Prison CCTV System are Under Attack By Worm Named 'Conficker'

Prison CCTV System are Under Attack By Worm Named 'Conficker'

Yet again worm named 'conficker' has been spotted in the wild and this time it's showing some dangerous tricks. Security researcher from Symantec has unveiled that is infamous malware have managed to hack all the computers that control closed circuit television (CCTV) system of an unknown prison. Representatives from the correctional institutions were adamant that all the required security measures be all set and be in place so that the malware might be blocked, thus claiming that the threats were identified by protective software that were most likely false positives. Symantec experts found that a different Windows server 2003 system was required to control the prison CCTV system after examining the whole incident, and that system had remained unpatched as updates are formed interoperability problems with the cameras. An infection is introduced unintentionally through a USB drive while a contractor doing maintenance on the system. The recorded footage is modified by the threat insisting the prison's representative to catalogue it as "tampered evidence". While commenting on the matter, Director of Managed Security Services for the Asia Pacific and Japan region at anti-virus firm (Symantec), Peter Sparkes denoted that a CCTV was found to cause infection and identified as a threat, through a maintenance device. It is a software update by the involvement of a third party was that was into maintaining the CCTV.

-Source (SPAMfighter News)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Prison CCTV System are Under Attack By Worm Named 'Conficker'"https://www.voiceofgreyhat.com/2012/09/Prison-CCTV-System-Under-Attack-By-Conficker-Worm.html?m=0</a>

Cyber Crime Cost $8 Billion Loss For India in Last 12 Months

Cyber Crime Cost $8 Billion Loss For India in Last 12 Months While Affecting 42 Million People 

In its annual cybercrime report, security firm Norton has estimated that India has lost more than $8 Billion; in Indian currency around 42,000 Crore in last twelve months. This big consumer cyber espionage has effected more than 42 million of people around the country. In terms of cost, this is a full 18 per cent increase. Against this, the global loss has been pegged at $110 billion. The study further notes that as many as 66 per cent of online adults in India have been a victim of cyber crime. During the past 12 months, as many as 56 per cent of online adults here have experienced cyber crime, over 1,15,000 victims per day, 80 victims per minute and over one every second.

According to the report, the average direct financial cost per victim is $192, which is up 18 per cent over 2011 when it was $163. One key finding this year is that both the cost per victim as well as social and mobile incidents are on the rise due to cybercrime. The study is based on the findings of self-reported experiences of over 13,000 adults across 24 countries, Norton by Symantec said in a statement. 

Globally, every second, 18 adults fall victim to cybercrime, resulting in over 1.5 million cybercrime victims each day. With losses totaling an average of $197 per victim across the world in direct financial costs, in the past 12 months, an estimated 556 million experienced cybercrime, representing 46 per cent of online adults, says the report. Last year, the figure was 45 per cent. "Cybercriminals are changing their tactics to target fast growing mobile platforms and social networks where consumers are less aware of security risks," says Norton by Symantec Asia director and internet safety advocate Effendy Ibrahim said. 

If we compare with other countries who are very much advance in IT then a very nasty truth will come appear, and that is being sound in IT still India is very much week and also careless of cyber security. This carelessness of Indian Govt has already cost maximum damage in terms of finance, defense, privacy and so on. India has already faced big damage in cyber space (both financially & reputation) from native countries like China, Pakistan, where sensitive data of Govt, defense, nuclear & space research has allegedly been stolen by cyber criminals. So far India was dam careless but couple of weeks ago things changed dramatically. And now the Indian Govt is working on a robust cyber security structure, Prime Minister of India Dr. Manmohan Singh himself confirmed that from now on wards India will pay as much attention as possible to make the cyber fence digitally safe and secured. 

-Source (Norton & msn)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber Crime Cost $8 Billion Loss For India in Last 12 Months"https://www.voiceofgreyhat.com/2012/09/Cybercrime-Cost-8Billion-Loss-For-India-in-Last-12-Months.html?m=0</a>

Google Hackers Who Unleashed Hydraq/Aurora Trojan Strikes Again

Google Hackers Who Unleashed Hydraq/Aurora Trojan Strikes Again 

Computer security firm Symantec has unveiled, that a hacker group which unleashed the Hydraq or Aurora Trojan horse against Google and 34 other companies in 2009 has also been linked to attacks that have compromised systems at defense contractors, human rights organizations, and other large groups. According to the official blog of Symantec- they have been monitoring the activities of that hacker group since last three years and figure out that these attackers have used a large number of zero-day exploits against not just the intended target organization, but also on the supply chain manufacturers that service the company in their cross hairs. These attackers are systematic and re-use components of an infrastructure we have termed the "Elderwood Platform". The term "Elderwood" comes from the exploit communication used in some of the attacks. This attack platform enables them to quickly deploy zero-day exploits. The attacking methodology has always used spear phishing emails but we are now seeing an increased adoption of "watering hole" attacks (compromising certain websites likely to be visited by the target organization). The overall campaign by this group has been dubbed by the name "Elderwood Project".  

Serious zero-day vulnerabilities, which are exploited in the wild and affect a widely used piece of software, are relatively rare; there were approximately eight in 2011. The past few months however has seen four such zero-day vulnerabilities used by the Elderwood attackers. Although there are other attackers utilizing zero-day exploits (for example, the Sykipot, Nitro, or even Stuxnet attacks), we have seen no other group use so many. The number of zero-day exploits used indicates access to a high level of technical capability. Here are just some of the most recent exploits that they have used:

•  Adobe Flash Player Object Type Confusion Remote Code Execution Vulnerability (CVE-2012-0779)
•  Microsoft Internet Explorer Same ID Property Remote Code Execution Vulnerability (CVE-2012-1875)
•  Microsoft XML Core Services Remote Code Execution Vulnerability (CVE-2012-1889)
•  Adobe Flash Player Remote Code Execution Vulnerability (CVE-2012-1535) 

Symantec have published a research paper that details the links between various exploits used by this attacking group, their method of targeting organizations, and the Elderwood Platform. It puts into perspective the continuing evolution and sheer resilience of entities behind targeted attacks. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Google Hackers Who Unleashed Hydraq/Aurora Trojan Strikes Again"https://www.voiceofgreyhat.com/2012/09/Google-Hackers-Who-Unleashed-Hydraq-Trojan-Strikes-Again.html?m=0</a>

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

We are very much familiar to see Malware has targeted men by enticing them to view videos or pictures of a sexually-oriented nature. But here the story is totally different, recently Antivirus firm Symantec has discovered discovered 'Android.Loozfon' a rare example of malware that targets female Android users.

According to the symantec official blog -A group of scammers is attempting to lure female Android users in Japan into downloading an app by sending emails stating how the recipient can easily make some money. The email includes a link to a site that appears to be designed to assist women to make money simply by sending emails. When a certain link on the site is clicked, Android.Loozfon is downloaded onto the device. Other links direct the user to a dating service site that likely attempts to charge money to use the service, which supposedly helps women meet rich men.

If this trick does not work, the criminal group has another trick up its sleeve. It also sends spam that states that the sender of the email can introduce the recipient to wealthy men. When the link included in the body of the email is clicked, the malware is automatically downloaded onto the device. The downloaded app is titled “Will you win?” in Japanese. It has nothing to do with earning extra income or wealthy men.

If the app is installed and launched, it counts down from two to zero and then states that the user has lost. The app is programmed to lose every time, although there is nothing to either lose or win. It steals contact details stored on the device as well as the phone number of the device, which is the main goal of the malware. The scammers are likely harvesting email addresses in order to send spam to the contacts they were able to steal to lure them to the dating service site and/or sell the data to another group of spammers.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec"https://www.voiceofgreyhat.com/2012/08/Android-Malware-Loozfon-Targeting-Female-Android-Users.html?m=0</a>