....

Click here to read more ......

06 October 2012

Google FUD or State-Sponsored Attack Threat?



Select users of Google’s services are once again receiving warnings regarding the possibility that they may be at risk of falling victim to state-sponsored attacks. Is this just more fear, uncertainty and doubt, or is there a legitimate threat backing up the move by the search engine giant?
.........
“First, it generates fear on the part of Google’s customers because regardless of the fine print, such a warning will most likely send the recipient into panic mode when there’s no reason to panic. Second, it makes a claim which upon investigation is so vague that it’s meaningless. You may be the victim of a state or someone working on a state’s behalf? That’s pretty much the case for all targeted attacks,” wrote security consultant Jeffery Carr, founder and CEO of Taia Global.
........
“The bottom line as far as Google’s advice is concerned is that it’s FUD-inducing for the people who aren’t targets and its insufficient for those who are. I have to wonder what Google was thinking when it created this awful program.”
..........


Click here to read more .....

Managed Ransomware-as-a-Service spotted in the wild



By Dancho Danchev
Over the past several quarters, we’ve witnessed the rise of the so called Police Ransomware also known as Reveton.
From fully working host lock down tactics, to localization in multiple languages and impersonation of multiple international law enforcement agencies, its authors proved that they have the means and the motivation to continue developing the practice, while earning tens of thousands of fraudulently obtained funds.
,,,,,,,
According to the advertisement, the actual malicious executable is both x32 and x64 compatible, successfully blocking system keys and other attempts to kill the malicious application. The cybercriminals behind the managed service have already managed to localize their templates in the languages of 13 prospective European countries such as Switzerland, Greece, France, Sweden, Netherlands, Italy, Poland, Belgium, Portugal, Finland, Spain, Germany, and Austria.
The price for the service? $1,000 on a monthly basis for a managed, bulletproof command and control infrastructure.
,,,,,,,

The managed service relies primarily on the Ukash voucher-based payment system, and the command and control interface conveniently displays the voucher codes and their monetary value, allowing the users of the service an easy way to claim the money from the vouchers.
,,,,,



Click here to read more ......

Basic Use of Maltego for Network Intelligence Gathering

02 October 2012

The Philippines Passes a Cybercrime Prevention Act that Makes SOPA Look Reasonable

The dark days of SOPA and PIPA are behind the US, at least temporarily as copyright tycoons reground and restrategize, attempting to come up with measures that don’t cause the entire internet to shut down in protest
....

Yes, there’s the usual hacking, cracking, identity theft and spamming, which most of us can agree should be illegal. But there’s also cybersex, pornography, file-sharing (SOPA’s main target) and the most controversial provision, online libel.
Now, as someone who has been the target of many a vicious attack from commenters or forum posters, I can understand frustration with the nature of online anonymous criticism. But to actually try to make such a thing illegal? You wade into dangerous waters that anything resembling freedom of speech will likely drown in. And that’s overlooking the free speech implications trampled by banning pornography and file-sharing as well, two provisions getting less attention due to the severity of the libel section.
.........


Click here to read more ....

Cybercrime law takes effect amid Supreme Court inaction


Manila -- The Supreme Court on Tuesday deferred action on the petitions filed by various groups questioning the constitutionality of some provisions in the Cybercrime Prevention Act, paving the way for the law to take effect the same day.
The Court, meeting as a group, did not issue an order freezing the questioned provisions to allow them to study those before  tackling the case again next Tuesday.
“The [Supreme Court] did not issue a [temporary restraining order] in the Cybercrime Prevention Act of 2012 petitions which are up for further study,” high court spokeswoman Maria Victoria Gleoresty Guerra said in an interview.
She said the Court also did not require the petitioners to submit their comments.
In the House, Speaker Feliciano Belmonte Jr. said he was confident that the controversial provisions in the new law–including the higher penalties for libel–would pass the  constitutional test before the Supreme Court.
.........

Click here to read more ....

White House thwarts cyber attack



A White House official said the attack targeted an unclassified network. He said the attack was identified and the system was isolated to prevent spread. He said there was no indication that any data was removed.
........
Last year, Google blamed computer hackers in China for a phishing effort against Gmail accounts of several hundred people, including senior U.S. government officials and military personnel. Last November, senior US intelligence officials for the first time publicly accused China of systematically stealing American hi-tech data for its own national economic gain.
.......
Leon Panetta, the US defence secretary, during a visit to China last month, raised the subject of China-based cyber-attacks against U.S. companies and the government.

The Obama administration is preparing an executive order with new rules to protect US computer systems.
.......
An initial draft of the order included provisions for voluntary cybersecurity standards for companies.
......

Click here to read more ......

An application can make your phone spy on you



LONDON: US military experts have demonstrated a new smartphone app that can turn your mobile's camera into a spying tool for cyber criminals, secretly beaming images of your house, chequebook and other private information back to them.

.......

The app 'PlaiceRaider' was created by US military experts at Naval Surface Warfare Center in Crane, Indiana, to show how cybercriminals could operate in the future, the Daily Mail reported. 
.......
The team said they could glean vital information from all 20 users, and that the 3D reconstruction made it much easier to steal information than by just using the images alone.
.....
Researcher Robert Templeman said their app can run in the background of any smartphone using the Android 2.3 operating system. Through use of phone's camera and other sensors, PlaceRaider constructs 3-D models of indoor environments. "Remote burglars can thus download the physical space, study the environment carefully, and steal virtual objects from the environment," researchers said.



Click here to read more .....

30 September 2012

Chinese hackers linked to breach of control systems used in electric grids


.....Experts detected digital fingerprints implicating a Chinese hacking group that has been tied to cyber-espionage campaigns against Western interests.
...
KrebsOnSecurity cited Joe Stewart, director of malware research at Dell SecureWorks, who said that website and malware names mentioned in a more recent letter from Telvent can be traced to a Chinese hacking team known as the "Comment Group."
.....
Researchers told Bloomberg that during two months of monitoring last year, targeted companies spanned a vast scale as data "bled from one victim to the next":
...from oilfield services leader Halliburton Co. (HAL) to Washington law firm Wiley Rein LLP; from a Canadian magistrate involved in a sensitive China extradition case to Kolkata-based tobacco and technology conglomerate ITC Ltd. (ITC)
.......
Evidence indicates that at least 20 organizations have been harvested for data, many of whose secrets could give China a leg up on its path to becoming the world’s largest economy.
Bloomberg cited unnamed security experts who said that the breaches have sprung data leaks in major oil companies, who've lost seismic maps charting oil reserves, while patent law firms have been squeezed for clients' trade secrets and investment banks have been targeted for market analysis regarding global ventures of state-owned companies.
.....
Meanwhile, the Obama adminstration and Congress have grown increasingly vocal about Chinese and Russian cyber espionage and attacks, with the White House close to completing the first draft of a cybersecurity executive order designed to bring about stronger cyber security around the nation's water, electrical and transportation systems.
.....

Click here to read more ....

Network Surveillance Devices Discovered via Shodan


shawn merdinger 


It’s no secret that Shodan has turned up some interesting findings over the past few years – everything from critical infrastructure devices, to VoIP phones, solar and wind farms, HVAC systems, even a online crematorium.
Now, we can add surveillance devices like BlueCoat Proxy and PacketShaper boxes, Cisco routers running Lawful Intercept code and various vendors’ CALEA Mediation Devices into what Shodan has pre-scanned and savvy researchers searching Shodan can find.
.....
BLUECOAT
In the case of Blue Coat, the company’s filtering technology was identified in October, 2011 by Citizenlab.org based out of the University of Toronto and documented here: https://citizenlab.org/2011/11/behind-blue-coat/  Highlights include 12 BlueCoat devices identified in Syria.  This research was also picked up by Forbes and Bruce Schneier as well.
Finding BlueCoat devices by searching Shodan can reveal these filtering and packet shaping boxes deployed around the world.
.....
CISCO SYSTEMS' LAWFUL INTERCEPT
Other vendors’ products in the surveillance space are also identifiable via Shodan searches.  Cisco Systems’ Lawful Intercept is a specialized architecture that is well documented and utilizes specific Cisco IOS images on certain platforms.  Unfortunately, hundreds of Cisco routers running Lawful Intercept code versions are in the Shodan database simply because the router owners configured the SNMP community read string as “public.”  As a result, Shodan scanners queried the router using SNMP and public community string and the router returned the Cisco IOS version, along with other SNMP details.
.......
IMPACT
So what is the impact of these kinds of devices being exposed through researchers’ Shodan searches and disclosure?  That is not an easy question to answer, given the unknowns in this kind of situation.
Obviously, there is a risk of attackers targeting and sabotaging these surveillance devices for any number of reasons, from political or criminal motivations to simple personal amusement, a.k.a. "Teh Lulz"
...........
Overall, one must treat these search results with skepticism.  After all, they may be honeypots, or test systems, or not in use, or whatever.  Simply because a router is on the Internet and has a Lawful Intercept capable image loaded doesn’t necessarily mean it is being used for that purpose.
Then again, they could be live systems... who knows?







Click here to read more .... 

New Russian DIY DDoS bot spotted in the wild


By Dancho Danchev
Over the last couple of years, the modular and open source nature of today’s modern DDoS (distributed denial of service) bots inevitably resulted in the rise of the DDoS for hire and DDoS extortion monetization schemes within the cybercrime ecosystem.

These maturing business models require constant innovation on behalf of the cybercriminals providing the easy to use and manage DIY DDoS bots, the foundation of these business models.

......
Sample screenshot of the command and control interface of the Russian DIY DDoS Bot:
  • The bot supports SYN flooding, HTTP flooding, POST flooding and the special Anti-DDoS protection type of flooding. 
  • It has also built-in anti-antivirus features allowing it avoid detection by popular host-based firewalls.... 
  • t will not work under a virtual machine preventing potential analysis of the malicious binaries conducted by a malware researcher. 
  • Randomization of the HTTP requests using multiple user-agents in an attempt to trick anti-DDoS protection on the affected hosts. ........
......

Click here to read more .... 

State Sponsored Cyber Threats – The Long View


Strategic Penetration for Future Exploitation
So, what is “strategic penetration or future exploitation”? It is an attack strategy that hedges long-term bets on two potential future worldviews, namely PROSPERITY and CONFLICT that allows for the pursuit of PROSPERITY while seeking out strategic advantage in the event of CONFLICT.
During these types of attacks, critical infrastructure and high-value targets are compromised not for the purpose of stealing intellectual property or engaging in traditional espionage and intelligence activity, but rather to establish a foothold to diminish the operation of those infrastructures in the event of future hostilities.

........................

Key components of a strategic compromise include:

  • Initial compromise....
  • Narrowly focused scope .....
  • Time-shifted intent .....
  • Long-term stealth and patience ....
  • A Team only......
......

Strategic Penetrations have Strategic Implications
In an environment where existing security models are already broken, addressing this type of threat will be a persistent challenge. It requires us to think not only about how we are vulnerable now, but how we will be vulnerable in ten years or how today’s vulnerabilities could be time shifted for future strategic advantage. It requires new detection techniques focused on host security, supply chain integrity,and implementation and infrastructure management controls. It also requires a vibrant cyber intelligence capability that is not dependent exclusively on technical collection.
Most importantly, it requires a shift in our mindset of how we view the current threat space and breaking our cultural disposition to only think about these issues in a short-term context.




04 September 2012

Powerful cyber attack tools widely available, say researchers


Online cyber criminal markets are putting very sophisticated attack tools into the hands of more low-level attackers, say cyber intelligence specialists.
More attackers are now getting their hands on tools like Zeus and SpyEye, according to the cyber intelligence team at the Online Threats Managed Services (OTMS) group of RSA, the security division of EMC.
Such tools are widely available at relatively low cost. The barriers to entry are falling all the time because these tools are also increasingly easy to use with well-developed user interfaces.
…………………….
However, apart from targeted attacks, there has also been an increase in the number of malware infections on machines within business networks.
…………………..
It is now in the open that countries are using malware as part of their cyber espionage programmes, and companies should be planning their cyber security in light of that fact.
………………..
…………………

Click here to read more .... 
Solutions : www.xcyss.in

30 August 2012

Power grids easy meat for cyber rogues


NEW DELHI: India's power systems could be vulnerable to crippling cyber attacks on a scale that can have serious implications for national security and economy, an enquiry into the July 30-31 grid collapse that grabbed global attention has said.

Although cyber attacks have been ruled out in last month's grid collapse, destabilization of the energy sector could lead to a "cascading effect on national security and economy. It points out that main vulnerabilities are in transmission and distribution sectors.
..................................
...................................

A well-delivered cyber assault can disrupt services to critical users like hospitals and metro rail systems and such an attack may choose to target distribution where the bulk of automation is evident.
.....................
.....................

Click here to read more .... 
Solutions : www.xcyss.in

27 August 2012

Winning Cyber Battles Without Fighting


In military operations, good leaders never make a move without the best available intelligence and a strong sense of situational awareness. To do otherwise is tantamount to flying blind, something a good pilot or business leader should avoid.
Unfortunately, too many leaders of industry and commerce seem to be flying blind in today’s cyber domain.
The Cyber-readiness Reality Check,” an independent survey recently commissioned by the company, CounterTack, Inc., reveals that more than one-third of cyber security executives at companies with revenues greater than $100 million are unable to see an attack once it finds its way inside the perimeter of their systems.
..............................
The problem is exacerbated when senior leadership defers to the IT department in all matters pertaining to information security. “That’s our CIO’s responsibility,” is a comment often heard when speaking with senior and chief executives about cyber defense.
................
While IT security departments certainly must bear responsibility, the executive leader at the top of any organization should understand and take ownership of the problem if security is to have a fighting chance of attaining the resources needed for effective self-defense.
.........................
.........................

Click here to read more .... 
Solutions : www.xcyss.in

Pakistan plans bigger cyber attack?


A highly-classified government report on the recent incident of what has been described as the worst cyber attack on the country has said that it should not be treated as an 'isolated incident' as this exercise was not merely aimed at spreading communal hatred, but also to test the effectiveness of network of 'modules and sleeper cells' of subversive outfits in states like Karnataka, Andhra Pradesh, Maharashtra and Kerala.
.................................
Outfits like the Jamaat-e-Islami, Harkat-ul-Jihad-al-Islami, Simi and Indian Mujahideen are already on the watch list of intelligence agencies for spreading communally-sensitive messages and pictures that triggered a massive exodus of people from the Northeast.
Intelligence agencies in their report have warned that outfits like HuJI, Indian Mujahideen, Simi and even the PFI have a formidable network in southern India and have 'increased their support base manifold' in the last few yeas in Karnataka, Andhra Pradesh and Kerala.
Thus, the report adds, this incident should be treated as a warning signal to sensitise security agencies to launch a massive offensive against these groups in the affected states.
............................
...........................

Click here to read more .... 
Solutions : www.xcyss.in

24 August 2012

Targeted cyber attacks aimed at critical infrastructure


The trend we’ve seen until now is that targeted attacks use customised malware and refined targeted social engineering to gain unauthorised access to sensitive information. However, cyber criminals are increasingly targeting critical sectors including energy for mass destruction, say industry players.
......................
.................................

Symantec has identified a new series of targeted attacks, dubbed the Shamoon attacks, where critical infrastructure including power is coming under threat. According to the global security service provider’s July 2012 intelligence report, during the first half of the year, the total number of daily targeted attacks continued to increase at a minimum rate of 24 per cent with an average of 151 threats being blocked each day during May and June.

The report also states that globally the defence industry has been the biggest target in the first half of the year, with an average of 7.3 attacks per day.

India may not be immune to the global trend. After all, we became the top spam-sending nation during the first quarter of 2012. The country contributed to about 20 per cent of the globe’s total spam volume followed by Indonesia (13 per cent), South Korea (12 per cent), and Russia (10 per cent).
.....................................
Cyber criminals are abandoning spam emails only to resort to other more lucrative means such as targeted attacks.
...........................

Click here to read more .... 
Solutions : www.xcyss.in

Balance Internet freedom with national security: US to India


The United States advised India to ensure Internet freedom while seeking to preserve national security, as the Indian government asked social networking websites like Facebook and Twitter to check pages carrying inflammatory messages.
................
................
The general principle of respect for freedom of expression, respect for the unique characteristics of the online environment, needs to be respected, even as they work through whether there are things these companies can do to help calm the environment..........
...................

Click here to read more .... 
Solutions : www.xcyss.in

23 August 2012

Living with the reality of virtual threats


The recent revelations of Pakistan-based websites unleashing doctored pictures of alleged atrocities against Muslims in order to inflame passions in India has once again drawn attention to the enormous potential of the Information Age to challenge our security assumptions.
The computer is the instrument of our age; cyberspace is the oxygen of the internet. So much in our interconnected, globalised, and technologically advancing world depends on cyberspace.
………………………
To a layman, cyber security means simple things: a password that is not stolen, a message that remains confidential, a child that is not exposed to a stalker or paedophile online. When they type in a web address, that is where they should go and not to a spam site. When they click a link that looks genuine, they should not be cheated by a plausible fraud. Their work online should not be tampered with, and so on……………..
THREATS to cyberspace
The international relations theorist Joseph Nye has discerned four different types of threats to cyberspace. The most dramatic is Cyber War — the unauthorised invasion by a government into the systems or networks of another, aiming to disrupt those systems, to damage them partially, or to destroy them entirely.
……………………………
Second threat is Cyber Espionage. Governments can invade the systems of their rivals to steal sensitive information that would be useful for their own purposes. These attacks are usually hard to discover and the case of Operation Shady RAT, the world’s biggest hacking ever, is rather phenomenal.
………………………….
Cyber Crime is the third kind of threat, and the most familiar. While this also has military and political implications, it affects the lives of ordinary Internet users more closely………………...
Cyber Crime also includes pornography, Internet stalking, and personality imitation.
Finally there is Cyber Terrorism. This includes websites spreading extremist propaganda, recruiting terrorists, planning attacks, and otherwise promoting terrorists’ political and social objectives………
Social networking websites are also increasingly becoming targets, not only because of the massive databases they provide, but also in order to spread malware that infect computers. On Facebook there are 50 million Indian users and even if a small fraction of them click unsuspectingly on a malevolent but seemingly ordinary link, you have that many computers opened up to risk and infection.
Another use of social networks, seen recently in India, is to spread inflammatory material with a motivated agenda, such as the doctored pictures of alleged atrocities against Muslims in Assam and Myanmar that incited violence in Mumbai and threats of retaliation elsewhere. Though this does not constitute cyber terrorism in itself, it constitutes a new security threat that cannot be ignored.
………………………..
India’s own style of dealing with cyber threats leaves much to be desired. It is relatively chaotic and there is a constant insecurity that our cyber-defences are insufficient.
…………………………………
…………………………………

Click here to read more ....
Solutions : www.xcyss.in

22 August 2012

‘Govt’s Internet crackdown needs to be transparent’

As the government cracks down on websites and social networks that it says are responsible for posting inflammatory and hateful content that led to a mass exodus of people from North-eastern states from south Indian cities, online activists are decrying the lack of transparency with which the government is blocking websites and content.
...........

“The debate on social media diverts the attention from the issue at hand. While the spotlight is on the role of Twitter,Facebook, SMS and MMS in making people flee Bangalore, there is hardly any discussion on the socio-economic conditions of north-eastern people living in South India. Social media solely cannot be blamed for the events in Britain, Arab or India, said Commander Mukesh Saini (retired), a cyber security expert.
“Misinformation on social media itself cannot become into a monster unless supplemented with some real world information”, he said.
.........
...........

Click here to read more .... 
Solutions : www.xcyss.in

With social media curbs, govt is barking up the wrong tree


The most striking thing about the government’s latest efforts to clamp down on social media platforms and block websites, ostensibly to spike rumour-mongering of the sorts we saw last week, is the extent to which it has the enthusiastic support of many in the mainstream media.
The government has thus far blocked 254 websites on the grounds that they bore inflammatory messages that contributed to the fear psychosis among people from the north-east and triggered their ‘exodus’ from some of India’s cities.
The government has additionally threatened to take legal action against Twitter, evidently because it has “refused to cooperate” in the crackdown on web sites with inflammatory messages. Facebook and YouTube are, on the other hand, cooperating with the government and, according to the Telecom Secretary, have validated the government’s claim that many of these inflammatory messages were uploaded from Pakistan.
…………………………….
……………………………
Yet, in attempting to clamp down on social media platforms like Twitter, the government may be resorting too readily to the censorship instinct, and worse channelling its energies in entirely the wrong direction. In this particular instance, it may be barking up the wrong tree.
……………….......

Click here to read more .... 
Solutions : www.xcyss.in

Centre, Twitter in face-off over PMO parody accounts


The government and popular social media site Twitter are locked in a confrontation over half-a-dozen accounts that the Centre feels "misrepresent" the Prime Minister's Office but which the web-based platform has so far refused to shut down.

The clash over the accounts is playing out at a time when the government has also asked social media to remove sites posting incendiary and untrue information on the Assam riots and its fallout. On this count, too, Twitter hosts certain pages found to be objectionable.
.......................

Click here to read more .... 
Solutions : www.xcyss.in

21 August 2012

China to trigger electricity crisis in India?

China could carry out a cyber attack against India with the help of computer hardware and spare parts, according to a report by intelligence agencies. The agencies further believe that China would become an expert in such stealth attacks by 2017. 

According to the intelligence agencies, an extractor tool used in the production of electricity is imported from China and two such companies involved in the import of the equipment are already under the scanner. 

The agencies believe that China could use its equipment to create hurdles in India’s development march in the near future. An electricity crisis could be the result of such a design and has the capability to slow down Indian economy.
..............
Click here to read more .... 
Solutions : www.xcyss.in

The beginning of cyber warfare?


A day after Union home secretary RK Singh said that the bulk of rumours of imminent attacks on northeastern people for the killings of Muslims in Assam originated from Pakistan, experts said that this could be Pune’s first brush with cyber warfare. They also fear that all this is an indication of a major form of subversive warfare in the future.
Cyber warfare refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
Hackers and other individuals trained in software programming and exploiting the intricacies of computer networks are the primary executors of these attacks. These individuals often operate under the auspices and possibly the support of nation-state actors.
.....................

Click here to read more .... 
Solutions : www.xcyss.in

Cyber war: Blaming Pakistan is not enough


Delhi’s assertion that hostile websites in Pakistan have triggered the recent rioting in Mumbai and provoked the flight of northeastern migrants from Bengaluru and other cities might indeed be based on fact.
Blaming Pakistan, however, is not going to solve the enormous new challenges that confront India’s security planners in the cyber domain. Nor will requesting Islamabad to crackdown on the websites that deliberately spread disinformation against India will yield any real results.
................

Click here to read more .... 
Solutions : www.xcyss.in

Israeli businesses hit by wave of hacker extortion


Several financial institutions and businesses have recently fallen victim to extortion by organized crime rings and independent hackers, which has cost these victims anywhere from a few thousand shekels to hundreds of thousands of dollars.

Various ruses are used, but a common tactic is infiltrating a company's computer network or an employee's cell phone, stealing a file to prove a system breach, and threatening to leak sensitive documentation unless security software or consulting services are "bought" from the perpetrator.
................
Most of the victims don't file police complaints, preferring to use private security firms to find the security lapse. Large companies, which by law are required to report such incidents, assume police don't have the manpower to deal with such extortion. Thus, they feel compelled to pay for the software, even though it can often be easily downloaded from the Internet.
..........................

Click here to read more .... 
Solutions : www.xcyss.in

17 August 2012

Scribes get cyber security lessons


Did you know that the Geotagging option on you mobile, if enabled, can give strangers, minute-to-minute information about your whereabouts? Or that just your telephone number can enable anyone to download all your personal information?
..............
Children were known to spend 6-8 hours on the Net every day and since they were not aware of the security options, there had been a 40 per cent growth in cyber-related crime.

When people begin to upload Geotagging on the Facebook through their smart phones, their physical presence at a particular spot gets mentioned.

If a cyber criminal is tracking you, he can easily locate your presence through the latitude and longitude mentioned along with your post. Every movement that you make during the day, can be tracked and recorded.
.....................

Click here to read more .... 
Solutions : www.xcyss.in

A cybersecurity solution is unresolved for a reason


As Congress adjourned for the summer recess, some issues were left unresolved, most notably the question of a cybersecurity bill. 
..........................
There is no partisan dissent over whether cybersecurity – protecting computers, networks, programs and electronic information from being attacked and destroyed – is a critical issue. Experts have long cited cyber-terrorism as one of the potentially most dangerous threats to national security. Consider what might happen if a hostile government or terrorist organization launched an attack on our nation’s power grids, hospitals, nuclear facilities or major financial institutions – just to name a few possible targets. The effects would be devastating. The question is not whether we act to prevent such attacks, the question is how we act.
.....................

Click here to read more .... 
Solutions : www.xcyss.in