Showing posts sorted by relevance for query Europe. Sort by date Show all posts
Showing posts sorted by relevance for query Europe. Sort by date Show all posts

Embedded Linux Conference Europe (ELCE)

Posted by Avik Sarkar On 10/09/2011 07:35:00 pm

The Linux Foundation and CE Linux Forum announced a schedule for the Embedded Linux Conference Europe (ELCE), set to take place Oct. 26-28 in Prague. Co-located with LinuxCon Europe, ELCE 2011 offers 50 presentations on Linux and Android -- including projects such as Genivi, Yocto, Linaro, and possibly Tizen -- plus speakers ranging from Linus Torvalds to Intel's Dirk Hohndel.
This year's Embedded Linux Conference Europe conference is the second ELCE event since the CE Linux Forum (CELF) forum merged into the Linux Foundation (LF) as a working group in Oct. 2010. (The first post-LF event occurred the same week the merger was announced last October in Cambridge, U.K.)  CELF also sponsors the U.S. ELC show, which this year was held in April in San Francisco. Merging with the LF brings some benefits to CELF's conference attendees, in that ELC/ELCE registrations also provide free passes to co-located LF conferences. In Prague, for example, ELCE attendees can also attend the world debut of LinuxCon Europe, which will be held at the same venue during the same three-day Oct. 26-28 period. A GStreamer conference is also co-located with the events.
ELCE will start off Oct. 26 with an address from LF Executive Director Jim Zemlin, who will "imagine a world without Linux." This will be followed by a Kernel Developer Panel that features a star-studded cast including Linux creator Linus Torvalds (pictured at right), real-time Linux pioneer Thomas Gleixner, Intel's Alan Cox, and IBM's Paul McKenney. The Oct. 27 keynotes, meanwhile, include Ixonos President of Global Solutions Antti Aumo discussing the "Cloud Phone," which may or may not refer to his company's announced support for the HTML5-focused Tizen spin-off of MeeGo and LiMo. Aumo's address will be followed by Intel Chief Linux and Open Source Technologist Dirk Hondel (pictured at left) offering a "Reflection on 20 years of Linux." Perhaps Dirk, too, can help the somewhat skeptical Linux community understand how Tizen will do any better than MeeGo and LiMo.

Further information:-
The Embedded Linux Conference Europe (ELCE) will be held October 26-28, Clarion Congress Hotel, in Prague, Czech Republic. Combined registration for ELCE and the collocated LinuxCon Europe, costs $550, with discounts available for students and "hobbyists."

Registration specifics may be found on this ELCE Europe registration page.
More general information and session details may be found on the ELCE Europe site.


-News Source (ELCE, Linux Foundation)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced

Posted by Avik Sarkar On 9/15/2012 03:47:00 pm

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced 

The Linux Foundation declared the schedule of for the second LinuxCon Europe event, which will take place from 5 to 7 November in Barcelona, in Hotel Fira Palace, has been posted on the conference's web site. LinuxCon Europe will bring together the best and brightest that the Linux community has to offer, including community developers, system administrators, business executives and operations experts. LinuxCon Europe will deliver attendees top notch speaking talent (from across Europe and around the globe), innovative and abundant program content, and a wide variety of opportunities to connect with peers. Keynote speakers include Canonical founder Mark Shuttleworth and Eucalyptus CEO MÃ¥rten Mickos. The conference will also feature a discussion of the latest technical advancements in the Linux kernel between Linus Torvalds and Intel's Chief of Linux and Open Source Technologies Dirk Hondel. Scheduled talks include Google's Theodore Ts'o speaking on "Optimizing File System Performance When Memory is Tight" and a talk by Intel developer Marcel Holtmann on new challenges for network support in embedded and consumer applications of Linux. Red Hat employee Ric Wheeler is heading a panel of developers from several SSD caching projects who will discuss how SSDs can be used in Linux as caches for more traditional storage media. Projects that are covered in the schedule include LibreOffice, OpenStack, oVirt, LXC, systemd and Qt. 
Also the schedule for the co-located Embedded Linux Conference Europe has also been posted by Linux Foundation. Last year Embedded Linux Conference Europe (ELCE) took place at October in Prague. 


-Source (The-H & Linux Foundation)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

Posted by Avik Sarkar On 1/13/2013 05:51:00 pm

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

We all are aware of FBI's Internet Crime Complaint Center also known as IC3, which is protecting U.S. citizen from cyber criminals and attacks. But the cyber world is not limited to U.S. so as cyber criminals, and to get rid of this and while protecting every countries digital fence safe and secure there need to be organizations like IC3. All the growing and developing countries across the globe are in rush to ensue maximum digital and cyber security. This same rush and impact also applies for Europe countries and the result is in front of us. As the fight against cyber crime in Europe has got a new home. The European Cybercrime Centre (EC3) officially open its doors from this January 11, at the European Police Office, Europol in the Hague. In the middle of last year European Commission declared that are preparing a cybercrime center to fight against cyber threats. And after an effort of six months they made it possible and live for the people of Europe. Such organization will surely enhance the cyber security of European countries.  In the official press release EUROPA said "EC3 will be up and running to help protect European citizens and businesses from cyber-crime." 

EC3 officially commenced its activities on 1 January 2013 with a mandate to tackle the following areas of cybercrime: 
  • That committed by organised groups to generate large criminal profits such as online fraud
  • That which causes serious harm to the victim such as online child sexual exploitation
  • That which affects critical infrastructure and information systems in the European Union

According to the press release of European Commission - "The Cybercrime Centre will give a strong boost to the EU's capacity to fight cybercrime and defend an internet that is free, open and secure. Cybercriminals are smart and quick in using new technologies for criminal purposes; the EC3 will help us become even smarter and quicker to help prevent and fight their crimes", said Commissioner Malmström.
"In combatting cybercrime, with its borderless nature and huge ability for the criminals to hide, we need a flexible and adequate response. The European Cybercrime Centre is designed to deliver this expertise as a fusion centre, as a centre for operational investigative and forensic support, but also through its ability to mobilise all relevant resources in EU Member States to mitigate and reduce the threat from cybercriminals wherever they operate from", said Troels Oerting, Head of the European Cybercrime Centre
Investigations into online fraud, child abuse online and other cybercrimes regularly involve hundreds of victims at a time, and suspects in many different parts of the world. Operations of this magnitude cannot be successfully concluded by national police forces alone.
The opening of the European Cybercrime Centre (EC3) marks a significant shift in how the EU has been addressing cybercrime so far. Above all, the approach of the EC3 will be more forward-thinking and inclusive. It will pool expertise and information, support criminal investigations and promote EU-wide solutions.
The EC3 will focus on illegal online activities carried out by organised crime groups, especially attacks targeting e-banking and other online financial activities, online child sexual exploitation and those crimes that affect the critical infrastructure and information systems in the EU.
The Centre will also facilitate research and development and ensure capacity building among law enforcement, judges and prosecutors and will produce threat assessments, including trend analyses, forecasts and early warnings. In order to dismantle more cybercrime networks and prosecute more suspects, the EC3 will gather and process cybercrime related data and will provide a Cybercrime Help desk for EU countries' law enforcement units. It will offer operational support to EU countries (e.g. against intrusion, fraud, online child sexual abuse, etc.) and deliver high-level technical, analytical and forensic expertise in EU joint investigations. 

For Detailed Information Please Visit The Official Website of Europol's EC3 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ronaldinho's website has been hacked

Posted by Avik Sarkar On 5/16/2011 04:12:00 am






Ronaldinho's website has been hacked by someone appearing to support Osama bin Laden. GloboEsporte.com reports the hacker posted a photo of bin Laden and statements supporting Islam, as well as comments in Arabic attacking Ronaldinho's "hatred" of Islam. The site was hacked for a few hours on Saturday, according to the GloboEsporte.com website and other local media. Ronaldinho could not be contacted for comment. He signed with Flamengo in the beginning of the year, returning to Brazilian football after 10 years in Europe. He helped Flamengo win the Rio de Janeiro state championship, but fans had been jeering him recently because of poor performances that culminated with the team's elimination from the Brazilian Cup on Wednesday.


Hacked Site:-
www.ronaldinhogaucho.com



Brazilian footballer Ronaldinho got a surprise this past Friday when his agents and fans visited his webpage only to find that it had been hacked to smithereens.  It wasn’t attacked by a supporter of a rival football club. Oddly enough, it was attacked by a fan of Osama bin Laden, instead.
The hacker, allegedly nicknamed Terrorist MC, posted unflattering pictures of Ronaldinho near Star Wars character Jah Jah Binks and the bearded ex-leader of Al Qaeda, OBL himself.
Terrorist MC wrote that he is “Muslim forever”, and will “not stop the hacking”. The new home page was written in English and Arabic.  The hacker also included some choice words for US President Barack Obama, who ordered the Abbottabad, Pakistan raid on May 1 that led to the killing of bin Laden.
Ronaldinho’s site was back to normal on Saturday.
The Brazilian soccer sensation, known for both his smile and his kangol as much as he is known for his dribbling skills on the pitch, left AC Milan late last year to return to Brazil. He plays for Rio de Janeiro’s most popular team, Flamengo. Prior to moving to Europe, Ronaldinho got his start in major league Brazilian soccer for Rio Grande do Sul club Gremio.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HACKACTIVITY The Largest Hacker Conference on Central & Easter Europe

Posted by Avik Sarkar On 9/08/2011 09:14:00 pm


Another large Security conference and hackers meet is about to begin. The conferance named HACK-ACTIVITY which will be the largest Hacker Conference on Central & Easter Europe will took place on September 17 & 18th of 2011 in Millenairs /Hungary & Budapest. There will more than 50 speakers around the whole spectrum who will conduct the event, Hacktivity is also a part of Global Cyberlympics.

Brief About Hacktivity:- 

The story of Hacktivity started in 2003 when a group of security experts were looking for a forum to meet and exchange experience. Since then each year the number of participants has doubled at the oldest independent Hungarian event.

Since 2010 Hacktivity has been a fully international event with all programmes held bilingually. In 2010 1,000 participants including official and alternative information security experts,  students and teachers from universities and colleges offering IT degrees, professional organizations from the countries of three continents (Czech Republic, Slovakia, Poland,  Romania, Serbia,  France,  Germany, Portugal, Korea, USA, Hungary) attended the two-day event. The conference received never-before-seen media coverage with television crews ranging from the state television of the People’s Republic of China through French television channel AFP to Al-Jazeera and almost a dozen other channels shooting on the conference location.

At the 4,000 sqm conference venue live demo presentations are held in 2 sections along with workshops, book presentations and games (Capture the Flag, Hack the Vendor, Wargame) to make the programme diverse. The professional day is completely free of marketing content. Candidates must apply to be among the speakers selected by the programme committee on the basis of professionalism, experience and leading knowledge. Our sponsors (whose number is continually on the rise) are present at the event in a unique way through stands, games and special entertainment programmes.

To know more about the event click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Professor Warner Helps FBI To Crack "Trident Breach" ($70 Million Cyber-crime Ring)

Posted by Avik Sarkar On 3/23/2012 03:45:00 pm

Professor Warner Helps FBI To Crack "Trident Breach" ($70 Million Cyber-crime Ring)

Earlier in 2008 cyber criminals have managed to steal more than  $70 million from the payroll accounts of some 400 American companies and organizations – all from the safety of their homes in Eastern Europe. The case was known to us as "Trident Breach". As expected FBI was inspecting that case but hardly get success. 
At the beginning of 2008, the group of hackers compromised hundreds of thousands of Americans computers using a malicious computer “Trojan” bug called ZeuS. When computer users clicked on certain attachments and e-mail links, ZeuS infected their computers. ZeuS is designed to zero in on users’ bank information. For example, when a user visits a bank website, ZeuS knows; and since it is a key logger program, it records the user's keystrokes as he or she enters usernames and passwords. It then sends that information by instant text message to waiting hackers, who then have access to the compromised accounts. Henry is one of the country’s top cybercrime fighters. He says Americans are increasingly prone to “virtual gangs” prying on people’s personal data stored on their computers. In late 2008, they created some 3000 money mules, many of them unwitting Americans, by luring them into work-at-home jobs requiring "employees" to open bank accounts.
Later FBI appoint Prof. Gary Warner of the University of Alabama at Birmingham, who teaches a program that combines computer forensics and justice studies. Warner is also a member of the little-known FBI-affiliated group called InfraGard, comprising some 50,000 members across the United States who keep an eagle eye on U.S . critical infrastructure: power plants, water supply, security and financial services…and the Internet. After the entry of Warner the investigation turns. Warner said hackers transferred cash from business payroll-type "ACH" (Automated Clearing House) accounts to the mule accounts and the mules sent the cash by Western Union or MoneyGram to Eastern Europe, taking eight or 10 percent commission. So stealthy was their ZeuS operation, neither the hackers nor the mules had counted on getting caught. But, using complex data mining techniques, Prof. Warner established links between ZeuS-infected computers and traced the origins of the mass infection to Ukraine; and many of the hackers and their mules were caught. And after the FBI published a wanted poster of the students, Warner’s students began using what they’d learned in class to track the criminals. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

PlayStation Network Restored and Qriocity Services Begins

Posted by Avik Sarkar On 5/15/2011 02:19:00 pm


Sony Corporation and Sony Computer Entertainment (SCE) announced that Sony Network Entertainment International (SNEI, the company) will today begin a phased restoration by region of PlayStation®Network and Qriocity Services.  The phased restoration will be on a country by country basis beginning in the Americas, Europe, Australia, New Zealand, and Middle East.

The first phase of restored services for these countries and regions will include:
  • Sign-in for PlayStation®Network and Qriocity services, including the resetting of passwords
  • Restoration of online game-play across PS3 and PSP
  • Playback rental video content, if within rental period, of PlayStation Network Video Delivery Service on PS3, PSP and MediaGo
  • Music Unlimited powered by Qriocity, for current subscribers, on PS3 and PC
  • Access to 3rd party services such as Netflix, Hulu, Vudu and MLB.tv
  • 'Friends' category on PS3, including Friends List, Chat Functionality, Trophy Comparison, etc
  • PlayStation Home

Increased Security Measures
As the result of a criminal cyber attack on the company's data-center located in San Diego, California, U.S.A., SNEI shut down the PlayStation Network and Qriocity services on April 20, in order for the company to undergo an investigation and make enhancements to the overall security of the network infrastructure. Working closely with several respected outside security firms, the company has implemented new and additional security measures that strengthen safeguards against unauthorized activity, and provide consumers with greater protection of their personal information.
The company has made considerable enhancements to the data security, including updating and adding advanced security technologies, additional software monitoring and penetration and vulnerability testing, and increased levels of encryption and additional firewalls.  The company also added a variety of other measures to the network infrastructure including an early-warning system for unusual activity patterns that could signal an attempt to compromise the network.
"I'd like to send my sincere regret for the inconvenience this incident has caused you, and want to thank you all for the kind patience you've shown as we worked through the restoration process," said Kazuo Hirai, Executive Deputy President, Sony Corporation.  "I can't thank you enough for your patience and support during this time. We know even the most loyal customers have been frustrated by this process and are anxious to use their Sony products and services again. We are taking aggressive action at all levels to address the concerns that were raised by this incident, and are making consumer data protection a full-time, company wide commitment."
"During the past 18 months, we've seen a dramatic rise in the volume of cyber attacks, their sophistication and their impact on businesses. Thwarting cyber-crime requires an evolutionary approach to security that is well integrated, reduces risk exposure and improves efficiencies," said Francis deSouza, Senior Vice President, Enterprise Security Group, Symantec. "Today's cyber crime attacks are proving to be more covert, more targeted and better organized than those we've seen in years past. In working with Sony on the move of their data-center, it's clear they're implementing measures to reduce security risks moving forward."  
As an additional measure, Fumiaki Sakai, president of Sony Global Solutions Inc. (SGS), has been appointed acting Chief Information Security Officer of SNEI.  In addition to his current role at SGS, Mr. Sakai, in his role at SNEI, will work to further reinforce overall information security across the company's network infrastructure.  Mr. Sakai will lead the recruiting effort in finding a new and permanent CISO for SNEI.  As CISO, Mr. Sakai will report to Tim Schaaff, president, SNEI, as well as to Mr. Shinji Hasejima, CIO, Sony Corporation.  
"While we understand the importance of getting our services back online, we did not rush to do so at the expense of extensively and aggressively testing our enhanced security measures. Our consumers' safety remains our number one priority," Hirai continued. "We want to assure our customers that their personal information is being protected with some of the best security technologies available today, so that everyone can feel comfortable enjoying all that PlayStation Network and Qriocity services have to offer."  
The restoration of the services across the Americas, Europe, Australia, New Zealand, and Middle East are beginning, and consumers will be able to enjoy some of the online functionality provided by both the PlayStation Network and Qriocity services.  Phased restoration in Japan and other Asian countries and regions will be announced in due course.  The company expects to have the services fully restored by the end of May 2011.  
The company will be offering customers a "Welcome Back" package of services and premium content to all registered PlayStation Network and Qriocity account services.  The details of this program will be announced in each region shortly.  
For more information about the PlayStation Network and Qriocity services intrusion and restoration, please visit http://blog.us.playstation.com or http://blog.eu.playstation.com/


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Phishing: E-Mail Needs Authentication

Posted by Avik Sarkar On 4/25/2011 11:06:00 pm

In the wake of the Epsilon breach, organizations have taken the lead to notify consumers, telling them their e-mail addresses have been exposed and linked to information that could subject them to phishing attacks.
The breach highlights the increasing sensitivity of e-mail. "E-mail addresses have been vulnerable since e-mail addresses were created," says Rohrbaugh, vice president of information security for Intersections Inc.
Rohrbaugh says phishing attacks are increasing and provide the best means for fraudsters to get their hands on consumers' identities -- which inevitably leads to fraud. "Social engineering is a very successful tool for the criminal," he says. "Phishing is more sophisticated." It's come a long way since the early days of "shotgun" phishing. Today's attacks are targeted.
In this interview [transcript below], Rohrbaugh discusses:
  • Online security;
  • Consumer responsibility for online safety and the protection of personal information;
  • E-mail server authentication.
Rohrbaugh is a technologist with more than 20 years of government and private sector experience. Rohrbaugh's security career started in the military and continued under government projects for CSC at NATO, DISA, NMRC as an architect; and ST&E team lead and instructor for information security. After entering the private world and working for Metamor WW, Rohrbaugh started an e-business consulting firm that served the U.S. and Europe. Rohrbaugh then brought his information security experience to the financial sector and joined Intersections, which provides identity theft solutions to financial institutions in North America. Rohrbaugh's main focus is anti-fraud, ID verification (U.S. Patent holder) and security architecture.

Phishing: Social Engineering

TRACY KITTEN: Phishing attack concerns have been heighted by the Epsilon e-mail breach, which is believed to have exposed countless consumer e-mail addresses affiliated with loyalty programs and marketing campaigns. How vulnerable are we to phishing and subsequently ID theft when fraudsters have access to e-mail addresses and affiliations that link those addresses to other information? I'm here today with Tim Rohrbaugh, vice president of Information Security for Intersections Inc. which provides the recovery service for the Identity Theft Assistance Center. Tim, can you give our audience just a general idea about the state of phishing generally?
TIM ROHRBAUGH: Phishing is simply a form of social engineering. Humans have been manipulating other humans for the purposes of gaining confidential information since we first started to communicate. The job of social engineering today is made a little bit easier, because of a lot of our evolved defenses are rendered useless. You can look at a person and make a characterization about whether they are a male or a female if they're in front of you, or maybe you know if they look confident or desperate, and those things are not available to you when you're dealing with e-mail. So, now we have to respond to an e-mail or a text and react in the same way if facing somebody in person. With e-mail, as a communication medium, all we have to look for is a sender's name. The links, which can be covertly hidden within the mail message itself, have to be recognized as legitimate or not -- whether they are leading off some place that you didn't suspect. The other thing to look for is the e-mail time link. Is it in context? Did we just recently read from our financial institution or local government that they would never send an e-mail asking for this information. These are all things that we're trying to evaluate when the e-mail comes in and determine what we're going to do. Today there is still not a good indication that the e-mail is from a verified source. The mail servers in between are trying to do authentication, but it's not fully implemented around the network. The junk mail filters work part of the time, but phishing attacks have changed a little bit.
KITTEN: How have phishing attacks advanced? And when I talk about the advancement of phishing attacks, I'm talking about beyond just phishing links. What other types of techniques are fraudsters using to hijack personal information?

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux Repository Kernel.org Was Under Cyber Attack

Posted by Avik Sarkar On 9/04/2011 03:00:00 pm


Kernel.org, a site that distributes Linux source kernels, has suffered a breach of security according to a leaked email by Chief Administrator John Hawley. First noticed on August 28, it's believed multiple infected servers sat undetected for 17 days. Shortly after the leaked email went public, Kernel.org released a statement confirming intruders had gained root access to at least one server. The intruders reportedly gained access to the server with compromised user credentials, but it's unknown how they obtained root access from there.
Files belonging to SSH were modified and running live. A Trojan was also added to the start-up scripts and all user interactions were logged, possibly compromising usernames and passwords. The infected servers have been taken offline with backups made pending further investigation and full analysis on the code in Git. All servers will have full reinstalls and the respective authorities in Europe and the United States have been notified.
One major advantage in the case of Kernel.org is that the Git version control system is used to manage the entire development lifecycle of kernel packages. Each version of every package has its own cryptographically secure SHA-1 hash calculated, which changes as the package does. This creates a development history for each package, making it impossible to introduce changes without them being noticed.
Many will consider this attack to be a serious problem, but Kernel.org moved quickly to reassure everyone that repositories remained unaffected and they are working closely with the hundreds of users of kernel.org to change passwords and SSH keys.
They are also going to audit all security policies and make improvements if required to ensure this is a onetime event. The site was keen to note that it takes security seriously and is pursuing all avenues to find the attackers and prevent future infiltrations

The Leaked Email by Chief Administrator John Hawley:-

"...---------- Forwarded message ----------
From: J.H. <warthog9@kernel.org>
Date: 2011/8/29
Subject: [kernel.org users] [KORG] Master back-end break-in
To: users@kernel.org


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Afternoon Everyone,

As you can guess from the subject line, I've not had what many would
consider a "good" day.  Earlier today discovered a trojan existing on
HPA's personal colo machine, as well as hera.  Upon some investigation
there are a couple of kernel.org boxes, specifically hera and odin1,
with potential pre-cursors on demeter2, zeus1 and zeus2, that have been
hit by this.

As it stands right now, HPA is working on cleaning his box, and
I'm working on hera (odin1 and zeus1 are out of rotation still for other
reasons), mainly so that if one of us finds something of interest, we
can deal with it and compare notes on the other box.

Points of interest:

- - Break-in seems to have initially occurred no later than August 12th

- - Files belonging to ssh (openssh, openssh-server and openssh-clients)
were modified and running live.  These have been uninstalled and
removed, all processes were killed and known good copies were
reinstalled.  That said all users may wish to consider taking this
opportunity to change their passwords and update ssh keys (particularly
if you had an ssh private key on hera).  This seems to have occurred on
or around August 19th.

- - A trojan startup file was added to rc3.d

- - User interactions were logged, as well as some exploit code.  We have
retained this for now.

- - Trojan initially discovered due to the Xnest /dev/mem error message
w/o Xnest installed; have been seen on other systems.  It is unclear if
systems that exhibit this message are susceptible, compromised or not.
If you see this, and you don't have Xnest installed, please investigate.

- - It *appears* that 3.1-rc2 might have blocked the exploit injector, we
don't know if this is intentional or a side affect of another bugfix or
change.

- - System is being verified from backups, signatures, etc.  As of right
now things look correct, however we may take the system down soon to do
a full reinstall and for more invasive checking.

- - As a precaution a number of packages have been removed from the
system, if something was removed that you were using please let us know
so we can put it back.

- - At this time we do not know the vector that was used to get into the
systems, but the attackers had gained root access level privileges.

That's what we know right now, some of the recent instabilities may have
been caused by these intrusions, and we are looking into everything.

If you are on the box, keep an eye out, and if you see something please
let us know immediately.
Beyond that, verify your git trees and make sure things are correct.

- - John 'Warthog9' Hawley
Chief Kernel.org Administrator
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk5a5U0ACgkQ/E3kyWU9dif+1ACfYPlgq/keFrFO77AmQVduKGwx
TAcAnRAu6nHt74+5aC+fPeb8aT0hcy2K
=Semd.."

For More information Click Here
-News Source (TECH SPOT & Kernel.org)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BlackBerry Service Fully Restored After The Largest Ever Network Disruption

Posted by Avik Sarkar On 10/18/2011 05:48:00 pm


RIM's BlackBerry service was fully restored around the world early Thursday morning after what the company called its largest-ever network disruption. Details on the outage, which began Monday and affected millions of users around the globe, came out during a conference call Thursday morning with top executives from BlackBerry maker Research in Motion.
RIM founder and co-CEO Mike Lazaridis said the BlackBerry service's infrastructure "suffered a hardware error," and then the problem cascaded. A backup system "did not work the way we intended." Lazaridis said RIM is "working with vendors to fix the particular error that occurred Monday," but he declined to name specific vendors.
The BlackBerry service outage started in Europe, the Middle East and Africa. By Tuesday it spread to South America. That night, RIM assured customers that the glitch had been identified and was "now being resolved" -- but on Wednesday it got worse as customers in the United States and Canada were hit. The outage primarily affected text messaging and Internet access, leaving some voice calling services operational. Earlier Thursday, Lazaridis posted a taped message on the company's website, saying, "We've let many of you down." At a teleconference on Wednesday, executives pledged that despite a huge data backlog, RIM will not drop any e-mails -- all messages will eventually be delivered. The reps dodged several questions about make-good efforts for customers.


-News Source (CNN, NS & RIM)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nokia is Developing "Meltemi" Linux OS For Low-end Smartphones

Posted by Avik Sarkar On 10/02/2011 03:25:00 pm


Nokia has underlined the importance of low-cost smartphones and now it appears that the company is developing a Linux-based OS for smartphones that will cost less than US$100 without subsidies.
The new OS is code-named "Meltemi," and the project is being led by Mary McDowell, Nokia's executive vice president in charge of mobile phones, according to sources familiar with the matter, the Wall Street Journal reported on Thursday.
The company has been hinting at plans for a reboot of its low-end smartphone portfolio. At its Connection event in Singapore Nokia said that Qt -- a Linux-compatible cross-platform application and user interface framework -- would be a good fit for lower-end devices, and before that McDowell said that Nokia needs to find a replacement for Series 40, according to Carolina Milanesi, research vice president at Gartner.
"So if you put the two together, we can see where this would fit in," said Milanesi.
Series 40 is the OS Nokia today uses on its feature phones, a product segment that is going away as users want smartphones. Nokia dabbled with a Linux phone two years ago, introducing the N900 running Linux. On the record, Nokia is keeping mum about its plans.
"Of course, we don't comment on future products or technologies. However, I can say that our Mobile Phones team has a number of exciting projects in the works that will help connect the next billion consumers to the Internet," a spokesman said via email.
Nokia choosing Windows Phone over Android has put the company in a tight spot when it comes to low-end smartphones. There is no question that Android is pushing the price of smartphones to levels that are considerably lower than that of smartphones based on Windows Phone in the near-term, which means that Nokia has a gap in its portfolio, according to Ben Wood, director of research at CCS Insight. "That means Nokia either needs to scale up Series 40 and make it a more robust competitor with a smart-like experience or look at alternative options, and [Meltemi] could be one of the other options," said Wood.
Nokia can't afford to bet its entire future on Windows Phone and if it wants to remain the volume leader it needs to step up its efforts in the low-end smartphone segment, he said.
The low-end smartphone market is increasingly important and will become the largest smartphone market segment, according to Francisco Jeronimo, research manager at IDC. Sales of less expensive smartphones are already growing faster that high-end models in Western Europe and the availability of low-end smartphones will be crucial to increase sales in emerging markets, he said.

The opportunity is so big that no one can afford to ignore it, not even Apple, Jeronimo said, adding that he won't be surprised if the company releases a cheaper version of the iPhone next week. For Nokia, a logical venue for the public launch of Meltemi would be at Nokia World in London at the end of October. The drawback is that Meltemi risks being drowned by the expected launch of Nokia's first Windows Phone, according to Wood. 


-News Source (PC World)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Eavesdropping European Diplomats Before G20 Summit

Posted by Avik Sarkar On 12/13/2013 01:23:00 am

Researchers At FireEye Found -Chinese Hackers Snitching  Europeans Before G20 Summit 
Story of cyber espionage by Chinese hackers used to remain one of most highest pick of breakneck. Yet again another breathtaking issue of  eavesdropping by Chinese hackers get spot light, when  California-based renounced computer security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis. From the detailed analysis we came to know that the hackers have infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as "US_military_options_in_Syria," which sells virus fighting technology to companies. Whenever the targeted recipients opened those documents, they loaded malicious code on to their personal computers. Researchers of FireEye said that they were able to monitor the "inner workings" of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems for about a week in the late August. But suddenly they lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia
Though the company has declined in open press to identify the nations whose ministries were hacked, although it said they were all members of the European Union. But FireEye informed the FBI about the whole issue in details. FireEye also confirmed that the hackers where from China, but they did not find evidence which may link those hackers to the Chinese government. Not surprisingly and obviously like earlier the Chinese government has distanced itself from any claim that it might have hacked foreign governments for data. FireEye also successfully monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain. The researchers had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group "Ke3chang," after the name of one of the files it uses in one of its pieces of malicious software"The theme of the attacks was U.S. military intervention in Syria," said FireEye researcher Nart Villeneuv. 
On reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible," 
While talking in this story of Chinese eavesdropping, I also want to dig some points from decent parts where we all became very habituated of seeing Europe & U.S. countries blaming China for engaging cyber attacks; and China also do the same for accusing U.S. like vice versa. I am reviving your memories of last few years where If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York TimesTwitterNBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of CommerceSatellite System of U.SNortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor MitsubishiJapan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.  

Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hackingeavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Sony is Going to Release "PlayStation Vita" (Portable Video Game Player)

Posted by Avik Sarkar On 10/21/2011 07:33:00 pm



Sony is planning to release the PlayStation Vita, a portable video game player, on February 22, 2012, in the United States, Canada and Europe, the company announced at a technology conference on Tuesday.
The Vita will succeed the PlayStation Portable, or PSP, and PlayStation Go, a smaller version of the hand-held device. The Vita has a touchscreen and a touch-sensitive pad on the back of the device, along with the buttons and control sticks gamers expect to see on controllers.
Sony Computer Entertainment CEO Jack Tretton and a Sony spokesman demonstrated a sequel to a popular PlayStation 3 game called "Uncharted: Golden Abyss." Players can use the standard controller or manipulate the character using touch controls, as the spokesman showed onstage at the Web 2.0 Summit. The game looks very attractive -- but when shown on the big screen, not as sharp as a console game.
Sony previously announced pricing for the Vita, with a version that connects to the Web via Wi-Fi costing $250 and another that has 3G wireless data connectivity for $300.
Nintendo made deep price cuts to its portable 3DS system just five months after a strong launch when sales began to slow.
Analysts expect Sony will struggle to sell consumers a dedicated hand-held game machine now that smartphones and tablets have become powerful enough to handle powerful games.
"The advent of smartphone gaming is quite additive to what we're trying to accomplish," Tretton said. People may look to the Vita when they want to graduate from more simplistic games sold on phones, he said.
The Vita will first hit stores on December 17 in Japan, where Sony's portable systems have fared better.


-News Source (Sony & CNN)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Executives underestimate cybercrime danger

Posted by Avik Sarkar On 5/18/2011 11:11:00 pm


collage: data stream and eye

These are boom times for stolen data. Be it the publication of secret diplomatic cables on Wikileaks, foreign intelligence services mining data from German government computers, or the case of Sony, which had to admit that information on millions of customers had been hacked, the incidence of sensitive data being stolen from protected networks is on the rise.
German business leaders are well aware of this phenomenon, according to consulting firm Ernst & Young, which surveyed 400 executives on the topic of economic espionage and data theft. Almost all the respondents said they were convinced that the problem would become even more serious in the future, especially in countries and regions such as Asia, China, eastern Europe, Russia and the US.
However, Ernst & Young found a remarkable contradiction in its poll. While 94 percent of those leaders surveyed talked about the growing danger of cybercrime, 38 percent said they thought the threat to their own firm was rather small.



Digital denial
One-half of those polled said the danger posed to their companies was only moderate, and only one in ten admitted that their firms had been victims of corporate espionage or data theft in the past three years.
"This is far removed from reality," said Stefan Heissner, a security expert at Ernst & Young. "Our experience tells us that every company faces this risk, not just large corporations."
He added that many executives do not take the risk seriously enough.
"All information today can be accessed in some way and those who don't accept that live with a sense of false security," he said.


In-house problem
Sometimes simple online searches and the collection of data from different sources, available to anyone with an Internet connection, can lead to the assembly of amazingly complete troves of sensitive information.
Getting hold of important information doesn't always involve a talented hacker or direct access to a data-rich computer and a USB stick. Sometimes human vanity is enough, according to Heissner.
"Just think of the amounts of know-how some people reveal in speeches at conferences or trade fairs," he said. "It's sometimes really dramatic."

However, the most dangerous risk for companies is not hackers from another continent - experience bears out – but disgruntled in-house workers. In two-thirds of data theft cases, companies say their own employees were the guilty parties.
In about half of those instances, monetary gain was the motive, although one-third involved taking revenge for some kind of slight, perceived or otherwise.
"A good defense against data theft is satisfied employees," said Heissner.


Antitrust issues
Computers in a company's administration department are most frequently targeted, even more often than those in research and development sections. According to Heissner, that is because a company's administration usually has to have an immense amount of information on its computer drives just to be able market its own products.
That means data theft from these machines often becomes an antitrust issue if the material taken is related to product launches or pricing.
"Some cases where antitrust authorities suspect price collusion among companies are in fact instances of data theft by competitors," Heisser said.



Lax security
Many firms struggle to establish effective countermeasures to prevent data theft. While most companies do have a basic system of firewalls and passwords in place, big holes often remain.
Only one in five companies forbid CD burners or USB ports on its computers, which are often used by data thieves absconding with precious data. Only about 18 percent of companies prohibit employees from accessing the Internet. And just 6 percent have installed so-called intrusion detection systems, which can alert system administrators when outside parties try to breach computer security walls.
In addition, only one in ten firms is certified according to standards set out by the Federal Office of Information Security (BSI), which investigates IT security risks and develops preventive security measures.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

YaCy Distributed Search Engine Released

Posted by Avik Sarkar On 11/29/2011 05:32:00 pm


YaCy distributed search engine Version 1.0 has been released. After more than 5 years of development, the YaCy developers have released version 1.0 of their open source, decentralised search engine. The GPL-licensed YaCy peer-to-peer search engine is designed as an alternative to search services, such as those provided Google, that are centrally managed by one company.
Like file sharing peers, all search engine peers will contribute search results and use the results contributed by others. An important advantage, say the developers, is that YaCy content cannot be censored. Karsten Gerloff, President of the Free Software Foundation Europe described the project as a "vital building block" for the "future world of distributed, peer-to-peer systems".
More than 600 peer operators are already contributing to YaCy-based centralised web searches. The search engine currently has approximately 1.4 billion documents in its index and it handles around 130,000 search requests per day. Several other search engine networks are also based on YaCy technology, for example, the Karlsruhe Institute of Technology's sciencenet, which offers scientific content searches, uses YaCy. The project's Applications page provides several YaCy-based search installations in its sidebar.
The primary YaCy search portal, which allows anyone to test YaCy, appears to be struggling with the huge interest and is displaying the message "There is currently massive load on this page because of press releases today. A search might be not successful now".

For More Information & To Download YaCy Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Europol says internet main tool for organised crime

Posted by Avik Sarkar On 5/04/2011 06:01:00 pm



The Internet has become a major tool in European organised crime, which uses it for drugs and human trafficking and money laundering as well as cybercrime, Europol's top official said Wednesday.
There has been a marked increase over the last two years in criminal groups turning to the Web to commit crimes regarded as "more traditional" rather than purely computer-based crime, Europol director Rob Wainwright said.
"Using the Internet has become much more mainstream," Wainwright said at the release of the policing body's bi-annual organised crime threat assessment (OCTA).
"It has now become the principle facilitator for organised crime."
The OCTA report said: "In addition to the high-tech crimes of cybercrime -- payment card fraud, the distribution of child abuse material and audio visual piracy -- extensive use of the Internet now also underpins illicit drug synthesis, extraction and distribution."
The Web was also extensively used to recruit human trafficking victims, facilitate illegal immigration, supply counterfeit commodities and traffick in endangered species, the report said.
"It was also widely used as a secure communication and money laundering tool by criminals," it added.
Organised crime groups derived more than 1.5 billion euros from payment card fraud in the EU, the report estimated.
Europol's 37-page report looked at the development of organised crime over the last 24 months.
Organised criminal groups were crossing national, ethnic and business lines more than ever, it said.
The financial crisis and the fFinancial constraints it caused had made people "more likely to be recruited by criminal groups for example drug couriers or 'money mules'."
Criminal activity was located around five key hubs, the report added.
The Netherlands and Belgium was the main co-ordination centre for drug distribution in Europe.
The Baltic states of Lithuania, Estonia, Latvia -- and Kaliningrad in Russia -- were the main points for the transit of illicit goods from Russia and home to violent groups with international reach.
Spain and Portugal remained a transit point for cocaine and cannabis resin and for human trafficking.
Bulgaria, Romania and Greece had seen the greatest expansion as a result of increased trafficking via the Black Sea illicit commodities and an significant increase in illegal immigration.
Finally southern Italy remained a centre for counterfeit currency and commodities as well as a centre for human trafficking.
The report, which will go to justice and home affairs ministries around the EU, will help governments set crime-fighting priorities for the next two years, Wainwright said.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search