Showing posts sorted by relevance for query investigation. Sort by date Show all posts
Showing posts sorted by relevance for query investigation. Sort by date Show all posts

Philippine National Police (PNP) Adopted Standard Cybercrime Investigation Format

Posted by Avik Sarkar On 4/10/2012 02:13:00 pm

Philippine National Police (PNP) Adopted Standard Cybercrime Investigation Format 

The Philippine National Police (PNP) has adopted standard cybercrime investigation format for conducting "digital forensic examinations" to deal with digital threats like hacking, online pornography and fraud. According to press release of PNP- Cyber crimes such as hacking, pornography and fraud became more prevalent since computers are easily accessed. Digital forensics is the skill to recover and investigate on materials or evidences found in digital devices such as cellphones and computers. The technical aspect of investigation involved computer, network, database and mobile device forensics. The Directorate for Investigation and Detective Management has adopted a standard format that should be followed by PNP investigative units when requesting for the conduct of digital forensic examination. The format consists of seven (7) sections: Type of Request; Case Information; Court/Suspects/s Information; Evidence Information (which specify the items to be examined and special handling of the evidence); Services Requested; and Requesting Investigator/Investigator on Case. These items will provide sufficient information that will meet the requirements of digital forensic examination.
Women and Child Pornography is handled with extreme sensitivity, during the course of an examination, the examiner will duplicate the computer hard drive and will remove all the child pornography materials on the original hard drive which will remain on-site or will be returned to the victim or suspect when required. This is in adherence to protect the human rights of women and children who are vulnerable to this unlawful activity. The conduct of more reliable and efficient digital forensic examination is standardized to highlight the PNP’s effort to alleviate transnational and cyber crime in every community. And more so, the system will assure the safety and security of the public in this modern day innovation. The standard format posted at the DIDM website and also was forwarded to different units/offices that frequently seeks assistance from CIDG for digital forensic examination on their collected evidence of cyber crime cases.


-Source (PNP)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Accused For Engaging Cyber Attacks Against Persian Gulf Oil & Gas Companies in U.S. (Full Story)

Posted by Avik Sarkar On 10/16/2012 07:35:00 pm

Iran Accused For Engaging Cyber Attacks Against Persian Gulf Oil & Gas Companies in U.S. (Full Story)

The conflict and tussle between Iran and United States continues, as U.S. authorities believe that Iranian-based hackers were responsible for cyberattacks that devastated Persian Gulf oil and gas companiesJust hours later the attack was discovered, Defense Secretary Leon Panetta said the cyberthreat from Iran has grown, and he declared that the Pentagon is prepared to take action if American is threatened by a computer-based assault.
The former government official, who is familiar with the investigation, said U.S. authorities believe the cyberattacks were likely supported by the Tehran government and came in retaliation for the latest round of American sanctions against Iran. Before Panetta's remarks on Thursday, U.S. officials had said nothing publicly about the Gulf attacks or the investigation. But Panetta described them in a speech to business leaders in New York City, saying they were probably the most destructive cyber assault the private sector has seen to date. A current U.S. official acknowledged Thursday that the Obama administration knows who launched the cyberattacks against the Gulf companies and that it was a state actor. U.S. agencies have been assisting in the Gulf investigation and concluded that the level of resources needed to conduct the attack showed there was some degree of involvement by a nation state, said the former official. The officials spoke on condition of anonymity because the investigation is classified as secret. While Panetta chose his words carefully, one cybersecurity expert said the Pentagon chief's message to Iran in the speech was evident.  
It was all about what U.S. Authorities are claiming or in other word blaming, but like earlier; this time also Iran completely denies the whole matter, besides they blamed Israel & America for engaging cyber attacks on Iran's Nuclear SystemIranian officials denied any role in recent cyberattacks against oil and gas companies in the Persian Gulf and said they welcomed a probe of the case.  Mahdi Akhavan Bahabadi, secretary of the National Center of Cyberspace, denounced as "politically motivated" American allegations of an Iranian link to the Shamoon virus that hit Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas, according to remarks carried by ISNA. "We interpret the issue politically and in light of U.S. domestic issues as well as the (U.S. presidential) election," he said. The Iranian official said Tehran has already offered help to boost the companies' cybersecurity, asIran has itself recently been the victim of cyberattacks on its offshore oil platforms. Iran periodically reports the discovery of viruses and other malicious programs in government, nuclear, oil and industrial networks. On Monday, Tehran said it had successfully blocked a cyberattack on the computer network of its offshore drilling platforms. It briefly shut down part of its oil facilities because of a cyberattack in May. Iran blames Israel and the United States for the attacks. Israel has done little to deflect suspicion it uses viruses against Iran.
While talking about the cyber attacks on  Persian Gulf oil and other gas companies, we like to remind you that couple of weeks ago U.S. Authorities also blamed Iran for engaging cyber attacks on U.S. leading banking and financial sector. There also Iran official denies the attack and said "We officially announce that we haven't had any attacks,". So far its not clear whether these two attacks are linked or not. Whatever, for all the latest update on stories like this & also other updates on cyber domain stay tuned with VOGH

-Source (MPR News & Yahoo) 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Harry Potter author J.K. Rowling Was Also The Victim UK Phone Hacking Scandal

Posted by Avik Sarkar On 9/20/2011 04:31:00 pm



In the ongoing investigation into the U.K. phone hacking scandal, Harry Potter author J.K. Rowling has been identified as one of the main targets of the illegal operations.
The phone hacking and privacy violations have created quite a stir as journalists at News International has been accused of the crimes and names such as actress Sienna Miller, Member of the Parliament Tessa Jowell and Price William have been identified as victims of the crime.
The investigation into the phone hacking has been building for months and recently Scotland Yard has demanded that the news groups reveal their phone-hacking sources, which the paper is presently refusing to do. Some investigation into the claims also includes belief that members of Scotland Yard itself were helping cover up the phone hacking until the doors blew off.
News Corporation, the parent company of News International, is chaired by Rupert Murdoch. While Murdoch is trying to keep his hands clean of the situation, his son James Murdoch has been called in to answer a number of questions in the case. The phone hacking scandal has caused the termination and resignation of a number of individuals at News International.
The recent news with J.K. Rowling named as a victim comes after revelations of the investigation led to an inquiry, which will take place in October 2011. Other than Rowling, Sienna Miller and Hugh Grant, the parents of murdered schoolgirl Milly Dowler testified that their phone was hacked while the police were still searching for their daughter.
Rowling, one of Britain's richest individuals thanks to Harry Potter is a reluctant public figure, fighting back in court against the media when pictures of her children have been published. 

-News Source (Examiner) 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google Sent 20,000 Hacked Notification Message To Webmasters

Posted by Avik Sarkar On 4/19/2012 06:51:00 pm

Google Sent 20,000 Hacked Notification Message To Webmasters 

Matt Cutts from Google has just announced that they have sent out 20,000 messages to owners of websites which may have been hacked. As part of Google’s search quality efforts, strong communication with the webmaster community continues via numerous on-line channels. 
Google advises webmasters and website owners that Google Webmaster Tools remains the single most reliable channel of communication with the search engine. The recent set of notifications was targeting websites which may have been hacked and demonstrating strange redirects.  Privacy advocates are pressing for an investigation into Google after a report by the Federal Communications Commission (FCC) failed to find evidence the search engine giant broke the law in collecting data through its Street View service. The Electronic Privacy Information Center (EPIC) penned a letter to U.S. Attorney General Eric Holder requesting the U.S. Department of Justice launch an investigation into Google. EPIC filed the original complaint with the FCC regarding Google's controversial Street View data-collection practices.
“Over a three-year period, Google, Inc., deployed hundreds of cars on roadways across the United States, outfitted with digital cameras and WiFi receivers, to capture both images available from public roadways and the private communications of Internet users,” EPIC Executive Director Marc Rotenberg wrote in the letter. Google’s “Street View” program has given rise to numerous investigations and lawsuits, but none have adequately determined whether Google’s conduct violated the federal Wiretap Act.”
The letter follows a decision by the FCC to fine Google $25,000 for obstructing its investigation into the allegations surrounding Street View. However, “by the agency’s own admission, the investigation conducted was inadequate and did not address the applicability of federal wiretap law to Google's interception of emails, usernames, passwords, browsing histories, and other personal information," Rotenberg contended.
Rep. Edward Markey, a member of the House Energy and Commerce Committee, recently called the $25,000 fine "a mere slap on the wrist for Google."





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nortel Network Breached By Chinese Hackers, More Than 10 Years Data Stolen

Posted by Avik Sarkar On 2/16/2012 05:15:00 pm

Nortel Network Breached By Chinese Hackers, More Than 10 Years Data Stolen
Nortel Networks- the Giant telecommunication farm who have wide access to have corporate computer network has been breached by Chinese hackers. While investigation it has been found that the hackers stolen seven passwords from the company's top executives - including the CEO - which granted them widespread access to the entire Nortel network. According to Brian Shields, a former 19-year Nortel veteran who led an internal investigation- China—penetrated Nortel's computers at least as far back as 2000 and over the years downloaded technical papers, research-and-development reports, business plans, employee emails and other documents. Nortel's breach offers a rare level of detail about a type of international corporate espionage that is of growing concern to U.S. officials. A U.S. Nortel responded by changing affected passwords, but wound down an internal investigation into the breach after six months due to a lack of progress. Mike Zafirovski, who was Nortel's CEO between 2005-2009 said "we did not believe it was a real issue". Though the China government has denied allegations of cyberspying. When asked about Nortel specifically, the Chinese embassy in Washington issued a statement saying in part that "cyber attacks are transnational and anonymous" and shouldn't be assumed to originate in China "without thorough investigation and hard evidence."



-Source (wsg & NS)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Posted by Avik Sarkar On 12/19/2012 03:45:00 pm

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Infamous NASA hacker Gary McKinnon who broke into US government computer system, while hunting for evidence of UFOs and fought a long fight against extradition, has been told that he will now not face prosecution in the UK. After discussing the case with US Department of Justice and the police, The Crown Prosecution Service (CPS) has decided the appropriate jurisdiction for the McKinnon case to be heard is the US. According to Karen Todner, McKinnon's solicitor, the decision on Friday is an "interesting" one given that he was first arrested and questioned by UK police.

The reasons for that decision were:
  1. The harm occurred in the US - the activity was directed against the military infrastructure of the US;
  2. An investigation had already been launched in the US;
  3. There were a large number of witnesses, most of whom were located in the US;
  4. All of the physical evidence (with the exception of Mr McKinnon's computer) was located in the US;
  5. The US prosecutors were able to bring a case that reflected the full extent of Mr McKinnon's alleged criminality; and
  6. The bulk of the unused material was located in the US. Given the nature of the offences, this inevitably included highly sensitive information and the US courts were best placed to deal with any issues arising in relation to this material.

In a statement, the CPS's Director of Public Prosecutions (DPP), Kier Starmer QC, and Mark Rowley, Assistant Commissioner of the Metropolitan Police Service, said that they had convened a joint panel to discuss the issue and decide whether a new criminal investigation should take place. They decided that the original reasoning for the trial being held in the US still held, and looked into the possibility of holding the trial in the UK. This would have involved transferring witnesses and sensitive physical evidence to the UK. The panel consulted with the US Department of Justice as to whether this would be possible, given that they believed that "the prospects of a conviction against Mr McKinnon, which reflects the full extent of his alleged criminality, are not high".
According to the statement, the US authorities "indicated to us that they would be willing to co-operate with a prosecution in England and Wales if that would serve the interests of justice." However, the US authorities did not feel that transferring all the witnesses and evidence to the UK would be in that interest, given the panel's representations. The statement goes on to say: "That is a decision the US authorities are fully entitled to reach and we respect their decision." On that basis, the panel concluded that a new criminal investigation should not be started and the Assistant Commissioner accepted that advice.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Travelodge customer data stolen

Posted by Avik Sarkar On 6/24/2011 04:44:00 pm



Travelodge UK is investigating an apparent hacking attack on its customer database. The hotel chain issued a warning to users of its online service to be on the lookout for spam e-mails. Full details of the security breach were not immediately available. A spokesperson said it seemed that a limited number of people were affected. No financial information or payment details were stolen in the attack, according to Travelodge.
A letter to customers, signed by the company's chief executive Guy Parsons, contains little information about the nature of the leak, although it stresses that Travelodge had not sold user data to a third party. It also quotes the spam e-mail that some customers have received.
"Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area," said the message.
The company promised to give further updates once is has completed an internal investigation.

This was the Letter send by the CEO of Travelodge, by stating that Customer Data has been stolen

Thursday 23rd June 2011 (3.00pm)
Dear Customer,
Our main priority is to ensure the security of our customers’ data, which is why I wanted to make you aware, that a small number of you; may have received a spam email via the email address you have registered with us.
Please be assured, we have not sold any customer data and no financial information has been compromised.
All financial data (including credit card information) is compliant with current best practice standards and is audited to PCI (Payment Card Industry) requirements.
The safety and security of your personal information is of the upmost importance to us and as a result we are currently conducting a comprehensive investigation into this issue.
If you receive an email similar to the one detailed below, please delete it as spam.
Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area. Conditions: - Full age United Kingdom resident - Only basic knowledge of Internet & computer. - Free access to personal e-mail box - 2-3 free hours per day - Immediate replies on our written requests - good organizational skills. You can without problem connect our work with your primary activity. Brilliant income ability. Free training available. Applicants must be smart and commerce motivated. Working only some hours per day. Any person residing in the United Kingdom can be our representative. Our manager will contact you within few hours if you attracted. ---------------- Local News: from paris, with love who's the toast of the airport show.
If you have any questions regarding this matter please email: andrea@travelodge.co.uk. A further update will be given, when we have completed our investigation.
Guy Parsons
Chief Executive

-News Source (BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

14 Guys Arrested By FBI in Operation Targeting Anonymous

Posted by Avik Sarkar On 7/20/2011 03:51:00 am


The FBI has conducted more than a dozen raids and made more than a dozen arrests across the United States in connection with the Anonymous computer hacking investigation.
The officials described the sweep as a "major" law enforcement operation and say there have been 14 arrests nationwide.
FBI agents conducted raids at four New York residences as well as locations in California, New Jersey and Florida Tuesday in connection with the investigation.
Agents seized computers and computer accessories under search warrants at four homes of suspected hackers in Baldwin and Merrick both on Long island, in Brooklyn and the Bronx. The allegations are that the network of hackers allegedly carried out distributed denial of service attacks on numerous victims including corporations and their websites.
The amorphous, loosely organized group of hackers sympathetic to WikiLeaks has claimed responsibility for numerous attacks against corporate and government websites around the world. The news comes as Anonymous claimed a cyberattack that shut down the website of Rupert Murdoch's Times newspaper.

In addition, Anonymous has been linked to cyber attacks at the CIA, Sony, Fox News, the Arizona Department of Corrections and a well-known consulting firm, Booz Allen Hamilton, among others.

The group is implicated in denial-of-service attacks, in which large amounts of traffic are directed to a website, overloading it and, in effect, shutting it down.
The FBI in New York refused to confirm Tuesday's actions involved Anonymous. "These search warrants are being executed in connection with an ongoing FBI investigation," said FBI spokesman Peter Donald.


-News Source (CBS, CNN)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai

Posted by Avik Sarkar On 3/11/2013 02:54:00 am

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai 

Yet again another infamous gang of cyber criminals who were behind the hack of more than $7 Million from exchange companies in Dubai get busted by the Dubai Police. The special Criminal Investigation Department (CID) of Dubai Police were behind these criminals for a long time, and after a certain period they successfully managed to track down and crack the cyber crime ring. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on last Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the country. “Cheques worth more than Dh6 billion have been found with the gang after their arrest,” he said. He also said that the gang was able to transfer more than Dh7 million from exchange companies in Dubai to their own accounts. From an exclusive report of Gulf News we came to know that the deputy director of the General Department of Criminal and Investigation for research, Colonel Salem Khalifa Al Rumaithi said the incident happened early this month when police received complaints about a scam and transfer of $2 million from a company’s account. “This was done through hacking the e-mails of this company by someone outside the UAE,” he said.
He said the hackers used to change the data of the transactions, billing, and then transfer the money into their accounts.
He said the first accused, an Asian identified as Kh. Q., used to receive the transferred funds. “He owns three luxury cars which he bought from the proceeds of such crimes,” he said. 
He said the role of the second suspect, another Asian identified as U.K., was to provide the gang with bank account numbers by creating fake companies on the internet and dealing with the victims’ accounts. “After the process of converting the money credited to the first accused U.K. used to take 3 per cent of the money and give the remaining to an African man who was the mastermind. According to Lt Colonel Saeed Al Hajeri, director of the electronic investigation department, the third suspect was identified as D.Q. from Africa.
“The role of this suspect was as a mediator between the gang members and manipulating the business processes and changing the bank accounts to any other account,” he said. The suspect admitted that he was part of the Dh4 billion scam and another Dh6 million scam.
Lt Col Al Hajeri said Dubai Police had taken the necessary measures to obtain sufficient information from the rest of the gang members who operate outside the country in African countries through Interpol. Brigadier Khalil Ebrahim Al Mansouri, director of CID, said the police team worked on arresting the gang quickly.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CID (Criminal Investigation Department)of WB is Vulnerable & Sensitive Data Leeked By Hitcher & Mìstâ Hâxôr

Posted by Avik Sarkar On 7/26/2011 01:42:00 am


The official website of CID (Criminal Investigation Department) Westbengal, Govt. of India is Vulnerable. Hitcher & Mìstâ Hâxôr from Team PCF (Paksitan Cyber Force) found both SQL-i and XSS vulnerability on this site. They also leaked some sensitive data from this site.The official website of CID (Criminal Investigation Department)  is Vulnerable & Sensitive Data Leeked

One of the leeked Message:-

"...
>>>>>>>>>::::::__Message from DGP CID West Bengal Following__::::::>>>>>>>>>>>>>>>>>>>>

"Recognizing the seriousness of cyber threats, CID West Bengal has developed a Cyber Crime Unit under the Special Operation Group (SOG). For Scientific Analysis of   such threats a Computer Crime Analysis Lab (CCAB) has also been set up. This Lab will have the ability to handle cases pertaining to hacking, spread of virus,  pornography, manipulation of accounts, alteration of data, software piracy, creation of false websites, printing of counterfeit currency, forged visas, theft of  intellectual property, email spamming, denial of access, password theft, crimes with cell phones and palmtops, cyber terrorism and the transmission of secret codes  concealed in pictures...."
     The fight against Cyber Crime requires the highest level of expertise. However, in addition to this there should be awareness among members of public about      seriousness of Cyber Crime. It is with this objective that the CID Website has been created."
 
Vulnerable Website:-
http://cidwestbengal.gov.in/






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Cyber-Crime Prevention Act (Bill No. 2796) Approved By The Senate






 Posted by Avik Sarkar
 On 1/31/2012 11:38:00 pm











Cyber-Crime Prevention Act (Bill No. 2796) Approved By The Senate 
The Senate has approved on third and final reading the Cyber-crime Prevention Act of 2012 or Senate Bill No. 2796, which seeks to establish a legal framework for the investigation, apprehension, and prosecution of cyber-criminals. Sen. Edgardo Angara, author of the measure, lauded the Senate for acting quickly on the measure which seeks to establish a legal framework for the investigation, apprehension, and prosecution of cyber-criminals.

“Their approval sends out a clear message that the Philippines is taking decisive steps not only in safeguarding its digital space, but also in ensuring its transition into a full-fledged knowledge-based economy,” Angara said. The measure calls for an initial appropriation of P50 million for its implementation. The bill also seeks to protect children from pornography. Under the measure, the Office of the President (OP) and two other government agencies are also required to create an anti-cybercrime office that would deal with matters on web crimes. These agencies include the Department of Justice (DoJ), and the Department of Science and Technology (DoST)’s Information and Communications Technology Office (DoST-ICTO). Other than that, Angara said the measure aims to ensure that the public has access to adequate Internet security in the face of a rapidly changing technology. He said Internet usage has become more prominent, especially in social networking. 
“A large chunk of human activity nowadays is no longer merely physical — it occurs in the Internet. Crime and harm is thus no longer merely physical — they can occur online as well. There is a need for us to innovate security measures and enact laws that will help protect us in the digital world,” Angara said.


 
-Source (Mb.com/Philippines)  















SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Linux Repository Kernel.org Was Under Cyber Attack






 Posted by Avik Sarkar
 On 9/04/2011 03:00:00 pm














Kernel.org, a site that distributes Linux source kernels, has suffered a breach of security according to a leaked email by Chief Administrator John Hawley. First noticed on August 28, it's believed multiple infected servers sat undetected for 17 days. Shortly after the leaked email went public, Kernel.org released a statement confirming intruders had gained root access to at least one server. The intruders reportedly gained access to the server with compromised user credentials, but it's unknown how they obtained root access from there.

Files belonging to SSH were modified and running live. A Trojan was also added to the start-up scripts and all user interactions were logged, possibly compromising usernames and passwords. The infected servers have been taken offline with backups made pending further investigation and full analysis on the code in Git. All servers will have full reinstalls and the respective authorities in Europe and the United States have been notified.

One major advantage in the case of Kernel.org is that the Git version control system is used to manage the entire development lifecycle of kernel packages. Each version of every package has its own cryptographically secure SHA-1 hash calculated, which changes as the package does. This creates a development history for each package, making it impossible to introduce changes without them being noticed.

Many will consider this attack to be a serious problem, but Kernel.org moved quickly to reassure everyone that repositories remained unaffected and they are working closely with the hundreds of users of kernel.org to change passwords and SSH keys.

They are also going to audit all security policies and make improvements if required to ensure this is a onetime event. The site was keen to note that it takes security seriously and is pursuing all avenues to find the attackers and prevent future infiltrations



The Leaked Email by Chief Administrator John Hawley:-



"...---------- Forwarded message ----------

From: J.H. <warthog9@kernel.org>

Date: 2011/8/29

Subject: [kernel.org users] [KORG] Master back-end break-in

To: users@kernel.org





-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



Afternoon Everyone,



As you can guess from the subject line, I've not had what many would

consider a "good" day.  Earlier today discovered a trojan existing on

HPA's personal colo machine, as well as hera.  Upon some investigation

there are a couple of kernel.org boxes, specifically hera and odin1,

with potential pre-cursors on demeter2, zeus1 and zeus2, that have been

hit by this.



As it stands right now, HPA is working on cleaning his box, and

I'm working on hera (odin1 and zeus1 are out of rotation still for other

reasons), mainly so that if one of us finds something of interest, we

can deal with it and compare notes on the other box.



Points of interest:



- - Break-in seems to have initially occurred no later than August 12th



- - Files belonging to ssh (openssh, openssh-server and openssh-clients)

were modified and running live.  These have been uninstalled and

removed, all processes were killed and known good copies were

reinstalled.  That said all users may wish to consider taking this

opportunity to change their passwords and update ssh keys (particularly

if you had an ssh private key on hera).  This seems to have occurred on

or around August 19th.



- - A trojan startup file was added to rc3.d



- - User interactions were logged, as well as some exploit code.  We have

retained this for now.



- - Trojan initially discovered due to the Xnest /dev/mem error message

w/o Xnest installed; have been seen on other systems.  It is unclear if

systems that exhibit this message are susceptible, compromised or not.

If you see this, and you don't have Xnest installed, please investigate.



- - It *appears* that 3.1-rc2 might have blocked the exploit injector, we

don't know if this is intentional or a side affect of another bugfix or

change.



- - System is being verified from backups, signatures, etc.  As of right

now things look correct, however we may take the system down soon to do

a full reinstall and for more invasive checking.



- - As a precaution a number of packages have been removed from the

system, if something was removed that you were using please let us know

so we can put it back.



- - At this time we do not know the vector that was used to get into the

systems, but the attackers had gained root access level privileges.



That's what we know right now, some of the recent instabilities may have

been caused by these intrusions, and we are looking into everything.



If you are on the box, keep an eye out, and if you see something please

let us know immediately.

Beyond that, verify your git trees and make sure things are correct.



- - John 'Warthog9' Hawley

Chief Kernel.org Administrator

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.11 (GNU/Linux)

Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk5a5U0ACgkQ/E3kyWU9dif+1ACfYPlgq/keFrFO77AmQVduKGwx

TAcAnRAu6nHt74+5aC+fPeb8aT0hcy2K

=Semd.."



For More information Click Here
-News Source (TECH SPOT & Kernel.org) 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























KickAss Torrents Facing a Total Blackout in Italy






 Posted by Avik Sarkar
 On 5/27/2012 10:14:00 pm











KickAss Torrents Facing a Total Blackout in Italy



After Pirate bay now another widely preferred BitTorrent website  on the Internet - KickAss Torrents , is facing a total blackout in Italy. Following an investigation by the country’s cybercrime police, an ISP blocking order has now been granted against a site which authorities say is run by criminals generating millions of dollars. FIMI boss Enzo Mazza confirmed to TorrentFreak that both the old and new domains and IP-addresses will be blocked, and added the following message - “The investigation into the criminal organization behind the site is still making progress and the public prosecutor is in touch with the authorities in the countries involved in the case. The case is followed by the Fiscal police who are usually investigating Italian mafia bosses. This means they are well equipped to take the members of the KAT gang to justice.”
In an exclusive report Torrentfreak said - KickAss Torrents has been founded just three years ago in 2009, KickAssTorrents has shown that it’s serious about becoming a leading torrent site player. Of course, that has its drawbacks too. The site’s increasing profile has caused it to appear in numerous MPAA, RIAA and government reports, in the US and elsewhere. News today reveals that the authorities in Italy have been watching the site for some time.
According to a report coming out of the police department with responsibilities for tackling cybercrime, KickAssTorrents will soon be subjected to a nationwide ISP blockade. Translated as “Financial Guard”, the Guardia di Finanza (GdF) is a department under Italy’s Minister of Economy and Finance. Part of the Italian Armed Forces, GdF has in recent years been involved in many file-sharing investigations, most recently against KickAssTorrents.
Operation ‘Last Paradise’ has just concluded with the public prosecutor of the Sardinian capital Cagliari granting an “order of inhibition” which requires the country’s ISPs to cease providing access to the site. Similar orders were previously granted against The Pirate Bay and the now-defunct BTjunkie. “This is another memorable dark day for digital piracy in Italy. After starting with The Pirate Bay in 2008 and the final closing of the doors at BTjunkie in February 2012, the Guardia di Finanza has targeted another super-pirate platform, virtually located in the Philippines and servers scattered around the world,” GdF said in a statement.
“This colossal site of 10 million active torrents receives over 3 million visits daily from all over the world and Italy was the third most popular country of origin for users behind only India and the USA.” GdF adds that by their estimates, KickAssTorrents generates $8.5 million per year from advertising and other revenue.
“This international platform has long been targeted by U.S. authorities as one of the worst sites for the illegal distribution of music,” said Enzo Mazza, chief of FIMI, Italy’s answer to the RIAA. “The intervention of the Italian authorities was very important, especially for the protection of legal music in Italy, which now represents 30% of the market. Platforms such as The Pirate Bay, BTjunkie and KickAssTorrents are run by criminal organizations that make millions from advertising. Responding to the news, Italian lawyer Giovanni Battista Gallus told TorrentFreak that unlike The Pirate Bay blockade, there is no “proper” court order for the current blockade. This also happened with the BTjunkie block earlier, which was handled by the same prosecutor. “In this case the order has been issued only by the public prosecutor, without any judicial intervention,” he said. “I have serious doubts whether this is appropriate under Italian criminal procedure law, and I’m very curious to see the outcome of an appeal against this order.”
The extent of the forthcoming blockade isn’t clear from the information currently being released. However, the GdF statement specifically mentions kickasstorrents.com, a domain the site left behind when it switched to Kat.ph in April 2011.














SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























21 People get Busted By Israeli Police in cellphone Hacking Software Investigation






 Posted by Avik Sarkar
 On 9/21/2011 12:45:00 pm











 
Israeli police arrested 21 people last week, several of which are private investigators, on suspicion of selling and distributing sophisticated software which allows the hacking and tracking of mobile phones, it was revealed Monday, after a gag order was lifted on the case.

The illegal program allows people to eavesdrop on incoming and outgoing calls, look through text messages, and find the location of the device at any given moment. 

Those who purchased the software were asked to bring the mobile phone they sought to track to a specific location, where the software could be installed on the phone. The program was mostly used by men and women who believed their partners were having affairs. The police unit in charge of investigating fraud used an undercover agent which was sent to one of the businesses which sold the software. There, the agent asked to install the software on her partner’s cell phone. After gathering enough evidence against the suspects, the police began the process of arrests.

The police are continuing the investigation, and intend on locating those who requested the illegal service, along with those who sold it. 












SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























US Chamber of Commerce Under Massive Cyber Attack From China






 Posted by Avik Sarkar
 On 12/23/2011 03:01:00 pm














Massive cyber attack on US Chamber of Commerce.  According to an exclusive report it is said that A group of hackers in China breached the computer defenses of America's top business-lobbying group and gained access to everything stored on its systems, including information about its three million members, according to several people familiar with the matter.
The break-in at the U.S. Chamber of Commerce is one of the boldest known infiltrations in what has become a regular confrontation between U.S. companies and Chinese hackers. The complex operation, which involved at least 300 Internet addresses, was discovered and quietly shut down in May 2010. It isn't clear how much of the compromised data was viewed by the hackers. Chamber officials say internal investigators found evidence that hackers had focused on four Chamber employees who worked on Asia policy, and that six weeks of their email had been stolen. It is possible the hackers had access to the network for more than a year before the breach was uncovered, according to two people familiar with the Chamber's internal investigation. One of these people said the group behind the break-in is one that U.S. officials suspect of having ties to the Chinese government. The Chamber learned of the break-in when the Federal Bureau of Investigation told the group that servers in China were stealing its information, this person said. The FBI declined to comment on the matter. A spokesman for the Chinese Embassy in Washington, Geng Shuang, said cyberattacks are prohibited by Chinese law and China itself is a victim of attacks. He said the allegation that the attack against the Chamber originated in China "lacks proof and evidence and is irresponsible," adding that the hacking issue shouldn't be "politicized." 




In Beijing, Foreign Ministry spokesman Liu Weimin said at a daily briefing that he hadn't heard about the matter, though he repeated that Chinese law forbids hacker attacks. He added that China wants to cooperate more with the international community to prevent hacker attacks. 
The Chamber moved to shut down the hacking operation by unplugging and destroying some computers and overhauling its security system. The security revamp was timed for a 36-hour period over one weekend when the hackers, who kept regular working hours, were expected to be off duty. For more information click Here 












SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Self Propagated LulzSec Leader 'Aush0k' Arrested By Australian Federal Police






 Posted by Avik Sarkar
 On 5/05/2013 03:10:00 pm














Self Propagated LulzSec Leader 'Aush0k' Arrested in Sydney By Australian Federal Police (AFP)











Many of us knew Hector Xavier Monsegur widely known as 'Sabu' as the leader of infamous international hacker group LulzSec and Antisec. But this idea will surely be changed when you will hear the histrionic story, which came to light when a 24 old Australian proclaimed himself as the leader of notorious hacker collective group Lulz Security also known as LulzSec. The man, known online as Aush0k, is a senior Australian IT professional who works for the local arm of an international IT company. Police say he was in a "position of trust" within the company and had access to information on government clients which Aush0k manipulated and misused. According to Australian Federal Police a special investigation began less than two weeks ago when investigators found a government website had been compromised. The man has been charged with two counts of unauthorized modification of data to cause impairment and one count of unauthorized access to a restricted computer system. He faces a maximum of 12 years in jail. AFP Commander Glen McEwen says the man posted in online forums frequented by other members of LulzSec that he was the group's leader. "There was no denials of his claims of being the leader," added McEwen. The man was charged and appeared in court on the very day of his arrest. And he will face Woy Woy Local Court again on May 15. 



While talking about this dramatic story of proclaimed LulzSec leader Aush0k, we would love to remind you the decent history when the leader of Anonymous affiliated LulzSec "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers. As soon as the FBI gathered all the sensational information from Sabu, immediately we have seen the arrest of almost all the key members of LulzSec including Ryan ClearyJake DavisJeremy HammondRaynaldo RiveraCody Kretsinger and so on. And today we have seen the arrest of another LulzSec leader and key man, and this arrest is the first one done by the AFP. Earlier the arrest of Sabu proved very handy for the law and enforcement, may be this time also Aush0k's arrest can show them few more directions and can open few closed doors of investigation. So till time wait and stay tuned with VOGH for the updates on this story, also all the other cyber updates. 















-Source (ABC News)


























SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Lead Member Of Lulzsec Arrested in London






 Posted by Avik Sarkar
 On 7/21/2011 02:04:00 pm













Officers from the Metropolitan Police's E-Crime Unit in London arrested a 16-year-old boy in South London Tuesday afternoon, the latest arrest in an international sting operation targeting the notorious hacker groups Anonymous and LulzSec.



A spokesman for the Metropolitan Police told FoxNews.com that one of the hackers remains in custody in a Central London police station on suspicion of breaching the Computer Misuse Act -- and that the teen was believed to be linked to the LulzSec hacker group and the larger group of "hacktivists" that go by the collective handle "Anonymous."



U.S. law enforcement officials confirmed to FoxNews.com that the arrest of the juvenile hacker, who goes by the online user name Tflow, was the latest in a sweeping sting of arrests Tuesday, in which 16 suspected hackers were arrested in states across the country, as FoxNews.com first reported.



The arrests began early Tuesday morning with a series of raids in New York, FoxNews.com reported. The arrests and the 30 to 40 search warrants issued by the feds Tuesday are part of an ongoing investigation into hackers believed to have been involved in carrying out nationwide coordinated distributed denial of service (DDoS) attacks on multiple high-profile, billion-dollar companies.



Computer equipment was taken from the address for further investigation, the Met Police spokesman said.
The Dutch National Police Agency arrested four individuals today for alleged related cyber crimes, according to a Department of Justice indictment.


 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Large Number of Dropbox User Targeted By Spammers






 Posted by Avik Sarkar
 On 7/19/2012 12:15:00 am











Large Number of Dropbox User Targeted By Spammers  
One of the very popular file hosting service Dropbox which offers  cloud storage & file synchronization have fallen victim to cyber criminals. A large numbers of Dropbox users have reported receiving spam mails to their e-mail address. So far the spammer is using different pieces of German-language spam at an email address used solely to register with Dropbox. Yesterday, a Dropbox user named David.P first  reported on the Dropbox forum  that he received a spam message to an email account that he used  exclusively for Dropbox and no other service.  Since then, various users  in Germany, the Netherlands and United Kingdom reported receiving junk  email touting online gambling sites. Similar reports can also be found on the Dropbox forums. In almost all cases, the spam is for suspicious-looking online casinos. Much of the spam appears to have been sent to users with their own  domains who created a custom email address such as dropbox@domain.tld to  register for the Dropbox file-sharing service. This would suggest that  the spammers may simply have been lucky. According to forum discussions,  however, emails have also been received by people who have not used  this easily guessable address format.  
Immediately after this incident get spotted the  announced  that it has asked its security team to investigate the incident,  and  has also called in outside experts. At present, it has found no evidence  of unauthorized access to Dropbox accounts, but this could change as  the investigation moves forward. The company has reassured users that a  recent thirty minute web site outage had nothing to do with this  incident. 



In their Statement Dropox Said:- 
"We‘re aware that some Dropbox users have been receiving spam to email  addresses associated with their Dropbox accounts. Our top priority is  investigating this issue thoroughly and updating you as soon as we can.  We know it’s frustrating not to get an update with more details sooner,  but please bear with us as our investigation continues.”






-Source (E Hacking News & The-H)
























SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Wikileaks Is Now Exposing Bollywood






 Posted by Avik Sarkar
 On 9/07/2011 04:18:00 pm











WikiLeaks is a non-profit media organization dedicated to bringing  important news and information to the public who used to expose the  governments across the globe. This time wikileaks is on Bollywood  industry. Many of the cables are surprisingly succinct and contain detailed analysis of the Indian film industry that churns out almost 1000 films a year and generates billions of rupees in revenue. The documents look at different aspects of Bollywood, including its profitability, connections to organized crime, growth opportunities, and the Bollywood-Hollywood partnerships. India's movie industry generated an estimated Rs 10,700 crore in revenue in 2008, and that is expected to increase by an average of 11.5 per cent a year to 2013, Price water house Coopers said in a study. 



  • Hollywood-Bollywood Partnerships:-
    • 




Two documents that analysed the Hollywood-Bollywood partnership are critical of the Hindi film industry and the scope of US film studios in the second fastest growing economy. "Hollywood film studios, amongst the world's highest revenue earners, are increasingly beginning to stake their claim in Bollywood," a document said. "Though not without challenges, major US studios have started to try to capture a piece of this potentially lucrative market. US studios ranging from Sony, Disney, and Warner Brothers have co-produced Hindi movies attracted by the growth potential and opportunities in Indian cinema," it said.

The embassy cable said while big budget Hollywood action films - dubbed in vernacular languages - have done relatively well in India, success has eluded Hollywood-Bollywood co-production partnerships so far.



  • Black Money:-
    • 




A leaked diplomatic cable also said that Bollywood welcomed funding from gangsters and politicians, known in India as "black money." While there is no direct reference of Dawood Ibrahim which allegedly financed a number of movies, the cable said that in recent decades, Bollywood has been associated with the notorious Mumbai underworld, at the nexus of gangsters, money, and politics.

According to Jehil Thakkar, Head of Media and Entertainment for (KPMG), this association stemmed from the financing needs of the industry; until 2000, by government fiat, the film industry was ineligible for bank credit, private equity, and other means of legitimate commercial financing.



  • Bollywood & US Visa:-
    • 




Following intensive investigation which also included a visit to the shooting site of 'My Name is Khan' the US Consulate in Mumbai in 2009 concluded that Bollywood generally does not misuse the US visas issued to its crew. Home to one of the largest entertainment industries in the world, Mumbai sends many stars and production crews to the US on O1 and O2 visas, it said, adding that the investigation was based on reports of fraud in other categories of visas.

"The study found that O2 travelers have a low overstay rate of 1.6 per cent. Site visits to major Indian production houses and no evidence of fraud for O2 applicants further suggests that most entertainment companies in Mumbai do not intend to misuse their US visas," said the US Consulate in Mumbai its cable dated December 14, 2009, which was released by WikiLeaks on August 30. 






-News Source (Wikileaks & IBN)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
































Related Posts Plugin for WordPress, Blogger...


















Site search