This blog gets you into the dangers that lurk, as Facebook unveils its Graph search engine.
The fear that lurks in all minds is the misuse of data by cyber scammers with this new search engine. Its launch by Facebook's is to link people in a symbiotic way so that people connect with potential business allies as well as buyers , friends, dates, and the list goes endless. The ethical hacking companies like infySEC voice out to their customers lot of current technical issues through their (https://www.facebook.com/infysec.india) Facebook pages. The probability that Graph Search could enable cyber scammers and malicious hackers’ misuse and abuse social engineering data is also high. Concisely, this Facebook search engine aids in reach of Facebook users who dwell at a specific place and do a particular business. Such a search extends to find pictures of people who dwell or do businesses at a place. The business use of socially engineered data in marketing a particular product is high at the same time such data like place of work, schooling data may used to develop trust and fraud or hack them, or misuse is also there. This is evident in recent times, social engineering events takes a place as tactic, used by competitors who compete in hacking competitions. Experts have proven facts with the aid of sample search could fast obtain personal data on fellow Facebook users to do social engineering style attack with success.
The claim of the experts, if a sample search yield so many data, then granular searches provisions may help in do an authentic duping of innocent web users with impunity .Facebook claim on the data churning out of graph search data are parted by the users and not a steal. It is a mute question that how far the users are knowledgeable to hide data and protect their selves from such lurking dangers out of misuse of data. The hidden secrecy and privacy issues can well decipher from what Facebook had to say about Graph Search and privacy:
“When you share something on Facebook, you get to decide exactly who can see that content. This, of course, is why Graph Search is such a powerful experience: A lot of what you will find is content that is not public, but content that someone has shared with a limited audience that happens to include you....”
The experts cite an example of a basic Graph Search query, of “Photos of Facebook employees.” The beginners the photos that the proprietor has made public with the person doing the search are in view on the photo results page. However, each photo reveals at least one person who has parted with the searcher that they do job at Facebook! In a way it is indirectly, disclose content that the searchers have no reach. Facebook being alert on the security issues is to be seen on the way it circumvent the leak of personal data .Graph Search is scheduled for this summer, with beta testing opening up to chosen users in the interim. Time will reveal the need for privacy and security concerns and with this, I bid adieu.
The millions of PCs at stake as the black web sell new Java exploit for $5000 and all about this illegal sales find a place in this blog.
The programming language Java is about to recover from a grave security flaw with the help of a patch, faces yet another flaw that has not seen the light so far making millions of PCs that may still have the application running on it in to danger. The earlier flaw had a fix by Oracle. The grave nature of it made the U.S. Department of Homeland Security advice the computer users to disable the software unless using it was "absolutely necessary.” Now on seeing the present flaw, the department's Computer Emergency Readiness Team (US-CERT) warns again the users to desist from use of it.
The role of an innovative Black Hat is in and it scouts with a fresh Zero Day vulnerability for the most recent version of Java (version 7, update 11) to up to two purchasers for $5000 each. Thanks to the security blogger Brian Krebs, for citing the offer on an elite cybercrime forum. The package had both weaponized and source code versions of the vulnerability in it. As Krebs notice removal of the offer from the crime forum, assume the exploit transfer is over to the purchaser. Krebs ends with a note "To my mind, this should dispel any illusions that people may harbor about the safety and security of having Java installed on an end-user PC without taking careful steps to isolate the program,". The Bogdan Botezatu, senior e-threat analyst with anti-virus software maker Bitdefender adds to the knowledge that the current Java exploit is deadlier than the last one due to the reason of the absence of knowledge on it as compared to as the earlier flaw where in the exploit security researchers in some popular malware kits know code. With the latest flaw, the purchaser only knows it as awareness level is zero on it for others. Botezatu ends with a note "The current method of exploitation will likely remain unknown for a bigger timeframe, which will also increase the attackers' windows of opportunity," Botezatu noted in a blog that in spite of the patch pressed by Oracle, cyber criminals are steady in exploitation of the vulnerabilities on un patched machines to install ransom ware on them. Oracle's security moves are to address a patch on the Zero Day vulnerability .Oracle also heighten the Java's security setting to "high" by default. Jaimie Blasco, manager of AlienVault Labs, explains, “That means that right now the user has to authorize the execution of Java applets that are not signed with a valid certificate.” The patch management is more an art and provable in the hands of ethical hacking firms like infySEC and seen well in this link (http://www.infysec.com/services/security-and-defense/patch-management).
Bitdefender's Botezatu suggests Oracle to focus on the core components of the software and rewrite it from scratch . Jaimie Blasco noted that that such a move is a great step toward making Java more secure on a browser and all eyes are set on September when Oracle releases the next version of Java.
Hacker turns to be an asset as hacking spree continues and how, answers this blog.
Cyber security interest engulf the hacker as he turns to be a resource person as damages of hacking keeps security experts under tender hooks. The basics of hacking keeps the security experts alert about the vulnerabilities of our infrastructures as well as guard the system from onslaughts.
Hacking turning to be a culture, money takes the back seat and the hacker vows in front of the alter of knowledge to explore the capabilities and reach the pinnacle to crack any security shields in no time. The time has come to industry, private business and governments have look upon hackers as most wanted experts rather than look down them as criminals much wanted by the law of the land. Notice vulnerabilities before attackers could use them is vital, millions of people and devices are linked to the network, a distinctive chance for groups of cyber criminals and state sponsored hackers, who manage the global network will manage the world. Hackers are experts who go on reveal vulnerabilities to use in any style, their labor has a great marketable value, the outcome of their attempts, the use of vulnerabilities is a valuable product for intelligence agencies, and private companies, their acquaintance in fact could unbolt the door to richest businesses. As day goes, cyber attacks unveil government plans to shield infrastructures by hire of hacker as consultants. Japan's Governments initiatives propel its National Police Agency to embark on a plan to sponsor knowledge exchange with ethical hackers to know on prime attack methods in use by cyber criminal firms. Such steps are with an aim to gain more details on such crimes. The establishment dreads the multiply of malicious agents intended to distantly manage victims as reveled by The Japan Times, the police wishes to collect information on the cyber threat and to table an alertness movement on the population to keep away from an attack on big level that could have grave penalty. The defense ministry of Japanese government plans to form a cyber defense unit by 2013 is the reflection of its infliction by cyber attacks in particular by cyber espionage movement that beat its industrial and research sectors. Next in the row is the U.S. Government, which declare the National Day of Civic Hacking, scheduled for the next 1 and 2 June .The U.S. government open appeal all cyber experts to contribute on improvement of the electronic systems of the country is the best step in the right direction of cyber security. The other countries are China, Russia, Iran, North Korea and Israel and the same U.S. are the countries that focus investments on new cyber units comprising hackers and make them concentrate on offensive cyber operations and cyber espionage campaigns. In India, as there is no dearth of ethical hacking experts, a action plan to integrate the best among them like infySEC (www.infysec.com ) in to a public private partnership set up by Government of India (GOI).
The question raises a essential question, which are the boundary of ethical hacking? When hackers find out vulnerability, which is the right and ethical behavior to assume? The laws have to evolve to define the boundary and I leave here to bring in more cyber news.
This blog is all about Anonymous taking DDoS attack as a legal form of protest.
The Anonymous claim of DDoS attack as a form of constitution guaranteed protest sparks many debates.
Distributed denial-of-service attacks do have the unique stamp of Anonymous. The group is more if a shapeless mob in which whoever think of to go for hijacks at any particular second - settle on that it's really crazy about a bit, issues the typical "We Are Legion. It’s is a against the law, logically, but some razor-sharp thinkers are trying to alter that through a appeal filed on the official White House web site. "With the advance in internet technology, comes new grounds for protesting. Distributed denial-of-service (DDoS), is not any form of hacking in any way. It is the equivalent of repeatedly hitting the refresh button on a webpage," the appeal, captioned “Make distributed denial-of-service (DDoS) a legal form of protesting," utters. "It is, in that way, no different than any 'occupy' protest," it prolongs. "Instead of a group of people standing outside a building to occupy the area, they are having their computer occupy a website to slow (or deny) service of that particular website for a short time.” The appeal also calls for the freeing of people who behind bars for launch of DDoS attacks. The way things move, an alert army of ethical hacking consultant are necessary to protect commercial firms website against DDoS attacks. At the same time, well-equipped ethical hacking firms like infySEC save the commerce of the online business from a standstill through services (http://www.infysec.com/services/security-and-defense/website-security) like website security.
It is a stupid thought with no optimism of victory, but it does in fact have some foundation in legality. The First Amendment say openly, among other things, that Congress shall make no law reduce the right of the people "peaceably to assemble, and to petition the government for a redress of grievances," which according to the Illinois First Amendment Center specifically provides the right of the public "to march, protest, demonstrate, carry signs and otherwise express their views in a nonviolent way." That, the appeal vie, precisely what Anonymous is doing with its DDoS attacks. The DDoS appeal is looking for 25,000 signatures by February 6, but even if it to do that - and it is still well short of the initial thousand at this point - the U.S. government will more or less certainly ignore it. However, the idea warrants a sharp look and I stop here to gather more cyber news that is interesting
The multiple attacks on computer networks and the Kaspersky Lab’s Global Research & Analysis Team unveiling the attack code named Operation Red October form the crux of this blog. The name of the famous novel The Hunt for the Red October (ROCRA) gets a borrow as attacks throng hundreds of machines of Government ,Diplomatic / embassies, Research institutions, Trade and commerce, Nuclear / energy research, Oil and gas companies, Aerospace and Military. The attacks were highly aimed and enterprise network equipment and mobile devices (Windows Mobile, iPhone, Nokia) bore the brunt. The nefarious acts predominant were like usurping files from removable disk drives, pinching e-mail databases from local Outlook storage or remote POP/IMAP server and drain off files from local network FTP servers. The trails of the cyber-espionage campaign dates back to 2007. Such a campaign going steady even now usurps extensive details like those of service credentials recycled for future attacks. The control architecture in disclose were very multifaceted and extensive wherein 60 domain names and several server hosting finds its destination in many countries primarily Germany and Russia. The specialty to the C&C architecture is in its expertise that camouflages the mothership-server true proxy functionality of every node in the malicious configuration that encompasses the network. The act of sinkhole by Security experts made possible only in six of the 60 domains in operation between 2 Nov 2012 to 10 Jan 2013, registering over 55,000 connections to the sinkhole from 250 different victim’s IPs from 39 different countries, with pre-dominant of IPs belong to Switzerland. The next were of Kazakhstan and Greece.
Vulnerabilities under exploitation
Three various vulnerabilities that are in vogue face exploitation, much to the chagrin of the security expert. CVE-2009-3129 with MS Excel attacked that date back to 2010 and 2011 is one followed by CVE-2010-3333 and CVE-2012-0158 with MS Word (MS Word) face attacks in the summer of 2012. The proof that landed during the investigation let security specialists to speculate on the attack as to have Russia back up but it has the no trails of other cyber attacks that are in practice now. The looks of Chinese origin hacker’s handwork were more to be in the exploits. A constant vigil of such exploits is possible with ease for ethical hacking consultants. The services (http://www.infysec.com/services) of ethical hacking companies like infySEC it proves it too.
The attacks process was in two discrete stages:
The first stage drops the malware through e-mail attachments that are in Microsoft Excel, Word as well in PDF documents to tempt victims open the malevolent document with impregnated malicious code that starts the fix of the main component. This way the messages pass to the C&C servers as well the malware gets from the C&C server as a number of extra spy modules. The Russian trails made public by Jeffrey Carr, founder and CEO of Taia Global, Inc, The developers behind ROCRA, who are Russian, are at ease using Chinese malware and acclimatize it for their own use says the Kaspersky report. This matches the Russian Business Network profile to a‘t’. When 13 IPs listed in Kaspersky’s report have a run against the RBN list maintained by James McQuade and five IP blocks have the match.
1) Malicious servers
220.127.116.11 matches to 178.63.
18.104.22.168 matches to 188.40.
22.214.171.124 matches to 78.46.
126.96.36.199 matches to 88.198.
188.8.131.52 matches to 91.226.
The relationship of Russian Business Network (FBN) nexus with the Russian government took a backseat when the Federal Bureau of Investigation (FBI) required the help of the Federal Security Service of the Russian Federation (FSB) to close down their functions in 2007 and that it has sustained in service under cover over a period. The symbiotic relationship between FSB and RBN in terms of data exchange let the RBN to function as a illegal venture; Red October is already the most important discover of the new year by Kaspersky .
Europol report on structured crime groups in Europe active in credit card fraud finds a place in this blog.
European Police Office (Europol) statistics reveal that a whooping value of 1.5 billion (US$2 billion) a year involves payment card fraud. The report adds Payment card fraud is "dominated by well structured and globally active organized crime groups," as well as it is a "low risk and highly profitable criminal activity," The recommendations of the Europol report includes the need for European Union to be flexible to enable Europol to work more considerately with non-European countries. The roadblocks are the pitfalls that prevail with global investigations as well as the dependence on private industry to make good losses involving credit card fraud. Such roadblocks leads to the structured crime groups go away with illegitimate income with impunity. Further, the report identifies the main lacunae as. "It seems that the E.U. response to the payment card fraud problem is not harmonized or fully supported by all actors -- card schemes, card issues, processing centers, law enforcement agencies and judicial authorities,". The data of credit cards are in sale through “ideal illicit Internet community" and goes to the hand of structured crime groups to purchase goods and services online with the stolen card data. The significant factor in the credit card heist is since, 2010, Europol find an increasing number of financial data breaches against E.U.-based merchants and card processing centers as well as plenty of the credit card numbers tainted in the E.U. originates from U.S. data breaches. Networks of so-called mules too are active in to online credit card fraud centered on the illegal purchase of high-value products as well as travel services from airlines.
The counter measures by E.U., are the EMV (Europay, MasterCard and Visa) standard for integrated circuit cards as well as thwart overseas transactions using E.U.-issued cards through enforce of advance activation needs for abroad transaction. Thanks to the Chip-embedded cards that have such numerous security protections. The said step termed as Geoblocking involves blocking of overseas transactions proves effective as major illegal face-to-face, card skimming, transactions involving E.U. cards take place beyond the boundaries of Europe, that too in U.S. Geoblocking may look little bit" inconvenient" for card holders but support received to it is high. The role of ethical hacking company is educating the public on dangers that lurk in the online use of credit card is much. The task involving public interest do done by ethical hacking company like infySEC which is seen through this link (http://www.sparktherise.com/projectdetails.php?pId=8869) and here emphasis given on free IT education to the needy. Here now I take a break and be back soon with more cyber news.
This blog is all about a small UK site that faltered in password security made US Banks to sink under DDoS attacks.
Thanks to Incapsula security firm for the revelations. The administrative password that manages a tiny UK site quickly subject to exploits by Botnet who were in outside of Turkey and a barrage of traffic storms American banks. The reason for this strong current of DDoS attacks aiming major U.S. banks currently by Izz ad-Din al-Qassam, a hacker group is that it is a tit for tat for tarnishing the image of Prophet Muhammad by an anti-Islam video as well as a constituent of the present “Operation Ababil.” Incapsula security team burn midnight oil to expose one of the furtive at the back of the onslaught is the compromised general-interest UK-based website that attempts to throw huge mass of junk traffic at three of the world's leading financial institutions such asPNC, HSBC and Fifth Third Bank. The disruption due to attacks made this website at the centre of attraction unveils many security events. It is all because of many requests with encoded PHP code payload came into being. Incapsula intervene these requests and tracks it to a backdoor shell that was in application to capture the site. The security flaw came to the forefront and it the entire administrative password being admin / admin. The security team could obviously recognize them as DDoS attack through decode of the inward PHP requests commands, instigate from a Turkish web design company website took the role of a remote Botnet C&C. The Turkish website dons the role of an extra buffer between the actual hacker and U.S. origin banks as their targets. The UK website function in shifts” to create HTTP and UDP flood attacks . As Incapsula team did prevent as well as watched incoming DDoS commands during which the list of targets includes e-commerce and commercial websites of other countries along with American banks.
Incapsula Security Analyst, Ronen Atias in his final words said: “This is a good example of how we are all just a part of a shared ecosystem where website security should be a shared goal and a shared responsibility.” Here in such a scenario, ideally an ethical hacking consultant forewarn such DDoS attacks through their web security services. Such a service offer with infySEC, the ethical hacking firm is notable for its good coverage of all types of web attacks ( http://www.infysec.com/services/security-and-defense/website-security) . Here I complete and back soon with more cyber news.
Cyber expert’s prediction on Wales as a safe haven for giants like Apple and Microsoft to invest forms the crux of the blog.
Wales has a real chance to become an international leader in cyber security and win investment from industry giants such as Apple and Microsoft are the expert claims. David Taylor, a former Wales Office special advisor made up to qualify in internet threats at the Massachusetts Institute of Technology is one among the said experts. His interview to the media evokes many thoughts that reflect the opportunity for Wales to put on a competitive advantage at a time when governments stress to the brim by online perils.
In the words of David Taylor: “We could in a short space of time become the most cyber-educated country in the world.”The Westminster defence committee skeptical on the on armed forces relay are on information technology that their capability to operate could be “fatally compromised” by a continued cyber attack. The capacity of Government to deal with cyber attack itself needs a review as the threats form at a speed beyond comprehension. Mr. Taylor, at present don the cap of a director at Cardiff-based Westgate Cyber Security, is on the assignment to assist business and public sector bodies to assimilate and face dangers and he ends with a note that “It is highly significant that the defence select committee recognize cyber security as an increasingly central part of national defence. This is a timely warning from MPs that cyber needs to be at the heart of Britain’s and NATO’s defence strategies.“ The threats and the challenges are real – emerging powers are investing massively in their offensive and defensive capacities. In the 19th century the key to global power was a strong navy, in the 20th it was air power that came to predominate, while in the 21st it looks more and more likely that the key defensive capacity will be the battle of the bits and bytes.” However, he sees opening as well as risk for Wales, and wants governments to invest in knowledge. His claim that 90% of cyber crimes occur due to individual’s error and that the precise training can offer people in business and government with important skills. A standing for safety will, he argues, will assist Wales to struggle against other countries to divert the investment. Here it is appropriate to quote the initiative shown by infySEC to train the needy in Information Technology through their “Spark the Rise” project ( ) which has gained support through more than 16000 votes. I take a respite and will be back with more cyber news soon.
Networks are open books nowadays as someone or other can poach and probe it. This blog gives a bird’s eye view of it and its remedies.
Such a probing or poaching is all for a steal but not only for it. It may be for a store of illegal content or a defacement of the website or last but not the least for a heck of it. The said tasks are becoming easier day-by-day simple all with tailored made tool done in a programmed manner. It is all about network scanners, hackers use with ease to assess networks around the globe since a network scanner is one of the simple and effective one to poach. Therefore, the tool is of a great use o a network administrator as he can be on a hackers shoe and note the vulnerability and plug the holes o keep the hackers at bay. Network scanners do programmed tests of systems over the network. The beauty of it is the absence of their requirement of any other software for insertion on the “target” machines. The network scanner attempts to reach the target system with the help of on what available for it over the network. Therefore, the checklists to do of the network scanner to be safe and secure before the hacker cracks our networks.
1.Make an inventory of your Vulnerabilities:
Vulnerabilities continue and network scanners are capable to utilize databases of recognized vulnerabilities to verify that if any of it there will endanger your systems. Therefore, it is an advice to make it up to date that database on a regular basis since novel vulnerabilities peep in often.
2. Scan the ports:
The type of systems that run in the network is best assess able with speed through a port scanner. Next step is to take a decision of what should be accessible for the network from the Internet. When the requirements are shortlisted, validation of that with a port scanner completes the task. Now supplement it with a mix of firewall rule cleanup and system hardening to close down anything that does not fit in.:
3. Never Passwords be as default ones:
The Internet has an inventory of thousands of default password lists for the poachers to poach in. Be alert to choose a tough password for the network that is not in ease to decipher by attackers and unauthorized access is stifled.
4. Running services
Services are essentials in every server as well as pathway to compromise it. However, unnecessary services run as default by oversight or ignorance of admin. Such services are brought out with the run of network scanner and then culled .
5. Remote access
Experts say that on their experience on default passwords, remote access software are the black sheep that, run on systems enable clandestine entries. Telnet, SSH, RDP, GoToMyPC, LogMeIn, PCAnywhere and other applications can be traced with the use of network scanner and closure of not required ones are must to reduce the risks to networks.
All the said five critical checks need to be there in a regular way with a network scanner go a long way for a foolproof network. A scan from external to visualize on threats that over power firewall and scan from the internal network to find inside threats along with the harms caused are necessary. Simulating the way attacker work will make sure no stones are unturned in a security mock exercise done by the net work administrator. Knowing your systems the way an attacker will, helps you to ensure everything is safe. The firms with network administrator bogged with multiple functions can very well hire ethical hacking consultant. Few have expertise like infySEC , leading ethical hacking firm, protecting client networks and their services in information systems audit in this link (http://www.infysec.com/services/controls-and-assurance/information-systems-audit) show it all. I give a small break to my grey matter and will be back with more cyber news.
The European Union (EU) has a good start in the cyber crimeons front and this blog tells all about it.
The first and foremost initiative is the open of European Cyber crime Center (EC3).The center will be a hub to monitor online fraud, Internet predators who sexually exploit children, and hackers. It is ideally located inside the headquarters of Europol, the European Criminal Intelligence Agency. The Director of Europol and the Head of the European Cyber crime Center (EC3) opened the EC3 on 11 January 2013 at Europol’s headquarters in The Hague, The Netherlands. EC3 will cater to the growing needs for containing cyber crime coupled with a speedy response to the online crime thereby curtail its spread. It will extend its support to the Member States and the European Union’s institutions to develop operational and diagnostic capacity for investigations and collaboration with international partners. When ethical hacking firms like infySEC have a base at London,U. K, such center will certainly have a respite. The reason being, infySEC has a host of services (http://www.infysec.com/services) to safeguard the public from internet frauds as well as corporate social responsibility efforts to educate them in Information Technology and one of such effort done in India is seen in this link (http://www.sparktherise.com/projectdetails.php?pId=8869). The said effort is getting an excellent support so from clients, vendors, students, and friends numbering so far more 16800 and as day passes it is increasing.
EC3 kick starts its operations with a three mandates in their cards.
To engage in curb of cyber crime in areas like:
1) Online fraud by the handwork of organized groups to make large criminal profits
2) Activities that which causes grave destruction to the victim such as online child sexual exploitation
3) Acts that sabotage critical infrastructure and information systems in the EU
The EC3 Expo had a mixed audience comprising analysts and specialists who made speeches on the activities of the European Cyber crime Center. Grzegorz Mazurkiewicz, an EU expert in cyber crime comments bring out the importance of the EC 3 “The European Union is the largest market for payment cards transactions, and it is estimated that organized crime groups derive from payment card fraud 1.5 billion euro a year.” The European Commission proposal for the new center given in March 2012 has reached the fruition and a solution to deal with cross-border crime has finally arrived. The EU executive supposes that this harmonized approach will see more internet criminals put behind bars. Troels Oerting, head of the European Cyber crime Center ends “We will be able to give an overview to the Member States on crime; we will give operational support to cases, give forensic support and we will also help the Member States with capacity building and outreach,” I take a break only to outreach for more cyber news.