28 June 2012

State-led Hacking Cost Company 1 Billion Euros

A British company suffered lost revenues of €1.0 billion ($1.25 billion) because of a state-sponsored cyber attack against its computer systems, according to the head of the United Kingdom’s inland security agency. The hit was said to be suffered through intellectual-property loss and from “commercial disadvantage in contractual negotiations.”...................................


Click here to read more .... 
Solutions : www.xcyss.in

27 June 2012

Mantralaya fire: Data from burnt computers can be retrieved: Expert


The Mantralaya inferno last week devoured over 3.5 crore pages in government files. While 2 lakh of these pages were digitized, what is worrying the government is that fire also damaged 2000 computers in which the matter was stored. But there is some hope.............
In Maharashtra alone, daily 40-50 cyber crimes are reported but seldom converted into FIR because of the lack of investigation techniques. It is not just the metros where cyber crimes are reported. There has been staggering growth of cyber crimes in rural parts too...............

Click here to read more .... 
Solutions : www.xcyss.in

Cyber criminals may have siphoned off 2 bn euros from 60 banks


Cyber criminals may have attempted to siphon off anywhere between 60 million euros and 2 billion euros in fraudulent transfers from at least 60 banks globally, a McAfee and Guardian Analytics study said.
The study highlighted a highly sophisticated, multi-tiered, global financial fraud ring that is comprised of at least a dozen groups use active and passive automated transfer systems to steal high value amounts from high balance accounts............


Click here to read more .... 
Solutions : www.xcyss.in

Hackers break into Twitter, email accounts of Russian opposition leader, send abusive messages


Hackers broke into a prominent Russian opposition leader’s Twitter and email accounts, sending his followers abusive messages.
Alexei Navalny’s spokeswoman, Anna Veduta, warned his quarter of a million Twitter followers early Tuesday that the stream of nasty notes was fake.
Late Tuesday night, she confirmed that Navalny had regained control over his Twitter account.................

Click here to read more .... 
Solutions : www.xcyss.in

Hacker should pay Johansson, other celebrities $150,000, feds urge


Federal prosecutors want a man who hacked the email accounts of celebrities and their associates and obtained naked images of Christina Aguilera, Renee Olstead and Scarlett Johansson to serve 71 months in prison and pay the celebrities about $150,000 in compensation.
Christopher Chaney, 35, of Jacksonville, Fla., whose pleaded guilty in Los Angeles federal court to nine counts of computer hacking, hacked almost daily for two years into email accounts of 50 people in the entertainment industry.
Prosecutors in a sentencing memorandum say Chaney took naked images of Aguilera from her stylist's email account, Olstead's from her email stream and Johansson's from emails she sent to her then husband Ryan Reynolds. He forwarded them to another hacker and two celebrity websites, who made them public. They remain in wide ciriculation...............

Click here to read more ....
Solutions : www.xcyss.in

US charges 24 people in massive hacking sting

US law enforcement officials on Tuesday said 24 suspected hackers had been arrested in a sting operation spanning four continents that targeted online financial fraud of stolen credit card and bank information. 

In a two-year investigation, FBI agents posed as hackers on Internet forums, watching as other hackers swapped methods for breaching data security walls and creating fake credit cards that would work for Internet and in-person purchases...............
 
Click here to read more .... 
Solutions : www.xcyss.in

MI-5 chief warns of "astonishing," industrial-scale state-sponsored cybercrime


Anyone paying any attention to digital security at all knows the whole universe of cybercrime outgrew its hacker roots years ago, when it was largely taken over by organized crime gangs, primarily in the former Soviet Union, China and the United States.
Now it's outgrown organized crime as well, according to Jonathan Evans, head of MI-5, the British internal counter-intelligence and security unit that functions like a combination of the FBI and CIA in the United States.
Despite the resources and experience of a world-class intelligence operation such as MI-5, Britain is all but overwhelmed by complex, persistent, attacks that are anything but trivial early experiments into the potential for cyberespionage and warfare...............
Vulnerabilities in the internet are being exploited aggressively not just by criminals but also by states. The extent of what is going on is astonishing.
State-sponsored cybercrime isn't conducted by small teams assembled for a specific attack, as many organized criminal gangs operate........................

Click here to read more .... 
Solutions : www.xcyss.in

Trojan Milicenso malware affects printers worldwide

Security researchers from antivirus company Symantec have pointed out a malware programme called Trojan.Milicenso that has infected printers connected to Windows PCs worldwide and is causing the automatic printing of pages full of garbled data................


If figures provided by Symantec are to believed, India and the U.S. are the worst hit regions followed by Europe and South America...........


Symantec says the Trojan.Milicenso can hit an infected computer via various ways, such as malicious e-mail attachments or visiting sites with malicious scripts...................


Click here to read more ....
Solutions : www.xcyss.in

26 June 2012

Government must fight off 100 cyber attacks a month

The government’s IT agency deals with about 100 cyber-attacks a month, attempts to retrieve information from the government’s online infrastructure.
Cedric Mallia, who heads Mita’s agency’s computer emergency response team (Cert) that monitors government servers, said most of the attacks originated from foreign sources................
The main theme that featured in several discussions held during this weeklong event was the adoption of cross-boundary cooperation to achieve the universal goal of cyber-security......
We’re living in a hypo-connective world, where we’re connected to online systems all the time, everywhere. The main challenge remains to continue providing security and protect internet users without removing these connectivity benefits...............

Click here to read more .... 
Solutions : www.xcyss.in

UK hackers admit plotting attacks on CIA, firms

Two British hackers pleaded guilty in a London court on Monday to plotting attacks against computers of international firms, law enforcement bodies and government agencies including the CIA, in a cyber crime spree that gained global attention. 


Targets included the CIA, Britains Serious Organised Crime Agency and National Health Service, the Arizona State Police, Nintendo, Sony and Rupert Murdochs British newspaper group News International and 20th Century Fox film studio. Targeted websites were hit by so-called distributed denial of service (DDoS) attacks, flooding them with traffic until they crashed................


Click here to read more ....
Solutions : www.xcyss.in

Cyber Security Debate Pits Corporate Interests Against National Security

National security is running headfirst into corporate and privacy interests. It is centering on two competing versions of cyber security legislation, which would either give government more power to regulate private, but vital, networks or which would make any new rules voluntary……………..


Even though the threats are real and present, only a small percentage of the energy firms are adopting security technologies……….

Cyber attacks are escalating and leaving corporate networks increasingly susceptible. Utilities are getting the message but are emphasizing that they must carefully allocate scarce resources……….

Solutions : www.xcyss.in


25 June 2012

Massive Money-Stealing Botnet Suspect Arrested In Russia


The cybercrime division of the Russian police arrested a 22-year-old on Friday, who is allegedly responsible for stealing 150 million rubles (£2.9m) from online banking users.
The young criminal allegedly managed a six million-strong botnet, one of the largest of its kind, to infect systems with Trojans, and used the information he obtained to transfer money to his accounts. It is believed he then spent those funds on a luxury lifestyle, involving fast cars and real estate..................

Click here to read more .... 
Solutions : www.xcyss.in

Cloud computing raises security issues

Some experts say security implications of the cloud have not been fully analysed, and that the cloud may open up new vulnerabilities and problems..



The Internet “cloud” has become the hottest topic in computing, but the trend has created a new range of security issues that need to be addressed. The cloud is associated with things like personal emails and music which can be accessed on computers and a range of mobile devices.

But the US military and government agencies from the CIA to the Federal Aviation Administration also use cloud systems to allow data to be accessed anywhere in the world and save money—and, ostensibly, to enhance security....................


Click here to read more .... 
Solutions : www.xcyss.in

22 June 2012

Social media 'could cut suicide'


Social media sites should be harnessed to help prevent suicide among young people, according to researchers................
In the past, internet sites have been criticised for encouraging self-harm. But the report says new media could instead be used to direct young people to seek help....
Now the researchers say the possible dangers posed by new media could be counteracted if the sites provided support for vulnerable young people.
They say because it is still a relatively new phenomenon, it is important to understand why internet postings can influence some young people to self-harm or take their own life.........

Click here to read more .... 
Solutions : www.xcyss.in

Does the government need new internet surveillance powers?


Surveillance of citizens by governments is generally a bad thing. All things being equal, the more of it the worse. So regardless of the specific details of the legislation the government is going to propose in relation to the real time monitoring of Internet and mobile phone traffic data, it is something we should have a negative presumption about.....................
Whenever a new piece of cyber-surveillance is proposed, the same three issues are always brought up: terrorism, child pornography and cyber-crime. And sure enough, it is these three issues that supposedly justify the renewed intrusion this time around.
The argument that the government needs real time, rather than retrospective access to traffic data for investigating ‘ordinary decent’ cyber-crime, or even quintessentially evil child pornography is surely disingenuous. The conventional approach to crime is that one waits for a crime to take place before one tries to investigate it.................

Click here to read more .... 
Solutions : www.xcyss.in

Is Monitoring Software an Invasion of Privacy… or is It the Smart Thing to do to Protect Your Children?


In recent years, cyber crime − a crime committed through the use of technology such as a computer or cell phone − has led to a disturbing number of tragedies, including an alarmingly high amount of teen suicides, sexual assaults and kidnappings. The Cyber Bullying Research Center reports that over 80% of teenagers use their cell phone every single day and nearly 25% of them have been the victims of bullying or sexual solicitations via this same technology.......................

Many recent news, alleged child molesting, has served cautionary tale for parents of the very real possibility that crimes against their children can occur right under their noses.

Many of these types of crimes could be intercepted and possibly prevented if the parents were able to track cell-phone activity and further monitor their child's surroundings.....................

Click here to read more .... 
Solutions : www.xcyss.in

Are We Moving To the Cloud Yet?


Is it a good idea for you to shift your business to the cloud? Depends on which country you're talking about. Business Software Alliance (BSA), a global association of the software industry, has come out with a report on the adoption of cloud computing. While Japan and the US ranked at the top, India has been found to have a better regulatory environment for cloud computing. A host of parameters, from data privacy to privacy laws, have been used to arrive at the rankings....................

India scored 19, ahead of China and Brazil, due to a more liberal environment, and because its industry-led standards were found to be world class. India scored low on broadband deployment (which had the highest weightage in the report) and on lack of adequate clarity on intellectual property rights protection..............


Click here to read more .... 
Solutions : www.xcyss.in

Cost of Cyber Attacks are Skyrocketing


If your company were hit with a cyber attack today, how much would it cost? The entire bill -- including costs from regulatory fines, potential lawsuits, damage to your organization's brand, and hardware/software repair, recovery and protection?
It's a question you can't ignore, as the costs of online attacks are skyrocketing. According to a 2011 study by the Ponemon Institute, the cost of cybercrime in the US could range from $1.5 million to $36.5 million annually...........
Cyber attacks, often in the form of data breaches and network intrusions, can impact operations, frequently result in lost productivity, legal expenses, third party liabilities, exposed intellectual property, and damage to a firm's reputation.............................

Click here to read more .... 
Solutions : www.xcyss.in

Threats From Cyber to Terror Supplant Cold War’s Dangers


The U.S. is searching for ways to deter, defend against and respond to ever-increasing cyber attacks and more diverse terrorist threats, even as it tries to cut spending and finance weapons conceived during the Cold War.
While the world may be safer than it was at the height of the Cold War, when the superpowers were on a constant hair- trigger alert, threats such as cyber attacks and terrorism are more complex and difficult to detect and trace than a Soviet missile test was. In addition, the U.S. faces stiffer economic and technological competition from nations such as China............
Cyber espionage is stealing America’s future. Cyber attacks are increasing exponentially while also becoming more sophisticated and destructive.............

Click here to read more .... 
Solutions : www.xcyss.in

Iran claims U.S. planned internet attack

Heydar Moslehi, the Iranian Intelligence Minister, claimed on Thursday that a planned cyber-attack against their nuclear facilities was detected.  Moslehi said the United States, Britain, and Israel worked together to plan the attack and were referred to as arch enemies of Iran on their state television. This statement came directly following a failed summit between Iran and other world powers over Iran's controversial nuclear program..................


Click here to read more ....
Solutions : www.xcyss.in

21 June 2012

Vimeo, Torrent sites unblocked, new High Court ruling requires URLs to be specified

Indian ISP’s have restored access to file-sharing and video streaming sites, thanks to a new ruling by the Madras High Court that no longer requires ISPs to block entire websites, but to list specific URLs pertaining to the copyright infringement.................


Via Medianama:
“The order of interim injunction dated 25/04/2012 is hereby clarified that the interim injunction is granted only in respect of a particular URL where the infringing movie is kept and not in respect of the entire website. Further, the applicant is directed to inform about the particulars of URL where the interim movie is kept within 48 hours.”.........
 
Click here to read more .... 
Solutions : www.xcyss.in

New Studies Outline Framework For Cyber-Threat Countermeasures


As increasingly complex cyber-attacks become more commonplace, businesses and governments need to take on a comprehensive and methodical approach to keeping their data, infrastructure and other resources safe.

This advice, which follows on the heels of extensive coverage of the Stuxnet and Flame worms, comes from the Information Security Forum, which has just released two extensive reports aimed at helping its membership plan security strategy from now until 2014........

Security has become a very major business issue where the required skill sets extend beyond technical capability............................

People are becoming more aware of cyber-terrorism, cyber-war and cyber-crime.................


Click here to read more ....
Solutions : www.xcyss.in

Does Best Cybercrime Defense Include Some Offense?


A growing number of U.S. companies have concluded that in their battle against hackers, the best defense has to include some offense.
It is known in the industry as "active defense" or "strike-back" technology, and Reuters' Joseph Men says that can range from "modest steps to distract and delay a hacker to more controversial measures," like hiring a contractor to hack the hacker -- something that could violate the laws of the U.S. or other countries.................... 

Click here to read more .... 
Solutions : www.xcyss.in

20 June 2012

Privilege Comes with Risk in World of Cybersecurity


Security experts have been warning enterprises for some time that the greatest security threats come from within: their own employees. And that message has apparently gotten through, according to a new survey. But those results also came with a disturbing twist: malicious employees...................
Insider hostility could be for any number of reasons: being passed over for a promotion, not getting an expected bonus, the threat of being fired or even industrial espionage. But it gains major potency when insider knowledge or access is combined with "privileged accounts," which can be the "keys to the kingdom."...................

Solutions : www.xcyss.in

19 June 2012

Could US cyberspies have moles inside Microsoft?

US government officials could be working under cover at Microsoft to help the country's cyber-espionage programme, according to one leading security expert.
The warning comes in the wake of the Flame virus that targeted key computers in the Middle East, and in part used confidential Microsoft certificates in order to access machines.

Click here to read more .... 

 Solutions : www.xcyss.in

Hackers mess up All India quota PG medical seats allotment

NEW DELHI: Authorities may still be grappling with the menace of leakage of question papers, but merit has come under fresh threats, this time from hackers who have succeeded in turning the merit list in prestigious 50% All India quota post-graduate medical courses upside down to allot low-ranked candidates premium seats in prestigious colleges.

Click here to read more ....

 Solutions : www.xcyss.in

Internet content censorship from India up by 49%: Google

Internet giant Google has reported a sharp rise of 49% in online content censorship from India as it said the trend of blockage were increasing from governments round the world, more surprisingly from Western democracies.

Google said it had received more than 1,000 requests from governments around the world in the second half of last year to take down items such as YouTube videos and search listings, and it complied with them more than half the time..........


Click here to read more .... 
Solutions : www.xcyss.in

Cyber crooks evading advanced bank security to transfer funds


Cyber criminals are using an automated system to silently loot bank accounts without having to be online at the same time, according to a new white paper from Trend Micro.
The new technique, known as automatic transfer system (ATS), is being used in conjunction with popular crimeware kits to create a "man-in-the-browser" attack that can bypass online banking security measures. Researchers focused on how two well-known crimeware kits, Zeus and SpyEye, used these tools to silently move funds from one account to another -- all while staying under the radar...............

Click here to read more .... 
Solutions : www.xcyss.in

Government ‘Wasting Cybercrime Funding In Wrong Places’


The government should spend money on busting cybercrime perpetrators, instead of on security products, say Cambridge University researchers.............
The UK government has been urged to spend more of its cybercrime budget on law enforcement instead of wasting millions on protections like antivirus software.

Researchers from the University of Cambridge found that real cybercrime, which depends entirely on Internet-based activity, was only costing people “a few tens of pence per year directly”. Yet the indirect costs, which includes funds spent on anti-virus software, can be “a hundred times that”.
The UK spends $1 billion ($639 million) a year on either protecting itself or cleaning up after a breach, the study found. That includes $170 million on antivirus, yet only $15 million is spent on law enforcement....................

Click here to read more .... 
Solutions : www.xcyss.in

18 June 2012

Hacked companies fight back with controversial steps


Frustrated by their inability to stop sophisticated hacking attacks or use the law to punish their assailants, an increasing number of U.S. companies are taking retaliatory action.
Known in the cybersecurity industry as "active defense" or "strike-back" technology, the reprisals range from modest steps to distract and delay a hacker to more controversial measures...........
In the past, companies that have been attacked have mostly focused on repairing the damage to their computer networks and shoring them up to prevent future breaches.
But as prevention is increasingly difficult in an era when malicious software is widely available on the Internet for anyone wanting to cause mischief, companies are growing more aggressive in going after cyber criminals.............

Click here to read more .... 
Solutions : www.xcyss.in

14 June 2012

Centralized Decision-making Is Essential to Cybersecurity


American politicians love to bash the Europeans. A common refrain during many campaigns here in the states is ‘my opponent’s policies will make us more like Europe’, as if the entire continent was a monolithic monster spewing forth a subversive socialist agenda.................
When it comes to a unified strategy to address cybersecurity, it appears that Europe is moving forward with a more concerted effort to address the issue..............
Cybersecurity has received increased attention from recent presidential administrations. While the handful of cybersecurity bills currently being considered by the US Congress have largely avoided the partisan rancor of more mainstream legislative initiatives, progress continues at a glacial pace while would-be cybercriminals and terrorists hone their skills.
The concept of cyber-terrorism is very real, hard to define, and even more of a challenge to combat. After all, what exactly does the word ‘cyber-terrorism’ mean? Does it include internal actors such as domestic saboteurs? Does it include only independent groups – sometimes with state-sponsored affiliations? Is it when a country like China steals IP from enterprises, or allegedly places malware on SCADA systems connected to the power grid?.............
What constitutes ‘terrorism’ is often a matter of perspective. When someone planted the Stuxnet malware at an Iranian nuclear facility – setting the country’s nuclear program back year, what if the Iranian nuclear program really was intended to provide sustainable energy for the country? If so, then Stuxnet could be viewed as a terrorist attack meant to weaken the nation’s critical infrastructure............
The objectives of any security program are to protect, prevent, or limit the damage to a particular asset. The role of government with respect to terrorism appears to be the same. If we can put our trust in a prime minister or president to execute our military and police functions, then there should be no reason why this can’t be extended to defense in the digital world, provided there is a system of checks and balances inherent in most representative governments..............

Click here to read more .... 

Solutions : www.xcyss.in

13 June 2012

IT security: How to put the genie back in the bottle


Regulatory compliance, cyberattacks, insider threats… the list goes on. Gaining control over IT security is a big messy problem for most large organizations, and getting worse with increasing regulatory requirements, more targeted attacks from criminal groups, and the potential for insider abuse. While security can equal compliance, compliance does not equal security.
Since these threats are persistent — point-in-time compliance approaches to security are doomed to fail..... 

Click here to read more .... 
Solutions : www.xcyss.in

Cyber criminals target travelers


A recent warning from the FBI about hackers targeting guests' data when they log into hotel Wi-Fi overseas was a salient reminder to travelers of the risks to data security on the road.

The alert, from the FBI's Internet Crime Complaint Center, was addressed to U.S. executives, government workers and academics but did not specify a particular country of threat. It warned of a spate of incidents of travelers encountering bogus software update pop-ups when they used hotel internet connections overseas.

When they clicked on the "update," malicious software was installed on their computer. Hotel Wi-Fi connections are particularly risky because they are often set up without proper security settings. But they are merely one data-security threat among many facing business travelers..........

From a data-security standpoint, travel is inherently risky, and the likelihood of private personal or corporate data being compromised is greatly increased the moment you hit the road............


Click here to read more .... 
Solutions : www.xcyss.in

Attorney General Eric Holder Appoints Federal Prosecutors for Leak Investigations


Attorney General Eric Holder ordered two federal prosecutors tonight to open criminal investigations into a series of national security leaks to the news media.
Holder appointed Ron Machen, the U.S. attorney for the District of Colombia, and Rod Rosenstein to lead the criminal investigations into recent leaks concerning a disrupted bomb plot by al Qaeda in the Arabian Peninsula and a New York Times story about President Obama ordering cyber-attacks against Iran with the Stuxnet computer worm...............
Last month FBI was investigating leaks about the disrupted plot by al Qaeda’s Yemen affiliate to smuggle a bomb designed to be concealed in underwear onto a U.S. bound jet...............
Leaks such as this threaten ongoing operations, puts at risk the lives of sources, makes it much more difficult to recruit sources, and damages our relationships with our foreign partners...............
The other leak investigation involves recent disclosures about the Stuxnet computer virus being used to target Iran’s nuclear facility. While Stuxnet has widely been discussed in the press and among computer researchers, the article contained the code name of the operation – “Olympic Games” – and included details about how the United States worked with Israel to design the computer worm.....................


Click here to read more .... 
Solutions : www.xcyss.in

12 June 2012

Certified IT Security Professional Course launched


Governments across the world are bringing in laws, rules and regulations to safeguard their cyberspace. Demand for IT professionals with sound Information Security knowledge is skyrocketing. In recent past US and Europe were hit by massive unemployment but still demand for IT professionals with cybersecurity knowledge grew by 11%. Indian Government is laying in slew of measures to secure Indian cyberspace and has directed that critical information infrastructure organisations to hire only Indian cybersecurity professionals as CISOs and for Information Security related activities.

Using 25 years of experience in the field, XCySS has developed an in-house focussed course for the IT professional to lay a strong knowledge base over which they can specialise in the field of their choice. This course comprehensively covers all domains of Information Security / Cybersecurity including the emerging field of Cloud Security which is designed to help IT professionals to build and shape their career in the field of Information Technology. 


Who should attend: Undergraduates, software developers, website designer System Administrators, Network Administrators, Database Administrators, IT managers, Penetration tester, IT Service Providers, ISMS implementers, software developers, researchers, incident handlers, Risk Assessors, IT/ITeS Subject Matter Experts, website developer and managers, SEO professionals and Information Security Enthusiast/Aspirants and ISO 27001 Lead Auditors. 


For detail:
Contact: email: info(at)xcyss(dot)com
Tele: 011-25128910
Website: www.xcyss.in

09 June 2012

Risk of Cyber War Poses Serious Security Threat


Cyber threats are now as dangerous as the threat from biological weapons, information technology and computer security guru Eugene Kaspersky, has warned.
Explaining the potential of sophisticated virtual attacks to damage infrastructures with extreme physical effects, Kaspersky was pessimistic about governments' abilities to cope.........
He emphasized that the origins of Flame are still unknown, especially as it is not necessarily as expensive to develop as often thought. He named the US, Britain, Israel, China, Russia and possibly India, Japan or Romania as countries who are capable of such a project..............

Click here to read more ....
Solutions : www.xcyss.in

08 June 2012

'Trained personnel needed to tackle cyber crime'


There is a need for trained personnel, competent judges and lawyers who can tackle cyber crime rising rapidly in Sri Lanka, Scientific Affairs Senior Minister Professor Tissa Vitarana said.

Even though Sri Lanka has the legal framework against those committing cyber crime, the lack of personnel to detect the offenders should be addressed..............

Many countries have specially trained teams and well trained investigative police to make detections and correctly identify those who have committed the crimes.

The minister said communication through computer and IT is essential not only to keep up with the rest of the world but also for economic and social development............

Click here to read more .... 

Solutions : www.xcyss.in

06 June 2012

Is IM using social networking sites for recruitment?


Post 13/7 and the Delhi high court blasts, what foxed investigators was the complete absence of telephone conversations that led up to the planning and the execution of these blasts.

Further investigations revealed that the cadres had used social networking websites, and that's how they managed to stay under the investigators' radar. The investigators also found that some cadres of the Indian Mujahideen were trying to conduct recruitments through their Facebook accounts.

The IM has been quick in the use of technology when it came to planning and executing their operations. They started out with the use of email, then moved on to chats and later Skype, a video conferencing application.

However, when the police finally realised, the cadres improvised by using the 'save draft' option and the cache to store their messages in accounts which were accessed through a common username and password..........

While now it is clear that the IM has been using social networking sites to communicate, there is also this danger where the recruitments are concerned. It is not necessary that they would continue to use very popular networking sites to communicate their plans among each other.............

However the bigger worry ahead is the manner in which they would try and recruit and also communicate their agenda through such sites. The IM has been trying to fashion itself on the lines of the Lashkar-e-Tayiba and has been quoting some social causes before they carry out their attacks. They are constantly looking for sympathy among the younger lot and have been successful to a large extent.

Click here to read more ....

Solutions : www.xcyss.in

Flame virus prompts Microsoft to boost Windows security

Discovery of the Flame virus that mainly affected computers in the Middle East, has prompted Microsoft Corp to strengthen the security of a Windows program that helps customers secure their PCs and update software.

Microsoft disclosed over the weekend that the hackers who built Flame exploited a flaw in Windows that allowed them to trick PCs into believing it was a legitimate piece of software from Microsoft. The software was then downloaded onto computers using the Microsoft Update feature.

News of the Flame virus surfaced a week ago when cyber security experts described it as one of the most sophisticated pieces of malicious software discovered to date............

The security experts said Flame likely only infected several thousand computers and was targeted at entities that would be of interest to nations involved in espionage.........................
Click here to read more .... 
Solutions : www.xcyss.in

Who Can You Trust in the Age of Flame, Duqu, and Stuxnet?



How Stuxnet and Flame Are Changing the Security Game



Much has been written recently about Flame, the latest sophisticated cyber attack /malware discovered by security researchers. Flame follows Duqu, and Stuxnet before that, as a very sophisticated cyber attack vehicle that seems to be a state-sponsored cyber weapon.....


Stuxnet, according to the NY Times report, was part of a clandestine program called Olympic Games that was started under the Bush administration but expanded under the Obama team. While primarily aimed at Iran, other cyber attack weapons may have been developed with different countries (say North Korea for example) as their intended targets.


Before you blame the U.S. for starting this new era of cyber warfare though, let's be clear. Cyber attacks and cyber war did not start with Stuxnet. This sort of thing has been going on for some time. Nor are these weapons limited to nation-to-nation types of attacks either. 


Russia, European nations and even terrorist cells have all tried to use cyber attacks to further their own interests. But that should not surprise anyone really. What new technology hasn't been used to further any group's agendas and goals? Cyber attacks are just the latest super weapons because of the characteristics that make them perfect for that purpose: Nice and neat, no blood on the hands, no radiation . White collar warfare.Make no doubt about it, the game has changed. Cyber attacks, cyber warfare and cyber weapons are here to stay. They may even become a bigger driver for better security than financially motivated cyber criminals have been.
But what will this mean for the security industry? How does it respond to this new class of threat? ....................

Click here to read more .... 
Solutions : www.xcyss.in

Cyber Security: Don’t Wait Until a Board Member Asks


High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/2be0078c-af46-11e1-a8a7-00144feabdc0.html#ixzz1x2Wo06RR

Public embarrassment and financial loss probably top the list of what corporate board members most want to avoid - personally as well as on behalf of their companies. That is why, with the rise in frequency and sophistication of cyber-attacks, and increasing media coverage, board members are more likely to ask, “How well are we protected?”
An average of more than one successful cyber attack is incurred by each company per week according to the Ponemon Institute’s Second Annual Cost of Cyber Crime Study in 2011. That is a 44 per cent increase over 2010. And, that’s only the breaches that have been publicly disclosed, which probably reflects only a portion of the actual breaches that take place.
More

IN THE CONNECTED BUSINESS
Oracle agrees to buy Collective Intellect
Managing complexity and app explosion
Streamlining checkout
Extracting value from information
Moreover, various hacker groups and hacktivists, such as Anonymous, are making business leaders more aware of the dangers of cyberattacks.
To compound the reputational damage, the data breaches of 86 per cent of the victimised organisations cited in that 2011 study were discovered by other parties, and not the hacked entity. Often the attacks were uncovered by law enforcement agencies or third-party fraud detection programs.
This is a strong and urgent wake-up call for company managements to proactively frame a cybercrime protection conversation with the board. Sure, some board members, “don’t understand that IT risk is part of enterprise risk,” according to Jody Westby, an adjunct distinguished fellow at Carnegie Mellon’s CyLab, in a recent BoardMember.com interview. But why wait for the next cybercrime to make news, spurring a board member to ask, “Could it happen to us?”


Click here to read more .... 

Solutions : www.xcyss.in

05 June 2012

Smuggler arrested for helping N. Korea launch cyber attack


Police have arrested a smuggler for allegedly helping North Korean intelligence attempt cyber terrorism on government computer networks through online game software. The 39-year-old man, surnamed Cho, is under investigation for purchasing 10 versions of gambling software with malicious code from North Korean agents in China and distributing them...........

Police said that Cho was aware of the fact that the software had malicious code programmed for cyber attacks on government websites, but went ahead and brought them into the country.

The malicious code in the software could be used for distributed denial of service (DDoS) attacks. A possible attack can be set up when users of computers or Internet servers download a program with such malware.

The code spreads when the infected systems are connected to the Internet. Hackers then can strike at targeted cyber networks through a flood of traffic that overwhelms the bandwidth or resources a network can manage..................

Click here to read more .... 
Solutions : www.xcyss.in

Internet users face 1800 web attacks every minute


Users browsing the Internet face an average of 108,035 cyber-attacks per hour-or 1800 a minute. In total, cybercriminals used 4,073,646 domains to launch web attacks in 2011. These statistics were generated using the KSN cloud threat monitoring system based on last year’s results. The Internet has become indispensable in our everyday life: we work on the web, shop online, use Internet banking services, communicate with friends and play online games. However, the Internet is the main entry point for malware on any computer..............
Cybercriminals actively use different kinds of legitimate sites to distribute their ‘creations’. To do this they set up pages on social networks to lure their victims, distribute spam in personal messages and actively comment on popular videos and similar postings, including links to malware in their messages...................

Click here to read more .... 
Solutions : www.xcyss.in

04 June 2012

Stuxnet: Obama Ordered Wave of Cyberattacks Against Iran

WASHINGTON — From his first months in office, President Obamasecretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.


“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.


Click here to read more .... Solutions : www.xcyss.in

Cybercrime as big a threat as Al Qaeda

The Obama administration dramatically upped the ante in the botnet wars this week, at least rhetorically speaking, as it unveiled a public-private partnership to detect and clean PCs and other devices that have been infected with malicious code.

Known as bots, these infected machines are often controlled by criminals to send out spam,  attack national infrastructure, steal and sell personal information, such as banking or credit card information, as well as for business espionage..................

One in every ten Americans has some sort of malicious code installed on a personal computer or mobile device.............

Click here to read more ....
Solutions : www.xcyss.in

01 June 2012

Hong Kong firms at risk from Chinese hackers


Security experts have warned multinationals with bases in Hong Kong that they are not immune to cyber attack from China despite the shared sovereignty between the Special Administrative Region (SAR)and its mainland parent.

The Chinese authorities have long been blamed for either officially sanctioning cyber espionage attacks on foreign public and private organisations or turning a blind eye to financially motivated or patriotic attacks on western companies and states launched from within the People’s Republic................

Click here to read more ....

Solutions : www.xcyss.in

Energy assets in front line of cyber war


Global energy infrastructure is more vulnerable than ever in an escalating cyber war thanks to "sons of Stuxnet" electronic missiles, which can be created from the virus designed to sabotage Iran's nuclear program.
Cyber espionage is on the rise, with Chinese hackers stealing field data and cutting-edge technology from energy companies around the world since at least 2009. But the biggest threat to everything from power grids to digital oilfields may come from malware based on the Stuxnet worm, widely thought to have been sponsored by western government agencies....................
Cyber weapons like Stuxnet that can take control of plants appear to be more of an operational danger than the recently discovered Flame virus, which seems designed to gather data...........
Governments are concerned that energy and communications networks would be the first victims of any conflict with a cyber-savvy aggressor................


Click here to read more .... 
Solutions : www.xcyss.in